top of page
Dashboard with financing offers
Financial broker holds prospect for interest rate offers

smart, digital & independently for follow-up financing

Follow-up financing

7 minutes to compare

anonymously valid conditions

over 700 banks

no SCHUFA-scoring

protected environment

non-binding & free of charge

Anschluss-Finanzierungsangebote

Follow-up financing – with digital solutions for your forward loan

Get started straight away with the financing configurator for follow-up financing

Are you currently concerned with the topic of follow-up financing for your existing loan or various loan modules? If you are interested in optimizing your current financing, refinancing or securing the interest rates for the expiring loan with remaining debt, you have come to the right place. We offer you an interactive web application with which you can process, compare, receive recommendations and apply for your request independently and fully digitally. You can use the service completely free of charge and without obligation. Start directly with the financing configurator for follow-up financing.

Digital follow-up financing ready in just 3 minutes and compare and apply for the best conditions in the offer dashboard

Do you value carefully finding and comparing the best offers? In just 3 minutes you will be able to record your follow-up financing project digitally and gain direct access to our exclusive offer dashboard. You have the opportunity to precisely record your individual needs and independently determine and apply for the best offers - conveniently using your PC or smartphone. It doesn't matter whether the current financing should be refinanced immediately, should be continued with your current lender or a solution should be secured for the next 1 - 5 years. All follow-up financing offers or forward loans can be determined and you immediately benefit from the interest rate protection for the follow-up financing, are secured in the long term and can therefore exclude any risk. 

Screenshots Forwardkonfigurator
Logo Progressive Web App (PWA)

Progressive web app

available as

Possible projects

follow-up financing

different projects combined

forward mortgage

raising capital, free use

Modernization and renovation projects

Implement follow-up financing and forward loans online alone, with advice or hybrid

Our specialist consultants will be happy to provide you with additional support and will accompany you through to implementation if necessary. Get started today and take control of your financing - alone, together or hybrid. 

Top-Zins-Tableau

Top interest rates for follow-up financing

Web tool for real-time determination of the top interest rates for follow-up financing

Use the quick calculator found here to quickly calculate the top interest rates for follow-up financing. The appropriate level of financing and the desired fixed interest rate can be selected in a very user-friendly and intuitive manner. The daily conditions determined in real time are based on the representative example. If you want to determine specific and valid interest rate offers specific to your needs, switch to the individual calculation with just one click.

Determine top interest rates for follow-up financing using the quick calculator

With this top interest rate calculator you have the opportunity to determine the current top interest rates in real time and get a quick first impression. The representative example shows you the calculation basis. By clicking on “Individual calculation” you can check your individual follow-up financing project.

Shadow behind a picture
financial advisor beside percentage symbol

Follow-up financing can be tailored individually, yet digitally, to your project

If you have already gained a good impression of the top interest rates using our quick calculator, the next step is to carry out a very individual review and create financing offers for your follow-up financing. Here you can enjoy all of our extensive calculation functions. A financing configurator accompanies you on this exciting path and takes you directly to our offer dashboard.

In the offer dashboard you have the opportunity to identify and compare individual or recommended financing options. You benefit from interfaces that enable you to access all current conditions. This means you receive valid offers for your forward loan, debt restructuring or extension from a wide range of financing providers that are specifically tailored to your creditworthiness and your financing property.

Our web assistant is connected to an independent banking platform that takes into account over 700 financing institutions. This means you can be sure that you have a wide range of options available to you.

Immerse yourself in this innovative world of follow-up financing and let our digital web assistant help you find tailor-made financing solutions. Take the helm and design your financing to suit your individual needs.

Finanzierungsvergleich-Anschlussfinazierung

Guide for comparing offers for your follow-up financing

Financing properly can sometimes be a bit of a challenge. In this guide you will receive valuable insights and practical tips on how to find the best conditions for your follow-up financing, forward loan or debt restructuring. Find out how you can structure the offer comparison, analyze conditions and make the right decision. Together with our interactive web application and, if necessary, with our financing experts, you can master the offer comparison and achieve your solution.

01

Take inventory

A well-founded inventory of your current situation is crucial for your future follow-up financing.

 

Analyze your loans and note the remaining balances.

Also check the terms and expiry date of the fixed interest rates.

 

This gives you an overview of your financing needs and enables you to specifically optimize your financing.

 

Take the time to gather this important information to make informed decisions about your follow-up financing.

