Data protection

The WES – Wedding & Event Stories GmbH (hereinafter also «we», «us») procures and processes personal data that concerns you or other persons (so-called «third parties»). We use the term «data» here interchangeably with «personal data» or «personal information».

This Privacy Policy is designed to meet the requirements of the EU General Data Protection Regulation («GDPR»), the Swiss Federal Act on Data Protection («FADP»), and the revised Swiss Federal Act on Data Protection («revFADP»). Whether and to what extent these laws apply, however, depends on the individual case.

Type of personal data

General Personal Data
We process general personal data about you.

Example: Your contact details to send you an invoice.

Financial data
We are processing your financial data.

Example: Your billing data and payment history for debt collection.

Source of personal data

Data provided
We process personal data that you provide to us.

Example: When they fill out a contact form or sign up for the newsletter.

Collected data
We process personal data that we collect about you.

Example: IP address when calling the website.

Received data
We process personal data about you which we receive from third parties.

Example: From public registers such as the debt enforcement or commercial register.

Purpose of processing

Marketing
We use your personal data for marketing and advertising.

Example: Sending out a newsletter. 

Product development
We use your personal data for the development and improvement of products and services.

Example: We analyse data on click behaviour on the website to improve user-friendliness.

Further purposes
We use your personal data for further purposes not related to the core service.

Example: For the creation of a contract.

Special Processing

Profiling
We analyse your behaviour and make assumptions about your interests and preferences.

Example: We match your interests to a specific offer from us so that we can notify you when it is updated.

Disclosure to third parties

Data sharing
We share your personal data with other companies, who can decide for themselves how to use the data.

Example: We are handing an unpaid invoice over to a debt collection agency.

Place of processing

Switzerland
We process your personal data only in Switzerland.

Example: We use the services of a cloud provider from Switzerland.

In this Privacy Policy, we describe what we do with your data when you use www.theweddingstories.ch, other websites belonging «Website»), purchase our services or products, otherwise enter into a contract with us, communicate with us or otherwise deal with us. Where applicable, we will inform you of additional processing activities not mentioned in this privacy policy through timely written notice. In addition, we may inform you separately about the processing of your data, e.g. in consent forms, contract terms, additional privacy statements, forms and notices.

If you send or disclose data about other individuals, such as family members, work colleagues, etc., we assume that you are authorised to do so and that this data is accurate. By submitting data about third parties you confirm this. Please also ensure that these third parties have been informed about this privacy policy.

For the data processing described in this privacy policy by The WES – Wedding & Event Stories GmbH, the company responsible in terms of data protection law is The WES – Wedding & Event Stories GmbH, 8303 Birmensdorf ZH, unless otherwise communicated in individual cases.

You can reach us for your data protection concerns and for the exercise of your rights in accordance with Section 11 as follows:

The WES – Wedding & Event Stories Ltd
Lara Flückiger
Wettswilerstrasse 19
CH-8903 Birmensdorf ZH

+41 79 739 38 34
contact@thewes.ch

We process different categories of data about you. The most important categories are as follows:

  • Technical Specifications: When you use our website or other electronic services (e.g. free Wi-Fi), we collect the IP address of your end device and other technical data to ensure the functionality and security of these services. This data also includes logs in which the use of our systems is recorded. We generally store technical data for 12 months. To ensure the functionality of these services, we may also assign an individual code to you or your end device (e.g. in the form of a cookie, see point 12). Technical data by itself generally does not allow any conclusions to be drawn about your identity. However, in the context of user accounts, registrations, access controls or the processing of contracts, it can be linked to other categories of data (and thus possibly to your person).

    To the Technical specifications This includes, among other things, the IP address and details about your device's operating system, the date, region, and time of use, and the type of browser you use to access our electronic services. This helps us to transmit the website in the correct format or, for example, to display a website adapted to your region. While the IP address tells us which provider you are using to access our services (and thus the region), we can generally not determine who you are from it. This changes if, for instance, you create a user account, because then personal data can be linked to technical data (we can see, for example, which browser you use to access an account via our website). Examples of technical data also include logs that are generated in our systems (e.g. the log of user logins on our website).

