Privacy Policy Statement

This privacy policy statement describes how CENIT AG, as the controller, processes the personal data of your website users, interested parties, customers, applicants and service providers.

1. Responsible controller

We, CENIT AG, are the responsible controller within the meaning of the GDPR and the BDSG as well as other data protection regulations for our website, www.cenit.com, and the associated data processing. This privacy policy also applies to our online presence.

Further and more comprehensive information on the responsible controller, CENIT AG, is available in the imprint under the following link.

1.1 The responsible controller is:

CENIT AG
Industriestrasse 52-54
D-70565 Stuttgart
Tel.: +49 711 7825-30
Fax: +49 711 7825-4000
E-mail: info@cenit.com
www.cenit.com

Represented by the Management Board:
Peter Schneck, CEO
Axel Otto, CFO  
 

1.2 Data Protection Officer:

intersoft consulting services AG
Beim Strohhause 17
20097 Hamburg

Tel.: +49 711 7825-30
Fax: +49 711 7825-4000
E-mail: datenschutzbeauftragter@cenit.com

 

Each time our website is accessed, the following personal data is automatically collected by the web server from the system of the accessing computer or the user’s terminal device:

  • Date and time of retrieval
  • Surname of the retrieved file and the amount of data transmitted
  • Browser type/version
  • Operating system used by the user’s terminal device
  • Referrer (URL of the previously visited page)
  • IP address of the user’s terminal device

The legal basis for the requisited technical processing is Art. 6 (1) lit. f GDPR. Insofar as your IP address, the set language, the user-agent string with browser and operating system and its version, as well as the address of the accessed website are transmitted, then this processing is strictly required in accordance with Section 25 (2) Nr. 2 TDDDG.

The data is deleted as soon as it is no longer required for the purpose for which it was collected, i.e. the session is ended or, if log files are stored, after 30 days.
 

You can contact us via a wide variety of channels. We process different personal data about you depending on which channel you use. 
The following channels are available for you to contact us: Telephone, fax, post, e-mail, contact form website, chat.
We collect the content data of your request, regardless of which channel you use to contact us. In addition, depending on the contact channel used, we collect further personal data required to answer your request in a customer-friendly and competent manner via the channel you have chosen. 
If you contact us by post, this would be the postal address with the date of receipt. In the case of telephone or fax contact, the telephone or fax number and the date and time of contact. If you contact us by e-mail and contact form, the e-mail address, date and time of receipt of the e-mail are recorded. 

This data processing takes place on the basis of our legitimate interest in accordance with Art. 6 (1) lit. f GDPR in order to be able to answer your request promptly and completely. Insofar as a contractual relationship results from your request, we process the data in accordance with Art. 6 (1) lit. b GDPR for the initiation and execution of the contract.

If your personal data listed above is no longer required to achieve the purpose of answering your request, it is deleted. As a rule, this is always done as soon as the contact request has been fully answered or it is clear from the circumstances that the associated facts have been clarified and the request has therefore been settled. We assume that a matter has been settled for you if you have not responded to our query regarding the contact within one year or have not contacted us again in this regard. 
We may store your personal data from the contact for quality assurance purposes. In this case, however, it is deleted no later than 3 years after answering/settling your request. Otherwise, all personal data is deleted immediately, unless it must be retained due to documentation obligations. If there was a contractual relationship and this resulted in tax retention obligations, the tax-relevant personal data is stored for 10 years.

As the data subject, you are entitled to assert your rights against the responsible controller. You can use the contact details provided under this Point 1.2 or send an e-mail to datenschutzbeauftragter@cenit.com by e-mail.  You are entitled to object to data processing and state your interest in not having your data processed and, if you have granted your consent, at datenschutzbeauftragter@cenit.com revoke your consent. More information on your rights as a data subject is available here.
 

We offer you the opportunity to create and register a user account on our website at support.cenit.com in order to obtain the information and downloads you require on our products and services. Personal data is entered by you in the input mask, transmitted to us and stored by us. Your data is not transmitted to third parties. 

The following data is collected as part of the registration process: 
User name, first name, last name, e-mail address, title, telephone, fax, company, country, city
The following data is collected as part of the login process: 
Username, password, date and time of login

Any data you have already provided is merged with the master data in our CRM.
The legal basis for the above-mentioned data processing is the fulfilment of the contract or the fulfilment of pre-contractual measures with you in accordance with Art. 6 (1) lit. b GDPR in order to provide you with the products and services you require for your own support via MyCENIT. 

Your above-mentioned data is deleted as soon as the purpose of the data processing has been achieved. This is the case if the data is no longer required for the fulfilment of pre-contractual measures and for the fulfilment of the contract. There are exceptions to this, however, such as legal obligations to document and store data for tax purposes. Tax regulations may require that data be stored for a period of up to 10 years after the contract has been terminated. In addition, the user has the option of modifying the data in MyCENIT in self-service, up to and including closing the account, which deletes the personal data, with the exception of the data relevant for tax purposes. 
Log files for login are stored for security reasons in accordance with Art. 6 (1) lit. f GDPR for 30 days and then deleted. 

As the data subject, you are entitled to assert your rights against the responsible provider. You can make use of the contact details provided under Point 1.2 or send an e-mail to datenschutzbeauftragter@cenit.com. More information on your rights as a data subject is available here.
 

Further data protection information

You can subscribe to individual newsletters on our website for various products, services, webinars and events. We use these to inform you about products (e.g. announcements and discontinuations, changes), services, promotions and developments 

The content of the individual newsletters is described as part of the registration process. 
If you register for a newsletter, the following personal data is collected, stored and processed by us: Referrer URL, date and time of access, description and type of browser used, IP address of the requesting computer: pseudonymized), e-mail address, date and time of the order.

We use the so-called double opt-in procedure for newsletter registrations to ensure that no mistakes have been made when entering the e-mail address and that you have actually requested the newsletter. After your registration, we send you an e-mail with a confirmation link to the e-mail address you provided and ask you to confirm your newsletter order, including the e-mail address used. Your e-mail address is only added to the mailing list when you click on the confirmation link. If you do not confirm your registration, your information is automatically deleted after 30 days. 

Your e-mail address is mandatory for receipt of the newsletter. The provision of further data is voluntary: This voluntary data is used to address you personally. After your confirmation, we store your e-mail address for the purpose of sending you the newsletter and until you revoke your consent. We also store your IP address used at the time of registration, the time of registration in order to be able to verify your registration and, if necessary, to clarify any misuse of your personal data. This data is stored until you unsubscribe.
If you subscribe to one of our newsletters, we evaluate your user behaviour during the subscription period in order to better adapt our offer to the needs of our readers. We use Microsoft Dynamics for this purpose and record the following data: Data on mail dispatch, delivery status and opening as well as further page views and form submissions.

The legal basis for the sending of the respective newsletter and its evaluation is your previously voluntary, informed consent, which you have granted us in accordance with Art. 6 (1) sentence 1 lit. a GDPR and which can be revoked at any time free of charge.

You can revoke your consent to the sending of the tracked newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the unsubscribe link provided in every newsletter e-mail or by sending an e-mail to datenschutzbeauftragter@cenit.com.
When you unsubscribe from the newsletter, your data relating to the newsletter subscription is deleted.

As the data subject, you are entitled to assert your rights against the responsible provider. You can make use of the contact details provided under Point 1.2 or send an e-mail to datenschutzbeauftragter@cenit.com.  More information on your rights as a data subject is available here.
 

We offer you the opportunity to register for events on our website. Participation in an event, whether online or on-website, is subject to you entering the personal data required for registration in an input mask. The data is then transmitted to us when you confirm the registration and processed for the organization and implementation of the event. After each event, we contact you once to ask for your feedback and provide you with further information on our products and services. 

If you register for a free on-website event without certification, we process your contact details, surname, first name, e-mail address, company and any other optional data you enter when registering.

If you register for a paid on-website event with certification, we process your contact details, surname, first name, company, billing and home address in order to be able to send you the certificate to your personal address afterwards. 

If you register for a paid online event without certification, we process your e-mail address, surname, first name and company,

We may pass on your personal data to a provider of computer-based tests at certification events and, if necessary, to a service provider who operates the web meeting for us. The respective provider has been carefully selected by us, works in accordance with our instructions and has been contractually bound to confidentiality. We may also receive feedback from the provider on the tests/attendance so that we can issue the certificate for you. We name the respective provider in the information on the event; if we use providers from third countries, the EU standard contractual clauses, a transfer impact assessment if necessary, and additional technical and organizational measures have been taken with them. If we use service providers, you are informed of this in accordance with data protection regulations when you register.

The legal basis for this is Art. 6 (1) sentence 1 lit. b GDPR. We process the data for as long as is necessary to fulfil the contract, usually up to three years for quality assurance reasons. Only those documents which are relevant for tax purposes are stored for 10 years. 

As the data subject, you are entitled to assert your rights against the responsible provider. You can make use of the contact details provided under Point 1.2 or send an e-mail to datenschutzbeauftragter@cenit.com.  More information on your rights as a data subject is available here.
 