FAQ-Anschlussfinanzierung
questions and answers
  • 1. Definitions
    The data protection declaration of Finanzmakler.online is based on the terms used by the European legislator for directives and regulations when issuing the General Data Protection Regulation (GDPR). Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance. We use the following terms, among others, in this data protection declaration: a) personal data Personal data is all information that relates to an identified or identifiable natural person (hereinafter “data subject”). A natural person is considered to be identifiable if he or she can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person. b) affected person Data subject is any identified or identifiable natural person whose personal data are processed by the data controller. c) Processing Processing is any operation or series of operations carried out with or without the aid of automated procedures in connection with personal data, such as collecting, recording, organizing, classifying, storing , adaptation or modification, retrieval, consultation, use, disclosure by transmission, distribution or any other form of provision, alignment or combination, restriction, deletion or destruction. d) Restriction of processing Restriction of processing is the marking of stored personal data with the aim of restricting their future processing. e) Profiling Profiling is any type of automated processing of personal data, which consists in using that personal data to determine certain personal aspects relating to a natural person evaluate, in particular, aspects relating to f) Pseudonymization Pseudonymization is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is kept separately and are subject to technical and organizational measures to ensure that the personal data are not assigned to an identified or identifiable natural person. g) Controller or person responsible for processing The person responsible or responsible for processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of processing personal data Data decides. If the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law. h) Processor Processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the controller. i) Recipient Recipient is a natural or legal person, public authority, institution or other body to which personal data is disclosed, regardless of whether it is a third party or not . However, public authorities which may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients. j) Third party Third party is a natural or legal person, authority, institution or other body other than the data subject, the controller, the processor and the persons under the direct responsibility of the controller or the processor is authorized to process the personal data. k) Consent Consent is any voluntary, informed and unambiguous expression of will given by the data subject for the specific case in the form of a statement or other clear confirmatory act with which the data subject indicates that you agree to the processing of your personal data.
  • 2. Name and address of the person responsible for processing
    The person responsible within the meaning of the General Data Protection Regulation, other data protection laws applicable in the member states of the European Union and other provisions of a data protection nature is: Finanzmakler.online Responsible: Sten Valandt Haydnstr. 20 Germany Tel.: (+49)0351 79 99 32 32 Email: kontakt(a)finanzmakler.online< /a> Website: https://www.finanzmakler .online
  • 3. Cookies
    Cookies are small text files or other storage notes that store information on end devices and read information from the end devices. For example, to save the login status in a user account, the contents of a shopping cart in an e-shop, the content accessed or the functions used of an online offer. Cookies can also be used for various purposes, e.g. for the purposes of the functionality, security and comfort of online offerings as well as the creation of analyzes of visitor flows. Notes on consent: We use cookies in accordance with legal regulations. We therefore obtain prior consent from users, unless this is not required by law. In particular, consent is not necessary if the storage and reading of the information, including cookies, is absolutely necessary in order to provide users with a telemedia service they have expressly requested (i.e. our online offering). Strictly necessary cookies generally include cookies with functions related to the display and operability of the online offering, load balancing, security, storage of users' preferences and choices or similar to the provision of the main and secondary functions of those requested by users purposes related to the online offering. The revocable consent is clearly communicated to the users and contains information on the respective cookie use. Notes on data protection legal bases: On which data protection legal basis we process users' personal data with the help of cookies depends on whether we ask users for consent. If users consent, the legal basis for processing your data is their declared consent. Otherwise, the data processed using cookies will be processed on the basis of our legitimate interests (e.g. in the commercial operation of our online offering and improving its usability) or, if this is within the scope of the fulfillment of our contractual obligations, if the use of cookies is necessary for our purposes to fulfill contractual obligations. We will explain the purposes for which we process cookies in the course of this data protection declaration or as part of our consent and processing processes. Storage period: With regard to the storage period, a distinction is made between the following types of cookies: • Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed their device (e.g. browser or mobile application). • Permanent cookies: Permanent cookies remain stored even after the device is closed. For example, the login status Saved or preferred content displayed directly when the user visits a website again. User data collected using cookies can also be used to measure reach. Unless we provide users with explicit information about the type and storage period of cookies (e.g. when obtaining consent), users should assume that cookies are permanent and that the storage period can be up to two years. General information on revocation and objection (opt-out): Users can revoke the consent they have given at any time and can also object to the processing in accordance with the legal requirements in Art. 21 GDPR. Users can also declare their objection via their browser settings, e.g. by deactivating the use of cookies (which may also limit the functionality of our online services). An objection to the use of cookies for online marketing purposes can also be declared via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/. Cookie settings/possibility of objection: https://www.finanzmakler.online/cookies • Types of data processed: usage data (e.g. websites visited, interest in content, access times). • Affected persons: users (e.g. website visitors, users of online services). • Purposes of processing: Provision of our online offering and user-friendliness. • Legal basis: legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR). Further information on processing processes, procedures and services: • Processing of cookie data based on consent: We use a cookie consent management procedure, within which the users' consent to the use of cookies, or as part of cookie consent management Processing and providers mentioned in this procedure can be obtained and managed and revoked by users. The declaration of consent is saved so that it does not have to be asked again and to be able to prove consent in accordance with the legal obligation. The storage can take place on the server side and/or in a cookie (so-called opt-in cookie, or using comparable technologies) in order to be able to assign the consent to a user or their device. Subject to individual information about the providers of cookie management services, the following information applies: The duration of the storage of consent can be up to two years. Here, a pseudonymous user identifier is created and stored with the time of consent, information about the scope of the consent (e.g. which categories of cookies and/or service providers) as well as the browser, system and device used; Legal basis: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR). • Cookie opt-out: In the footer of our website you will find a link through which you can change your cookie settings and revoke the corresponding consent; Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR). • Cookiebot: Cookie consent management; Service provider: Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark; Website: https://www.cookiebot.com/de; Data protection declaration: https://www.cookiebot.com/de/privacy-policy/; Further information: Data stored (on the service provider's server): The user's IP number in anonymized form (the last three digits are set to 0), date and time of consent, browser details, the URL from which the consent was sent , An anonymous, random and encrypted key value; the user's consent status.
  • 4. Overview of processing
    The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects. Types of data processed • Inventory data. • Payment details. • Location data. • Contact details. • Content data. • Contract data. • Usage data. • Meta, communication and procedural data. • Image and/or video recordings. • Event data (Facebook). Categories of data subjects • Customers. • Employees. • Interested parties. • Communication partner. • Users. • Business and contractual partners. • Participants. • People depicted. Purposes of processing • Provision of contractual services and customer service. • Contact inquiries and communication. • Security measures. • Direct marketing. • Range measurement. • Tracking. • Office and organizational procedures. • Remarketing. • Conversion measurement. • Target group formation. • Managing and responding to inquiries. • Feedback. • Marketing. • Profiles with user-related information. • Registration procedure. • Provision of our online offering and user-friendliness. • Information technology infrastructure.
  • 5. Contact option via the website
    Due to legal regulations, the Finanzmakler.online website contains information that enables quick electronic contact with our company and direct communication with us, which also includes a general address so-called electronic mail (e-mail address). If a data subject contacts the person responsible for processing by email or via a contact form, the personal data transmitted by the data subject will be automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller will be stored for the purposes of processing or contacting the data subject. This personal data will not be passed on to third parties.
  • 6. Comment function in the blog on the website
    Finanzmakler.online offers users the opportunity to leave individual comments on individual blog posts on a blog that is located on the website of the controller . A blog is a portal maintained on a website, usually publicly accessible, in which one or more people, called bloggers or web bloggers, can post articles or write down thoughts in so-called blog posts. The blog posts can usually be commented on by third parties. If a data subject leaves a comment on the blog published on this website, in addition to the comments left by the data subject, information will also be provided on the time the comment was entered and by the data subject The user name (pseudonym) chosen by the person is stored and published. Furthermore, the IP address assigned to the data subject by the Internet service provider (ISP) is also logged. This storage of the IP address is done for security reasons and in the event that the person concerned violates the rights of third parties or posts illegal content through a comment made. The storage of this personal data is therefore in the own interest of the person responsible for processing, so that he could be exculpated in the event of a legal violation. This collected personal data will not be passed on to third parties unless such transfer is required by law or serves the legal defense of the person responsible for processing.
  • 7. Routine deletion and blocking of personal data
    The data processed by us will be deleted in accordance with the legal requirements as soon as the consent permitted for processing is revoked or other permissions no longer apply (e.g. if the purpose for processing this data no longer applies or it is not necessary for the purpose). Unless the data is deleted because it is required for other legally permissible purposes, its processing will be limited to these purposes. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax reasons or whose storage is necessary to assert, exercise or defend legal claims or to protect the rights of another natural or legal person. Our data protection information may also contain further information on the storage and deletion of data, which applies primarily to the respective processing.
  • 8. Rights of the data subject
    As a data subject, you are entitled to various rights under the GDPR, which arise in particular from Articles 15 to 21 GDPR: Right to object: You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is carried out on the basis of Article 6 (1) (e) or (f) of the GDPR ; This also applies to profiling based on these provisions. If your personal data is processed for the purpose of direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; This also applies to profiling insofar as it is connected to such direct advertising. Right to revoke consent: You have the right to revoke your consent at any time. Right to information: You have the right to request confirmation as to whether the data in question is being processed and to request information about this data as well as further information and a copy of the data in accordance with the legal requirements. Right to rectification: In accordance with legal requirements, you have the right to request that the data concerning you be completed or that incorrect data concerning you be corrected. Right to deletion and restriction of processing: In accordance with the legal requirements, you have the right to demand that data concerning you be deleted immediately or, alternatively, to request a restriction of the processing of the data in accordance with the legal requirements.< /p> Right to data portability: You have the right to receive data concerning you that you have provided to us in a structured, common and machine-readable format in accordance with the legal requirements or to request that it be transmitted to another person responsible. Complaint to a supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, if you believe that the processing the personal data concerning you violates the requirements of the GDPR.