  • Registration details: Certain offers, for example from competitions, and services (e.g. login areas on our website, newsletter dispatch, free Wi-Fi access etc.) can only be used with a user account or a registration, which can be done directly with us or via our external login service providers. In doing so, you must provide us with certain data, and we collect data about the use of the offer or service. We generally store registration data for 12 months after the end of the use of the service or the dissolution of the user account.

    To the Registration details These include, among others, the details you provide when creating an account on our website (e.g. username, password, name, email). Registration data also includes data we may request from you before you can take advantage of certain free services, such as our Wi-Fi service, in which case: name, email and phone number; or the redemption of vouchers, in which case: name, address, contact details, time of redemption. You must also register if you wish to subscribe to our newsletter.

  • Communication data: If you contact us via the contact form, by email, telephone or chat, by post, or by other means of communication, we will collect the data exchanged between you and us, including your contact details and the communication metadata. If we record or listen in on telephone calls or video conferences, for example for training and quality assurance purposes, we will inform you specifically. Such recordings may only be made and used in accordance with our internal guidelines. You will be informed whether and when such recordings take place, for example, by a notification during the relevant video conference. If you do not wish for a recording to be made, please inform us or end your participation. If you simply do not wish for your image to be recorded, please turn off your camera. If we wish or need to establish your identity, for example, in response to an information request or application for media access from you, we will collect data to identify you (e.g. a copy of an identity document). We generally store this data for 12 months from the last exchange with you. This period may be longer if required for evidential purposes or to comply with legal or contractual obligations, or if technically necessary. Emails in personal mailboxes and written correspondence are generally kept for at least 10 years.

    Communication data your name and contact details, the method and place and time of communication and usually also your content (i.e. the content of emails, letters, chats, etc.). This data may also contain information about third parties. For the purpose of identification, we may also process your ID number or a password set by you.

  • Master data We refer to master data as the basic data, in addition to contract data (see below), that we require for the processing of our contractual and other business relationships or for marketing and advertising purposes, such as name, contact details, and information about your role and function, your bank details, your date of birth, customer history, powers of attorney, signatory authorities, and declarations of consent. We process your master data if you are a customer or other business contact, or are acting for one (e.g., as a contact person for a business partner), or because we wish to engage with you for our own purposes or the purposes of a contracting party (e.g., in the context of marketing and advertising, with invitations to events, with vouchers, with newsletters, etc.). We obtain master data from you yourself (e.g., when making a purchase or during registration), from organisations for which you work, or from third parties such as our contracting partners, associations, and address dealers, and from publicly accessible sources such as public registers or the internet (websites, social media, etc.). As part of master data, we may also process health data and information about third parties. We may also collect master data from our shareholders and investors. We generally store this data for 10 years from the last exchange with you, but at least from the end of the contract. This period may be longer if required for evidential reasons or to comply with legal or contractual requirements or if technically necessary. For purely marketing and advertising contacts, the retention period is usually considerably shorter, typically no more than 2 years from the last contact.

    To the Master data include, for example, data such as name, address, email address, telephone number and other contact details, gender, date of birth, nationality, information about associated persons, websites, social media profiles, photos and videos, copies of identification documents; furthermore, details about your relationship with us (customer, supplier, visitor, service recipient, etc.), information about your status with us, assignments, classifications and distributions, information about our Interactions with you (at most a history thereof with corresponding entries), reports (e.g. from the media) or official documents (e.g. commercial register excerpts, permits etc.) that affect you. As Payment details for example, we collect your bank details, account number and credit card data. Master data also includes consent or blocking notices, as well as details about third parties, e.g. contact persons, recipients of benefits, advertising recipients or representatives.