We offer you the opportunity to subscribe to white papers on our website. To register for the whitepaper subscription, we ask you to provide us with your personal data (e-mail address, surname, first name, company, country) as contractual consideration in order to be able to contact you with our responsible country-specific sales and distribution department in relation to the product and service you have selected for the whitepaper. Click here for our National companies. You receive the access link to the whitepaper after you have confirmed your e-mail address. 
This data is collected in accordance with Art. 6 (1) lit. b GDPR as contractual consideration (payment with data) for the whitepaper subscription. 

If you do not wish to be contacted after receiving the whitepaper from us and our national companies, please inform us at any time using the contact details under Point 1 or by e-mail at datenschutzbeauftragter@cenit.com

The notice you provide is retained for three years after the date of notification for documentation purposes.

Our website also offers the option of sending us information under the Whistleblower Protection Act. We have set up a Whistleblowing hotline for this purpose. Further information on data processing in the context of the whistleblowing procedure is available here.

We use cookies and other technologies on our website (both hereinafter referred to as cookies). Some of these are technically essential (necessary) for the provision of the website and its functions or for the storage of and access to information in the terminal equipment and then do not require consent in accordance with Section 25 (2) TDDDG and, in the case of personal data, in accordance with Art. 6 (1) (f) GDPR. You are, however, entitled to object to this processing (see the “Objection” section in this document). If you do so, it is possible that the functionalities of our website are no longer fully available. You are free to express your objection in writing by sending an e-mail to datenschutzbeauftragter@cenit.com datenschutzbeauftragter@cenit.com.or by revoking your consent or to object for example in the Cookie Consent Banner.

For the use of all other cookies to determine preferences, statistics and marketing purposes, we separately obtain your voluntary, active consent in accordance with Art. 6 (1) lit. a, 49 (1) lit. a GDPR in conjunction with Section 25 (1) TDDDG in order to personalize content and advertisements, to offer functions for social media and to analyze access to our website or to be able to read information on the end device. This also includes the third-party providers used from countries outside the EU/EEA in which there is no level of data protection equivalent to that in the EU, which may restrict your rights (e.g. enforcement of rights). Some partners merge your personal data with other data that you have provided, e.g. in personal accounts or that is collected when using the partner services; we also obtain your consent for this.

You are free to revoke your consent at any time for the future without any disadvantage for you, whereby the data processing up to the revocation remains unaffected by this. If you do not give your consent, you suffer no disadvantage as a result; only individual functions of the website may not be available. 

Detailed information on cookies with the option of granular consent/rejection/revocation of individual cookies is available on the page Cookie declaration. Or click on the question mark after you have clicked the Individual settings button in the Consent banner
We make no use of automated decision-making or profiling. Further information, including on your rights, in particular to revoke your consent and to object to data processing on the basis of our legitimate interest in accordance with Art. 6 (1) lit. f GDPR, is available in the Privacy policy notice under Data subject rights, Point 19.
 

If you have granted your consent, the anonymized version of Google Analytics 4, a web analysis service of Google LLC, is used on this website. The responsible provider for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

10.1  Scope of processing

In Google Analytics 4, the anonymization of IP addresses is activated by default. Due to IP anonymization, your IP address is truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address is only transmitted to a Google server in the USA and truncated there in exceptional cases. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data, but the information collected by means of cookies about your user behaviour is usually transmitted to a server in the USA and stored there.

The following data is recorded:

  • Page views
  • First visit to the website
  • Start of the session
  • Your “click path”, interaction with the website
  • Scrolls (whenever a user scrolls to the end of the page (90%))
  • Clicks on external links
  • Internal search queries
  • Interaction with videos
  • Viewed / clicked ads

Also recorded:

  • Your approximate location (region)
  • Your IP address (in abbreviated form)
  • Technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
  • Your internet provider
  • The referrer URL ((the website/advertising medium used to reach this website)

Technical data; operating system used, browser type, browser version, device, date and time of access, are processed for the purpose of evaluating user behaviour.
The following behaviour-related data formsubmit, form submissions, contact form, newsletter registrations are processed.

10.2  Purposes of the processing

Google uses this data to evaluate your use of the website and to compile reports on website activity. 
The Google Analytics advertising functions implemented on this website include: 

  • Reports on impressions in the Google Display Network;
  • Google Analytics reports on performance by demographics and interests
  • Integrated services for which data is collected in Google Analytics for advertising purposes, including the collection of data via cookies for ad preferences and anonymous identifiers 

10.3  Recipient

Recipients of the data are
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor pursuant to Art. 28 GDPR), Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, Alphabet Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
The parent company of Google Ireland, Google LLC, is based in California, USA and is certified under the Transatlantic Data Privacy Framework. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be excluded. 

10.4  Storage period

The data sent by us and linked to cookies is automatically deleted after 14 months. Data that reaches the end of its retention period is automatically erased once a month.

10.5  Legal basis

The legal basis for this data processing is your consent in accordance with Art. 6 (1) sentence 1 lit. a, 49 (1) lit. a GDPR and Section 25 (1) TDDDG.

10.6  Revocation

You can revoke your consent at any time with effect for the future by changing your cookie settings HERE and changing your selection there. The legality of the processing undertaken on the basis of the consent until the revocation remains unaffected.
Alternatively, you can prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to reject all cookies, this may limit the functionality of this and other websites. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) as well as the processing of this data by Google by

  1. not giving your consent to the setting of the cookie or
  2. by setting the corresponding cookie
  3. Download and install the browser add-on to deactivate Google Analytics HERE.

More information on the terms of use of Google Analytics and data protection at Google at marketingplatform.google.com/about/analytics/terms/de/ and at

https://policies.google.com. More information on data protection at Google at https://policies.google.com/privacy.
 

If you have granted your consent, we use the Google Tag Manager of the provider Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The responsible provider for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

This is a tag management system for managing JavaScript and HTML tags, which is used for the implementation of tracking and analysis tools. The Google Tag Manager itself does not collect any personal data. The Tag Manager makes it easier for us to integrate and manage our tags. Tags are small code elements that are used, among other things, to measure traffic and visitor behaviour, record the impact of online advertising and social channels, set up remarketing and targeting, and test and optimize websites. If you have made a deactivation, this deactivation is taken into account by Google Tag Manager.

Recipients of the data are:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor pursuant to Art. 28 GDPR), Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, Alphabet Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA 

This service may process data outside the European Union and the European Economic Area (EEA) and transfer it to a country that does not offer an adequate level of data protection. There is currently an adequacy decision with the USA and Google is certified under the Transatlantic Data Privacy Framework.  If the data is transmitted to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you having any legal recourse.

The legal basis for data processing using Google Tag Manager is Art. 6 (1) lit. a, 49 (1) lit. a GDPR and Section 25 (1) TDDDG with regard to the setting of tags in the user’s end device and the comparison of cookies with the Google Tag Manager domain. The data collected (IP address) is analyzed using the following tool.  We have no influence on the data processing by Google Tag Manager and do not know how the data is used. 

You have the option of revoking your consent with effect for the future by changing your settings HERE. The legality of the data processing until the revocation remains unaffected.
For more information on Google Tag Manager, see: https://www.google.com/intl/de/tagmanager/use-policy.html
 

12.1   Google Ads Conversion

We use the Google Ads Conversion service to draw attention to our offers with the help of advertising material (so-called Google Ads) on external websites. This is an online advertising program from Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The responsible provider for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
A different cookie is assigned to each Ads customer. Cookies cannot be tracked via the websites of Ads customers When you click on an ad or visit our website, Google places a cookie on the user’s computer. This cookie has a duration of 30 days. The information collected by the respective cookie (date and time of the visit; IP address; referrer URL; browser type; browser language; cookie ID; user behaviour; ads clicked on; web request) is used to be able to address the visitor specifically in a subsequent search query. Further information on the cookie technology used can also be found in Google’s notes on website statistics and in its privacy policy. This technology provides Google and us, as the customer, with information about the fact that a user has clicked on an ad and been redirected to our website. The information obtained in this way is used exclusively for statistical analysis to optimize advertising. No information is received that enables visitors to be personally identified. Your IP address is transmitted to Google if you have granted us your prior consent. We use IP masking provided by Google. The statistics provided to us by Google include the total number of users who click on one of our ads and, if applicable, whether they are redirected to a page on our website with a conversion tag. These statistics enable us to determine which search terms are most often clicked on in our ad and which ads lead to users contacting us via the contact form. 
The integration of Adwords Conversion means that Google receives the information that you have accessed a specific part of our website or clicked on one of our ads. If you are registered with Google, Google associates you with your account. This also applies if you are not registered or logged into the account. Google may be able to ascertain the IP address and thereby identify you.

Insofar as data is processed outside the EU/EEA, where there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish a secure level of data protection and have taken further supplementary contractual, organizational and technical measures, whereby Google is certified in accordance with the Data Privacy Framework.

More information on data protection in the context of Google Ads at https://policies.google.com/technologies/ads and https://policies.google.com/privacy.