  • 9. Relevant legal bases
    Below you will find an overview of the legal basis of the GDPR, on the basis of which we process personal data. Please note that in addition to the regulations of the GDPR, national data protection regulations may apply in your or our country of residence or domicile. If more specific legal bases apply in individual cases, we will inform you about these in the data protection declaration. • Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR) - The data subject has given his or her consent to the processing of personal data concerning him or her for a specific purpose or several specific purposes. • Fulfillment of a contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR) - Processing is necessary for the fulfillment of a contract to which the data subject is a party or to carry out pre-contractual measures based on request from the person concerned. • Legal obligation (Art. 6 Para. 1 S. 1 lit. c) GDPR) - Processing is necessary to fulfill a legal obligation to which the controller is subject. • Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR) - Processing is necessary to safeguard the legitimate interests of the person responsible or a third party, unless the interests or fundamental rights and freedoms of the data subject, that require the protection of personal data predominate. In addition to the data protection regulations of the GDPR, national data protection regulations apply in Germany. This includes in particular the law to protect against misuse of personal data during data processing (Federal Data Protection Act – BDSG). In particular, the BDSG contains special regulations on the right to information, the right to deletion, the right to object, the processing of special categories of personal data, processing for other purposes and transmission and automated decision-making in individual cases, including profiling. Furthermore, it regulates data processing for the purposes of the employment relationship (Section 26 BDSG), in particular with regard to the establishment, implementation or termination of employment relationships and the consent of employees. Furthermore, state data protection laws of the individual federal states may apply.
  • 10. Business Benefits
    We process data from our contractual and business partners, e.g. customers and interested parties (collectively referred to as "contractual partners") within the framework of contractual and comparable legal relationships as well as associated measures and as part of communication with the contractual partners (or pre-contractual), e.g. to answer queries. We process this data to fulfill our contractual obligations. This includes, in particular, the obligations to provide the agreed services, any update obligations and remedies in the event of warranty and other service disruptions. In addition, we process the data to protect our rights and for the purposes of the administrative tasks associated with these obligations and the company organization. In addition, we process the data on the basis of our legitimate interests in proper and business management as well as security measures to protect our contractual partners and our business operations from misuse and jeopardy of their data, secrets, information and rights (e.g. for the participation of telecommunications, transport and other auxiliary services as well as subcontractors, banks, tax and legal advisors, payment service providers or tax authorities). Within the scope of applicable law, we only pass on the data of contractual partners to third parties to the extent that this is necessary for the aforementioned purposes or to fulfill legal obligations. The contractual partners will be informed about other forms of processing, e.g. for marketing purposes, as part of this data protection declaration. We inform the contractual partners which data is required for the aforementioned purposes before or as part of the data collection, e.g. in online forms, through special marking (e.g. colors) or symbols (e.g. asterisks, etc.), or personally. We delete the data after the expiry of statutory warranty and comparable obligations, i.e. generally after 4 years, unless the data is stored in a customer account, e.g. as long as it must be retained for legal archiving reasons . The statutory retention period is ten years for documents relevant to tax law as well as for commercial books, inventories, opening balance sheets, annual financial statements, the work instructions and other organizational documents and accounting documents required to understand these documents, and six years for commercial and business letters received and copies of the commercial and business letters sent. The period begins at the end of the calendar year in which the last entry was made in the book, the inventory, the opening balance sheet, the annual financial statements or the management report were prepared, the commercial or business letter was received or sent or the accounting document was created and the recording was also made or the other documents have been created. If we use third-party providers or platforms to provide our services, the terms and conditions and data protection notices of the respective third-party providers or platforms apply in the relationship between the users and the providers. Types of data processed: inventory data (e.g. names, addresses); Payment data (e.g. bank details, invoices, payment history); Contact details (e.g. email, telephone numbers); Contract data (e.g. subject matter of the contract, term, customer category); Usage data (e.g. websites visited, interest in content, access times); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status). Affected persons: customers; Interested persons; Business and contractual partners. Purposes of processing: provision of contractual services and customer service; Safety measures; Contact inquiries and communication; office and organizational procedures; Managing and responding to inquiries. Legal basis: fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Legal obligation (Art. 6 para. 1 sentence 1 lit. c) GDPR); Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Further information on processing processes, procedures and services: Customer account: Customers can create an account within our online offering (e.g. customer or user account, “customer account” for short). If registration of a customer account is required, customers will be informed of this as well as the information required for registration. Customer accounts are not public and cannot be indexed by search engines. As part of the registration and subsequent logins and use of the customer account, we store the customers' IP addresses along with the access times in order to be able to prove registration and prevent any misuse of the customer account. If the customer account has been terminated, the customer account data will be deleted after the time of termination, unless it is retained for purposes other than provision in the customer account or must be retained for legal reasons (e.g. internal storage of customer data, order processes or invoices). It is the responsibility of customers to secure their data upon termination of the customer account; Legal basis: fulfillment of the contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR). Shop and e-commerce: We process our customers' data to enable them to select, purchase or order the selected products, goods and related services, as well as their payment and delivery or execution. If necessary for the execution of an order, we use service providers, in particular postal, forwarding and shipping companies, to carry out the delivery or execution to our customers. We use the services of banks and payment service providers to process payment transactions. The required information is marked as such as part of the ordering or comparable purchase process and includes the information required for delivery, provision and billing as well as contact information in order to be able to hold any consultations; Legal basis: fulfillment of the contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR). Brokerage and brokerage services: We process the data of our customers, clients and interested parties (uniformly referred to as “customers”) in accordance with the underlying order of the customer. We may also process information about the characteristics and circumstances of people or things belonging to them if this is part of the subject of our order. This can be, for example, information about personal living conditions, mobile or immobile property and the financial situation. If necessary for the fulfillment of the contract or by law or approved by the customer or based on our legitimate interests, we disclose or transmit the customer's data within the framework of cover inquiries, conclusions and the processing of contracts to providers of the brokered services/objects, insurers, reinsurers, broker pools, technical service providers, other service providers, such as cooperating associations, as well as financial service providers, credit institutions and investment companies as well as social security institutions, tax authorities, tax advisors, legal advisors, auditors , insurance ombudsmen and the Federal Financial Supervisory Authority (BaFin). Furthermore, subject to other agreements, we may commission subcontractors, such as sub-agents; Legal basis: fulfillment of the contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR).
  • 11. Security measures
    We take appropriate technical measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons and organizational measures to ensure a level of protection appropriate to the risk. The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as the access, input, transfer, securing availability and their separation. We have also set up procedures to ensure that the rights of those affected are exercised, data are deleted and responses are made to data threats. Furthermore, we take the protection of personal data into account when developing or selecting hardware, software and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings. TLS encryption (https): To protect your data transmitted via our online offering, we use TLS encryption. You can recognize such encrypted connections by the prefix https:// in the address bar of your browser.
  • 12. Legitimate interests in processing pursued by the controller or a third party
    If the processing of personal data is based on Article 6 I lit. f GDPR, our legitimate interest is to carry out our business activities for the benefit of the well-being of all our employees and our shareholders.
  • 13. Duration for which the personal data will be stored
    The criterion for the duration of storage of personal data is the respective statutory retention period. After the deadline has expired, the relevant data will be routinely deleted unless it is no longer required to fulfill or initiate the contract.
  • 14. Legal or contractual regulations governing the provision of personal data; Necessity for the conclusion of the contract; Obligation of the data subject to provide the personal data; possible consequences of non-provision
    We would like to clarify that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual regulations (e.g. information about the contractual partner). Sometimes, in order to conclude a contract, it may be necessary for a data subject to provide us with personal data, which must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company enters into a contract with them. Failure to provide the personal data would mean that the contract with the person concerned could not be concluded. Before the data subject provides personal data, the data subject must contact our data protection officer. Our data protection officer explains to the person concerned on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what consequences the non-provision of the personal data would have.
  • 15. Processing of your data within the Europace marketplace
