Social Media Privacy Policy

1. Data processing through social networks

We maintain publicly accessible profiles on social networks. The social networks that we use are specifically listed below.
Social networks such as Facebook, Twitter, etc. can generally analyze your user behavior extensively when you visit their website or a website with integrated social media content (e.g. "Like" buttons or advertising banners). Numerous data protection-related processing activities are triggered when you visit our social media profiles.

In particular:
If you are logged into your social media account and you visit our social media profile, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected even if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected using a different method, such as via cookies stored on your device or by recording your IP address. Using data collected in this manner, the operators of the social media portals can create user profiles in which your preferences and interests are stored. These profiles allow promotions relevant to your interests (personalised promotions) to be advertised to you within and beyond the respective social media portal. If you have an account with the respective social network, the personalised promotions can be displayed on all devices that you are logged in to or were logged in to. Please also note that we cannot track all of the processing activities that occur on social media portals. Therefore, depending on the provider, additional processing activities may be performed by the operators of social media portals. In addition, the data collected from your visit to the social media portal and to our social media profiles is analysed for statistical and market research purposes. The social media portals transmit to us, as the operator of the social media profile, anonymised statistics and insights, such as information about interactions with our posts. Using this information, we can determine whether our website was accessed by users/visitors of/to a social media portal via our company profile and the age/gender groups of those users/visitors (applies only when users are logged in). We use the data transmitted to us to optimise our posts and social media profile and to reflect the interests of our website visitors accordingly. For more details, please refer to the terms of use and privacy policy of each social media portal.
 

a) Legal basis
Each time you contact us via the message function or the email address provided on our company profile, we store your user profile ID or email address as well as the other data that you provide. The legal basis for processing this data is Art. 6 Para. 1(b) GDPR, provided that your reason for contacting us is to initiate a contract or discuss contract-related issues. The purpose of our social media profiles is to allow us to interact with the broadest possible group of Internet users. This intention is deemed a legitimate interest as defined by Art. 6, Para. 1(f) GDPR. The fact that we need to respond to your query is also deemed a legitimate interest in processing your data. The analysis processes initiated by the social networks may be based on different legal bases, which are to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) lit. a GDPR, where consent can be revoked at any time).
 

b) Responsible person and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. against Facebook). Please note that, despite our joint responsibility with the operators of social media portals, we do not have full control over the data processing activities performed by social media portals. Our options are based on the corporate policy of the respective provider.
 

c) Storage duration
The data collected directly by us via our social media profiles is deleted from our systems as soon as the purpose for storing this data no longer applies, you ask us to erase the data, or you revoke your consent for storing the data. Stored cookies remain on your device until you delete them. Mandatory statutory provisions—in particular retention periods—remain unaffected. We have no influence on how long your data is stored by the social network operators for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).
 

d) Type of data
We may process inventory data of your social media account with the social media portal (e.g. first and last name, address, email address, telephone number, gender, age, date of birth), usage data (e.g. web pages visited, interest in content) and content data (e.g. photos, videos, text entries).
 

2. Social networks in detail

a) Facebook
We have a Facebook profile. The jointly responsible data controller of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. For residents of the USA or Canada, the jointly responsible data controller is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA ("Facebook"). According to Facebook's own information, the data collected is also transmitted to the USA and other third countries. We have concluded an agreement with Facebook regarding joint processing (controller addendum). This agreement sets out which data processing activities we are responsible for and which ones Facebook is responsible for when you visit our Facebook page. You can view this agreement and what data is transferred to us at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.

According to Facebook's own information, Facebook uses standard contractual clauses approved by the European Commission and takes other measures in line with EU law to legitimise data transmission from the EEA to the USA and other countries.

You can customise your advertising settings in your Facebook user account. To do so, click the following link and log in: https://www.facebook.com/settings?tab=ads.

For further details, refer to the Facebook privacy policy: https://www.facebook.com/about/privacy/.
 

b) Instagram
We have an Instagram profile. The jointly responsible data controller of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ("Instagram"). Accordingly, the information in 1.2(a) also applies here.