If you do not want your visit to be included in the user statistics, you can prevent this by preventing the storage of the cookie required for these technologies, for example via the settings of your browser ( www.googleadservices.com ) or by deactivating the cookies for conversion tracking (www.google.de/settings/ads) or by self-regulating “About Ads” http://www.aboutads.info/choices  whereby this selection is deleted if you delete the cookies or manage the cookies https://policies.google.com/technologies/cookies#managing-cookies

You also have the option of using the Ad settings to select the types of Google ads or to deactivate interest-based ads on Google. Alternatively, you can deactivate the use of cookies by third-party providers by using the Deactivation help of the network advertising initiative to deactivate cookies.

However, we and Google continue to receive statistical information about how many users have visited this website and when. If you do not wish to be included in these statistics, you can prevent this with the help of additional programs for your browser (e.g. with the Ghostery add-on).

Data is only collected and stored with your express consent in accordance with Art. 6 (1) sentence 1 lit. a) 49 (1) lit. a GDPR, in conjunction with Section 25 (1) TDDDG for the setting of cookies in the end device for conversion optimization, analysis of your customer behaviour in order to provide you with personalized product and service information. You can revoke your consent at any time for the future in the cookie consent banner or footer under cookie settings by changing your settings there. This does not affect the lawfulness of the data processing undertaken until the revocation.

12.2   Google Ads Remarketing

We use the remarketing function within the Google Ads service if you have previously granted us your consent for this, including for the transfer of data to the USA, for the use of cookies in the cookie consent banner. With the remarketing function, we can offer users of our website advertising on other websites within the Google advertising network (in Google Search or on YouTube, so-called“Google Ads” or on other websites) based on their interests. For this purpose, the interaction of users on our website is analyzed, e.g. which offers the user was interested in, in order to be able to display targeted advertising to users on other websites even after they have visited our website. For this purpose, Google stores cookies on the end devices of users who visit certain Google services or websites in the Google Display Network. These cookies are used to record the visits of these users. Cookies are used to uniquely identify a web browser on a specific end device and not to identify a person. More information about cookies is available here: policies.google.com/technologies/types


Google Ads Remarketing allows you to be shown our advertisements when you subsequently use the internet after visiting our website. This is done by means of cookies stored in your browser, which are used by Google to record and evaluate your usage behaviour when you visit various websites. The cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. This file records which websites you have visited, which content you are interested in and which offers you have clicked on, as well as technical information on the browser and operating system, referring websites, time of visit and other information on the use of the online offer. Your IP address is also recorded, whereby Google informs you that the IP address is truncated within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and only in exceptional cases is it transmitted in full to a Google server in the USA and truncated there. Google may combine the above-mentioned information with such information from other sources. If you subsequently visit other websites, you can be shown ads tailored to your interests.

According to its own statements, Google does not merge the data collected as part of Google Remarketing with your personal data that may be stored by Google (e.g. when you register for a Google service such as GMail). According to Google, pseudonymization is used for remarketing. More information on data protection at Google policies.google.com/privacy.


We process your data pseudonymously as part of Google marketing services, i.e. Google does not store and process your name or e-mail address, for example, but processes the relevant data in relation to cookies within pseudonymous user profiles. The information collected by Google marketing services (including Google Ads Conversion) about users is transmitted to Google and stored on Google’s servers in the USA. There is currently an adequacy decision with the USA in the form of the EU-US Data Privacy Framework for which Google has certified itself.

Data is only collected and stored with your express consent in accordance with Art. 6 (1) sentence 1 lit. a, 49 (1) lit. a GDPR in conjunction with Section 25 (1) TDDDG for setting the cookie in the end device in order to be able to send you interest-based advertising for our products.

You can revoke your consent at any time for the future without any disadvantages for you in the cookie consent banner or footer under Cookie and object to the use by Google ( https://policies.google.com/technologies/types?hl=en ), but this does not affect the lawfulness of the data processing until you revoke your consent.
Deletion/revocation: There are several options to prevent this tracking:

  1. by setting your browser software accordingly, the suppression of third-party cookies in particular means that you will not receive any ads from third-party providers;
  2. by installing the plug-in provided by Google under the following link: www.google.com/settings/ads/plugin;
  3. by deactivating the interest-based ads of providers that are part of the “About Ads” self-regulation campaign via the link www.aboutads.info/choices whereby this setting is deleted when you delete your cookies;
  4. by permanently deactivating it in your Firefox, Internet Explorer or Google Chrome browsers under the link http://www.google.com/settings/ads/plugin,
  5. by means of a corresponding cookie setting. Please note that if you do so, you may not be able to use all the functions of this service to their full extent.

The storage period for cookies is 180 days. 
 

This website uses the Google Maps map service via an API, which is integrated into the website by means of a two-click solution. You can only use Google Maps, a map service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA;) if you have previously granted your specific consent in accordance with Art. 6 (1) lit. a, 49 (1) lit. a GDPR, 25 Abs. 1 TDDDG for the use of Google Maps, i.e. you have explicitly clicked the layered Google Maps button “Unblock” and thereby granted your consent. The Google Maps data is not loaded until you click on it. 
When using the functions of Google Maps, information, including the IP address and the address or location data entered as part of the route function, may be transmitted to the provider’s servers. This information is typically transmitted to a Google server in the USA and stored there. There is currently an adequacy decision with the USA and Google is certified under the Transatlantic Data Privacy Framework, but your data may still be disclosed by Google to government authorities or third parties. More information on data protection at Google on the website: https://policies.google.com/privacy?hl=en; Privacy policy: https://policies.google.com/privacy; Possibility of objection (opt-out): Opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=en settings for the display of advertisements.

As soon as you click on the Google Maps service “Unblock Google Maps” on our website and thereby 

  1. have granted your consent to the transfer of your personal data to a recipient in a third country, in this case the USA, which may not have the same level of protection for your personal data as the EU and at the same time 
  2. if you have granted your consent to the use of this service, a direct connection to Google’s servers is established and your personal data is forwarded to Google, whereby the map content is sent to your browser which integrates it. The provider of this website (CENIT) has no influence on this data transmission and storage. Based on currently available knowledge, this includes the following data:
  • Date and time of the visit to the website in question,
  • Internet address or URL of the website accessed,
  • IP address, (start) address entered during route planning
     

We use ZoomInfo Technologies LLC Inc, at 805 Braodway, Suite 900 Vancouver WA 98660 on this website for marketing purposes to support campaigns and website analytics to fulfil customer requests. The following personal data is collected: website visited, activities on the website, IP address, time, device ID. 

Further information and the applicable provisions for protecting your data or deleting your data on ZoomInfo is available at https://www.zoominfo.com/about-zoominfo/privacy-policy available.

Under the URL www.facebook.com/CENITAG we operate a so-called “fan page” on the social network Facebook. Facebook is a service of Meta Platforms, Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA (hereinafter referred to as “Facebook”).
We expressly draw your attention to the fact that Facebook stores the data (e.g. IP address, preferences and personal interests, behaviour on Facebook pages, any personal information stored on Facebook, etc.) of users and uses it for business purposes.
We have no influence on the processing and further use of this data, as Facebook alone determines the processing. It is currently not clear to us to what extent, where and for how long the data is stored, to what extent the data is linked and analyzed and to whom the data is passed on. We also have no insight or influence with regard to deletion periods, i.e. whether and to what extent deletion periods are observed.
Information from Facebook itself about what information is collected is available in Facebook’s privacy policy, which can be viewed here: https://www.facebook.com/about/privacy/
If you are a Facebook member and logged into your Facebook user account, Facebook can assign your visit to our website to your user account. If you want to prevent Facebook from linking data about your visit to our fan page with your member data stored on Facebook, you must

  • log out of Facebook before each visit to our fan page
  • delete the cookies present on the device
  • and close and restart your browser.

In this way, according to Facebook, all information that can be used by Facebook to identify you is deleted.
 

15.1    Scope of data collection and storage

There is no need to be a Facebook member to view the content on our Facebook fan page. However, Facebook collects, stores and uses data every time you visit our website. The moment you visit our fan page, your browser establishes a connection with a Facebook server. Data may be transmitted to countries outside the European Union. In any case, regardless of whether you are registered with Facebook or not, your IP address is transmitted and cookies are set. If you are a Facebook member and logged into your Facebook user account, Facebook can assign your visit to our website to your user account.

The cookies used include session cookies, which are deleted when the browser is closed, and persistent cookies, which remain on the end device until they expire or are deleted by the user. A cookie is a tiny text file that enables a website to recognize a browser. Cookies are stored on the computer when a website is accessed and are retrieved and read the next time the web server is accessed. Insofar as the cookies are stored on your end device, we obtain your consent for this in accordance with Art. 6 (1) lit. a GDPR, 49 (1) lit. a, Section 25 (1) TDDDG. You can use your browser settings to decide whether and which cookies you want to allow, block or delete. Instructions for a range of browsers are available here: Internet Explorer, Firefox, Google Chrome, Google Chrome mobile, Microsoft Edge, Safari, Safari mobile. Alternatively, you can also use so-called ad blockers, such as Ghostery can be installed.

Facebook states that the cookies used by Facebook are used for authentication, security, website and product integrity, advertising and measurement, website functions and services, performance, analysis and research. Details of the cookies used by Facebook (e.g. names of cookies, duration of function, content recorded and purpose) are available here: https://www.facebook.com/policies/cookies/ by following the links provided there. The configuration of settings for the display or non-display of advertisements by Facebook is available at https://www.facebook.com/about/basics/advertising and at http://www.youronlinechoices.com.