    In order to give you a good overview of the market for your financing projects and to be able to make financing suggestions that are as suitable as possible, the Europace marketplace is used to compare the products available for this purpose. Below you will be informed in a concise manner about the processing of your data in connection with the Europace marketplace and your rights in this regard. Please note that this data protection information applies in addition to the data protection information of the other parties involved (e.g. lenders). 1. What is the Europace Marketplace? The Europace marketplace is a European platform for the sale of financing services in which the products of numerous German lenders are listed. In addition to the affiliated lenders, only registered financial distributors and Europace have access to the Europace marketplace. 2. Who is responsible for the Europace marketplace? Is responsible within the meaning of the EU General Data Protection Regulation (GDPR) for the data processing described below in connection with the Europace marketplace, • If you apply for a general consumer loan (e.g. an installment loan), Europace AG, Heidestr. 8, 10557 Berlin, • If you are applying for a consumer property loan (e.g. home financing) or a building savings product, Hypoport Mortgage Market Ltd., Mulranny, Westport, Co. Mayo, Ireland. With "Europe" The company responsible for processing your data will be referred to below, i.e. either Europace AG or Hypoport Mortgage Market Ltd. designated. Regardless of this, responsibility for data processing that takes place outside of the Europace marketplace or independently of it lies with other entities involved in processing your financing application (e.g. consultant or sales organization, Schufa, lender). 3. Europace Data Protection Officer If you have any questions about data protection in connection with the Europace marketplace, you can contact the data protection team of the responsible company at any time: • Europace AG: datenschutz@europace.de • Hypoport Mortgage Market Ltd.: datenschutz@europace.ie In addition, you always have the option of contacting the respective data protection officer by post at the addresses listed in section 2 (keyword: “data protection officer”). 4. Purposes of data processing by Europace The data processing in connection with the Europace marketplace essentially takes place for the purpose of product selection, preparation and application for your loan. Using the Europace marketplace, your individual financing request is quickly compared based on the information you provide with the currently available products from the lenders connected to the Europace marketplace that are suitable for you. Depending on the processing phase of your financing project and the purposes for which the Europace marketplace is used, different data is required. a) Identification and comparison of financing proposals: As part of a product comparison, the information you provide about your financing project (needs, if necessary further information about the intended purpose, desired terms, installments and dates), your person (name, date of birth, place of birth, marital status, nationality) and personal situation (housing situation, such as address or number of people in the household), your financial situation (income and expenses as well as liabilities), and, if applicable, your account details are transmitted to Europace and there for the purpose of comparison with the financing products under consideration processed. Your information is automatically compared with the conditions of the lender(s) for the financial products in question and any product additions or alternatives that may be required or that make sense for your project are determined. If different financing products are to be combined (e.g. an additional installment loan for building financing), your advisor can, if desired, use your data to determine other financing products and create a uniform financing proposal. The determination of financing proposals is generally carried out in a data-efficient manner and exclusively within the Europace platform. Using the Europace marketplace makes it possible to access a wide range of products and find a suitable financing proposal for you. The legal basis for this data processing is Article 6 Paragraph 1 b) GDPR (fulfillment of the contract and pre-contractual measures). b) Application preparation and application: If you have decided on a specific financial product based on a suggested proposal, the information you provided under point 4 a) will be used to submit an application to the respective lender in your name via the Europace marketplace. Depending on the financing project and the financial product you choose, the lender may consider further information or evidence necessary to examine your application. The lender will then request further information or evidence required via the Europace marketplace. If you provide the required information or evidence, this will be forwarded to the lender via the Europace marketplace. The lender then communicates the results of the application review in the same way. The legal basis for this data processing is Article 6 Paragraph 1 b) GDPR (fulfillment of the contract and pre-contractual measures). c) Follow-up processing, enabling processing continuity and commission determination: Europace stores and processes the transmitted data to the extent that this is necessary for the brokerage activity and/or further application processing by the parties involved (advisors, intermediaries, lenders). If your financing application is to be further processed by another financial distributor in the future, your data and documents stored in the Europace marketplace will also be released by Europace for the other financial distributor or passed on to them (subject to the consent given by your advisor/agent in the individual case). he or she can continue processing your application. Europace will not make your data and documents available to other financial distributors without the express consent of your previous financial distributor. Based on the data transmitted and the other information about the financing application that the respective lender has posted in the Europace marketplace, Europace will also determine and bill the commissions for the parties involved. The data from the financing process can also be included in evaluations that the lender needs for further processing or processing of the application. The legal basis for the aforementioned data processing is Article 6 Paragraph 1 b) GDPR (fulfillment of the contract and pre-contractual measures). d) Further development of the Europace marketplace: Europace also uses the data generated when using the Europace marketplace to continuously optimize and develop the Europace marketplace. For this purpose, the information and data on financing transactions entered by users of the Europace marketplace are evaluated. Users of the Europace marketplace are also regularly surveyed about their general experiences and wishes with regard to future functionalities of the Europace marketplace. The relevant data processing by Europace takes place without regard to the persons concerned. Statistical evaluations of the processes and the surveys are therefore generally not carried out in connection with your directly personal information (e.g. your name and contact details), but only on the basis of carefully anonymized information in accordance with the requirements of EU data protection law. In particular, no personal information from the documents submitted as part of your application via the Europace marketplace will be evaluated. The legal basis for the aforementioned data processing is Article 6 Paragraph 1 f) GDPR (balancing of interests, based on Europace's interest in the continuous optimization and further development of the Europace marketplace). You have the right to object to the data processing described here. Please inform Europace about this using the contact details given in point 2. e) Real estate valuation: If you would like to borrow against a property as part of the financing, the lender will need the market value or the possible lending value of the property. To determine this, Europace uses an internal database of historical transactions and external service providers. Information about the property (approximate location, amenities, approximate living space) as well as the possible purchase price are transmitted to this database and service provider. No personal information about you will be used or disclosed. The legal basis for the aforementioned data processing is Article 6 Para. 1 f) GDPR (balancing of interests, based on Europace's interest in determining the historical property values and the lender's interest in efficient initial assessments of the loan value). You have the right to object to the data processing described here. Please inform Europace about this using the contact details given in point 2. 5. Data transfer by Europace Your data will generally only be passed on to third parties by Europace if this is necessary to process your financing application, if Europace or the third party has a legitimate interest in passing it on or if you have given your consent. In addition, your data may be transmitted by Europace to third parties if Europace is obliged to do so by law or by an enforceable official or court order. Europe generally stores and processes your data in data centers within the European Union. Europace has designed its data processing operations so that, wherever possible, your data will not be processed outside the European Union. If the involvement of an external service provider is necessary for individual processing steps or technical support services, it may be necessary to transfer your data to a location outside the European Union. In any case, Europace ensures that the respective service provider guarantees, contractually or otherwise, a level of data protection equivalent to the European level of data protection. You can request a copy of these guarantees at any time using the contact details mentioned in point 2. Currently, data transfer according to this section 5 concerns the following processing steps: • Sales support: Europace uses service providers who prepare information in special loan constellations or offer additional partial services (e.g. sales support in processing your financing proposal, checking the IBAN, preparing property valuations, commission billing or ordering land register extracts). All processing operations take place exclusively within the European Union. • Contact and document management: Europace uses special service providers who handle contact and document management as well as certain data archiving services. The processing takes place within the European Union. • E-mail dispatch: The Europace marketplace uses an e-mail service so that the financing proposals obtained using the Europace marketplace can be forwarded directly to you by e-mail. The relevant data processing takes place exclusively within the European Union. Data collected during email retrieval (e.g. when and from which region the email was opened) is used exclusively in anonymized form to create general statistics that can be accessed by Europace. Attachments, in particular the documents you have provided or the suggestions you have prepared, will generally not be sent by email. You will always receive a link through which you can access the documents. All documents are also stored within the European Union. • IT infrastructure and support: Europace is also supported by external service providers in maintaining the IT infrastructure, analyzing errors and ensuring the functionality of the Europace marketplace as well as managing support tickets. The error analysis is generally carried out without the use of personal data. Occasionally, employees of the IT service providers commissioned by Europace also need to access the European IT systems of the Europace marketplace for necessary maintenance work. The ticket system provider also uses data about Europace's use of the system in aggregated or anonymized form for its own purposes, such as improving its own software solution or ensuring technical security. We have contractually agreed with the service providers within the framework of the so-called EU standard contractual clauses to comply with European data protection standards or these are ensured by binding internal data protection regulations (so-called Binding Corporate Rules). Europe has taken extensive technical precautions to ensure the security and control of personal data. The service providers' IT infrastructure and internal processes are subject to strict controls and are continuously certified by an independent body. 6. Duration of data storage Europace stores your data for as long as this is necessary to process your financing applications and for continued support during the financing project or as long as Europace has a legitimate interest in further storage as explained in this data protection notice. In all other cases, Europace deletes or anonymizes your personal data, with the exception of data that must be retained to meet contractual or legal (e.g. tax or commercial) retention periods (e.g. invoices). Additional contractual retention periods may also arise from the contracts with the departments involved in processing your financing application (e.g. contractual documentation obligations of Europace towards the consultants or sales organizations). The information on the brokered financial product required to check the commission statements will be stored in accordance with the accounting obligations for a period of 10 years after the commission has been paid out by Europace and then deleted. The legal basis for the aforementioned data processing is Article 6 Paragraph 1 b) GDPR (if storage serves the further processing of your financing application), Article 6 Paragraph 1 f) GDPR (if the underlying data processing in accordance with this data protection notice is based on a legitimate interest of Europace) or Article 6 Para. 1 c) GDPR (if storage is necessary to fulfill legal obligations). 7. Your rights You have the right at any time to request an overview of the data stored about you by Europace. If stored data is incorrect or no longer up to date, you have the right to have this data corrected. You can also request that your data be deleted. If deletion is not possible due to other legal regulations (e.g. due to retention obligations under the Money Laundering Act or the principles of proper accounting), the data will be blocked so that it is only available for this legal purpose. You can also have the processing of your personal data restricted if, for example: B. the accuracy of the data is doubted on your part. You also have the right to data portability, i.e. H. that, upon request, Europace will send you a digital copy of the personal data you have provided. In addition, you have the right to object to the data processing described above at any time for reasons arising from your particular situation, provided that the processing is based on Article 6 Paragraph 1 f) GDPR. Please inform Europace about this using the contact details given in point 2. You also have the right to complain to the data protection supervisory authority responsible for Europace. For Europace AG, the person responsible is the Berlin Commissioner for Data Protection and Freedom of Information (Friedrichstraße 219, 10969 Berlin). For Hypoport Mortgage Market Ltd. The responsible party is the Office of the Data Protection Commissioner (Canal House, Station Road, Portarlington, Co. Laois, R32 AP23, Ireland) as the lead data protection supervisory authority. You can also contact the data protection authority where you live, which will then forward your request to the relevant authority. 8. Changes to this data protection notice Due to the further development of the Europace marketplace and the associated implementation of new technologies or to take new functions into account, changes to this data protection notice may become necessary. You will be informed of any corresponding changes.
  • 16. Consent – Processing of personal data from children under 16 years of age