You can object to the use of cookies on Instagram. You can find the description of the opt-out at the following link: https://help.instagram.com/1896641480634370?ref=ig.

For details on their handling of your personal data, (https://help.instagram.com/196883487377501?ref=dp) please refer to Instagram's privacy policy: https://help.instagram.com/519522125107875.
 

c) Twitter
We use the Twitter messaging service. The jointly responsible data controller of this service is Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland. For residents of the USA or Canada, the jointly responsible data controller is Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA ("Twitter"). According to Twitter's own information, the data collected is also transmitted to the USA, Ireland and other third countries. Twitter also uses analysis tools provided by other companies, including Google Analytics.

According to Twitter's own information, Twitter uses standard contractual clauses approved by the European Commission and takes other measures in line with EU law to legitimise data transmission from the EEA to the USA and other countries.

You can customise your Twitter privacy settings in your user account. To do this, click the following links and log in:  https://twitter.com/personalization. http://www.twitter.com/settings. https://twitter.com/settings/your_twitter_data.

For details, see Twitter's privacy policy: https://twitter.com/de/privacy.
 

d) LinkedIn
We have a LinkedIn profile. The data protection (co-)controller is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. For residents of the USA or Canada, the jointly responsible data controller is LinkedIn Corporation, 1000 West Maude Avenue, Sunnyvale, CA 94085, USA ("LinkedIn"). According to LinkedIn's own information, the data collected is also transmitted to the USA and other third countries. LinkedIn uses marketing cookies. LinkedIn also uses analysis tools provided by other companies, including Google Analytics.

According to LinkedIn's own information, LinkedIn uses standard contractual clauses approved by the European Commission and takes other measures in line with EU law to legitimise data transmission from the EEA to the USA and other countries.

If you wish to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

For details on their handling of your personal data, please refer to LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.
 

e) Pinterest
We have a Pinterest profile. The data protection (co-)controller is Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland. For residents of the USA or Canada, the jointly responsible data controller is Pinterest Inc., 808 Brannan Street, San Francisco, CA 94107, USA ("Pinterest"). According to Pinterest's own information, the data collected is also transmitted to the USA and other third countries. Pinterest also uses analysis tools provided by other companies, including Google Analytics.

Pinterest uses advertising cookies: https://policy.pinterest.com/de/cookies

If you want to disable Pinterest advertising cookies, you can find the description of the opt-out at the following link: https://help.pinterest.com/de/article/personalized-ads-on-pinterest or directly: https://www.pinterest.com/settings/privacy

For details on their handling of your personal data, please refer to Pinterest's privacy policy: https://policy.pinterest.com/de/privacy-policy.
 

f) YouTube
We have a YouTube profile. The jointly responsible data controller of this service is Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("YouTube"). For residents of the USA or Canada, the jointly responsible data controller is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. According to YouTube and Google's own information, the data collected is also transmitted to the USA and other third countries. YouTube and Google also use analysis tools including Google Analytics.

According to YouTube and Google's own information, Google uses legal frameworks and takes other measures to guarantee a suitable level of data protection.

If you want to disable advertising cookies from YouTube or Google, please use the following link: https://adssettings.google.com/ or directly: https://adssettings.google.com/authenticated.

For details on how they handle your personal information, see YouTube's privacy policy: https://support.google.com/youtube/answer/7585465?hl=de as well as the privacy policy: https://policies.google.com/privacy.
 

g) Spotify
We have a Spotify profile. The (joint) data controller is Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm, Sweden ("Spotify").

Spotify may share your information internally within the Spotify Group (i.e. transfer data to Spotify in the US or share data with third parties). This means that information collected within the EEA may be transferred to countries outside the EEA for the purposes described in this privacy policy.

The nature, scope, purposes of the collection and processing of data by Spotify, as well as the rights and settings options for protecting the privacy of the user, can be found in the Spotify privacy policy at  https://www.spotify.com/de/legal/privacy-policy/#s6 and the privacy center at https://www.spotify.com/de/privacy/#privacy-center-control-section.