    Upon contact persons and representatives of our Customers, suppliers and partners We shall process master data such as name and address, details of role, function within the company, qualifications, and, if applicable, information on supervisors, employees, and subordinates, as well as details of interactions with these individuals.

    Master data is not collected comprehensively for all contacts. The specific data we collect depends particularly on the purpose of the processing.

  • Contract data: This is data generated in connection with the conclusion or processing of a contract, e.g. details about contracts and the services to be provided or already provided, as well as data from the period prior to contract conclusion, information required or used for processing, and details about reactions (e.g. complaints or details about satisfaction, etc.). This also includes health data and details about third parties, e.g. about hereditary diseases in the family. We generally collect this data from you, from contractual partners and from third parties involved in the processing of the contract, but also from third-party sources (e.g. credit rating data providers) and from publicly accessible sources. We usually store this data for 10 years from the last contract activity, but at least from the end of the contract. This period may be longer if it is required for reasons of proof or to comply with statutory or contractual obligations, or if it is technically necessary.

    To the Contract data details about the Conclusion of contract, about your Contracts, e.g. the type and date of contract conclusion, details from the application process (such as an application for our products or services) and details about the contract concerned (e.g. its duration) and the processing and administration of contracts (e.g. details related to invoicing, customer service, support with technical matters and enforcement of contractual claims). Contract data also includes details about defects, complaints and adjustments to a contract, as well as details on customer satisfaction, which we may collect, for example, through surveys. Contract data also includes Financial data as well as information on creditworthiness (i.e. information which allows conclusions to be drawn about the probability that claims will be settled), dunning and debt collection. We obtain this data partly from you (e.g., when you make payments), but also from credit agencies and debt collection companies, and from publicly accessible sources (e.g. a commercial register).

We only provide certain services to you if you give us Registration details transmit, because we or our contractual partners want to know who is using our services or has accepted an invitation to an event, because it is technically necessary, or because we want to communicate with you. If you or a person you represent (e.g. your employer) intends to enter into or fulfil a contract with us, we must have the relevant Master, contract and communication data from you, and we process Technical Specifications, if you wish to use our website or other electronic offerings for this purpose. If you do not provide us with the data required for the conclusion and execution of the contract, you must expect that we will refuse to conclude the contract, you will breach the contract, or we will not fulfil the contract. Likewise, we can only send you a response to an enquiry from you if we have the relevant Communication data and – if you communicate with us online – potentially also Technical Specifications edit. It is also not possible to use our website without us Technical Specifications Received.

We process your data for the purposes we will explain below. Further information for the online section can be found in Sections 12 and 13. These purposes, or the objectives on which they are based, represent legitimate interests of ours and, where applicable, of third parties. You can find further details on the legal basis for our processing in Section 5.

We process your data for purposes relating to Communication with you, particularly for responding to enquiries and asserting your rights (Section 11), and to contact you for further queries. To this end, we use in particular communication data and master data, and in connection with offers and services used by you, we also use registration data. We store this data to document our communication with you, for training purposes, for quality assurance, and for follow-up queries.

This concerns all purposes for which you and we communicate, whether in customer service or consultation, for authentication in the event of website usage, or for training and quality assurance (e.g., in the area of customer service). We further process communication data so that we can communicate with you via email and telephone, as well as messenger services, chat, social media, post, and fax. Communication with you primarily occurs in connection with other processing purposes, for example, so that we can provide services or answer an information request. Our data processing also serves to provide proof of communication and its content.
We process data for the recording, management and processing of Contractual relationships.

We conclude a wide variety of contracts with our business and private customers, with suppliers, subcontractors, or other contractual partners such as project partners or parties involved in legal disputes. In doing so, we process master data, contract data, and communication data in particular, and depending on the circumstances, also registration data of the customer or the persons to whom the customer mediates a service.

