Privacy Policy

1 | General

As the operators of this website and as a company, we come into contact with your personal data. This refers to all data that says something about you and by which you can be identified. In this privacy policy, we would like to explain how, for what purpose, and on what legal basis we process your data.

The party responsible for data processing on this website and within our company is:
Convensis GmbH
Gerberstr. 3
70178 Stuttgart
Telefon: +4971136533760
E-Mail: susanne.hencke@convensis.com

2 | General Information

How long do we store your data?
In some sections of this privacy policy, we inform you how long we or the companies processing your data on our behalf store your data. If no such information is provided, we store your data until the purpose of the data processing no longer applies, you object to the data processing, or you withdraw your consent to the data processing.

In the event of an objection or withdrawal, however, we may continue to process your data if at least one of the following conditions applies:
We have compelling legitimate grounds for continuing the data processing that override your interests, rights, and freedoms (only in the case of an objection to data processing; if the objection relates to direct advertising, we cannot invoke overriding legitimate grounds).

The data processing is necessary to assert, exercise, or defend legal claims (does not apply if your objection relates to direct advertising). We are legally obliged to retain your data. In this case, we will delete your data as soon as the condition(s) no longer apply.

Data transfer to the USA
We also use tools on our website from companies that transfer your data to the USA and store and, where applicable, further process it there. The European Commission has adopted an adequacy decision for the EU-U.S. Data Privacy Framework. This establishes that the USA ensures an adequate level of protection for personal data transferred from the EU to U.S. companies. This decision is based on new safeguards and measures introduced by the USA to meet data protection requirements. The adequacy decision includes, among other things, limitations and safeguards regarding access by U.S. intelligence services to the data. Binding safeguards have been introduced to limit access by U.S. intelligence services to what is necessary and proportionate for the protection of national security. In addition, enhanced oversight of the activities of U.S. intelligence services has been established to ensure that the limitations on surveillance activities are observed. An independent redress mechanism has also been established to handle and resolve complaints from European citizens concerning access to their data. The EU-U.S. Data Privacy Framework therefore enables European companies to transfer data to certified U.S. companies without having to implement additional data protection safeguards. A list of all certified companies can be found at the following link: Data Privacy Framework. A change to the European Commission’s decision cannot be ruled out.

3 | Data Protection Officer

We have appointed a data protection officer for our company:
DataGAP GmbH
Markus Altenburg
Bessemerstr. 82
12103 Berlin
Email-Adresse: team@datagap.de
Phone: 030 / 577 10 513

4 | Your Rights

Objection to data processing
If you read in this privacy policy that we have legitimate interests in processing your data and therefore rely on Art. 6 para. 1 sentence 1 lit. f) GDPR, you have the right under Art. 21 GDPR to object to this. This also applies to profiling based on that provision. The prerequisite is that you state reasons for your objection arising from your particular situation. No reason is required if the objection is directed against the use of your data for direct advertising. The consequence of the objection is that we may no longer process your data.

This only does not apply if one of the following conditions exists:
We can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms. The processing serves to assert, exercise, or defend legal claims. These exceptions do not apply if your objection relates to direct advertising or profiling associated with it.

Other rights

Withdrawal of your consent to data processing
Many data processing operations are carried out on the basis of your consent. You give this consent, for example, by checking a corresponding box in online forms before submitting the form, or by allowing certain cookies when visiting our website. You may withdraw your consent at any time without giving reasons (Art. 7 para. 3 GDPR). From the time of withdrawal onward, we may no longer process your data. The only exception is where we are legally obliged to retain the data for a certain period. Such retention periods exist particularly under tax and commercial law.

Right to lodge a complaint with the competent supervisory authority
If you believe that we are violating the General Data Protection Regulation (GDPR), you have the right under Art. 77 GDPR to lodge a complaint with a supervisory authority. You may contact a supervisory authority in the Member State of your place of residence, place of work, or place of the alleged infringement. The right to lodge a complaint exists in addition to administrative or judicial remedies.

Right to data portability
Data that we process automatically on the basis of your consent or in fulfillment of a contract must be provided to you or to a third party in a commonly used, machine-readable format if you request this. We can only transfer the data to another controller insofar as this is technically feasible.