    I/we as legal guardians consent to the collection, processing, use and storage of personal data Enter the data of our child(ren) if this is necessary to carry out or complete the financing request. This applies in particular for all data that we provided unsolicited as part of the financing request - as far as a legitimate interest of the company/or of the data processing company in storing the data. If there is more, we can request the deletion of this data at any time. If financing is provided by the company can be offered, we also declare our consent to data processing for the corresponding Contract execution. If the financing request is canceled at our request, we can also immediately request the deletion of the personal data against written confirmation. We have on request The right to know at any time whether, which and to what extent our child's personal data is being processed become. If the purpose of the processing no longer applies, the child's personal data must generally be returned immediately can be deleted unless the company is subject to a legal obligation to keep the data for a longer period of time.
  • 17. Protection of minors
    People under the age of 18 should not provide us with personal information without the consent of their parent or guardian. We do not request personal data from children and young people. We do not knowingly collect such data or pass it on to third parties.
  • 18. Providers and services used in the course of business activities
    As part of our business activities, we use additional services, platforms, interfaces or plug-ins from third-party providers (“services” for short) in compliance with legal requirements. Their use is based on our interests in the proper, legal and economic management of our business operations and our internal organization. • Types of data processed: inventory data (e.g. names, addresses); Payment data (e.g. bank details, invoices, payment history); Contact details (e.g. email, telephone numbers); Content data (e.g. entries in online forms); Contract data (e.g. subject matter of the contract, term, customer category). • Affected persons: customers; Interested persons; Users (e.g. website visitors, users of online services); business and contractual partners; Employees (e.g. employees, applicants, former employees). • Purposes of processing: provision of contractual services and customer service; Office and organizational procedures. • Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR). Further information on processing processes, procedures and services: • DATEV: Software for accounting, communication with tax advisors and authorities and with document storage; Service provider: DATEV eG, Paumgartnerstr. 6 - 14, 90429 Nuremberg, Germany; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.datev.de/web/de/mydatev/online-applications/; Data protection declaration: https://www.datev.de/web/de/m/ueber-datev/datenschutz/; Data processing agreement: Provided by the service provider. • Lexoffice: Online software for invoicing, accounting, banking and tax filing with receipt storage; Service provider: Haufe Service Center GmbH, Munzinger Straße 9, 79111 Freiburg, Germany; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.lexoffice.de; Data protection declaration: https://www.lexoffice.de/datenschutz/; Order processing contract: https://www.lexoffice.de/vertragsprocessing/.
  • 19. Automated decision making
    We would like to point out that when processing your online loan application, automated decisions can be made using an algorithm to determine the interest conditions. Before making such a decision, we are legally required to obtain your consent. We would like to inform you that, in accordance with European Commission regulations, you have the right to object to an automated decision and that we have put in place appropriate safeguards to protect your rights and freedoms. This particularly includes the opportunity to express your own point of view and challenge the decision. Please note that obtaining your consent and ensuring your rights are part of our data protection regulations and we are committed to complying with them at all times.
  • 20. No credit inquiries due to the provision of my personal data
    In the first step, where a consultation takes place between you and “Finanzmakler.online”, your personal data will not be used for creditworthiness inquiries with SCHUFA or other providers. If a brokerage takes place or a loan application is made at a corresponding institute that was brokered by Finanzmakler.online, the data protection regulations of the brokered institute that apply there apply. As a rule, a creditworthiness inquiry is also associated with the loan application. The individual applicable regulations will be shown to you before you submit your application and require your consent.
  • 21. Digital account check
    If a digital loan application is submitted, in certain cases we use the digital account check via our platform partner Europace. The digital account check enables us to receive a digital account statement of your account transactions from the last three to twelve months for the selected lender, without you having to provide us with further documents about your income and expenses. To use this service, simply enter the bank code of your salary account and log in with your online banking details on the next page. Please note that your salary account must be an individual account in your name and must be accessible in online banking so that the digital account check can be carried out.
  • 22. Payment Procedures
    As part of contractual and other legal relationships, due to legal obligations or otherwise based on our legitimate interests, we offer the data subjects efficient and secure payment options and use other service providers in addition to banks and credit institutions (collectively "payment service providers"). The data processed by the payment service providers includes inventory data, such as name and address, bank details, such as account numbers or credit card numbers, passwords, TANs and checksums, as well as contract, total and recipient-related information. The information is required to carry out the transactions. However, the data entered will only be processed and stored by the payment service providers. This means that we do not receive any account or credit card-related information, but only information with confirmation or negative information about the payment. Under certain circumstances, the data may be transmitted by the payment service provider to credit reporting agencies. The purpose of this transmission is to check identity and creditworthiness. For this purpose, we refer to the general terms and conditions and data protection information of the payment service providers. The terms and conditions and data protection information of the respective payment service providers apply to payment transactions, which can be accessed on the respective websites or transaction applications. We also refer to these for further information and to assert cancellation, information and other rights of those affected. • Types of data processed: inventory data (e.g. names, addresses); Payment data (e.g. bank details, invoices, payment history); Contract data (e.g. subject matter of the contract, term, customer category); Usage data (e.g. websites visited, interest in content, access times); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status). • Affected persons: customers; Interested parties. • Purposes of processing: provision of contractual services and customer service. • Legal basis: fulfillment of contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR). Further information on processing processes, procedures and services: • PayPal: Payment services (technical connection of online payment methods) (e.g. PayPal, PayPal Plus, Braintree); Service provider: PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg; Legal basis: fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Website: https://www.paypal.com/de; Data protection declaration: https://www.paypal.com/de/webapps/mpp/ua/privacy-full. • Wix Payments: payment services (technical connection to online payment methods); Service Provider: Wix.com Ltd., Nemal St. 40, 6350671 Tel Aviv, Israel; Legal basis: fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Website: https://de.wix.com/payments; Data protection declaration: https://de.wix.com/about/privacy.
  • 23. Provision of online offerings and web hosting
    We process users' data in order to be able to provide them with our online services. For this purpose, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or device. • Types of data processed: usage data (e.g. websites visited, interest in content, access times); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status); Content data (e.g. entries in online forms). • Affected persons: users (e.g. website visitors, users of online services). • Purposes of processing: Provision of our online offering and user-friendliness; Information technology infrastructure (operation and provision of information systems and technical devices (computers, servers, etc.); Security measures. • Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR). Further information on processing processes, procedures and services: • Collection of access data and log files: Access to our online offering is in the form of so-called "server log files" logged. The server log files include the address and name of the websites and files accessed, date and time of access, amount of data transferred, notification of successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page) and, as a rule, IP address. Addresses and the requesting provider belong. The server log files can be used on the one hand for security purposes, e.g. to avoid overloading the servers (particularly in the case of abusive attacks, so-called DDoS attacks) and on the other hand to monitor the utilization of the servers and ensure their stability; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Deletion of data: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data whose further storage is necessary for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified. • Email sending and hosting: The web hosting services we use also include sending, receiving and storing emails. For these purposes, the addresses of the recipients and senders as well as other information regarding the sending of emails (e.g. the providers involved) as well as the contents of the respective emails are processed. The aforementioned data may also be processed for SPAM detection purposes. We ask you to note that emails on the Internet are generally not sent encrypted. As a rule, emails are encrypted during transport, but (unless a so-called end-to-end encryption method is used) not on the servers from which they are sent and received. We can therefore assume no responsibility for the transmission path of emails between the sender and receipt on our server; Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR). • STRATO: Services in the field of providing information technology infrastructure and related services (e.g. storage space and/or computing capacities); Service provider: STRATO AG, Pascalstrasse 10, 10587 Berlin, Germany; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.strato.de; Data protection declaration: https://www.strato.de/datenschutz; Data processing agreement: Provided by the service provider. • Wix: hosting and software for creating, providing and operating websites, blogs and other online offerings; Service Provider: Wix.com Ltd., Nemal St. 40, 6350671 Tel Aviv, Israel; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://de.wix.com/; Data protection declaration: https://de.wix.com/about/privacy; Order processing contract: https://www.wix.com/about/privacy-dpa-users; Further information: As part of the aforementioned Wix services, data may also be sent to Wix Inc., 500 Terry A. Francois Boulevard, San Francisco, California 94158, USA on the basis of standard contractual clauses or an equivalent data protection guarantee as part of further processing on behalf of Wix be transmitted.
  • 24. Special information on applications (apps)
    We process the data of the users of our application to the extent necessary to be able to provide users with the application and its functionalities, monitor its security and further develop it. We can also contact users in compliance with legal requirements if the communication is necessary for the purposes of administration or use of the application. Furthermore, with regard to the processing of user data, we refer to the data protection information in this data protection declaration. Legal basis: The processing of data that is necessary to provide the functionalities of the application serves to fulfill contractual obligations. This also applies if the provision of the functions requires user authorization (e.g. approval of device functions). If the processing of data is not necessary to provide the functionality of the application, but serves the security of the application or our business interests (e.g. collection of data for the purpose of optimizing the application or security purposes), it is carried out on the basis of our legitimate interests Interests. If users are expressly asked for their consent to the processing of their data, the data covered by the consent will be processed on the basis of the consent. • Types of data processed: inventory data (e.g. names, addresses); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status); Payment data (e.g. bank details, invoices, payment history); Contract data (e.g. subject matter of the contract, term, customer category); Image and/or video recordings (e.g. photographs or video recordings of a person); Location data (information about the geographical position of a device or person). • Affected persons: users (e.g. website visitors, users of online services). • Purposes of processing: provision of contractual services and customer service. • Legal basis: consent (Art. 6 para. 1 sentence 1 lit. a) GDPR); Fulfillment of the contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Further information on processing processes, procedures and services: • Commercial use: We process the data of the users of our application, registered users and any test users (hereinafter referred to as “users”) in order to be able to provide them with our contractual services and on the basis of legitimate interests in order to ensure the security of our services to ensure the application and to further develop it. The required information is identified as such in the context of the conclusion of the usage, contract, order or comparable contract and may include the information required for the provision of services and any billing as well as contact information in order to be able to hold any consultations; Legal basis: fulfillment of the contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR). • Device permissions for access to functions and data: The use of our application or its