Privacy Policy

Updates, backgrounds, and insights about our projects, partnerships, and investment approaches.

1) Introduction and contact details of the controller

1.1 We are delighted that you are interested in our company. Data protection is a particularly high priority for the management of evolutiq GmbH. It is generally possible to use the websites of evolutiq GmbH without providing any personal data. However, if a data subject wishes to use special services offered by our company via our website, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.

The processing of personal data, such as the name, address, email address, or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and in compliance with the country-specific data protection regulations applicable to evolutiq GmbH. Through this privacy policy, our company wishes to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, this privacy policy informs data subjects about their rights.

As the controller, evolutiq GmbH has implemented numerous technical and organizational measures to ensure the most complete protection possible of the personal data processed via this website. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.

1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is evolutiq GmbH, Vitalisstraße 67, 50827 Cologne, Germany,
Tel.: +49 221 292 973 30, Email: info@evolutiq.com. The controller responsible for the processing of personal data is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

1.3 The controller has appointed a data protection officer, who can be contacted as follows: Specialist lawyer for IT law Nicole Hencinski, DIGIT@LAW Rechtsanwälte, Mittelstraße 12-14, 50672 Cologne,kanzlei@digita-law.de .

2) Definitions

2.1 The privacy policy of evolutiq GmbH is based on the terminology used by the European legislators and regulators when enacting the General Data Protection Regulation (GDPR). Our privacy policy is intended to be easy to read and understand for the general public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.

2.2 We use the following terms in this privacy policy, among others:

a) Personal data is any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"). A natural person is considered identifiable if they can be identified directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier, or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural, or social identity of that natural person.

b) Data subject is any identified or identifiable natural person whose personal data is processed by the controller.

c) Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, distribution, or otherwise making available, alignment or combination, restriction, erasure, or destruction.

d) Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.

e) Profiling is any form of automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

f) Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

g) The controller or controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

h) A processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

i) Recipient means a natural or legal person, public authority, agency or another body to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

j) A third party is a natural or legal person, public authority, agency or other body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

k) Consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

3) Data collection when visiting our website

3.1 When you use our website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to the page server (so-called "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

Our visited website
Date and time of access
Amount of data sent in bytes
Source/reference from which you accessed the page
Browser used
Operating system used
IP address used (if applicable: in anonymized form)

Processing is carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used for any other purpose. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

3.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller). You can recognize an encrypted connection by the string "https://" and the lock symbol in your browser line.

4) Hosting & Content Delivery Network

We use a provider to host our website and display the page content who provides its services itself or through selected subcontractors exclusively on servers within the European Union.

All data collected on our website is processed on these servers.

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

5) Cookies

In order to make visiting our website attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your device. Some of these cookies are automatically deleted after closing the browser (so-called "session cookies"), while others remain on your device for longer and enable the storage of page settings (so-called "persistent cookies"). In the latter case, you can find the storage period in the overview of your web browser's cookie settings.

If personal data is also processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 (1) lit. b GDPR either for the performance of the contract, pursuant to Art. 6 (1) (a) GDPR in the case of consent, or pursuant to Art. 6 (1) (f) GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit.

You can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or in general.

Please note that if you do not accept cookies, the functionality of our website may be limited.

6) Contact

6.1 Calendly

We use the services of the following provider to provide an online appointment booking function: Calendly, LLC, BB&T Tower, 271 17th St NW, Atlanta, GA 30363, USA

For the purpose of scheduling appointments, first and last names, email addresses (and, if applicable, telephone numbers if a telephone appointment is requested) are collected in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in effective customer management and efficient appointment management and transmitted to the provider, where they are stored for the purpose of organizing appointments.

After the appointment has been held or after the agreed appointment period has expired, your data will be deleted by the provider.

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with European data protection standards on the basis of an adequacy decision by the European Commission.

6.2 We use the services of the following provider to provide an online appointment booking function: Pipedrive OÜ, Mustamäe tee 3a, Tallinn, 10615, Estonia

For the purpose of scheduling appointments, first and last names and email addresses (and, if applicable, telephone numbers if a telephone appointment is requested) are collected in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in effective customer management and efficient appointment management and transmitted to the provider, where they are stored for the purpose of organizing appointments.

After the appointment has been held or after the agreed appointment period has expired, your data will be deleted by the provider.

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

6.3 Personal data is collected when you contact us (e.g., via contact form or email). The data collected when using a contact form can be seen in the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for establishing contact and the associated technical administration.

The legal basis for the processing of this data is our legitimate interest in responding to your request in accordance with Art. 6 (1) lit. f GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) lit. b GDPR. Your data will be deleted after your request has been processed. This is the case if it can be inferred from the circumstances that the matter in question has been finally clarified and provided that there are no legal obligations to retain data.

