Data protection

We take the protection of your personal information very seriously. We will treat your personal information confidentially and in accordance with data protection legislation and this Privacy Policy.

This privacy policy explains what data we collect when you visit our website, for the purposes of fulfilling contracts, for fundraising marketing and for the other purposes listed in the privacy policy, how we use it and with whom we share it. We also inform you of your rights to access, rectify, object to and delete your data.

We may update this privacy policy from time to time to keep information up to date or to reflect changes in the law. We will obtain your separate consent or notify you by email of any substantial changes for new processing purposes that affect your data already provided, as required by law.

You should be aware that there may be security gaps in the transmission of data over the internet (e.g. when communicating by email). It is not possible to completely protect data from access by third parties.

Last update: April 2025

We have appointed a data protection officer who you can contact at any time with questions about data protection:

Dr Georg F. Schröder, LL.M.
legal data Schröder Rechtsanwaltsgesellschaft mbH
Lawyer / Data Protection Officer

Prannerstr. 1
80333 Munich / Germany

Phone: +49-89 954 597 520
Fax: +49-89 954 597 522
E-mail: georg.schroeder@legaldata.law

We only pass on your personal data to third parties in the following cases:

• If you have expressly given us your consent in accordance with Art. 6 para. 1 lit. a GDPR.
• If this is legally permissible and necessary for the fulfilment of a contractual relationship or for the implementation of pre-contractual measures, e.g. to payment, shipping or collection service providers (pursuant to Art. 6 para. 1 lit. b GDPR).
• If there is a legal obligation to pass on the data, e.g. to authorities, social security institutions or law enforcement authorities (pursuant to Art. 6 para. 1 lit. c GDPR).
• If the transfer is necessary to safeguard our legitimate interests or for the establishment, exercise or defence of legal claims and there are no overriding legitimate interests on your part to the contrary (pursuant to Art. 6 para. 1 lit. f GDPR).
• If we use external service providers (processors) in accordance with Art. 28 GDPR, who only process your data in accordance with our instructions and are obliged to maintain data secrecy, e.g. in the areas of IT, donation management, marketing, fundraising & communication.

Your personal data will generally be processed in Germany or within the EU, where the GDPR ensures a high level of data protection. If we use service providers outside the EU, a lower level of data protection may apply in those countries. When transferring data to third countries, we ensure compliance with the data protection requirements pursuant to Art. 44 seq. GDPR through EU standard contractual clauses. When using service providers in the US, data is transferred on the basis of the adequacy decision of the EU-US Privacy Framework if the company is certified. Otherwise, we use standard contractual clauses.

You have the following legal rights, which you can assert with us or with our data protection officer:

• Right to information: As a data subject, you have the right to request confirmation as to whether we are processing personal data concerning you. If this is the case, you have the right to information about this personal data and to further information, e.g. the processing purposes, the recipients and the planned duration of storage or the criteria for determining the duration.
• Right to rectification and completion: As a data subject, you have the right to request the rectification of inaccurate data without undue delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete data.
• Right to erasure (“right to be forgotten”): As a data subject, you have the right to erasure for the following reasons, insofar as the processing is not necessary:
  • The data is no longer required for the original purposes.
  • You have withdrawn the data protection consent on which the processing was based. This only applies if there is no other legal basis for the processing.
  • You object to the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 para. 2 GDPR
  • The data was processed unlawfully.
  • The deletion of the data is required under EU law or under the law of the Federal Republic of Germany.
  • The data was collected in relation to information society services offered in accordance with Art. 8 para.1 GDPR
• Right to restriction of processing: As a data subject, you have a right to restriction of processing if additional conditions are met, e.g. if you believe that the personal data is incorrect.
• Right to data portability: As the data subject, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format.
• Right to object: As the data subject, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6 para. 1 lit. e or f GDPR. In the case of direct marketing, you as the data subject have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing, which includes profiling to the extent that it is related to such direct marketing. Please send your objection directly to the following address:

Stiftung Menschen für Menschen
Brienner Straße 46
80333 Munich
Or via e-mail to: info@menschenfuermenschen.org

• Right to lodge a complaint with a supervisory authority: If you are of the opinion that the data processing does not comply with data protection regulations, you can lodge a complaint with a data protection supervisory authority at any time.
• Right to withdraw consent under data protection law: You can withdraw your consent to the processing of your personal data at any time with effect for the future. However, this does not affect the legality of the processing carried out up to the point of revocation.