functionalities may require users to have permissions to access certain functions of the devices used or to the data stored on the devices or accessible using the devices. By default, these permissions must be granted by users and can be revoked at any time in the settings of the respective devices. The exact method for controlling app permissions may depend on the user's device and software. If you need clarification, users can contact us. We would like to point out that the denial or revocation of the respective authorizations can affect the functionality of our application. • Access to the camera and saved recordings: As part of the use of our application, image and/or video recordings (which also include audio recordings) of the users (and other people captured by the recordings) are accessed through access to the Camera functions or stored recordings processed. Access to the camera functions or saved recordings requires authorization by the user, which can be revoked at any time. The processing of the image and/or video recordings only serves to provide the respective functionality of our application, in accordance with its description to the users, or its typical and expected functionality. • Processing of stored contacts: As part of using our application, the contact information of people (name, email address, telephone number) stored in the device's contact directory is processed. The use of contact information requires user authorization, which can be revoked at any time. The use of the contact information only serves to provide the respective functionality of our application, in accordance with its description to the users, or its typical and expected functionality. Users are advised that permission to process contact information must be permitted and, particularly in the case of natural persons, requires their consent or legal permission. • Use of contact data for contact matching purposes: The contact data stored in the device's contact directory can be used to check whether these contacts also use our application. For this purpose, the contact details of the respective contacts (which include the telephone number and email address as well as the names) are uploaded to our server and used only for the purpose of matching. • Processing of location data: When using our application, the location data collected by the device used or otherwise entered by the user is processed. The use of location data requires user authorization, which can be revoked at any time. The use of location data only serves to provide the respective functionality of our application, in accordance with its description to the users, or its typical and expected functionality.
  • 25. Registration, login and user account
    Users can create a user account. As part of registration, users are provided with the required mandatory information and processed for the purpose of providing the user account on the basis of contractual fulfillment of obligations. The data processed includes, in particular, login information (username, password and an email address). As part of the use of our registration and login functions and the use of the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests and those of the users in protecting against misuse and other unauthorized use. In principle, this data will not be passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so. Users can be informed by email about processes that are relevant to their user account, such as technical changes. Types of data processed: inventory data (e.g. names, addresses); Contact details (e.g. email, telephone numbers); Content data (e.g. entries in online forms); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status). Affected persons: users (e.g. website visitors, users of online services). Purposes of processing: provision of contractual services and customer service; Safety measures; managing and responding to inquiries; Provision of our online offering and user-friendliness. Legal basis: fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Further information on processing processes, procedures and services: Registration with real names: Due to the nature of our community, we ask users to only use our offer using real names. This means that the use of pseudonyms is not permitted; Legal basis: fulfillment of the contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR). User profiles are not public: The user profiles are not publicly visible or accessible. Deletion of data after termination: If users have terminated their user account, their data with regard to the user account will be deleted, subject to a legal permission, obligation or consent of the user; Legal basis: fulfillment of the contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR).
  • 26. Single sign-on login
    Procedures are referred to as “single sign-on” or “single sign-on registration or “authentication” that allow users to log in to a single sign provider using a user account -On a method (e.g. a social network), including our online offer, to register. The prerequisite for single sign-on authentication is that the user is registered with the respective single sign-on provider and enters the required access data in the online form provided, or is already registered with the single sign-on provider and confirm the single sign-on login via button. Authentication takes place directly with the respective single sign-on provider. As part of such authentication, we receive a user ID with the information that the user is logged in to the respective single sign-on provider under this user ID and an ID that can no longer be used by us for other purposes (so-called "User “Handle”). Whether additional data is transmitted to us depends solely on the single sign-on procedure used, on the data releases selected as part of the authentication and also on what data users enter in the privacy or other settings of the user account during single sign-on. On providers have released. Depending on the single sign-on provider and the user's choice, there can be different data, usually the email address and the user name. The password entered as part of the single sign-on procedure with the single sign-on provider is neither visible to us nor is it stored by us. Users are asked to note that the information we store can be automatically compared with their user account with the single sign-on provider, but this is not always possible or actually done. For example, if the users' email addresses change, they must change them manually in their user account with us. If agreed with the users, we can use the single sign-on registration as part of or before the fulfillment of the contract, if the users have been asked to do so, process it as part of their consent and otherwise use it on the basis of legitimate interests on our part and the interests of the users in an effective and secure registration system. If users decide that they no longer want to use the link to their user account with the single sign-on provider for the single sign-on procedure, they must use this connection within their user account with the single sign-on provider. Cancel provider. If users want to delete their data from us, they must cancel their registration with us. • Types of data processed: inventory data (e.g. names, addresses); Contact details (e.g. email, telephone numbers); Usage data (e.g. websites visited, interest in content, access times); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status). • Affected persons: users (e.g. website visitors, users of online services). • Purposes of processing: provision of contractual services and customer service; Safety measures; Registration procedure. • Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR). Further information on processing processes, procedures and services: • Auth0: authentication service; Service provider: Auth0, Inc, 10800 NE 8th Street, Suite 700, Bellevue, WA 98004, USA; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://auth0.com/de; Data protection declaration: https://auth0.com/privacy/. • Google Single Sign-On: authentication service; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.google.de; Privacy Policy: https://policies.google.com/privacy; Option to object (opt-out): Settings for the display of advertising: https://adssettings.google.com/authenticated. • Microsoft Single Sign-On: authentication service; Service provider: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland, Parent company: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.microsoft.com/de-de/security/business/identity-access-management/single-sign-on; Data protection declaration: https://privacy.microsoft.com/de-de/privacystatement; Further information: https://www.microsoft.com/de-de/trustcenter.
  • 27. Blogs and publishing media
    We use blogs or comparable means of online communication and publication (hereinafter “publication medium”). Readers' data will only be processed for the purposes of the publication medium to the extent necessary for its presentation and communication between authors and readers or for security reasons. Furthermore, we refer to the information on the processing of visitors to our publication medium within the scope of this data protection notice. Types of data processed: inventory data (e.g. names, addresses); Contact details (e.g. email, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. websites visited, interest in content, access times); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status). Affected persons: users (e.g. website visitors, users of online services). Purposes of processing: provision of contractual services and customer service; Feedback (e.g. collecting feedback via online form); Provision of our online offering and user-friendliness; Safety measures; Managing and responding to inquiries. Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Further information on processing processes, procedures and services: Comments and contributions: When users leave comments or other contributions, their IP addresses may be stored based on our legitimate interests. This is done for our security if someone leaves illegal content in comments and posts (insults, prohibited political propaganda, etc.). In this case, we ourselves can be prosecuted for the comment or post and are therefore interested in the identity of the author. We also reserve the right to process user information for spam detection based on our legitimate interests. We reserve the same legal basis In the case of surveys, we plan to store the IP addresses of users for their duration and to use cookies to avoid multiple voting. The personal information provided in the comments and posts, any contact and website information as well as the content information stored permanently by us until the user objects; Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR).
  • 28. Contact and inquiry management
    When contacting us (e.g. by post, contact form, e-mail, telephone or via social media) as well as within the framework of existing user and business relationships, the information provided by the inquiring persons is processed to the extent necessary to answer the contact inquiries and any requested measures is required. Types of data processed: contact details (e.g. email, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. websites visited, interest in content, access times); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status). Affected persons: communication partners. Purposes of processing: contact requests and communication; managing and responding to inquiries; Feedback (e.g. collecting feedback via online form); Provision of our online offering and user-friendliness. Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Fulfillment of the contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR). Further information on processing processes, procedures and services: Contact form: If users contact us via our contact form, email or other communication channels, we process the data provided to us in this context to process the request communicated; Legal basis: Fulfillment of the contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR), legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR).
  • 29. Push notifications
    With the consent of the users, we can send so-called "push notifications" send. These are messages that are displayed on users' screens, devices or browsers, even when our online service is not being actively used. In order to register for push notifications, users must confirm that their browser or device asks them to receive push notifications. This consent process is documented and saved. Storage is necessary to determine whether users have agreed to receive push notifications and to be able to prove their consent. For these purposes, a pseudonymous browser identifier (so-called “push token”) or the device ID of a terminal device is stored. The push messages may be necessary for the fulfillment of contractual obligations (e.g. technical and organizational information relevant to the use of our online offering) and are otherwise based on the consent of the user, unless specifically mentioned below sent. Users can change the receipt of push notifications at any time using the notification settings of their respective browsers or devices. Types of data processed: usage data (e.g. websites visited, interest in content, access times); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status). Affected persons: communication partners. Purposes of processing: Provision of our online offering and user-friendliness; Reach measurement (e.g. access statistics, recognition of returning visitors); Direct marketing (e.g. by email or post). Legal basis: Consent (Art. 6 Para. 1 Sentence 1 Letter a) GDPR); Fulfillment of the contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR). Further information on processing processes, procedures and services: Push notifications with promotional content: The push notifications we send may contain promotional information. The advertising push messages are processed based on the consent of the users. If their content is specifically described as part of consent to receive advertising push messages, the descriptions are decisive for the user's consent. Furthermore, our newsletters contain information about our services and us; Legal basis: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR). Analysis and measurement of success: We evaluate push messages statistically and can therefore determine whether and when push messages were displayed and clicked on. This information is used to technically improve our push messages based on the technical data or the target groups and their retrieval behavior or retrieval times. This analysis also includes determining whether the push messages are opened, when they are opened and whether users interact with their content or buttons. For technical reasons, this information can be assigned to the individual push message recipients. However, it is neither our intention nor, if used, that of the push notification service provider to monitor individual users. Rather, the evaluations serve us to recognize the usage habits of our users and to adapt our push messages to them or to send different push messages according to the interests of our users. The evaluation of the push messages and the measurement of success are carried out on the basis of express consent of the user, which takes place with the consent to receive push notifications. Users can object to the analysis and performance measurement by unsubscribing from push notifications. Unfortunately, a separate revocation of the analysis and performance measurement is not possible; Legal basis: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR).