7) Web analysis services

Framer Analytics

This website uses a web analysis service provided by the following provider: Framer B.V., Rozengracht 207B, 1016 LZ Amsterdam, Netherlands

To protect site visitors, Framer uses a so-called "Unique Visitor ID" to enable various analyses of site usage within a short time window of up to 24 hours. The "Unique Visitor ID" is a randomly set, time-limited hash of a limited set of settings and attributes of the visitor, calculated on the basis of their operating system, browser, browser plugins, previously anonymized IP address, and browser language.

The "Unique Visitor ID" is therefore created exclusively on the basis of information that cannot be used to personally identify the visitor.

If, in exceptional cases, the information processed in this way should include personal user data, processing will be carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes. In this case, you can permanently object to the collection and storage of your visitor data for the future by notifying us.

8) Page functionalities

8.1 Instagram plugins

Our website uses plugins from the social network of the following provider: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland

These plugins enable direct interaction with content on the social network.

In order to increase the protection of your data when visiting our website, the plugins are initially deactivated and integrated into the page using a so-called "2-click" or "Shariff" solution.

This integration ensures that when you visit a page on our website that contains such plugins, no connection is established with the provider's servers.

Only when you activate the plugins and thus give your consent to the data transfer in accordance with Art. 6 (1) lit. a GDPR does your browser establish a direct connection to the provider's servers. Regardless of whether you are logged into an existing user profile, information about your device (including your IP address), your browser, and your page history will be transmitted to the provider to a certain extent and may be further processed there.

If you are logged into an existing user profile on the provider's social network, information about interactions carried out via the plugins will also be published there and displayed to your contacts.

You can revoke your consent at any time by deactivating the activated plugin by clicking on it again. However, the revocation has no effect on the data that has already been transferred to the provider.

Data may also be transferred to: Meta Platforms Inc., USA

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

8.2 LinkedIn plugins

Our website uses plugins from the social network of the following provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

These plugins enable direct interaction with content on the social network.

To increase the protection of your data when visiting our website, the plugins are initially deactivated and integrated into the page using a so-called "2-click" or "Shariff" solution.

This integration ensures that when you visit a page on our website that contains such plugins, no connection is established with the provider's servers.

Data may also be transferred to: LinkedIn Inc., USA

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

For the transfer of data to the USA, the provider refers to standard contractual clauses of the European Commission, which are intended to ensure compliance with European data protection standards.

8.3 YouTube

This website uses plugins to display and play videos from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data may also be transferred to: Google LLC, USA

When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to the provider's servers at the latest when the video is played in order to load the content. Certain information, including your IP address, is transmitted to the provider in the process.

If the playback of embedded videos is started via the plugin, the provider also uses cookies to collect information about user behavior, compile playback statistics, and prevent abusive behavior.

If you are logged into a user account with the provider during your visit to the site, your data will be directly assigned to your account when you click on a video. If you do not want this assignment to your account, you must log out before clicking the play button.

All of the above processing, in particular the setting of cookies for reading information on the device used, only takes place if you have given us your express consent in accordance with Art. 6 (1) (a) GDPR. You can revoke your consent at any time with future effect by deactivating this service via the "Cookie Consent Tool" provided on the website.

8.4 Spotify

This website incorporates features from the following music service provider for playing music tracks: Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm, Sweden

When you visit this site, this integration can establish a direct connection between your browser and the provider's servers, even if you do not have an account with the provider or are not logged in to one.

This provides the provider with information that you have visited our site. The information collected (including your IP address, if applicable) is transmitted directly from your browser to a server belonging to the provider and stored there. However, the information is not used to identify you personally and is not passed on to third parties.

If you play a music track using the corresponding function while logged into a user account with the provider, the provider can assign your visit to our site to that account. If you do not want your visit to be assigned to your account, you must log out before clicking the play button.

The data processing described above is carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in an appealing acoustic design of our website.

You can also object to the loading of the provider's playback functions and thus to the data processing operations described above for the future by using add-ons for your browser, e.g., the script blocker "NoScript" (https://noscript.net/).

8.5 Google Maps

This website uses an online map service from the following provider: Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

Google Maps is a web service for displaying interactive (land) maps to visually represent geographical information. By using this service, our location is displayed to you and any journey to us is made easier.

When you visit subpages that contain a Google Maps map, information about your use of our website (such as your IP address) is transmitted to Google servers and stored there. This may also involve transmission to Google LLC. servers in the USA. This occurs regardless of whether Google provides a user account that you are logged in to or whether a user account exists. If you are logged in to Google, your data will be directly associated with your account. If you do not want this association with your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them.

The collection, storage, and evaluation are carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of Google's legitimate interest in displaying personalized advertising, market research, and/or the needs-based design of Google websites. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right. If you do not agree to the future transmission of your data to Google in connection with the use of Google Maps, you also have the option of completely deactivating the Google Maps web service by disabling JavaScript in your browser. Google Maps and thus also the map display on this website cannot then be used.