• The fundamental aim of our online services is to contribute to the fulfilment of our foundation’s objectives. To this end, it is important to constantly optimise the services provided (customer satisfaction, security, user-friendliness, etc.).
• We process data primarily insofar as it is necessary for the establishment, content or amendment of the legal relationship (inventory data). We collect, process and use personal data about the use of our website (usage data) only insofar as this is necessary to enable, optimise or bill you for the use of the service.
• To send you communications, including promotional material
• To make our online offer even more attractive for you; to recognise key areas of interest or, if necessary, to display usage-based online advertising.
• For WEB analysis and evaluation in order to recognise and react to technical problems at an early stage.

The legal basis for the processing of your personal data is the fulfilment of the contract with you in accordance with Art. 6 para. 1 lit. b GDPR or to safeguard our legitimate interests in the processing in accordance with Art. 6 para. 1 lit. f GDPR. If you have also given your consent, the additional legal basis is Art. 6 para. 1 lit. a GDPR.

The processing operations are described in detail below:

If you visit our website without providing us with further data by registering or using the contact form, we automatically collect technical log data (so-called log files) that are sent from your end device to our server. This includes, among other things:

• IP address
• Date and time of the enquiry
• URL of the accessed subpage
• URL of the referring page (referrer URL)
• Access status/HTTP status code
• Browser type, language and version
• Operating system

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

This data processing is necessary to display our website to you and to ensure its security and stability. The legal basis is Art. 6 para. 1 lit. f GDPR, as the processing is necessary to safeguard our legitimate interests in order to enable the technically error-free display and optimisation of our website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

The data is deleted as soon as it is no longer required to display the website, but no later than seven days after your visit. The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. The user does not have the option to object to this.

We collect personal data from you or the contact persons of the companies as part of the pre-contractual relationship and upon conclusion of the contract. This includes, for example, first and last name, address, e-mail address, telephone number or payment method. This data is collected and processed exclusively for the fulfilment of a concluded contract or for the fulfilment of pre-contractual obligations, e.g. in the context of donations, orders in the donation shop, contracts with service providers, contractual partners and other business partners.

The legal basis for this is Art. 6 para. 1 lit. b GDPR. If you have also given your consent, the additional legal basis is Art. 6 para. 1 lit. a GDPR.

As soon as your data is no longer required for the fulfilment of the purpose of processing, it will be deleted. In addition, legal regulations may result in obligations to retain data. The retention periods are up to ten years and are set out in the provisions of the German Commercial Code (HGB) and the German Fiscal Code (AO). Your data will be deleted after the specified periods have expired.

If you would like to donate online, you can do so via our donation form. For this purpose, we use the services of Wikando GmbH, Schießgrabenstraße 32, 86150 Augsburg (hereinafter referred to as “FundraisingBox”). When using this online donation option, various data is collected from you, which we process exclusively for the purpose of processing payments, processing the donation and issuing a donation receipt. The personal data that is transmitted as part of payment processing is usually your first and last name, the payment amount, your IP address if applicable, your e-mail address if applicable or other data required for payment processing. This transmission is necessary to process your payment with the payment method you have selected, in particular to confirm your identity and process your payment. The legal basis is Art. 6 para. 1 lit. b GDPR.

Depending on the selected payment method, your data will be forwarded by FundraisingBox to the relevant financial service provider, namely in the case of

• Direct debit payment
• PayPal payment to PayPal S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg; further information: https://www.paypal.com/de/legalhub/paypal/privacy-full
• Payments with mobile devices (Google and Apple Pay) via the payment platform Stripe Payments Europe, Limited (SPEL), 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland; further information: https://stripe.com/de/privacy
• Payment by credit card via PayPal S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg; further information: https://www.paypal.com/de/legalhub/paypal/privacy-full

Information on data security and data protection at FundraisingBox can be found here: https://www.fundraisingbox.com/datenschutz/. If you use the PayPal payment services provided by FundraisingBox, please note the privacy policy of PayPal S.à.r.l. (www.paypal.com/de/webapps/mpp/ua/privacy-full).

Your data will be deleted as soon as we no longer need it for the stated purposes. However, due to statutory retention obligations, we are obliged to retain your personal data in connection with your donation for ten years, including details of the donation amount, donation frequency and donation purpose/project. The legal basis for the processing is the fulfilment of the donation contract in accordance with Art. 6 para. 1 lit. b GDPR.