You can manage your preferences regarding usage-based online advertising under the aforementioned link. If you object to usage-based online advertising with a specific provider using the preference manager, this only applies to the specific business data collection via the web browser you are currently using. Preference management is cookie-based. If you delete all browser cookies, the preferences you have set with the preference manager are also be removed.

15.2    Legal basis

Data Intended use Legal basis
User interactions (postings, likes, etc.) User communication via social media Art. 6 (1) lit. a and f GDPR Section 25 (1) TDDDG
Meta Cookies Target group advertising Art. 6 (1) lit. a GDPR Section 25 (1) TDDDG
Demographic data (e.g. based on age, place of residence, language or gender) Target group advertising Art. 6 (1) lit. a GDPR Section 25 (1) TDDDG
Statistical data on user interactions in aggregated form, i.e. without personal reference (e.g. page activities, page views, page previews, likes, recommendations, posts, videos, page subscriptions incl. origin, time of day) Target group advertising Art. 6 (1) lit. a GDPR Section 25 (1) TDDDG

Insofar as cookies are set on your end device and information is retrieved in the process, we obtain consent for this in accordance with Section 25 (1) TDDDG  ( https://www.cenit.com/en_EN/cookieconsent.html ) and insofar as personal data is collected and transmitted to a third country (see USA), we obtain consent in accordance with Art. 6 (1) sentence 1 lit. a, 49 (1) lit. a GDPR. 
Automated decision-making including profiling in accordance with Art 22 GDPR does not take place.

We generally only store personal data until the purpose for which the data was collected has been achieved. As part of a business relationship with you, we store your personal data for as long as the business relationship lasts; this also includes the initiation and execution of a contract as well as the regular limitation period. In addition, we store the data if and to the extent that we are subject to statutory retention obligations. These may arise, for example, from the German Commercial Code (HGB) or the German Fiscal Code (AO).

If you have granted us your consent for a processing operation, the data associated with the granting of consent is stored until revoked or at the latest for the duration of the processing operation and after termination of the same within the scope of the statute of limitations.

15.3    Facebook Insights

We use the Facebook Insights function for statistical analysis purposes. In this context, we receive anonymized data about the users of our Facebook fan page. It is therefore not possible for us to draw any conclusions about your person. For further information, please refer to Meta’s cookie policy.

https://www.facebook.com/about/privacy/legal_bases
https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0 

We see our legitimate interest in data processing via the Facebook fan page in the presentation of our company and our products and services for your information and the best possible direct customer contact. 

15.4  Disclosure and use of personal data

If you interact with Facebook, Meta has accordingly also access to your data. Meta is located in a third country, the USA, for which an adequacy decision currently exists and is certified with regard to the Transatlantic Data Privacy Framework. The data transfer is also based on the so-called standard data protection clauses. More information is available HERE.

15.5  Joint controllership

CENIT AG, Industriestrasse 52-54, 70565 Stuttgart, Germany
and
Meta Platforms Ireland Limited
4 Grand Canal Square, Grand Canal Harbor,
D2 Dublin
Ireland
The European Court of Justice (ECJ) has ruled that we are jointly responsible with Meta for the processing of your personal data. More information on the ECJ’s decision of 05.06.2018 is available here.
In accordance with joint responsibility, we provide the following information regarding the essence of the joint responsibility agreement between us and Meta in line with Art. 26 GDPR: https://www.facebook.com/legal/terms/page_controller_addendum 

Meta assumes the responsibility for the processing of Insights data on the fan page: https://www.facebook.com/legal/terms/page_controller_addendum 

Meta alone decides on the purposes and means of data processing. 

Further information is available here: https://www.facebook.com/about/privacy/update/printable 

We are accountable for the data processing, excluding the Insights data. 

You are entitled to object to our data processing on the fan page as a whole or in relation to individual processing operations as described above under Point 1. Even if you wish to object to data processing by Meta, you can do so using the contact details provided under Point 1. We forward your objection to Meta immediately. If you want to object to the processing of Insights data, you can also do this at Meta. 

We have integrated YouTube videos into our online service, which are stored on http://www.youtube.com/ and can be played directly from our website. When you access a page with embedded videos, your IP address is sent to YouTube/Google and cookies are installed on your computer.  However, we have integrated our videos in “extended data protection mode”, i.e. no data about you as a user is transmitted to YouTube/Google if you do not play the videos. The following data is only transmitted when you click 

 to play the video: 

  • IP address 
  • Date and time of the request 
  • Time zone difference to Greenwich Mean Time (GMT) 
  • Content of the request (specific page) 
  • Access status/HTTP status code 
  • Amount of data transmitted in each case 
  • Website from which the request comes 
  • Browser 
  • Operating system and its interface 
  • Language and version of the browser software. 
  • Hardware used (PC, smartphone, etc.) 
  • Location (if Google Maps is activated) 

We have no control over this data transfer. As website operators who embed YouTube videos, we collect the IP address and, via Google Analytics, the number of video clicks and the duration of the playback time.

By visiting our website and playing the videos, YouTube/Google receives the information that you have accessed the corresponding subpage of our website. If you are logged in to Google or Meta or use the single sign-on function, this data is assigned directly to your account, i.e. photos, interests, end device, IP address, etc.If you do not wish to be linked to your YouTube account, you need to log out before clicking the button. In addition, YouTube/Google also stores data if you do not have a Google user account: IP address, search queries, browser and operating system version. 
YouTube/Google stores the aforementioned data as user profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. This evaluation is undertaken in particular (even for users who are not logged in or who do not have a corresponding account) to provide customized advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, in which case you need to contact YouTube to assert this right. 
Third-party service provider information: YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA, : https://policies.google.com/technologies/product-privacy and https://policies.google.com/privacy
The information collected by the cookies from this provider is generally sent to a server in the USA and stored there. In the case of the transfer of data to the USA, the data transfer is currently based on the existing adequacy decision and the existence of standard contractual clauses. 

As soon as you click on the Play button, you give your consent to the transfer of data to an insecure third country in accordance with Art. 6 (1) lit. a GDPR, 49 (1) sentence 1 lit. a GDPR and for the setting of cookies in your browser in accordance with Section 25 (1) TDDDG. You can revoke your consent at any time for the future in the cookie consent banner or footer under Cookie and object to its use.
 

Some of our internet services contain hyperlinks to other websites that are not operated by CENIT AG. We do not monitor these websites and are not responsible for their content or their handling of personal data. Only when you as a user click on this link marked as external and access the link service destination, i.e. receive and take note of its data, is data transmitted to the link destination in the form of the user’s IP address and, if applicable, other data from the Internet Protocol (TCP). The link destinations listed below (e.g. Meta, X, Youtube, Linkedin, Xing, glassdoor) are located in unsafe third countries that do not ensure an EU level of data protection. 

The social plug-ins offer you the opportunity to share content from the service via your personal social media account. However, when you use this feature on the CENIT AG website, no personal data is processed.
The social media provider can assign the visit to our website to your user account if you are logged into the corresponding social media account (e.g. Google, Meta). We would like to point out that CENIT AG has no influence on this and has no knowledge of the content of the transmitted data or its use by the social media provider.

If you click on the hyperlink marked as external, you therefore consent to your personal data being transmitted to a recipient in a possibly unsafe third country in accordance with Art. 6 (1) lit. a GDPR, 49 (1) sentence 1 lit. a GDPR, whereby an adequacy decision currently exists for the USA. In addition, the transmission of the IP address information is technically necessary in accordance with Section 25 (2) No. 2 TDDDG in order to access the desired link destination.
The link provider, i.e. the party responsible for the website containing the link, is not responsible for the data processing undertaken by the link destination itself. We as the link provider do not process any data.

17.1    Meta

For the Facebook network. These are provided by Meta Inc. Platforms, 1601 S. California Ave, Palo Alto, CA 94304, USA. We have placed a link to Meta on our website. You are only redirected to the external website when you click on it. The related Data processing is not our responsibility.

https://www.facebook.com/privacy/policy/

17.2    X

For the network of X. These are offered and operated by X Corp, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. We have placed a link to X on our website. You are only redirected to the external website when you click on it. The related Data processing is not our responsibility.
https://x.com/en/privacy 

17.3   YouTube

For the YouTube network. These are offered and operated by YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. We have placed a link to YouTube on our website. You are only redirected to the external website when you click on it. Data processing is not our responsibility.
https://policies.google.com/privacy

17.4    LinkedIn

For the LinkedIn network. These are offered and operated by LinkedIn Corporation, 599 N Mathilda Ave, Sunnyvale, CA 94085, USA. We have placed a link to LinkedIn on our website. You are only redirected to the external website when you click on it. The related Data processing is not our responsibility.
https://de.linkedin.com/legal/privacy-policy

17.5    XING

For the XING network. These are offered and operated by New Work SE at Strandkai 1, 20457 Hamburg, Germany. 
We have placed a link to XING on our website. You are only redirected to the external website when you click on it. The related Data processing is not our responsibility.
https://privacy.xing.com/de/datenschutzerklaerung