Right of access, erasure, and rectification
Under Art. 15 GDPR, you have the right to obtain free information about which personal data we have stored about you, where the data comes from, to whom we disclose the data, and for what purpose it is stored. If the data is incorrect, you have the right to have it corrected (Art. 16 GDPR). Under the conditions of Art. 17 GDPR, you may request that we delete the data.

Right to restriction of processing
In certain situations, you may demand under Art. 18 GDPR that we restrict the processing of your data. The data may then, apart from storage, only be processed as follows: with your consent, for the establishment, exercise, or defense of legal claims, to protect the rights of another natural or legal person, for reasons of important public interest of the European Union or a Member State.

The right to restriction of processing exists in the following situations: You have disputed the accuracy of the personal data we have stored about you, and we need time to verify this. The right exists for the duration of the review. The processing of your personal data is or was unlawful. The right exists as an alternative to deletion of the data. We no longer need your personal data, but you need it to exercise, defend, or assert legal claims. The right exists as an alternative to deletion of the data.

You have objected under Art. 21 para. 1 GDPR and a balancing of your interests and ours must now be carried out. The right exists as long as the outcome of the balancing process has not yet been determined.

5 | Hosting and Content Delivery Networks (CDN)

External Hosting
Our website is hosted on a server of the following internet service provider (host):
RAIDBOXES GmbH
Hafenstr. 32
48151 Münster

How do we process your data?
The host stores all data of our website. This also includes all personal data that is collected automatically or through your input. This may include in particular: your IP address, pages accessed, names, contact details and inquiries, as well as metadata and communication data. When processing data, our host acts in accordance with our instructions and always processes the data only to the extent necessary to fulfill its service obligations to us.

On what legal basis do we process your data?
Since we address potential customers via our website and maintain contact with existing customers, the data processing by our host serves the initiation and performance of contracts and is therefore based on Art. 6 para. 1 lit. b) GDPR. In addition, as a company, we have a legitimate interest in providing a professional internet presence that meets the necessary requirements for security, speed, and efficiency. In this respect, we also process your data on the basis of Art. 6 para. 1 lit. f) GDPR.

6 | Data Collection on This Website

Use of cookies
Our website places cookies on your device. These are small text files used for different purposes. Some cookies are technically necessary for the website to function at all (necessary cookies). Others are required in order to carry out certain actions or functions on the site (functional cookies). For example, without cookies it would not be possible to use the advantages of a shopping cart in an online shop. Still other cookies are used to analyze user behavior or optimize advertising measures. If we use third-party services on our website, for example to process payments, these companies may also place cookies on your device when you access the website (so-called third-party cookies).

How do we process your data?
Session cookies are stored on your device only for the duration of a session. As soon as you close the browser, they disappear automatically. Permanent cookies, on the other hand, remain on your device unless you delete them yourself. This can, for example, lead to your user behavior being analyzed over the long term. You can influence how your browser handles cookies through your browser settings:
> Do you want to be informed when cookies are set?
> Do you want to exclude cookies generally or in specific cases?
> Do you want cookies to be automatically deleted when you close the browser?

If you disable or do not allow cookies, the functionality of the website may be restricted. If we use cookies from other companies or for analysis purposes, we will inform you of this within this privacy policy. We will also ask for your consent in this regard when you access our website.

On what legal basis do we process your data?
We have a legitimate interest in ensuring that our online services can be used by visitors without technical problems and that all desired functions are available to them. The storage of necessary and functional cookies on your device is therefore based on Art. 6 para. 1 lit. f) GDPR. We use all other cookies on the basis of Art. 6 para. 1 lit. a) GDPR, provided you give us the corresponding consent. You may withdraw this consent at any time with effect for the future. If, when asked for consent, you have consented to the placement of necessary and functional cookies, these cookies are also stored exclusively on the basis of your consent.

7 | Cookie Consent with Borlabs Cookie

What is Borlabs Cookie?
A cookie plugin for compliance with GDPR and ePrivacy requirements.

Who processes your data?
Only we do, not the provider of Borlabs Cookie.