Personal data is collected when you contact us (e.g. by telephone, contact form, email or fax). Which data is collected via the contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of processing your enquiry or for contacting you and the associated technical administration.

The legal basis for the processing of the data is our legitimate interest in processing your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aimed at the conclusion of a contract (e.g. a donation), the legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

Your data will be deleted after final processing of the enquiry if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. We use the so-called double opt-in procedure to subscribe to our newsletter. This means that after you have entered your e-mail address, we will send you a confirmation e-mail to the e-mail address you have provided, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm this within 24 hours, your registration will be automatically cancelled. If you confirm your wish to receive the newsletter, we will store your e-mail address until you unsubscribe from the newsletter. The sole purpose of this storage is to be able to send you the newsletter. Furthermore, we store your IP address and the time of registration and confirmation in order to prevent misuse of your personal data.

The only mandatory information for sending the newsletter is the e-mail address. The provision of further, separately marked information is voluntary and is used solely to personalise the newsletter. This data will also be completely deleted upon cancellation.

You can revoke your consent to the sending of the newsletter at any time. You can declare your cancellation by clicking on the link provided in every newsletter email, by sending an email to newsletter@menschenfuermenschen.org or by sending a message to the contact details given in the legal notice. The data you provide will not be passed on to third parties.

We use Brevo services to send newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin. Brevo is a service that can be used to organise and analyse the sending of newsletters, among other things. If you enter data for the purpose of subscribing to the newsletter (e.g. email address), this data is stored on Brevo’s servers. Brevo can be used to analyse newsletter campaigns. When you open an email sent with Brevo, a file contained in the email (known as a web beacon) connects to Brevo’s servers. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked on. Technical information is also collected (e.g. time of access, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients. If you do not wish to be analysed by Brevo, you can unsubscribe from the newsletter. We provide a corresponding link in every newsletter for this purpose. You can find out more about Brevo’s data protection provisions here: https://www.brevo.com/de/legal/privacypolicy/

The requirements of Art. 28 GDPR are fulfilled. Brevo has contractually undertaken to protect our customers’ data and not to pass it on to third parties. Further information on data processing by Brevo can be found in Brevo’s privacy policy.

We use the contact and address data provided to us by our donors and customers of the donation shop to inform them about our projects as part of our charitable work and to solicit donations and support campaigns. This includes, among other things, the sending of communications and personal contact – for example by telephone or e-mail.

We use telephone campaigns to welcome and thank new supporters, provide information about our work and also make contact with former donors. We also approach potential new supporters in a targeted manner in order to win them over to our foundation’s cause. For this purpose, we also use contact data from publicly accessible sources or those provided to us by partners – always within the framework of the legal requirements – provided that the relevant consent has been given for us to contact them (e.g. in connection with competitions or other campaigns).

For certain activities, we use carefully selected external service providers who act on our behalf. They call exclusively on behalf of our foundation – naturally in compliance with all data protection regulations. The caller’s telephone number is always displayed; anonymous calls are not made.

Our aim is to inform people about our charitable work and to inspire them to support us – while naturally respecting their wish not to be contacted at any time. Nobody should feel pressurised by our approach.

Contacting you to inform you about the use of your donation or in the context of appeals for donations is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. This interest consists of informing you about our foundation’s work and current support needs and encouraging you to participate in our charitable work.

You can apply online on our website. Further details on data protection can be found here and in the privacy policy on our applicant portal.

On this website, we link to our presence on social networks or use social plugins such as “Share” buttons or integrate our posts published on social media. When you visit our website, no data is transmitted to the operator of the respective social network, but only when you actively follow the link to our profile on the respective social network or click on the social plugin.

The following categories of data are processed by the respective social network:

• IP address
• Date, time
• Visited website

If you are logged into your user account on a social network when you visit our profile page, the operator of the social network may be able to assign the information collected from the specific visit to your personal account.

If you interact via a “Share” or “Like” button of the respective network or if you access our posts published on a social network directly on the website via a plugin, this information can also be assigned to the user’s personal account and may be published.

If you want to prevent the information collected from being directly assigned to your user account, you must log out of the respective social network before accessing our profile page or before using the social plugin.

You can also configure the user account with the respective social network accordingly.