17.6    Glassdoor

For the Glassdoor network. These are offered and operated by Glassdoor Inc, 100 Shoreline Highway, Building A, Mill Valley, California, 94941, USA. We have placed a link to Glassdoor on our website. You are only redirected to the external website when you click on it. The related Data processing is not our responsibility.
Glassdoor is certified under the Transatlantic Data Privacy Framework. 
https://hrtechprivacy.com/de/brands/glassdoor#privacypolicy 

18.1    Information on the processing of personal data in the application process

As part of your online application, our company processes the data you provide (contact data, qualification data, content data (e.g. name, address, marital status, age, nationality, qualifications, CV, professional experience, certificates, etc.)) insofar as this is necessary for the application process. In detail, these are
Contact information: Name, address, telephone, e-mail address
Qualification data: Training/studies, previous employment, professional development, professional qualifications/certificates, references
Content data: Cover letter, interview information
 
If you inform us of this, further voluntary information, such as the characteristic of a severe disability, equality with a severely disabled person or other special categories of personal data in connection with your application, is also stored, e.g. if you submit a motivational video to us. The resulting video file is added to your application. You also have the option of sending us your CV that you have published on LinkedIn/Xing. The transmitted data is stored together with your application. A so-called pre-employment screening of your person is only undertaken, if at all, in job-oriented networks such as XING or LinkedIn and insofar as this is necessary for special positions (increased need for confidentiality).
If we use recruitment agencies or you apply via a recruitment agency, we receive your application data from them. In this case, information on data processing is provided by the recruitment agency.

18.2    Purpose and legal basis

The purpose of data processing is to complete the application procedure and to establish any subsequent employment relationship.
The legal basis for this is Art. 6 (1) lit. b GDPR. Your data is not used for any other purpose. The necessity of data collection and processing arises from the specific position applied for; for positions with a higher level of confidentiality or higher financial/personnel responsibility, further data collection may be required from you or from authorities if a certificate of good conduct should be required. Data minimization considerations cause us to collect and process such data only after the selection of applicants for the position has been completed, i.e. immediately before or shortly after the appointment.
In some cases, we process your personal data on the basis of your specific and voluntary consent in relation to a processing purpose specified therein, for example, if you wish to be included in the applicant pool; in these cases, you are informed about the data processing in the specific form of use. The legal basis for data processing is then the consent you have voluntarily granted in an informed manner for the specific case prior to data processing in accordance with Art. 6 (1) lit. a GDPR in conjunction with Section 26 para. 2 BDSG.
In particular, we have also informed you of your right to revoke your consent at any time and free of charge for the future, whereby the data processing remains lawful until you revoke your consent.
We process your personal data in our legitimate interest or in the legitimate interest of a third party if your interests in the omission of data processing do not take precedence. This is the case if we process your data in order to defend legal claims, for example under the General Equal Treatment Act (AGG), or for evidence purposes in a legal dispute.

18.3    Recipient

Only those departments within our company that absolutely need your data to complete the application process have access to it. These are primarily the responsible employee in the HR department and the responsible managers, who receive access rights to relevant applications on an ad hoc basis. All our employees who have access to application data are also obliged to maintain confidentiality and have received special training.
Our company uses the support of external service providers for certain technical processes of data processing, who may have access to your personal data as part of the provision of the service owed or may be able to view it in the event of support, e.g. maintenance and hosting service providers, disposal service providers for files or data. We have concluded order processing contracts with them. All our processors are carefully selected and meet high data protection and data security standards. They are also obliged to maintain confidentiality and only process data on behalf of and in accordance with the instructions of our company. They are subject to our regular checks.

Data is only transmitted to countries outside the EU/EEA (so-called third countries) or to international organizations if this is necessary for the execution of existing employment or training contracts, is required by law or if you have granted us your consent. If service providers in third countries are used, they are obliged in accordance with Art. 44 et seq. GDPR to comply with European data protection standards within the framework of a written contract based on the EU standard contracts or the Binding Corporate Rules, unless there is an adequacy decision by the EU Commission.

18.4   Duration of data storage

If CENIT AG concludes an employment or training contract with you, the data transmitted is stored for the purpose of processing the employment relationship in compliance with the statutory provisions. The legal basis for data processing is Art. 6 (1) lit. b GDPR. If no employment or training contract is concluded with you as an applicant, the application documents are deleted no later than 6 months after completion of the application process, provided that deletion does not conflict with any other legitimate interests of our company that permit longer data processing, e.g. defend legal claims. Furthermore, we only process and use your data beyond this if you have granted us your explicit consent to do so and for the period specified. If you have granted your consent to be included in the applicant pool, your data is stored for a period of 12 months after you have granted your consent. After expiry of this period, the data is deleted.

18.5    Obligation to provide data

The application process requires you to provide the personal data that is necessary for the application process or that we are legally obliged to collect. Failure to provide this data generally means that we are unable to invite you for an interview and be obliged to decline the conclusion of an employment or training contract.

18.6    Automated decision-making (profiling)

In principle, a fully automated decision-making process in accordance with Art. 22 GDPR is not used to complete the application process. Profiling is not used by our company either in the application process nor in the employment relationship.
 

You have the following rights, which you can assert against the contact details listed under Point 1.1 “Controlling body” and Point 1.2 “Data protection officer”, provided that the requirements specified in the law are met:

  • Information, DSGVO Art. 15
  • Correction, DSGVO Art. 16
  • Deletion, DSGVO Art. 17
  • Blocking/restriction of processing, DSGVO Art. 18
  • Contradiction, DSGVO Art. 21
  • Data portability, DSGVO Art. 20
  • Right to lodge a complaint with a supervisory authority, DSGVO Art. 77
  • Right of revocation with effect for the future if consent has been granted, DSGVO Art. 7(3)

You can assert your rights at any time free of charge by e-mail at datenschutzbeauftragter@cenit.com.

You have the right in accordance with Article 21 GDPR to object, on grounds relating to your particular situation, at any time to processing of personal data concerning your person which is based on lit. (e) or (f) of Article 6 (1) GDPR. As a precaution, we would like to point out that this also applies to profiling based on these provisions. 

Where personal data are processed for direct marketing purposes, you also have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

With regard to data processing via our Facebook page, you have the option of asserting your data subject rights both against us, for example directly to the responsible controller named under Point 1.1 or under Point 1.2 to the data protection officer, and against Meta. 

We revise this data protection information in the event of changes to this website or other occasions that make this necessary. You always find the latest version on this website. You should therefore visit this website regularly to check the current status of the data protection declaration.

21.1 Technically necessary

21.1.1    Cloudflare

Publisher
Cloudflare Inc. 
+1 (650) 319-8930
Cloudflare, Inc.
101 Townsend St,
San Francisco, CA 94107
USA

Description
Cloudflare’s bots product identifies and mitigates automated traffic to protect your website from malicious bots. Cloudflare places the __cf_bm cookie on end-user devices that visit customer websites protected by Bot Management or Bot Fight Mode. These robot solutions require the __cf_bm cookie in order to function properly. 
Link to the privacy policy
https://www.cloudflare.com/privacypolicy/ 

What data is collected?
IP address; device operating system; referrer URL; name of the website; device type; date and time of the request; requesting provider; system configuration information; name and URL of the file retrieved; amount of data transmitted; status information; time of the server request 

Purpose of data collection
Optimization; enhance service; reduce bandwidth; tag management; cloud computing; site security; store and load ad content; enable downloads; remarketing; collect royalties; respond to user requests; call conversions; provide service; product search; push notifications 
Cookies:

Surname Service life Description
_cf_bm 30 minutes This cookie is set by Cloudflare. This cookie is used to support Cloudflare Bot Management.
__cflb 24 hours This cookie is set for load balancing purposes. This cookie is set to direct future requests to the same origin and thereby optimize the use of network resources.

cf_ob_info

30 seconds The cf_ob_info cookie instructs Cloudflare to retrieve the requested resource from the Always Online cache on the specified port
cf_use_ob 30 seconds This cookie instructs Cloudflare to retrieve the requested resource from the Always Online cache on the specified port.
__cfruid For the duration of the session This cookie is part of Cloudflare’s services, including load balancing, providing website content and providing DNS connections for website operators.
cf_clearance 30 minutes This cookie is set by Cloudflare-protected websites that display captchas or hosting challenges. This cookie stores the proof that the challenge was successful.
__cfduid 5 years The cookie “__cfduid” is set by the CloudFlare service to identify trusted web traffic. It does not correspond to any user ID in the web application, and the cookie does not store any personally identifiable information.
__cf_bm 1 minute Cloudflare’s bots product identifies and mitigates automated traffic to protect your website from malicious bots. Cloudflare places the __cf_bm cookie on end-user devices that visit customer websites protected by Bot Management or Bot Fight Mode. These robot solutions require the __cf_bm cookie in order to function properly.
__cfduid.* 30 days It is used by Cloudflare, the content network, to identify trusted web traffic.
LS_CSRF_TOKEN 2 years Cloudflare uses this cookie to identify trusted web traffic.
cf_chl_rc_ni 1 minute This cookie is used to check whether the Cloudflare Edge server supports cookies. If you see it, you can delete it.
cf_chl_2 1 minute This cookie is used to check whether the Cloudflare Edge server supports cookies. If you see it, you can delete it.
cf_chl_cc_* 1 minute Cloudflare uses these cookies to perform Javascript or Captcha challenges. They are not used to pursue or go beyond the challenge. They can be deleted during the display.
_cfuvid 1 year The Rate Limiting Rules product uses a number of techniques to apply rate limiting to traffic where multiple unique visitors use the same IP address, such as traffic behind a NAT. These techniques can be activated by using the cf.unique_visitor_id field in the rate limiting configuration. The _cfuvid cookie is only set if a website uses this option in a rate limiting rule, and is only used to allow the Cloudflare WAF to distinguish individual users who have the same IP address. Visitors who do not specify the cookie are likely to be grouped together and may not be able to access the website if there are many other visitors with the same IP address.