To the extent required by law, we have obtained your consent to the processing of your data as described above in accordance with Art. 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future. To exercise your right of revocation, please follow the procedure for objecting described above.

Further information on Google's data protection can be found here: https://business.safety.google/intl/de/privacy/

8.6 Zapier

We use the services of the following provider for the integration and synchronization of databases and web applications: Zapier Inc., 548 Market St #62411, San Francisco, California 94104, USA

This automates our processing operations and establishes different workflows to efficiently manage and execute internal processes in our processing system. If personal data is also processed in this context, this is done in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in optimizing our internal organization.

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

8.7 Microsoft Teams

We use this provider to conduct online meetings, video conferences, and/or webinars: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA

The provider processes various data, whereby the scope of the data processed depends on what data you provide before or during your participation in an online meeting, video conference, or webinar. Your data as a communication participant is processed and stored on the provider's servers. This may include, in particular, your login details (name, email address, phone number (optional), and password) and session data (topic, participant IP address, device information, description (optional)).

In addition, image and audio contributions from participants as well as voice inputs in chats may be processed.

Art. 6 (1) lit. b GDPR serves as the legal basis for the processing of personal data that is necessary for the performance of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures). If you have given us your consent to process your data, the processing is based on Art. 6 (1) lit. a GDPR. You can revoke your consent at any time with effect for the future.

Otherwise, the legal basis for data processing when conducting online meetings, video conferences, or webinars is our legitimate interest pursuant to Art. 6 (1) lit. f GDPR in the effective conduct of the online meeting, webinar, or video conference.

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

8.8 Microsoft Forms

We use the services of the following provider to conduct surveys or for online forms: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA

This provider enables us to design and evaluate surveys and online forms. In addition to the personal data you enter in the forms, information about your operating system, browser, date and time of your visit, referrer URL, and IP address is also collected, transmitted to the provider, and stored on the provider's servers.

The information you enter in the forms is stored in a password-protected manner to ensure that third-party access is excluded and that only we can evaluate the data for the purpose specified in the form.

When processing personal data that is necessary for the performance of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 (1) lit. b GDPR serves as the legal basis. If you have given us your consent to process your data, the processing is based on Art. 6 (1) lit. a GDPR. Consent that has been given can be revoked at any time with effect for the future.

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

8.9 Applications for job vacancies by email

We advertise current vacancies in a separate section of our website, and interested parties can apply by email to the contact address provided.

Applicants must provide all personal data necessary for a thorough assessment, including general information such as name, address, and contact details, as well as performance-related evidence and, where applicable, health-related information. Details on the application process can be found in the job advertisement.

Once the application has been received by email, the data will be stored and evaluated solely for the purpose of processing the application. If we have any questions, we will use either the applicant's email address or telephone number. Processing is carried out on the basis of Art. 6 (1) lit. b GDPR (or § 26 (1) BDSG), according to which the application process is considered to be the initiation of an employment contract.

If special categories of personal data within the meaning of Art. 9 (1) GDPR (e.g. health data such as information on severe disability) are requested from applicants, processing is carried out in accordance with Art. 9 (2) (b) GDPR so that we can exercise our rights under labor law and social security and social protection law and fulfill our obligations in this regard.

Cumulatively or alternatively, the processing of special categories of data may also be based on Art. 9 (1) (h) GDPR if it is carried out for the purposes of health care or occupational medicine, for the assessment of the applicant's ability to work, for medical diagnosis, care or treatment in the health or social sector, or for the management of systems and services in the health or social sector.

If the applicant is not selected or if an applicant withdraws their application prematurely, the data transmitted and all electronic correspondence, including the application email, will be deleted after a corresponding notification at the latest after 6 months. This period is based on our legitimate interest in answering any follow-up questions regarding the application and, if necessary, in being able to comply with our obligations to provide evidence under the regulations on equal treatment of applicants.

In the event of a successful application, the data provided will be processed on the basis of Art. 6 (1) lit. b GDPR (in conjunction with § 26 (1) BDSG for processing in Germany) for the purpose of implementing the employment relationship.

8.10 Online applications via a form

On our website, we advertise current vacancies in a separate section, to which interested parties can apply using a corresponding form.

Applicants must provide all personal data necessary for a sound assessment, including general information such as name, address, and contact details, as well as performance-related evidence and, if applicable, health-related information. Details on the application can be found in the job advertisement.

When the form is submitted, the applicant data is transmitted to us in encrypted form using state-of-the-art technology, stored by us, and evaluated exclusively for the purpose of processing the application. Processing is carried out on the basis of Art. 6 (1) lit. b GDPR (or § 26 (1) BDSG), according to which the application process is considered to be the initiation of an employment contract.