Where can you find more information about data protection at Borlabs Cookie?
https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

How do we process your data?
We use Borlabs Cookie to obtain your consent for the storage of cookies on your device. If you visit our website and close the Borlabs Cookie window requesting consent, a Borlabs cookie with the following contents is stored in your browser:
> Cookie runtime
> Cookie version
> Domain and path of the website
> Consents: a randomly generated ID

These data are not transmitted to the provider of Borlabs Cookie. We store the data until the purpose for data storage no longer applies, you delete the Borlabs Cookie, or you request that we delete the data. This does not apply if we are legally obliged to retain the data.

On what legal basis do we process your data?
We are legally obliged to obtain the consent of our website visitors for the use of certain cookies. We use Borlabs Cookie to fulfill this obligation. The legal basis for data processing is therefore Art. 6 para. 1 lit. c) GDPR.

Server log files
Server log files record all requests to and access to our website and record error messages. They also include personal data, in particular your IP address. However, this is anonymized by the provider after a short time so that we cannot assign the data to your person. The data is automatically transmitted from your browser to our provider.

How do we process your data?
Our provider stores the server log files in order to be able to trace activities on our website and identify errors. The files contain the following data:
> Browser type and version, operating system used
> Referrer URL
> Host name of the accessing computer
> Time of the server request
> IP address (possibly anonymized)

We do not combine these data with other data, but use them only for statistical evaluation and to improve our website.

8 | On What Legal Basis Do We Process Your Data?

We have a legitimate interest in ensuring that our website runs without errors. It is also our legitimate interest to obtain an anonymized overview of access to our website. The data processing is therefore lawful under Art. 6 para. 1 lit. f) GDPR.

Inquiry by email, telephone, or fax
You may send us a message by email or fax or call us.

How do we process your data?
We store your message as well as the contact details you provide or the transmitted telephone number in order to process your inquiry, including follow-up questions. We do not pass the data on to other persons without your consent.

How long do we store your data?
We delete your data as soon as one of the following applies:
> Your inquiry has been conclusively processed.
> You request that we delete the data.
> You withdraw your consent to storage.

This does not apply if we are legally obliged to retain the data.

On what legal basis do we process your data?
If your inquiry is related to our contractual relationship or serves the implementation of pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b) GDPR. In all other cases, it is our legitimate interest to efficiently process inquiries addressed to us. The legal basis for data processing is therefore Art. 6 para. 1 lit. f) GDPR. If you have consented to the storage of your data, Art. 6 para. 1 lit. a) GDPR is the legal basis. In this case, you may withdraw your consent at any time with effect for the future.

Registration function
In order to use certain functions or offers on our website, you must register. This requires the provision of your email address and, where applicable, other personal data.

How do we process your data?
We store the data you provide during registration and use it to make available the function or offer for which you have registered. If there are changes to the offer or function, we use your email address to inform you about them. We may also use your email address to send you further contractual offers.

How long do we store your data?
We delete your data as soon as one of the following applies:
> The purpose of the data processing no longer applies.
> You request that we delete the data.
> You withdraw your consent to storage.

This applies only unless we are legally obliged to retain the data.

On what legal basis do we process your data?
We store and use your data in order to fulfill the user relationship established through the registration and, where applicable, to initiate further contracts. The legal basis is therefore Art. 6 para. 1 lit. b) GDPR.

9 | Analysis Tools and Advertising

We use the following tools to analyze the behavior of our website visitors and to show you advertising.

Google Tag Manager

What is Google Tag Manager?
A tag management system for integrating tracking codes and conversion pixels from Google Ireland Ltd.

Who processes your data?
Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.

Where can you find more information about data protection at Google Tag Manager?
https://policies.google.com/privacy

On what basis do we transfer your data to the USA?
On the basis of the adequacy decision of the European Commission and the company’s corresponding certification.

How do we process your data?
We use Google Tag Manager. This tool helps us integrate tracking codes and conversion pixels into our website, manage them, and display them. Google Tag Manager itself does not create user profiles, place cookies on your device, or analyze your behavior as a user. However, it does collect your IP address and transmits it to Google servers in the USA.

On what legal basis do we process your data?
We have a legitimate interest in the fast and uncomplicated integration and management of various tools on our website. The use of Google Tag Manager is therefore lawful under Art. 6 para. 1 lit. f) GDPR. If you have consented to the transfer of your IP address, we process your data exclusively on the basis of Art. 6 para. 1 lit. a) GDPR. You may withdraw your consent at any time with effect for the future.

Google Analytics

What is Google Analytics?
A tool from Google Ireland Ltd. for analyzing user behavior.