In the context of establishing business relations, personal data – in particular master data, contract data and communication data – is collected from potential customers or other contracting parties (e.g. in an order form or contract) or arises from communication. In connection with the conclusion of contracts, we also process data for credit checks and for the establishment of the customer relationship. In some cases, this information is checked for compliance with legal requirements.

In the course of managing contractual relationships, we process data for customer relationship management, for the provision and recovery of contractual services (which also includes the involvement of third parties for consultation and customer support. The enforcement of legal claims arising from contracts (debt collection, court proceedings, etc.) also falls under processing, as does bookkeeping, contract termination, and public communication.

We are processing data for Marketing purposes and to Relationship management, for example, to send our customers services from us. This can be done, for example, in the form of newsletters and other regular contacts (electronic, by post, by telephone), via other channels for which we have your contact details, but also as part of individual marketing campaigns (e.g. events, competitions etc.) and can also include free services (e.g. invitations, vouchers etc.). You can reject such contacts at any time (see the end of section 4) or refuse or withdraw your consent to be contacted for advertising purposes.

For example, with your consent, we will send you information and product offers from us via print, electronically or by telephone. For this purpose, we primarily process communication and registration data. Like most companies, we personalise communications so that we can send you individual information and make offers that match your needs and interests. We link data that we process about you, and determine preference data, and use this data as the basis for personalisation (see section 3).

Relationship management also involves communicating with existing customers and their contacts – personalised, where appropriate, on the basis of behavioural and preference data. As part of relationship management, we may also operate a Customer Relationship Management (CRM) system in which we store the data necessary for maintaining the relationship with customers, suppliers and other business partners, e.g. regarding contact persons, relationship history (e.g. regarding products and services purchased or supplied, interactions, etc.), interests, preferences, marketing activities (newsletters, invitations to events, etc.) and other details.

All of these edits are important not only for us to promote our offerings as effectively as possible, but also to make our relationships with customers more personal and positive, to focus on the most important relationships and to use our resources as efficiently as possible.

We will continue processing your data for Market research, to Improving our services and operations and to Product development.

We are committed to continuously improving our products and services (including our website) and to responding swiftly to changing needs. We therefore analyse, for example, how you navigate our website, which products are used by which groups of people and in what way, and how new products and services can be designed (for further details, see section 12). This provides us with insights into the market acceptance of existing products and services and the market potential of new ones. To this end, we process in particular master data, behavioural data and preference data, but also communication data and information from customer surveys, polls and studies, as well as further information, e.g. from the media, social media, the internet and other public sources. Where possible, we use pseudonymised or anonymised data for these purposes. We may also use media monitoring services or carry out media monitoring ourselves, processing personal data in the process in order to conduct media relations or to understand and respond to current developments and trends.

With your consent, we will use non-anonymised location data to show you interesting offers and products nearby based on your position, to infer your interests from the location data (duration of stay), and to inform you about the products and services other contractual partners with similar interests have used.

We may also use your data to for security purposes and for the Access control edit.

We continuously review and improve the appropriate security of our IT and our other infrastructure (e.g. buildings). Like all companies, we cannot exclude data security breaches with absolute certainty, but we do our best to reduce the risks. For this reason, we process data, for example, for monitoring, inspections, analyses and tests of our networks and IT infrastructures, for system and error checks, for documentation purposes and in the context of backups. Access controls include, on the one hand, controlling access to electronic systems (e.g. logging into user accounts), and on the other hand, physical access control (e.g. building access).

processing personal data for Compliance with laws, directives and recommendations issued by public authorities, as well as internal regulations.