If you access our profile page on a social network, the operator of the social network may also place cookies on your end device, regardless of whether you have an account with the network or are logged in there. Cookies are data packets that mark the user’s end device with a specific identifier. Cookies are primarily used to display personalised advertising to visitors to social networks, including our profile pages. This is done, for example, by displaying adverts from advertising partners of the social network whose websites the user has previously visited on the pages of the social network. Cookies also enable us to compile statistics on the use of our profile page (e.g. number of page views, user categories). If we receive such statistical analyses from the operator of the social network, the data is anonymised by the operator beforehand, i.e. it is not possible for us to assign usage data to an individual user.

The purpose of processing your data on our profile page on the respective social network is to provide information about our offers and services and to respond to any enquiries on our profile page. The legal basis for the processing is Art. 6 para. 1 lit. f GDPR. In this respect, public relations work is covered by our legitimate interests within the meaning of the provision. If you use a social plugin integrated by us, the legal basis is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

We delete private messages that you send us via social networks twelve months after the last communication with you. We will always keep your public posts (e.g. in our timeline) published permanently until you expressly request their deletion.

We have no influence on which data is collected and transmitted by the operator of the social network, to which third party recipients the data is transmitted by the operator of the social network and how long the data is stored by the operator of the social network. Please refer to the privacy policy of the respective social network.

We reserve the right to delete illegal content published by users on our profile page on the respective social network, e.g. copyright infringements or statements relevant under criminal law.

According to the case law of the European Court of Justice, we are jointly responsible with the operator of the respective social network for the operation of our profile page or the social plugin with regard to compliance with data protection regulations. In this context, the operator of the social network provides the associated IT infrastructure and the website of the social network and is generally the primary point of contact when it comes to the processing of your data on the pages of the social network (e.g. information or deletion). However, you can also assert your legal rights against us. In this case, we will forward your enquiry to the operator of the social network.

In the case of US providers (Instagram), data is transferred to the USA. These providers oblige recipients outside the EU/EEA to comply with an appropriate data protection standard on the basis of so-called EU standard contractual clauses. In addition, data may also be transferred to a third country if the European Commission recognises an adequate level of data protection.

We integrate the following social networks on our website through links:

Facebook:
Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2 D02 X525, Ireland
https://www.facebook.com/privacy/policy/

Instagram:
Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2 D02 X525, Ireland
https://privacycenter.instagram.com/policy/

LinkedIn:
Provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
https://www.linkedin.com/legal/privacy-policy

YouTube:
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
https://www.youtube.com/howyoutubeworks/user-settings/privacy/

Vimeo:
Provider: Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA
https://vimeo.com/privacy

Our website uses Borlabs Cookie consent technology to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies and to document these in compliance with data protection regulations. The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany (hereinafter referred to as Borlabs).

When you enter our website, a Borlabs cookie is set in your browser, in which the consents you have given or the revocation of these consents are stored. This data is not passed on to the provider of Borlabs Cookie.

The data collected will be stored until you ask us to delete it or delete the Borlabs cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. Details on data processing by Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

The legal basis for data processing is our legitimate interest in the data protection-compliant management of user consents to the setting of cookies on our website (Art. 6 para. 1 lit. f GDPR).

We use the web analysis tool “Matomo” on our website. This leading open source web analysis platform helps us to better understand the online behaviour of our website visitors and to adapt our website to their needs. Cookies are placed on your end device to enable us to analyse website usage in this way. We store the information collected in this way exclusively on our servers in Germany. As Matomo is self-hosted, we have full control over the data collected. We use Matomo with the “Automatically Anonymise Visitor IPs” function activated. This means that the IP addresses collected are truncated (so-called IP masking). A reference to specific persons can thus be excluded. The legal basis for the processing of data with the help of Matomo is your consent in accordance with Art. 6 para. 1 lit. a GDPR. Further information on Matomo’s terms of use and data protection regulations can be found here.

We use the services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Tel.: +353 1 543 1000, Fax: +353 1 686 5660, E-Mail: support-deutschland(at)google.com (“Google”) on our website.

When using Google services, data may be transferred to the parent company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google LLC has joined the EU-U.S. Data Privacy Framework and is certified according to it, so that a transfer to the USA takes place on the basis of the adequacy decision of the European Commission of 10 July 2023 (Art. 45 para. 1 GDPR). In addition, Google has contractually undertaken, on the basis of the so-called EU standard data protection clauses, to ensure that, when transferring personal data from the European Economic Area, the recipients comply with a data protection standard that essentially corresponds to the European standard (Art. 46 para. 2 lit. c GDPR). These standard contractual clauses represent an additional guarantee under data protection law, on the basis of which a transfer to third countries such as the USA can take place (Art. 46 para. 2 lit. c GDPR). Please note, however, that we cannot guarantee that Google will be able to fulfil these contractual obligations in every case.