Who processes your data?
Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland

Where can you find more information about data protection at Google Analytics?
Google Analytics / Datenschutz

On what basis do we transfer your data to the USA?
On the basis of the adequacy decision of the European Commission and the company’s corresponding certification.

How can you prevent data collection?
Among other things by using a browser plug-in: Google Tools – Plugin

How do we process your data?
We are always interested in optimizing our web offering for visitors to our website and placing advertising in the best possible way. Google Analytics helps us do this by analyzing user behavior and thereby providing the data basis necessary for adjustments. Through the tool, we receive information about the origin of our visitors, their page views and dwell time on pages, as well as the operating system they use.

Standard processing
To collect the data, Google Analytics uses cookies, device fingerprinting, or other technologies for recognizing users. The data are transmitted to Google servers in the USA and combined into a profile with the help of the also recorded IP address that can be assigned to you or your device. You can prevent Google from processing your data by installing a browser plug-in provided by Google itself: Google Tools – Plugin

How long do we store your data?
According to Google, data stored at user and event level that are linked to cookies, user identifiers (e.g. user IDs), or advertising IDs are deleted or anonymized after 26 months (see Google Analytics – Support).

On what legal basis do we process your data?
As website operators, we have a legitimate interest in analyzing user behavior for the purpose of optimizing our web offering and the advertising placed there. The data processing is therefore lawful under Art. 6 para. 1 lit. f) GDPR. If you have consented, for example, to the storage of cookies or otherwise to data processing by Google Analytics, Art. 6 para. 1 lit. a) GDPR is the sole legal basis. You may withdraw your consent at any time with effect for the future.

MonsterInsights (Google Analytics Plugin for WordPress)

What is MonsterInsights?
We use the “Google Analytics Plugin for WordPress” from the American company MonsterInsights LLC (7732 Maywood Crest Dr, West Palm Beach, Florida, 33412, USA) on our website. The plugin is usually simply called MonsterInsights. With the help of the plugin, your user data can be stored, managed, and processed by Google Analytics. For example, if you click on a link, Google Analytics stores this “click” via the integrated plugin and offers meaningful web analyses based on such collected data. In this privacy policy, we go into more detail about MonsterInsights and inform you which data is stored where and how.

MonsterInsights uses the Google Analytics Reporting API for its services to collect data about our website and visitor behavior. These data are evaluated and then appear as diagrams, graphics, and tables directly on our WordPress dashboard. For the plugin to function, a Google Analytics tracking code is integrated into our WordPress site. The plugin offers features such as page analyses, statistics, or ad tracking. We can therefore use the plugin to easily set up tracking functions such as event tracking, eCommerce tracking, or outbound link tracking for our website without any programming knowledge. All important statistics are shown in summarized form directly in our dashboard.

Why do we use MonsterInsights?
MonsterInsights makes using Google Analytics much easier for us, since we can see the most important analyses directly in our dashboard and do not always have to switch to Google Analytics. Google Analytics provides us with a lot of important data about visitor behavior on our website. With the help of these data, we can better adapt our website and our offering to your wishes. We use the statistics obtained to make our website more attractive and to use any advertisements in a targeted way.

Which data are stored by MonsterInsights and/or Google Analytics?
By installing the MonsterInsights plugin, a Google Analytics tracking code is integrated into our WordPress website. This allows Google Analytics to create a random, unique ID linked to your browser cookie. In this way, you are recognized as a new visitor to our website. If you visit us again, you are recognized as a so-called returning user. All collected data are then stored using this user ID. In this way, pseudonymous user profiles are created and analyzed. Your actions on our website are stored in cookies and app instance IDs. If you are linked with other Google services, the generated data may also be linked to third-party cookies.

All tracking is carried out and stored by Google Analytics. MonsterInsights passes all data directly to Google Analytics for processing on behalf of MonsterInsights. Google only shares these data if we permit it or if it is legally required to do so. MonsterInsights does not use its own cookies to store data; rather, the code added by MonsterInsights loads Google Analytics, which adds cookies.

For example, it is recorded from which website you came to us, which buttons and links you click, how long you stay on a particular page, and when you leave the website again. In addition, your IP address is displayed and stored in shortened form so that a clear assignment is not possible. Your approximate location can also be determined via the IP address, and technical information such as device type, browser type, internet provider, or screen resolution is also stored.