If the applicant is not selected or if an applicant withdraws their application prematurely, the data submitted in the form and all electronic correspondence, including the application email, will be deleted after a corresponding notification at the latest after 6 months. This period is based on our legitimate interest in answering any follow-up questions regarding the application and, if necessary, in being able to comply with our obligations to provide evidence under the regulations on equal treatment of applicants.

9) Tools and other information

9.1 Cookie consent tool

This website uses a so-called "cookie consent tool" to obtain effective user consent for cookies and cookie-based applications that require consent. The "cookie consent tool" is displayed to users when they visit the site in the form of an interactive user interface, on which consent for certain cookies and/or cookie-based applications can be given by ticking a box. When using the tool, all cookies/services requiring consent are only loaded if the respective user grants the corresponding consent by checking the box. This ensures that such cookies are only set on the user's respective device if consent has been granted.

The tool sets technically necessary cookies to store your cookie preferences. Personal user data is not processed in this process.

If, in individual cases, the storage, assigning or logging cookie settings, this is done in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in legally compliant, user-specific, and user-friendly consent management for cookies and, consequently, in the legally compliant design of our website.

A further legal basis for processing is Art. 6 (1) (c) GDPR. As the controller, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.

Where necessary, we have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

Further information about the operator and the settings options for the cookie consent tool can be found directly in the corresponding user interface on our website.

9.2 - DATEV

For accounting purposes, we use the cloud-based accounting software service of the following provider: DATEV eG, Paumgartnerstr. 6-14, 90429 Nuremberg, Germany

The provider processes incoming and outgoing invoices and, if necessary, our company's bank transactions in order to automatically record invoices, match them to transactions, and use them to create financial accounting in a semi-automated process.

If personal data is also processed in this context, the processing is based on our legitimate interest in the efficient organization and documentation of our business transactions in accordance with Art. 6 (1) lit. f GDPR.

9.3 - Candis

For accounting purposes, we use the cloud-based accounting software service provided by the following provider: Candis GmbH, Schönhauser Allee 180, 10119 Berlin, Germany

If personal data is also processed in this context, the processing is carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in the efficient organization and documentation of our business transactions.

9.4 - Docusign

We use the services of the following provider for the digital signing of documents: Docusign International (EMEA) Ltd., 5 Hanover QuayGrand Canal Dock, Dublin, D02 VY79, Ireland

The service enables the legally valid signing of documents by electronic signature from any end device.

For this purpose, in addition to the electronic signature for verification and proof of signing, the service also collects, stores, and transmits usage data of the terminal device used (in particular the IP address) as well as certain transaction data.

The processing is based on our legitimate interest in efficient and responsive business management and customer-friendly and effective document management in accordance with Art. 6 (1) lit. f GDPR.

We have concluded a data processing agreement with the provider that protects the data of our website visitors and prohibits disclosure to third parties.

10) Rights of the data subject

10.1 The applicable data protection law grants you the following rights as a data subject (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the legal basis cited for the respective conditions for exercising these rights:

Right of access pursuant to Art. 15 GDPR;
Right to rectification pursuant to Art. 16 GDPR;
Right to erasure pursuant to Art. 17 GDPR;
Right to restriction of processing pursuant to Art. 18 GDPR;
Right to notification pursuant to Art. 19 GDPR;
Right to data portability pursuant to Art. 20 GDPR;
Right to withdraw consent pursuant to Art. 7(3) GDPR;
Right to lodge a complaint pursuant to Art. 77 GDPR.

10.2 RIGHT TO OBJECT

IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST IN THE CONTEXT OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN PROVE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES TO ASSERT, EXERCISE, OR DEFEND LEGAL CLAIMS.

IF WE PROCESS YOUR PERSONAL DATA FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXERCISE YOUR RIGHT TO OBJECT AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNING YOU FOR DIRECT MARKETING PURPOSES.

11) Duration of storage of personal data

The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and, if relevant, the respective statutory retention period (e.g., commercial and tax law retention periods).

When processing personal data on the basis of express consent in accordance with Art. 6 (1) (a) GDPR, the data concerned will be stored until you revoke your consent.

If there are statutory retention periods for data that is processed within the framework of legal or quasi-legal obligations on the basis of Art. 6 (1) (b) GDPR, this data will be routinely deleted after the retention periods have expired, provided that it is no longer necessary for the performance or initiation of a contract and/or we no longer have a legitimate interest in its further storage.

When processing personal data on the basis of Art. 6 (1) lit. f GDPR, this data is stored until you exercise your right of objection under Art. 21 (1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.

When processing personal data for the purpose of direct marketing on the basis of Art. 6 (1) lit. f GDPR, this data will be stored until you exercise your right to object under Art. 21 (2) GDPR.

Unless otherwise specified in the other information in this statement on specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.