Legal basis
Consent, Art. 6 (1) lit. a GDPR, Art. 49 (1) lit. a GDPR in conjunction with Section 25 TDDDG (2) 
Place of processing
United States of America, European Union 

21.1.2    Google Tag Manager

Publisher
Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. Description
It is a tag management system. Using Google Tag Manager, tags can be integrated centrally via the user interface. Tags are small pieces of code that can track activities. Script code for other tools is integrated via the Google Tag Manager. The Tag Manager can control when certain tags are activated. 
Link to the privacy policy
https://policies.google.com/privacy?hl=en 

What data is collected?
Aggregated data on tag triggering; aggregated data on tag triggering; no data collected 

Purpose of data collection
Tag management; functionality; generating leads; managing website tags; managing website tags; netting analysis; managing tags and scripts on this website; ensuring a comfortable use of our website 

Cookies: 

Surname Service life Description
cookiePreferences 2 years Cookie settings for registered users
_dc_gtm_UA-.* 1 minute Used by Google Tag Manager to control the loading of Google Analytics script code.
_gcl_au 4 months Google Tag Manager uses cookies to track and store conversions.

Legal basis
Consent, Art. 6 (1) lit. a GDPR, Art. 49 (1) lit. a GDPR Section 25 (1) TDDDG 

Place of processing
United States of America and European Union 

21.1.3    NitroPack 

Publisher
NitroPack Ltd. 

located at 3 Prof. Georgi Bradistilov, entr. A, 3rd floor, 
Sofia, Bulgaria.

Description
It is a CDN (Content Delivery Network) product that provides services that speed up the loading of websites. It offers tools for single-speed optimization. 
Link to the privacy policy
https://nitropack.io/page/privacy 

What data is collected?
IP address; contact information; internet provider; first name; surname; communication data; metadata; contract information (such as length of stay) 

Purpose of data collection
Analysis; improvement of the service; customer management; this list represents the purposes of data collection and processing. Consent is only valid for the stated purposes. The data collected may not be used or stored for purposes other than those listed below; analysis; service improvement; customer management; Facebook; error tracking 

Cookies: 

Surname Service life Description
navigation_cookie 1 month determines whether the navigation in the dashboard of your nitropack.io website is collapsed or expanded.
agreed_optional 2 years Give your consent to the use of optional advertising and Insights cookies.
partner_id 30 days Indicates whether you are following the referral link.
intercom-id-[app_id] 9 months Cookie to identify anonymous visitors. When visitors visit your website, they receive this cookie.
intercom-session-[app_id] 1 week Identifier for each unique browser session. This session cookie is updated with every successful login ping and is extended by one week from this time. The user can access his conversations for one week and have data transmitted to logged-out pages as long as the session is not intentionally ended with Intercom(‘shutdown’);, which normally happens when logging out.
_ga 2 years Anonymous identification of Google Analytics visitors.
_gid 2 years The “_gid” cookie is used by NitroPack to analyze user behaviour on the website. It stores information about user visits and interactions in order to optimize the performance of the website and improve the user experience.
_gat_gtag_** 1 minute Google Analytics tracking cookie. Used to analyze browsing habits, visitor flow, source and other information. Expires immediately.
_fbp 3 months Cookie that helps us with Facebook conversion tracking. The procedure varies.

Legal basis
Consent, Art. 6 (1) lit. a GDPR, Art. 49 (1) lit. a GDPR Section 25 (1) TDDDG 

Place of processing
European Union 

21.1.4    Cookie Consent Manager CCM19

Publisher
Papoo Software & Media GmbH 
Papoo Software & Media GmbH
Managing Director Dr. Carsten Euwens
Auguststr. 4
53229 Bonn
Represented by:
Managing Director Dr. Carsten Euwens

Description
Used to store the cookie consent – which cookies may be set. The status of the cookie settings can be set for you. The data is stored in categories. 
Link to the privacy policy
https://www.ccm19.de/datenschutzerklaerung.html 
Local Storage: 

Surname Service life Description
ccm_consent 1 year Used to store the cookie consent agreement, which specifies which cookies can be set.

Legal basis
Art. 6 (1) s. 1 lit. c GDPR, Section 25 (2) Nr.2 TDDDG 
Place of processing
Bonn & Falkenstein, Germany 

21.1.5    TYPO3 

Publisher
TYPO3 Association 
TYPO3 Association
Gewerbestrasse 10
CH-4450 Sissach
Switzerland

Description
Notify Typo3 whether the visitor is logged into the Typo3 backend and which backend user is being used. Does not collect any personal data 
Link to the privacy policy
https://typo3.org/privacy-policy/ 

What data is collected?
Browser information; date and time of the visit; IP address; device operating system; referrer URL; host name of the accessing computer 

Purpose of data collection
Advertising; analysis; optimization; content delivery; service improvement; tag management; cloud computing; website security; playout of product and catalog files; error analysis 

Cookies: 

Surname Service life Description
fe_typo_user For the duration of the session This cookie is a standard TYPO3 session cookie.
be_typo_user For the duration of the session This is used to identify the backend session when a backend user logs in to the frontend or TYPO3 backend.
Typo3InstallTool For the duration of the session Used to authenticate sessions for system maintenance.
be_lastLoginProvider 3 months The cookie contains the key of the Typo3 backend login provider used.
typo3-login-cookiecheck For the duration of the session Check the browser settings with regard to the rendering of Typo3 background pages.
_Secure-typo3nonce For the duration of the session CSRF token to prevent cross-website requests

Legal basis
Consent, Art. 6 (1) lit. f GDPR, Section 25 (2) Nr.2 TDDDG
Place of processing
Switzerland
 

21.2 Statistics

21.2.1    Google Analytics4  

Publisher
Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

Description
Google Analytics is a web analytics tool that helps website owners understand and analyze user interactions on their website. It collects data about website visits, including information about how users arrive at a website (e.g. via search engines, social media or directly), how they navigate the website, which pages they visit and how long they stay on these pages. This information is then presented in various reports that provide insights into user behaviour and enable website operators to optimize their website and improve the user experience. The data is also used for personalization and for the effective targeting of advertisements. 
Link to the privacy policy
https://business.safety.google/privacy/ 
 
What data is collected?
Browser information; click path; date and time of visit; location information; internet service provider; device information; referrer URL; screen resolution; mouse movements; anonymized IP address; visit duration; account data; bounce rates; downloads; behavioural data; app updates 

Purpose of data collection
Analysis; marketing; personalization; remarketing; effective targeting of advertisements 

Cookies: 

Surname Service life Description
_ga 24 months Used to differentiate between individual users.
_gid 24 hours Used to distinguish individual users, however has a runtime of only 24 hours.
_gac_gb_* 90 days This cookie is only set if Google Analytics 4 is linked to Google Ads. It contains information on Google Ads campaigns.
_ga_* 2 years Used to save the session status.

Legal basis
Consent, Art. 6 (1) lit. a GDPR, Art. 49 (1) lit. a GDPR, Section 25 (1) TDDDG
Place of processing
USA and European Union 

21.2.2    Google Analytics Audiences

Publisher
Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

Description
This Google Analytics feature adds visitors to appropriate remarketing lists based on their visitor behaviour in order to show them personalized advertising. 
Link to the privacy policy
https://policies.google.com/privacy?hl=de 
 
What data is collected?
Date and time of visit; IP address; usage data; referrer URL; user agent; geographic location; session duration; page depth 

Purpose of data collection
Advertising; analysis; optimization; marketing; remarketing 

Cookies: 

Surname Service life Description
_ga 2 years Used to differentiate between individual users.
_gid 24 hours Used to distinguish individual users, however has a runtime of only 24 hours.
_gat 1 hour Used to limit the request rate.
_dc_gtm_* 1 hour This is used to distinguish computer users.
_gat_gtag_* 1 hour This is used to distinguish computer users.
_gac_* 3 months It contains information about the ad you clicked.
IDE 1 year This ID enables Google to identify users across different websites and domains and show them personalized advertising.