If you would like to know more about data storage and data processing, we recommend our general privacy policy for Google Analytics.

How long and where are the data stored?
MonsterInsights does not store the collected data itself but forwards them to Google Analytics. There, the data are stored on Google’s servers. These servers are distributed worldwide, but most are located in the USA. You can see exactly where the data centers are located via the corresponding link. By default, your data are retained by Google for 26 months, although it is also possible to choose between different retention periods. Please also refer to our Google Analytics privacy policy for this. The retention period applies to data linked to cookies, user recognition, and advertising IDs. Web analyses that appear in the form of reports are created from aggregated data and are stored independently of your user data.

How can I delete my data or prevent data storage?
You have the right at any time to access, update, delete, and restrict your data. If you download and install the browser add-on, you can prevent Google Analytics from using your data by disabling Google Analytics JavaScript.

If you generally want to disable, delete, or manage cookies, you will find the relevant links to the instructions for the most common browsers in the “Cookies” section.

Legal basis
The use of MonsterInsights requires your consent, which we obtain via our cookie popup. According to Art. 6 para. 1 lit. a GDPR (consent), this consent constitutes the legal basis for the processing of personal data as may occur when collected by web analytics tools.

In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors and thereby improving our offering technically and economically. With the help of MonsterInsights, we detect website errors, can identify attacks, and improve efficiency. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests). Nevertheless, we only use MonsterInsights insofar as you have given consent.

Google processes data, among other places, in the USA. We point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may involve various risks for the lawfulness and security of data processing.

As the basis for data processing by recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. especially in the USA) or for data transfers there, Google uses standard contractual clauses approved by the EU Commission (= Art. 46 para. 2 and 3 GDPR). These clauses oblige Google to comply with the EU level of data protection when processing relevant data outside the EU as well. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the clauses there, among other places.
If you would like to learn more about the WordPress plugin MonsterInsights, we recommend visiting the website. For more detailed information on data processing by Google Analytics, we recommend our Google Analytics privacy policy, Google’s information page, and the website on the terms of use for Google Analytics at Marketingplattform – Google Analytics.

10 | Brevo

What is Brevo?
A service for sending newsletters and messages, analyzing recipient behavior, and managing marketing activities.

Who processes your data?
Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Deutschland

Where can I find more information about data protection at Brevo?
Privacy Policy and Antispam Policy

How do we process your data?
Brevo enables us to manage a database with email contacts, telephone numbers, or any other contact information in order to communicate with customers and other interested parties. In this context, information may also be collected about the date and time a message was read, as well as when the recipient interacts with incoming messages, for example by clicking on links contained in them. It is also possible to send scheduled messages to customers and other interested parties.

If you would like to receive our newsletter or other messages, we need your email address and/or corresponding contact information. We will also verify by means of a confirmation email (double opt-in procedure) whether you are actually the owner of this email address and/or telephone number. We do not collect any further data, or only on a voluntary basis. We use your data exclusively for sending newsletters/messages.

If we send a newsletter via Brevo and you open it, a file contained in the newsletter automatically connects to Brevo’s servers. This enables the service to recognize that the newsletter has been opened and to record all clicks on the links it contains. In addition, Brevo collects technical information such as the time of access, IP address, browser type, and operating system. You can unsubscribe from the newsletter/message service at any time.

How long do we store your data?
Once you have unsubscribed, the data are deleted from the newsletter distribution list. Under certain circumstances, we may also place your email address on a blacklist; this is required, for example, if you have objected to advertising. In that case, the storage is based on Art. 6 para. 1 lit. f) GDPR. Otherwise, we reserve the right to delete the data at any time after the purpose for collection no longer applies or at our own discretion.

On what legal basis do we process your data?
By entering your details into the subscriber list, you consent to data processing by Brevo. This processing is therefore lawful on the basis of Art. 6 para. 1 lit. a) GDPR. You may withdraw your consent by unsubscribing from the newsletter or by sending us an informal message. For us, this means that we may no longer send you newsletters from that point onward.

11 | YouTube (with enhanced privacy mode)

What is YouTube?
A video platform.