  • 30. Communication via messenger
    We use messengers for communication purposes and therefore ask you to note the following information on the functionality of the messengers, encryption, the use of communication metadata and your options for objection. You can also contact us in alternative ways, e.g. via telephone or email. Please use the contact options provided to you or the contact options provided within our online offering. In the case of end-to-end encryption of content (i.e., the content of your message and attachments), we would like to point out that the communication content (i.e., the content of the message and attached images) is encrypted from end to end . This means that the content of the messages cannot be viewed, not even by the messenger providers themselves. You should always use a current version of the messenger with encryption activated to ensure that the message content is encrypted. However, we would also like to point out to our communication partners that although the messenger providers cannot view the content, they can find out that and when communication partners communicate with us as well as technical information about the device used by the communication partner and depending on the settings of their device Location information (so-called metadata) is also processed. Notes on legal bases: If we ask communication partners for permission before communicating with them via Messenger, the legal basis for our processing of their data is their consent. Furthermore, if we do not ask for your consent and, for example, you contact us on your own initiative, we use Messenger in relation to our contractual partners as well as in the context of contract initiation as a contractual measure and in the case of other interested parties and communication partners on the basis of our legitimate interests on fast and efficient communication and meeting the needs of our communication partner on communication via messenger. We would also like to point out that we will not transmit the contact details provided to us to Messenger for the first time without your consent. Revocation, objection and deletion: You can revoke your consent at any time and object to communication with us via Messenger at any time. In the case of communication via messenger, we delete the messages in accordance with our general deletion guidelines (i.e., as described above, after the end of contractual relationships, in the context of archiving requirements, etc.) and otherwise as soon as we can assume that we have answered any information from the communication partner. if no reference to a previous conversation is to be expected and deletion does not conflict with any legal retention obligations. Reserve of reference to other communication channels: Finally, we would like to point out that, for reasons of your security, we reserve the right not to answer inquiries via messenger. This is the case if, for example, contractual details require special confidentiality or an answer via messenger does not meet the formal requirements. In such cases, we will refer you to more appropriate communication channels. Types of data processed: contact details (e.g. email, telephone numbers); Usage data (e.g. websites visited, interest in content, access times); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status); Content data (e.g. entries in online forms). Affected persons: communication partners. Purposes of processing: contact requests and communication; Direct marketing (e.g. by email or post). Legal basis: Consent (Art. 6 Para. 1 Sentence 1 Letter a) GDPR); Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Further information on processing processes, procedures and services: Apple iMessage: Service provider: Apple Inc., Infinite Loop, Cupertino, CA 95014, USA; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.apple.com/de/ ; Data protection declaration: https://www. apple.com/legal/privacy/de-ww/. Instagram: sending messages via the social network Instagram; Service Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.instagram.com< /a>; Data protection declaration: https://instagram.com/about/legal /privacy. Facebook Messenger: Facebook Messenger with end-to-end encryption (Facebook Messenger's end-to-end encryption requires activation unless it is activated by default); Service Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.facebook.com< /a>; Data protection declaration: https://www.facebook.com/about /privacy; Order processing contract: https://www.facebook.com /legal/terms/dataprocessing; Standard contractual clauses (guaranteeing the level of data protection when processing in third countries): https:/ /www.facebook.com/legal/EU_data_transfer_addendum. Microsoft Teams: Microsoft Teams - Messenger; Service provider: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland, Parent company: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.microsoft .com/de-de/microsoft-365; Data protection declaration: https://privacy.microsoft.com /de-de/privacystatement, security information: https://www.microsoft.com/de-de/trustcenter; Standard contractual clauses (guaranteeing the level of data protection when processing in third countries): https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA . Skype: Skype Messenger with end-to-end encryption - Skype end-to-end encryption requires it to be enabled (unless it is enabled by default); Service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.skype.com/de/ ; Data protection declaration: https://privacy.microsoft.com /de-de/privacystatement, security information: https://www.microsoft.com/de-de/trustcenter. WhatsApp: WhatsApp Messenger with end-to-end encryption; Service provider: WhatsApp Ireland Limited, 4 Grand Canal Quay, Dublin 2, D02 KH28, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.whatsapp.com/ ; Data protection declaration: https://www.whatsapp.com/legal. Ascend by Wix: email and online marketing and communication platform; Service Provider: Wix.com Ltd., Nemal St. 40, 6350671 Tel Aviv, Israel; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://de.wix.com/ascend /home; Data protection declaration: https://de.wix.com/about /privacy; Order processing contract: https://www.wix .com/about/privacy-dpa-users.
  • 31. Video conferences, online meetings, webinars and screen sharing
    We use platforms and applications from other providers (hereinafter referred to as “conference platforms”) for the purpose of conducting video and audio conferences, webinars and other types of video and audio meetings (hereinafter referred to collectively as “conference”). a. When selecting conference platforms and their services, we observe the legal requirements. Data processed by conference platforms: As part of participation in a conference, the conference platforms process the following personal data of participants. The scope of processing depends, on the one hand, on what data is required as part of a specific conference (e.g. providing access data or real names) and what optional information is provided by the participants. In addition to processing to carry out the conference, the participants' data can also be processed by the conference platforms for security purposes or service optimization. The data processed includes personal data (first name, last name), contact information (email address, telephone number), access data (access codes or passwords), profile pictures, information about professional status/function, the IP address of the Internet access, information about the participants' end devices, their operating system, the browser and its technical and linguistic settings, information about the content of communication processes, i.e. entries in chats as well as audio and video data, as well as the use of other available functions (e.g. surveys). The content of communications is encrypted to the extent technically provided by the conference provider. If the participants are registered as users on the conference platforms, then further data can be processed in accordance with the agreement with the respective conference provider. Logging and recordings: If text entries, participation results (e.g. from surveys) as well as video or audio recordings are logged, this will be transparently communicated to the participants in advance and they will be asked for consent - if necessary. Data protection measures of the participants: Please note the details of the processing of your data by the conference platforms in their data protection information and select the security and data protection settings that are optimal for you within the framework of the settings of the conference platforms. Please also ensure data and privacy protection in the background of your recording for the duration of a video conference (e.g. by informing roommates, locking doors and using, where technically possible, the function to obscure the background). Links to the conference rooms and access data may not be passed on to unauthorized third parties. Notes on legal bases: If, in addition to the conference platforms, we also process users' data and ask the users for their consent to the use of the conference platforms or certain functions (e.g. consent to a recording of conferences), the legal basis is Processing this consent. Furthermore, our processing may be necessary to fulfill our contractual obligations (e.g. in participant lists, in the case of processing the results of discussions, etc.). Furthermore, user data is processed on the basis of our legitimate interests in efficient and secure communication with our communication partners. Types of data processed: inventory data (e.g. names, addresses); Contact details (e.g. email, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. websites visited, interest in content, access times); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status). Affected persons: communication partner; Users (e.g. website visitors, users of online services); People depicted. Purposes of processing: provision of contractual services and customer service; Contact inquiries and communication; Office and organizational procedures. Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Further information on processing processes, procedures and services: Google Hangouts / Meet: conference and communication software; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://hangouts.google.com/ ; Privacy policy: https://policies.google.com/privacy; Order processing contract: https://cloud.google .com/terms/data-processing-addendum; Standard contractual clauses (guaranteeing the level of data protection when processing in third countries): https://cloud.google.com/terms/eu-model-contract-clause. Microsoft Teams: conference and communication software; Service provider: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland, Parent company: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.microsoft .com/de-de/microsoft-365; Data protection declaration: https://privacy.microsoft.com /de-de/privacystatement, security information: https://www.microsoft.com/de-de/trustcenter; Standard contractual clauses (guaranteeing the level of data protection when processing in third countries): https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA . Skype: messenger and conference software; Service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.skype.com/de/ ; Data protection declaration: https://privacy.microsoft.com /de-de/privacystatement, security information: https://www.microsoft.com/de-de/trustcenter. Zoom: conference and communication software; Service provider: Zoom Video Communications, Inc., 55 Almaden Blvd., Suite 600, San Jose, CA 95113, USA; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://zoom.us; Data protection declaration: https:/ /zoom.us/docs/de-de/privacy-and-legal.html; Order processing contract: https:/ /zoom.us/docs/de-de/privacy-and-legal.html (referred to as Global DPA); Standard contractual clauses (guaranteeing the level of data protection when processing in third countries): https://zoom.us/docs/de-de/privacy-and-legal.html (Referred to as Global DPA).
  • 32. Presences in social networks (social media)