Legal basis
Art. 6 (1) sentence 1 lit. a GDPR, Art. 49 (1) lit. a GDPR, Section 25 (1) TDDDG
Place of processing
USA and European Union 

21.2.3    Google Maps

Publisher
Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

Description
We have integrated maps from Google Maps to offer you a better browsing experience on our website. 
Link to the privacy policy
http://www.google.com/intl/de/policies/privacy/ 
 
What data is collected?
Date and time of the visit; location information; IP address; usage data; URL; search terms; geographic location; IP address; use of the embedded map service (clicks, shifting the map view, etc.); URLs 

Purpose of data collection
Deliver content; provide fonts; improve service; display maps; personalization; display content; social media; website security; display maps; improve Google products and services; provide a market for tagged data 
Cookies: 

Surname Service life Description
NID 6 months This cookie stores information about user settings and information about Google Maps.

Local Storage:

Surname Service life Description
goog_pem_mod Resistant Used to send data about a visitor’s device and behaviour to Google Analytics. Track visitors across all devices and marketing channels. Notice: This data remains stored in the browser’s local storage until it is deleted manually.

Legal basis
Consent, Art. 6 (1) lit. a GDPR, Art. 49 (1) lit. a GDPR, Section 25 (1) TDDDG 
Place of processing
European Union and USA 


21.2.4    LinkedIn Analytics 

Publisher
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. Link to the privacy policy
https://www.linkedin.com/legal/privacy-policy  
Cookies: 

Surname Service life Description
lms_analytics 30 days Used to identify LinkedIn members in a specific country for analysis purposes.
AnalyticsSyncHistory 30 days Used to store information about when synchronization with the lms_analytics cookie takes place
queryString 30 days Used to continue the marketing tracking settings
SID For the duration of the session Used to determine what visitors do before they convert to LinkedIn microwebsites
VID 1 year ID associated with a LinkedIn microwebsite visitor used to measure conversions for lead generation
s_plt For the duration of the session Track the time it took to load the previous page

Legal basis
Consent, Art. 6 (1) lit. a GDPR, Art. 49 (1) lit. a GDPR, Section 25 (1) TDDDG
Place of processing
USA and European Union 


21.2.5    Meta Pixel 

Publisher
Meta Platforms, Inc, 1601 S. California Avenue, Palo Alto, CA 94304, USA
Description
This is a tracking technology provided by Facebook and used by other Facebook services. It is used to track visitors’ interactions with the website (“events”) after they have clicked on advertisements offered on Facebook or other services offered by Meta (“conversions”). 
Link to the privacy policy
https://www.facebook.com/privacy/explanation 
 
What data is collected?
Browser information; location information; IP address; usage data; device operating system; device information; referrer URL; browser type; user agent; geographic location; Facebook user ID; HTTP header; pages visited; interactions with ads, services and products; user behaviour; ads viewed; content viewed; items clicked; marketing information; pixel ID; Facebook cookie information; usage/click behaviour; device ID; non-sensitive custom data; marketing campaign success; IP address; location information; device information; Facebook user ID; non-sensitive custom data; pixel-specific data; user behaviour; ads viewed; interactions with ads, services and products; marketing information; content viewed; browser information; conversion goals; visitor ID; Facebook user ID; pixel-specific data; browser information; location information; device information; 

Purpose of data collection
Advertising; analytics; provision of fonts; service improvement; marketing; personalization; tag management; payment; cloud computing; bot protection; functionality; retargeting; website security; conversion tracking; recommendations; buyer protection; feedback; tracking; geolocation; accept tracking; customer behaviour analysis; analytics; tracking; search results; performance measurement; access measurement; reach measurement; manage tags and scripts on this website; research; location identification; lead generation; managing customer reviews; website monitoring; providing online chats; tracking ID; facilitating payments; improving service; providing a market for tagged data; trend analysis; display advertising; processing applications; providing software solutions; digital advertising; product news; company news; sponsorship news; website design; creating target group-specific advertising graphics; 

Cookies: 

Surname Service life Description
_fbp 3 months Meta cookies used for website analytics, ad targeting and measurement.
act 1 year Meta cookies used for website analytics, ad targeting and measurement.
c_user 1 year Meta cookies used for website analytics, ad targeting and measurement.
datr 1 year Meta cookies used for website analytics, ad targeting and measurement.
fr 1 year Meta cookies used for website analytics, ad targeting and measurement.
m_pixel_ration 1 year Meta cookies used for website analytics, ad targeting and measurement.
pl 1 year Meta cookies used for website analytics, ad targeting and measurement.
presence 1 year Meta cookies used for website analytics, ad targeting and measurement.
sb 1 year Meta cookies used for website analytics, ad targeting and measurement.
spin 1 year Meta cookies used for website analytics, ad targeting and measurement.
wd 1 year Meta cookies used for website analytics, ad targeting and measurement.
xs 1 year Meta cookies used for website analytics, ad targeting and measurement.
AA003 3 months Meta cookies used for website analytics, ad targeting and measurement.
ATN 2 years Meta cookies used for website analytics, ad targeting and measurement.

Legal basis
Art. 6 (1) lit. a GDPR, Art. 49 (1) lit. a GDPR, Section 25 (1) TDDDG
Place of processing
USA and European Union 

21.2.6    Microsoft Bing Ads

Publisher
Microsoft Ireland Operations Limited , South County Business Park, Leopardstown, Dublin 18 D18 P 521

Description
This is the cookie used by Microsoft Bing Ads and is a tracking cookie. This makes it possible to get in touch with users who have already visited the website. 
Link to the privacy policy
https://about.ads.microsoft.com/en/resources/policies/remarketing-in-paid-search-policies  

Cookies: 

Surname Service life Description
_uetsid 30 minutes This is a tracking cookie used for targeted advertising.
MUID approx. 1 year This is a user ID tracking cookie used to count valid clicks on targeted advertising.
MUIDB approx. 1 year This is a user ID tracking cookie used by Microsoft Bing Ads for targeted advertising.

Legal basis
Consent, Art. 6 (1) lit. a GDPR, Art. 49 (1) lit. a GDPR, Section 25 (1) TDDDG
Place of processing: 
USA and European Union

21.2.7    Microsoft Dynamics 

Publisher
Microsoft Ireland Operations Limited, South County Business Park, Leopardstown, Dublin 18 D18 P 521

Cookies: 

Surname Service life Description
79f08280-5c63-4331-b04d-fb6f39afda51 For the duration of the session Identifies the end user (via the browser). We set this cookie when the end user visits a marketing page or selects a link (with tracking enabled). At a certain point in time, when this end user submits a form, a new contact/lead is created and we use the cookie present in the browser to link previous visits to the newly generated contact/lead.
319af4c0-e197-4de9-8a9b-fe98c8a2ca04 For the duration of the session This is used to determine how much time the user has spent on the page.
msd365mkttr 2 years This is used for the same purpose as the first cookie (79f08280-5c63-4331-b04d-fb6f39afda51). The only difference is that this cookie is set on the customer domain. In some cases we are not able to access third-party cookies (e.g. Safari OOB blocks), so we set this first-party cookie to maintain functionality.
msd365mkttrs For the duration of the session This cookie is similar to (319af4c0-e197-4de9-8a9b-fe98c8a2ca04). The only difference is that it is a first-party cookie
BNES_msd365mkttrs For the duration of the session The “BNES_msd365mkttrs” cookie is used by Microsoft Dynamics to collect information about user interactions with marketing campaigns. It enables the tracking of sessions to support personalized experiences and effective marketing strategies.
BNES_msd365mkttr 2 years This cookie is used to track user behaviour and collect data on interactions with marketing campaigns. It helps to provide personalized content and offers based on the user’s interests.
BNES_webinarRecordingVideo 1 year This cookie is used to store information about user interactions with webinar videos. It enables a personalized user experience by tracking users’ playback and preferences while watching webinars.
BNIS_x-bni-jas For the duration of the session This cookie is used to collect and store information about user interactions. It helps to personalize the user experience and optimize the effectiveness of marketing campaigns by analyzing user behaviour and preferences.
BNES_messagesUtk 1 year This cookie is used to track user interactions with messaging features. It stores information about how users interact with messages and notifications in order to provide personalized content and an improved user experience.

21.2.8    Oracle 

Publisher
Oracle 

2300 Oracle Way
Austin, TX 78741
USA
Tel: +1.737.867.1000

Description
This cookie is set by Eloqua to track individual visitors and how they use certain pages of this website. It is set when you first visit the website and updated on subsequent visits. 
Link to the privacy policy
https://www.oracle.com/privacy 
 
Cookies: 

Surname Service life Description
JSESSIONID For the duration of the session JSESSIONID is a platform session cookie used by websites that use JavaServer Pages (JSP). Cookies are used to maintain anonymous user sessions on the server.
ORA_WWV_APP_ For the duration of the session This cookie is used to store application status information during a user session. It enables more efficient management of user input and maintenance of the user experience across different pages of the application.
ELOQUA 2 years This cookie is set by Eloqua to track individual visitors and how they use certain pages of this website. It is set when you first visit the website and updated on subsequent visits.
ELQSTATUS For the duration of the session This cookie is set by Eloqua to track individual visitors and how they use certain pages of this website. It is set when you first visit the website and updated on subsequent visits.
X-Oracle-BMC-LBS route For the duration of the session Oracle uses it to identify trusted web traffic and manage session persistence.