Who processes your data?
Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland

Where can you find more information about data protection at YouTube?
Datenschutz Youtube

How do we process your data?
You can watch YouTube videos on our website. In doing so, Google, as the provider of YouTube, collects and stores certain information about you. Since we use YouTube in enhanced privacy mode, this only happens once you start a video. Specifically, the following occurs:

1. Google’s servers are informed which of our pages have been visited from your device. If you are logged into your YouTube account while browsing, Google can directly associate your browsing behavior with your personal profile. If you do not want this, you must log out of your YouTube account before continuing to browse the internet.

2. Google receives information about visitors to our website through cookies, device fingerprinting, or similar recognition technologies. On this basis, the company creates video statistics, makes its application more attractive for users, and prevents fraud attempts.

3. Further data processing may also take place. However, the details are beyond our knowledge. We also have no influence over the processing https://developers.google.com/fonts/faq. Even if you do not start a YouTube video on our website, Google establishes a connection to its DoubleClick network and possibly to other partners. Enhanced privacy mode therefore does not mean that Google does not process any of your data at all when you visit our website.

On what legal basis do we process your data?
By integrating YouTube videos, we want to make our website and our services and offerings more attractive. This is our legitimate interest as a company and is therefore lawful under Art. 6 para. 1 lit. f) GDPR.
If you have consented to the data processing, we process your data exclusively on the basis of Art. 6 para. 1 lit. a) GDPR. You may withdraw your consent at any time. From the time of withdrawal onward, we may no longer process your data.

12 | Google Fonts (local hosting)

We use fonts from the U.S. company Google on our website. We have installed these fonts locally, so no connection to Google’s servers is established when you visit our website. Further information on Google Fonts can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

13 | Additional Services / Miscellaneous

The following services do not collect personally identifiable data and are fundamentally GDPR-compliant:

Yoast SEO
According to the manufacturer Yoast, the Yoast SEO WordPress plugin is fundamentally GDPR-compliant because it does not process or store any personal data of website visitors and does not set cookies on their devices. It analyzes content locally without transmitting data externally, which, according to Yoast, makes a data processing agreement unnecessary.

Here are the most important data protection aspects of Yoast SEO:
> No personal data: The plugin stores neither IP addresses nor personal data of users visiting the website.
> No cookies: According to the provider, no cookies are set or read in the visitors’ browser.
> Privacy policy: Although Yoast does not store data, it is advisable to mention the use of the plugin in the privacy policy of your own website.

Polylang
Polylang is a privacy-friendly WordPress plugin for multilingual websites because it generally does not process personal data, but only stores language settings via cookies (for about one year). It uses SSL/HTTPS for encryption. Its use is therefore in compliance with the GDPR.

Important data protection aspects of Polylang:
> Data collection: Polylang stores users’ language choice in a cookie in order to display content in their preferred language.
> No third parties: By default, no data are transmitted to external servers.
> GDPR compliance: Since the plugin sets functionally necessary cookies for language selection, it is generally privacy-friendly.

14 | Accessibility of This Website

We attach great importance to designing our website to be as accessible as possible. Our goal is to make content and functions accessible to all people, regardless of individual limitations or technical requirements.
The implementation of accessibility is based on the applicable legal requirements and on the international standards of the Web Content Accessibility Guidelines (WCAG) in their current version, insofar as this is technically possible and economically reasonable.
We regularly review and optimize our website with regard to usability and accessibility. In doing so, we pay particular attention to a clear structure, understandable content, good readability, and technical usability with assistive technologies such as plugins (WP Accessibility).
If you notice any barriers or experience difficulties using our website, we would appreciate your feedback. Please contact us using the contact details provided in the imprint/legal notice. We will review your request and endeavor to find a solution as quickly as possible.

WP Accessibility
The WP Accessibility plugin is a privacy-friendly solution for WordPress because it works locally on the website’s own server and does not transmit personal data to external services. It is GDPR-compliant, does not require a cookie banner, and improves accessibility through functions such as skip links, contrast switches, and ARIA adjustments directly in users’ browsers.

Data protection aspects of the WP Accessibility plugin:
> Local & GDPR-compliant: Since the plugin functions client-side in users’ browsers, no data are transmitted to third parties.
> No cookies: The plugin does not set cookies, so no special cookie banner is required for this tool.
> No personal data: According to the developer, no personal data are collected.