Further information about Google can be found in the privacy policy available at: https://policies.google.com/privacy?hl=de

The individual services used are described below:

Google Tag Manager
We use the “Google Tag Manager” tool on our website, with which advertisers can manage website tags and thus the setting of cookies.

Google Tag Manager is designed as a cookie-free domain and only implements tags. Tags are small code elements on the website that are used, among other things, to measure traffic and visitor behaviour, to record the impact of online advertising and social channels, to determine the target groups of our website and to test and optimise the website. With the help of Google Tag Manager, we can control the setting of such cookies on our website.

No additional cookies are set by Google Tag Manager and no personal data is collected. Google Tag Manager triggers other tags that may collect personal data, but does not access this data itself. If a deactivation has been made or an objection declared at domain or cookie level, it will remain in place for all tracking tags if they are set using Google Tag Manager.

The legal basis for data processing is our legitimate interest in the integration and management of cookies set on our website (Art. 6 para. 1 lit. f GDPR).

Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to analyse your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link  https://tools.google.com/dlpage/gaoptout?hl=de.

You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent the future collection of your data when you visit this website: Deactivate Google Analytics

You can find more information on terms of use and data protection at http://www.google.com/analytics/terms/de.html or at https://www.google.de/intl/de/policies/ . Please note that the code “gat._anonymizeIp();” has been added to Google Analytics on this website in order to ensure anonymised collection of IP addresses (so-called IP masking). We also use Google Analytics to analyse data from AdWords and the double-click cookie for statistical purposes. If you do not want this, you can deactivate it via the Ads Preferences Manager.

The legal basis for the processing is your consent pursuant to Art. 6 para. 1 lit. a GDPR.

Google Adwords conversion tracking
We use Google Adwords to show you adverts on Google and other third-party websites. Google Adwords Conversion Tracking is a web analysis service of Google Inc (“Google”). Conversion tracking allows us to determine how successful the individual advertising measures are. The adverts are delivered by Google via so-called “ad servers”.

For this purpose, we use cookies that can be used to measure certain parameters for measuring success, such as the display of adverts or clicks by users. If you reach our website via a Google advert, Google Adwords will store a cookie on your PC. These cookies generally lose their validity after 30 days and are not intended to identify you personally. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be addressed) are usually stored as analysis values for this cookie.

These cookies enable Google to recognise your internet browser. If a user visits certain pages of an Adwords customer’s website and the cookie stored on their computer has not yet expired, Google and the customer can recognise that the user clicked on the ad and was redirected to this page. A different cookie is assigned to each Adwords customer. Cookies can therefore not be tracked via the website of Adwords customers. We ourselves do not collect and process any personal data in the aforementioned advertising measures. We only receive statistical analyses from Google. These analyses enable us to recognise which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material; in particular, we cannot identify users on the basis of this information.

Due to the marketing tools used, your browser automatically establishes a direct connection to Google’s servers. We have no influence on the scope and further use of the data collected by Google and inform you according to our level of knowledge: Through the integration of AdWords conversion tracking, Google receives the information that you have accessed the corresponding part of our website or clicked on an advert from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider will find out your IP address and store it.

The purpose of this is to show you advertising that is of interest to you and to make our website more interesting for you, and the legal basis for the processing of your data is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the analysis, optimisation and economic operation of our website.

The stored data will be deleted as soon as it is no longer required for our purposes.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://www.google.com/settings/ads/plugin

Further information on data protection at Google can be found here: http://www.google.com/intl/de/policies/privacy

Google Adwords Remarketing
We use Google Adwords Remarketing. Google Adwords Remarketing is a web analysis service of Google Inc (“Google”). This application allows us to show you adverts on other websites after you have visited our website. This is done by means of cookies stored in your browser, which are used by Google to record and evaluate your user behaviour when you visit various websites. This allows Google to recognise your previous visit to our website. According to its own statements, Google does not merge the data collected in the context of remarketing with your personal data, which may be stored by Google. In particular, according to Google, pseudonymisation is used in remarketing.