Legal basis
Consent, Art. 6 (1) lit. a GDPR, Art. 49 (1) lit. a GDPR, Section 25 (1) TDDDG
Place of processing
USA and European Union

21.2.9    Vimeo 

Publisher
Vimeo.com Inc. headquartered at 555 West 18th Street, New York, New York 10011 Description
This first-party cookie created by Vimeo is used to store the user’s player mode settings. 
Link to the privacy policy
https://vimeo.com/privacy  

What data is collected?
Browser information; cookie information; IP address; device operating system; device information; referrer URL; browser type; geographic location; browser language; pages visited; information from third-party sources; information that users make available on the site; search queries; content viewed; IP address; operating system; search query 

Purpose of data collection
Advertising; optimization; display videos; improve service; tag management; payment; cloud computing; bot protection; site security; conversion tracking; feedback; display videos; partner settlement; transaction attribution; manage tags and scripts on this site; provide a marketplace for tagged data; order management; this list represents the purposes of data collection and processing. Consent is only valid for the stated purposes. The data collected cannot be used or stored for any purpose other than those listed below. 

Cookies: 

Surname Service life Description
muxData 1 year This cookie is used with video players. If a visitor is interrupted while watching video content, the cookie remembers where the video should start when the visitor reloads the video.
has_logging_in 1 year An indicator that shows whether a visitor has already logged in.
vuid 2 years This first-party cookie created by Vimeo is used to assign a unique Vimeo Analytics ID.
player 1 year This first-party cookie created by Vimeo is used to store the user’s player mode settings.
is_logged_in 1 year Is set after the first user upload
continuous_play_v3 2 years Used to find out whether continuous playback is activated for the user

Legal basis
Consent, Art. 6 (1) lit. a GDPR, Art. 49 (1) lit. a GDPR, Section 25 (1) TDDDG
Place of processing
United States of America 
 

21.3 Marketing

21.3.1    Google Ads Remarketing 

Publisher
Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

Description
This is a remarketing service. Remarketing enables users to present interest-based advertisements to users of websites on other websites in the Google Display Network, such as Google Search or YouTube. This involves analyzing the user’s interactions, such as the products and services that interest him. It enables users to show targeted advertising to users on other websites even after they have visited this website. 
Link to the privacy policy
https://policies.google.com/privacy 
 
What data is collected?
Browser information; date and time of visit; IP address; device information; referrer URL; pages visited; advertising identifier; duration of visit; content in which the user is interested; website usage; IP address; other information on the use of websites 

Purpose of data collection
Advertising; delivering content; improving the service; payment; cloud computing; remarketing; tracking user action; tracking user action; feedback; user journey analysis; remarketing; contract fulfilment; providing software solutions; providing a market for labeled data; providing a market for labelled data 

Cookies: 

Surname Service life Description
IDE 12 months Contains a randomly generated user ID. This ID allows Google to identify users on different websites and display personalized advertising to them.
test_cookie 15 minutes Used to test whether your browser allows the installation of cookies. Contains no identifiers.
__Secure-SSID 2 months This allows the storage of information about how you use this website and what advertisements you may see before you visit this website. It is also used to personalize ads on Google websites by recording your recent searches, your previous interactions with advertisers’ ads or search results, and your visits to advertisers’ websites.
__Secure-APISID 66 days For targeting purposes, to create a website visitor’s interest profile in order to display relevant and personalized Google ads.
__Secure-HSID 66 days For security purposes, an encrypted and digitally signed record of a user’s Google Account ID and last login time that enables Google to verify a user’s identity, prevent fraudulent use of identifiers and protect user data from unauthorized use. It can also be used for targeting purposes to display relevant and personalized advertising content.
__Secure-3PAPISID 2 years For targeting purposes, to create a website visitor’s interest profile in order to display relevant and personalized Google ads.
__Secure-3PSID 2 years For targeting purposes, to create a website visitor’s interest profile in order to display relevant and personalized Google ads.
__gads 13 months For ad serving or forwarding

Legal basis
Art. 6 (1) sentence 1 lit. a GDPR, Art. 49 (1) lit. a GDPR, Section 25 (1) TDDDG 
Place of processing
USA and European Union 

21.3.2    LinkedIn Ads

Publisher
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.
Link to the privacy policy
https://www.linkedin.com/legal/privacy-policy  

Cookies: 

Surname Service life Description
UserMatchHistory 30 days For the synchronization of the LinkedIn advertising ID
li_oatml 30 days Used to identify LinkedIn members outside LinkedIn for advertising and analytics outside certain countries and to serve ads in certain countries for a limited time
lms_ads 30 days For advertising purposes that identify LinkedIn members outside of LinkedIn in certain countries
li_fat_id 30 days Indirect member ID of the member, which is used for conversion, forwarding and analysis
li_sugr 3 months For the probabilistic assignment of user identities outside a specific country
_guid 3 months Used to identify LinkedIn members who advertise via Google Ads
brwsr 2 years This cookie is used to store information about a user’s browser session. It helps to analyze user behaviour and improve the effectiveness of advertising campaigns by tracking user engagement with ads.
ABSELB 2 years This cookie is used to track user behaviour and measure the effectiveness of ads. It helps to display personalized advertising by storing information about users’ interactions with ads and content.

Legal basis
Art. 6 (1) lit. a GDPR, Art. 49 (1) lit. a GDPR, Section 25 (1) TDDDG

Place of processing
USA and EU

21.3.3    Microsoft Clarity 

Publisher
Microsoft Ireland Operations Limited , One Microsoft Place, South Country Business Park, Leopardstown, Dublin 18, D18 P 521

Description
Clarity is a tool for tracking real users who actually use your website. Functions such as heat maps, session monitoring and connections to third-party providers such as Google Analytics are available. Microsoft collects data about you through our interactions with you and our products. You provide some of this information directly, and we obtain this information by collecting information about your activities, usage and experience with our products. The data collected depends on the context in which you interact with Microsoft and your preferences, including privacy settings and the products and features used by you. We also receive information about you from third parties. 
Link to the privacy policy
https://docs.microsoft.com/en/clarity/faq#privacy 
 
What data is collected?
Browser information; referrer URL; mouse movements; information about the operating system; user behaviour; clicks; country; links clicked 

Purpose of data collection
Advertising; cloud computing; accept tracking; customized design of digital offers and product development; customer behaviour analysis; measure ad performance 

Cookies: 

Surname Service life Description
_clck Session This cookie is set by Microsoft Clarity. Cookies are used to store information about how visitors use the website and to create analysis reports about the state of the website. Collected data, including the number of visitors, their origin and the pages visited in anonymized form.
CLID Session Microsoft deletes cookies. Collect information about how visitors use the website for analysis and reporting purposes.
_clsk Session Microsoft deletes cookies. Collect information about how visitors use the website for analysis and reporting purposes.
SM Session This is a first-party cookie from Microsoft that ensures the proper functioning of the website.
ANONCHK Session Specifies whether the MUID should be transmitted to the ANID cookie used for advertising. ANID is not used by Clarity, so this value is always set to 0.
MR Session This cookie is used to track and analyze user interactions with the website. It helps to understand user behaviour and improve the user experience by storing information about clicks and page views.
MUID Session Identify the unique web browser that accesses Microsoft websites. These cookies are used for advertising, website analysis and other operational purposes.
forms_visit_count 1 year This cookie is set by Microsoft Clarity to store information about how visitors use the website and to generate analytics reports on the performance of the website. The data collected includes the number of visitors, their origin and the pages visited in anonymized form.
forms_previous_session_id 1 year This cookie is set by Microsoft Clarity to store information about how visitors use the website and to generate analytics reports on the performance of the website. The data collected includes the number of visitors, their origin and the pages visited in anonymized form.

Legal basis
Consent, Art. 6 (1) lit. a GDPR, Art. 49 (1) lit. a GDPR, Section 25 (1) TDDDG
Place of processing
United States of America 

21.3.4    YouTube video

Publisher
YouTube, LLC, 901 Cherry Ave, 94066 San Bruno, CA, USA,

Description
This cookie stores your preferences and other information, including your preferred language, the number of search results you want to see on the page, and whether you want to enable Google’s SafeSearch filter. 
Link to the privacy policy
https://www.youtube.com/howyoutubeworks/our-commitments/protecting-user-data/ 
 
What data is collected?
IP address; device information; referrer URL; viewed videos; IP address; device information; seen videos 

Purpose of data collection
Display videos; improve the service; payment; cloud computing; session management; providing a marketplace for tagged data 

Cookies: 

Surname Service life Description
PREF 8 months This cookie stores your preferences and other information, in particular the preferred language, the number of search results to be displayed on your page and whether or not you wish to have Google’s SafeSearch filter activated.
VISITOR_INFO1_LIVE 6 months This cookie is set by YouTube to track user preferences for YouTube videos embedded in websites. It can also determine whether the website visitor is using the new or old version of the YouTube interface.
use_hitbox 30 days This cookie increases the “views” counter of the YouTube video.
YSC For the duration of the session Registers a unique ID to keep statistics on which YouTube videos the user has watched.
VISITOR_PRIVACY_METADATA 180 days Stores session data

Legal basis
Consent, Art. 6 (1) lit. a GDPR, Art. 49 (1) lit. a GDPR, Section 25 (1) TDDDG 
Place of processing
USA and European Union