16 | Data Processing on Social Media

What is social media?
By social media, we mean the social networks on which we have created publicly accessible profiles. Which social networks these are specifically is listed below.

Who processes your data?
The respective operating companies of the social networks. The individual operators are listed below under the respective networks.

How is your data processed?
Operators of social networks are generally able to collect and analyze extensive data about the behavior of visitors and users of the network. It is not possible for us to trace all processing operations in the social networks we use, which means that further processing operations not listed here may also be carried out by the operators of the social networks. Further information can be found in the terms of use and privacy policies of the respective social networks.

The processing of your data can be triggered when you visit the website of the social network or our profile page there. Even if you visit a website that uses certain content of the network, for example like or share buttons, data may already be transmitted to the operators of the social network. If you are yourself a user of the social network and logged into your account, your visit to our profile page can be assigned to your account by the social network operators. Even if you have not registered an account or are not logged in, it is possible that the network operators nevertheless collect your personal data, for example by recording your IP address or setting cookies. With these data, the operators can create profiles tailored to your behavior and interests and show you interest-based advertising inside and outside the network. If you are a registered user of the network, the interest-based advertising can also be displayed on all devices on which you are or were logged in.

On what legal basis is your data processed?
Our profiles on social networks are intended to ensure the broadest possible presence of our company on the internet. As a company, we have a legitimate interest in this. The data processing is therefore lawful under Art. 6 para. 1 lit. f GDPR.
The data processing operations and analyses carried out by the operators of the social networks themselves may be based on other legal grounds. These must be specified by the operators of the social networks.

Who is responsible for processing your data, and how can you assert your rights?
When you visit one of our profiles on social networks, we are jointly responsible with the operator of the respective network for the data processing operations triggered during your visit.
In principle, you can assert your rights both against us and against the operator of the respective network. Despite the joint responsibility with the operator of the social network, however, our influence on the data processing operations of the respective operators is limited and is governed primarily by the operators’ requirements.

How long is your data stored?
If we collect data via our profiles on social networks, these are deleted from our systems as soon as the purpose for their storage no longer applies, you ask us to delete them, or you withdraw your consent to storage. Stored cookies remain on your device until you delete them. Mandatory legal provisions, in particular retention periods, remain unaffected. We have no influence on how long the operators of the social networks store your data that they collect for their own purposes. For information on this, please contact the operator of the respective social network directly, for example in its privacy policy.

Which social media platforms do we use?

Facebook

What is Facebook?
A social network.

Who processes your data?
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland.

Are your data transferred to third countries?
Yes, to the USA and also to other third countries.

Where can you find more information about data protection at Facebook?
https://www.facebook.com/about/privacy/

Where can you adjust your advertising settings as a Facebook user?
As a registered Facebook user, you can adjust your advertising settings in your user account. Please click the following link and log in: https://www.facebook.com/settings?tab=ads.

Instagram

What is Instagram?
A social network specializing in photos and videos.

Who processes your data?
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland

Are your data transferred to third countries?
Yes.

Where can you find more information about data protection at Instagram?
Instagram Datenschutz

Where can you adjust your privacy settings as a user?
As a registered Instagram user, you can adjust your privacy settings in your user account. Please click the following link and log in:
Instagram Privacy

LinkedIn

What is LinkedIn?
A social network for business contacts.

Who processes your data?
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

Are your data transferred to third countries?
Yes.

Where can you find more information about data protection at LinkedIn?
https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy

Where can you adjust your data protection settings as a user?
As a registered LinkedIn user, you can adjust your privacy settings in your user account. Please click the following link and log in:
https://www.linkedin.com/psettings/

YouTube

What is YouTube?
A social network in the form of an online video portal.

Who processes your data?
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland

Are your data transferred to third countries?
Yes.

Where can you find more information about data protection at YouTube?
https://policies.google.com/privacy?hl=de

Where can you adjust your data protection settings as a user?
https://policies.google.com/privacy?hl=de#infochoices

17 | Current Version and Amendments to This Privacy Policy

This privacy policy is currently valid and was last updated in March 2026. Due to the further development of our website and offers or due to changed legal or official requirements, it may become necessary to amend this privacy policy. The current privacy policy can be accessed and printed by you at any time on the website at https://convensis.com/datenschutz/.