The Google Adwords Remarketing service is used to analyse the usage behaviour of our website. The legal basis is the consent of the user of the website in accordance with Art. 6 para. 1 lit. a GDPR.

The stored data will be deleted by us as soon as it is no longer required for our purposes.

You can permanently deactivate the use of cookies by Google by following the link below and downloading and installing the plug-in provided there: https://support.google.com/ads/answer/7395996?hl=de

You can find more information about Google Remarketing and the associated privacy policy at: https://www.google.com/privacy/ads/

Further information on data protection at Google can be found here: http://www.google.de/intl/de/privacy

Campaign Manager
We use the online marketing tool Campaign Manager from Google. Campaign Manager is a service provided by Google Inc (“Google”. Campaign Manager uses cookies to display adverts that are relevant to users, to improve advertising campaign performance or to prevent a user from seeing the same adverts more than once.

Google uses a cookie ID to record which adverts are displayed in which browser and can thus prevent them from being displayed more than once. In addition, Campaign Manager can use cookie IDs to record so-called conversions that are related to ad requests. This is the case, for example, when a user sees a Campaign Manager advert and later visits the advertiser’s website using the same browser and makes a purchase there. Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server.

By integrating Campaign Manager, Google receives the information that you have called up the corresponding part of our website or clicked on an advert from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider will collect and store your IP address.

The Campaign Manager (Google Doubleclick) cookies used enable us to track whether you perform certain actions on our website after you have called up or clicked on one of our adverts on Google or on another platform via Campaign Manager (conversion tracking). This allows us to send you targeted advertising.

The legal basis is consent pursuant to Art. 6 para. 1 lit. a GDPR.

The stored data will be deleted by us as soon as it is no longer required for our purposes.

You can prevent the storage of cookies by selecting the appropriate settings in your browser software. You can deactivate the display of personalised advertising via a browser plug-in at https://support.google.com/ads/answer/7395996?hl=de

You can also deactivate the display of personalised ads here.

Further information can be found in Google’s privacy policy:

https://policies.google.com/privacy?hl=de

Privacy policy for advertising measures: https://policies.google.com/technologies/ads?hl=de

Google Fonts
We use Google Fonts on our website. This allows us to integrate certain fonts into our website. These fonts are provided by Google via servers in the USA. When accessing our website, the visitor’s web browser establishes a direct connection to these servers. Among other things, the visitor’s IP address is transmitted to Google and stored there. The purpose of using Google Fonts is the standardised presentation of fonts. The legal basis is Art. 6 para. 1 lit. a GDPR. The data collected by Google due to the use of Google Fonts is not processed by us.

Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. The provider is Google Inc (“Google”). The purpose of reCAPTCHA is to check whether the data input on this website (e.g. in a contact form) is made by a human or by an automated programme. For this purpose, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.

The data is stored and analysed on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website from abusive automated spying and SPAM. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.

For more information about Google reCAPTCHA, please refer to the Google Privacy Policy and the Google Terms of Use at the following links: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de .

Integration of YouTube videos
We use the YouTube embedding function to display and play videos from the provider Google Inc (“Google”) . The extended data protection mode is used here, which, according to the provider, only starts storing user information when the videos are played. If the playback of embedded YouTube videos is started, the provider “YouTube” uses cookies to collect information about user behaviour. According to YouTube, these are used, among other things, to record video statistics, improve user-friendliness and prevent abusive behaviour. If you are logged in to Google, your data can be assigned directly to your account when you click on a video. If you do not wish to be associated with your YouTube profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and analyses them. Such an evaluation is carried out in accordance with Art. 6 para. 1 lit. a GDPR on the basis of your consent. Regardless of whether the embedded videos are played, a connection to the Google network “DoubleClick” is established each time this website is accessed, which can trigger further data processing operations without our influence. Further information on data protection at “YouTube” can be found in the provider’s privacy policy at

We use the visitor action pixel of the provider Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2 D02 X525, Ireland (“Facebook”) within our website. The remarketing tag or tracking pixel from Facebook was implemented. Facebook and we are jointly responsible for data processing.

The Facebook pixel enables Facebook to determine the visitors to our online offering as a target group for the display of adverts (so-called “Facebook ads”). A user can also be tracked across several websites. We use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have shown an interest in our online offering or who have certain characteristics (e.g. interest in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook (so-called “custom audiences”).

With the help of the Facebook pixel, we can also track the effectiveness of Facebook adverts for statistical and market research purposes (“Audience Insights”) by seeing whether users were redirected to our website after clicking on a Facebook advert (so-called “conversion”).