    We maintain online presences within social networks and process user data in this context in order to communicate with active users there or to offer information about us. We would like to point out that user data may be processed outside the European Union. This can result in risks for users because, for example, it could make it more difficult to enforce users' rights. Furthermore, user data within social networks is usually processed for market research and advertising purposes. For example, usage profiles can be created based on usage behavior and the resulting interests of users. The usage profiles can in turn be used, for example, to place advertisements within and outside the networks that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users' computers, in which the usage behavior and interests of the users are stored. Furthermore, data can also be stored in the usage profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them). For a detailed description of the respective forms of processing and the objection options (opt-out), we refer to the data protection declarations and information of the operators of the respective networks. In the case of requests for information and the assertion of the rights of those affected, we would also like to point out that these can most effectively be asserted with the providers. Only the providers have access to user data and can take appropriate measures and provide information directly. If you still need help, you can contact us. Types of data processed: contact details (e.g. email, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. websites visited, interest in content, access times); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status). Affected persons: users (e.g. website visitors, users of online services). Purposes of processing: contact requests and communication; Feedback (e.g. collecting feedback via online form); Marketing. Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Further information on processing processes, procedures and services: Instagram: social network; Service Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.instagram.com< /a>; Data protection declaration: https://instagram.com/about/legal /privacy. Facebook pages: Profiles within the social network Facebook - Together with Meta Platforms Ireland Limited, we are responsible for the collection (but not further processing) of data from visitors to our Facebook page (so-called "Fanpage"). This data includes information about the types of content users view or interact with, or the actions they take (see “Things you and others do and provide” in the Facebook Data Policy: https://www.facebook.com/policy ), as well as information about the devices used by users (e.g. IP addresses, operating system, browser type, language settings, cookie data; see “Device information” in the Facebook data policy: https://www.facebook.com/policy). As explained in the Facebook Data Policy under “How do we use this information?”, Facebook also collects and uses information to provide analytics services called “Page Insights” to page operators to help them understand how people interact with their Pages and interact with the content associated with them. We have entered into a special agreement with Facebook ("Information about Page Insights", https://www.facebook.com/legal/terms/page_controller_addendum), which regulates in particular which security measures Facebook must observe and in which Facebook agrees to do so must fulfill the rights of those affected (i.e. users can, for example, send information or deletion requests directly to Facebook). The rights of users (in particular to information, deletion, objection and complaint to the responsible supervisory authority) are not restricted by the agreements with Facebook. Further information can be found in the "Information about Page Insights" (https://www.facebook.com/ legal/terms/information_about_page_insights_data); Service Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.facebook.com< /a>; Data protection declaration: https://www.facebook.com/about /privacy; Standard contractual clauses (guaranteeing the level of data protection when processing in third countries): https:/ /www.facebook.com/legal/EU_data_transfer_addendum; Further information: Shared Responsibility Agreement: https:// www.facebook.com/legal/terms/information_about_page_insights_data. The joint responsibility is limited to the collection by and transfer of data to Meta Platforms Ireland Limited, a company based in the EU. Further processing of the data is the sole responsibility of Meta Platforms Ireland Limited, which in particular concerns the transmission of the data to the parent company Meta Platforms, Inc. in the USA (on the basis of the agreement between Meta Platforms Ireland Limited and Meta Platforms, Inc. concluded standard contractual clauses). LinkedIn: social network; Service Provider: LinkedIn Ireland Unlimited Company, Wilton Plaza Wilton Place, Dublin 2, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.linkedin.com< /a>; Data protection declaration: https://www.linkedin.com /legal/privacy-policy; Order processing contract: https://legal.linkedin.com/dpa; Standard contractual clauses (guaranteeing the level of data protection when processing in third countries): https://legal .linkedin.com/dpa; Option to object (opt-out): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. Xing: social network; Service provider: New Work SE, Am Strandkai 1, 20457 Hamburg, Germany; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.xing.de< /a>; Data protection declaration: https://privacy.xing.com/de /data protection declaration.
  • 33. Newsletters and electronic notifications
    We only send newsletters, emails and other electronic notifications (hereinafter “newsletter”) with the consent of the recipient or legal permission. If the contents are specifically described when registering for the newsletter, they are decisive for the user's consent. Our newsletters also contain information about our services and us. In order to register for our newsletters, it is generally sufficient to provide your email address. However, we may ask you to provide a name so that you can be addressed personally in the newsletter, or other information if this is necessary for the purposes of the newsletter. Double opt-in procedure: Registration for our newsletter is generally carried out using a so-called double opt-in procedure. This means that after registering you will receive an email asking you to confirm your registration. This confirmation is necessary so that no one can log in with someone else's email address. Registrations for the newsletter are logged in order to be able to provide evidence of the registration process in accordance with legal requirements. This includes storing the registration and confirmation times as well as the IP address. Changes to your data stored by the shipping service provider are also logged. Deletion and restriction of processing: We can store the unsubscribed email addresses for up to three years based on our legitimate interests before we delete them in order to be able to prove that we have previously given consent. The processing of this data is limited to the purpose of possible defense against claims. An individual request for deletion is possible at any time, provided that the previous existence of consent is confirmed at the same time. In the event of obligations to permanently observe contradictions, we reserve the right to store the email address in a blacklist (so-called "blocklist") solely for this purpose. The recording of the registration process is based on our legitimate interests for the purpose of providing evidence of its proper execution. If we commission a service provider to send emails, this is done on the basis of our legitimate interests in an efficient and secure shipping system. Contents: Information about us, our services, promotions and offers. Types of data processed: inventory data (e.g. names, addresses); Contact details (e.g. email, telephone numbers); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status); Usage data (e.g. websites visited, interest in content, access times); Event data (Facebook) ("Event data" is data that can be transmitted by us to Facebook, for example via Facebook pixel (via apps or other ways) and relates to people or their actions; Zu The data includes, for example, information about visits to websites, interactions with content, functions, installations of apps, purchases of products, etc.; the event data is processed for the purpose of forming target groups for content and advertising information (custom audiences); event Data does not include the actual content (such as written comments), no login information and no contact information (i.e. no names, email addresses and telephone numbers). Event data is deleted by Facebook after a maximum of two years target groups formed by you with the deletion of our Facebook account); Payment data (e.g. bank details, invoices, payment history); Contract data (e.g. subject matter of the contract, term, customer category). Affected persons: communication partner; Customers; Interested persons; Users (e.g. website visitors, users of online services); Business and contractual partners. Purposes of processing: direct marketing (e.g. by email or post); Marketing; Contact inquiries and communication; Reach measurement (e.g. access statistics, recognition of returning visitors); Conversion measurement (measuring the effectiveness of marketing measures); Profiles with user-related information (creating user profiles); Provision of contractual services and customer service; office and organizational procedures; Provision of our online offering and user-friendliness. Legal basis: Consent (Art. 6 Para. 1 Sentence 1 Letter a) GDPR); Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Ability to object (opt-out): You can cancel your receipt of our newsletter at any time, i.e. revoke your consent or object to further receipt. You will find a link to cancel the newsletter either at the end of each newsletter or you can use one of the contact options listed above, preferably email. Further information on processing processes, procedures and services: Measurement of opening and click rates: The newsletters contain a so-called “web beacon”, i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened or, if we use a shipping service provider, from their server becomes. As part of this retrieval, technical information is initially collected, such as information about the browser and your system, as well as your IP address and the time of retrieval. This information is used to technically improve our newsletter based on the technical data or the target groups and their reading behavior based on their access locations (which can be determined using the IP address) or access times. This analysis also includes determining whether the newsletters are opened, when they are opened and which links are clicked. This information is assigned to the individual newsletter recipients and stored in their profiles until it is deleted. The evaluations help us to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users. The measurement of the opening rates and click rates as well as the storage of the measurement results in the users' profiles and their further processing take place based on user consent. Unfortunately, it is not possible to revoke the success measurement separately; in this case, the entire newsletter subscription must be canceled or objected to. In this case, the saved profile information will be deleted; Legal basis: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR). Google Analytics: Measuring the success of email campaigns and creating user profiles with a storage period of up to two years; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: Consent (Art. 6 Para. 1 Sentence 1 Letter a) GDPR); Website: https://marketingplatform. google.com/intl/de/about/analytics/; Privacy policy: https://policies.google.com/privacy; Order processing contract: https://business.safety.google/adsprocessorterms; Standard contractual clauses (guaranteeing the level of data protection when processing in third countries): https://business .safety.google/adsprocessorterms; Option to object (opt-out): Opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated; Further information: https://privacy.google.com/ businesses/adsservices (types of processing and data processed). Reminder emails about the ordering process: If users do not complete an ordering process, we can remind users of the ordering process by email and send them a link to continue it. This function can be useful, for example, if the purchase process could not be continued due to a browser crash, oversight or forgetting. Shipping is based on consent, which users can revoke at any time; Legal basis: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR). Sending via SMS: The electronic notifications can also be sent as SMS text messages (or are sent exclusively via SMS if the authorization to send them, e.g. consent, only includes sending via SMS); Legal basis: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR). CleverReach: email marketing platform; Service provider: CleverReach GmbH & Co. KG, //CRASH Building, Schafjückenweg 2, 26180 Rastede, Germany; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.cleverreach.com/de; Data protection declaration: https://www.cleverreach.com/ de/data protection/; Data processing agreement: Provided by the service provider. Facebook Messenger Broadcasts: Messenger with end-to-end encryption; Service Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.facebook.com< /a>; Data protection declaration: https://www.facebook.com/about /privacy; Order processing contract: https://www.facebook.com /legal/terms/dataprocessing; Standard contractual clauses (guaranteeing the level of data protection when processing in third countries): https:/ /www.facebook.com/legal/EU_data_transfer_addendum; Option to object (opt-out): https://www. facebook.com/adpreferences/ad_settings (Facebook login is required). SendGrid: Email sending and communication platform for transactional and marketing emails; Service Provider: Twilio Ireland Limited, 25 – 28 North Wall Quay, North Wall, Dublin 1, D01 H104, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://sendgrid.com; Privacy policy: https://www.twilio.com/legal /privacy; Order processing contract: https://www.twilio .com/legal/data-protection-addendum; Standard contractual clauses (guaranteeing the level of data protection when processing in third countries): https://www.twilio.com/legal/data-protection-addendum. Zapier: automation of processes, merging of various services, import and export of personal and contact data and analysis of these processes; Service Provider: Zapier, Inc., 548 Market St #62411, San Francisco, California 94104, USA; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://zapier.com; Privacy policy: https://zapier.com/privacy; Standard contractual clauses (guaranteeing the level of data protection when processing in third countries): https://zapier.com /tos (part of the Terms and Conditions). Wix Events: Event management platform for tickets & attendance management; Service Provider: Wix.com Ltd., Nemal St. 40, 6350671 Tel Aviv, Israel; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://support.wix. com/de/wix-events/; Data protection declaration: https://de.wix.com/about /privacy; Order processing contract: https://www.wix .com/about/privacy-dpa-users. Ascend by Wix: email and online marketing and communication platform; Service Provider: Wix.com Ltd., Nemal St. 40, 6350671 Tel Aviv, Israel; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://de.wix.com/ascend /home; Data protection declaration: https://de.wix.com/about /privacy; Or