The Facebook pixel is a JavaScript code that sends the following data to Facebook:

• HTTP header information: including IP address, information on the web browser, page location, document, URL of the website and end device of the web browser (computer, smartphone, tablet, other) as well as date and time of use
• Pixel-specific data: Pixel ID and Facebook cookie data including your Facebook ID (this is used to link events to a specific Facebook advertising account and thus associate them with a Facebook user)
• Additional information about the visit and about standard and customised data events.

You can find more information here: https://de-de.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0

We also use the additional function “automatic extended synchronisation”. Here, data such as first and last name, place of residence, email addresses, telephone numbers or Facebook IDs of users are transmitted to Facebook in encrypted form to form target groups (“Custom Audiences” or “Look Alike Audiences”). This also includes data from non-Facebook users and from users who are not logged into Facebook when they visit our website. This can also be used to identify website visitors who have deactivated the storage of third-party cookies.

If no Facebook cookies are stored in your browser, you will not be categorised in one of the user groups referred to as “Custom Audience”. However, if the Facebook ID contained in the Facebook cookie has been assigned to a Facebook user, Facebook assigns this user to a so-called “Custom Audience” based on the rules we have defined.

According to the case law of the European Court of Justice, we are jointly responsible with Facebook for the operation of the tracking pixel with regard to compliance with data protection regulations. In this context, Facebook provides the associated IT infrastructure and the website of the social network and is generally the primary point of contact when it comes to the processing of your data on the pages of the social network (e.g. information or deletion). However, you can also assert your legal rights against us. In this case, we will forward your enquiry to the operator of the social network. We use the Facebook pixel to display the “Facebook ads” placed by us to Facebook users who have shown an interest in our online offering or who have certain characteristics that we transmit to Facebook (so-called “custom audiences”).

The legal basis for the use of Facebook Custom Audience is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

We use the Vimeo embedding function to display and play videos from the provider Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.

The extended data protection mode is used here, which, according to the provider, only initiates the storage of user information when the videos are played. If the playback of embedded Vimeo videos is started, the provider “Vimeo” uses cookies to collect information about user behaviour. According to Vimeo, these are used, among other things, to record video statistics, improve user-friendliness and prevent abusive behaviour. If you are logged in to Vimeo, your data can be assigned directly to your account when you click on a video. If you do not wish to be associated with your Vimeo profile, you must log out before activating the button. Vimeo stores your data (even for users who are not logged in) as usage profiles and analyses them. Such an evaluation is carried out in accordance with Art. 6 para. 1 lit. a GDPR on the basis of your consent. Regardless of whether the embedded videos are played, a connection to the Vimeo servers is established each time this website is accessed, which may trigger further data processing operations without our influence. Further information on data protection at “Vimeo” can be found in the provider’s privacy policy at: https://vimeo.com/privacy.

Our website uses so-called Content Delivery Networks (CDN). A CDN is a network of high-performance servers that cache content at various locations around the world. A CDN essentially has two tasks: firstly, to provide content in the shortest possible time and secondly, to relieve the web host by distributing the data traffic. CDNs transmit two types of content: Static and dynamic content. All website visitors receive static content in the same form, such as video content from streaming services or code frameworks (e.g. Javascript, jQuery). Dynamic content is initially customised to the user and only created at the moment of the request. This includes content that takes place via web applications, e-mail or online shops and is personalised. In order to be able to use the latter, information about the website visitor must first be transmitted to the CDN. The legal basis for the use of a CDN and the transmission of your data to it is Art. 6 para. 1 lit. f GDPR (legitimate interest in data processing). The legitimate interest arises from our need for a technically flawless and fast presentation of our website and the relief of our IT infrastructure. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice. In detail, we use

We use the CDN service “BootstrapCDN” (formerly called “MaxCDN”) from jsDelivr. You can find more information on the handling of user data in BootstrapCDN’s privacy policy at: https://www.jsdelivr.com/terms/privacy-policy-jsdelivr-net

We use the CDN service “CDNJS” from Cloudflare, Inc, 101 Townsend St, San Francisco, CA 94107, USA. Further information on data protection at Cloudflare: https://www.cloudflare.com/de-de/privacypolicy/

We use the JavaScript library jQuery via the CDN (Content Delivery Network) of the OpenJS Foundation. Further information on data protection: https://openjsf.org/