This includes, for example, the implementation of health and safety concepts or the legally regulated combating of money laundering and terrorist financing. In certain cases, we may be obliged to carry out certain clarifications about customers («Know Your Customer») or to report to authorities. The fulfilment of disclosure, information or reporting obligations, for example in connection with supervisory and tax law requirements, also requires or entails data processing, such as the fulfilment of archiving obligations and the prevention, detection and clarification of criminal offences and other violations. This also includes receiving and processing complaints and other reports, monitoring communication, internal investigations or disclosing documents to an authority if we have a sufficient reason to do so or are legally obliged to do so. Personal data from you may also be processed in external investigations, for example by a law enforcement or supervisory authority or a mandated private entity. For all these purposes, we process in particular your master data, your contract data and communication data, but possibly also behavioural data and data from the category of other data. Legal obligations can include Swiss law, but also foreign provisions to which we are subject, as well as self-regulations, industry standards, our own «corporate governance» and official instructions and requests.

We also process data for our purposes Risk Management and as part of a prudent Business management, including operational organisation and corporate development.

For these purposes, we process, in particular, master data, contract data, registration data and technical data, as well as behavioural and communication data. For example, as part of our financial management, we need to monitor our debtors and creditors, and we must prevent ourselves from becoming victims of criminal offences and abuse, which may require the analysis of data for relevant patterns. For these purposes, and to protect both you and us from criminal or abusive activities, we may also carry out profiling and create and process profiles (see also section 6). As part of planning our resources and organising our operations, we need to analyse and process data on the use of our services and other offerings, or exchange information on this with others (e.g. outsourcing partners), which may also include your data. The same applies to services provided to us by third parties. As part of our business development, we may sell businesses, parts of our operations or companies to others, or acquire such assets, or enter into partnerships, which may also lead to the exchange and processing of data (including your data, e.g. as a customer, supplier or supplier representative).

We can your data for other purposes edit, for example, within the scope of our internal processes and administration.

Where we require your Consent We will inform you separately of the specific purposes of the processing. You may withdraw your consent at any time with future effect by sending us written notice (by post) or, unless otherwise stated or agreed, by email; our contact details can be found in section 2. For the withdrawal of your consent regarding online tracking, see Section 12. Where you have a user account, withdrawal or contact with us may also be carried out via the relevant website or other service, where applicable. As soon as we have received notification of the withdrawal of your consent, we will no longer process your data for the purposes to which you originally consented, unless we have another legal basis for doing so. Withdrawing your consent does not affect the lawfulness of the processing carried out on the basis of your consent prior to its withdrawal.
Where we do not ask for your consent for processing, we base the processing of your personal data on the fact that the processing is for the Negotiation or execution of a contract required by you (or the entity you represent) or that we or third parties have a legitimate interest to pursue the purposes and associated objectives described above in item 4, and to be able to implement corresponding measures. Our legitimate interests also include compliance with statutory requirements, insofar as these are not already recognised as a legal basis by the applicable data protection law (e.g., under GDPR, the law in the EEA and Switzerland).

We can automatically assess certain of your personal characteristics for the purposes mentioned in Section 4 using your data (Section 3) («profiling»), both to determine preference data and also to identify abuse and security risks, to perform statistical analyses, or for operational planning purposes. For the same purposes, we can also create profiles, i.e. we can combine behavioural and preference data, as well as master and contract data, and technical data assigned to you, in order to better understand you as a person with your different interests and other characteristics.
 
In both cases, we ensure the proportionality and reliability of the results and take measures against the misuse of these profiles or profiling. If these can have legal effects or significant disadvantages for you, we generally provide for manual review.

In connection with our contracts, the website, our services and products, our legal obligations or otherwise to safeguard our legitimate interests and for the further purposes listed in Section 4, we also transmit your personal data to third parties, in particular to the following categories of recipients:

  • Service provider: We work with service providers both domestically and abroad who process data about you on our behalf or in joint responsibility with us, or who receive data about you from us in their own responsibility. (e.g. IT providers, shipping companies, advertising service providers, login service providers, cleaning companies, security companies, banks, insurance companies, debt collection agencies, credit bureaus, or address verifiers). This may also include health data.
  • Contracting parties including customers: This initially refers to customers (e.g. beneficiaries of services) and other contractual partners of ours, as this data transfer arises from these contracts. If you are acting for such a contractual partner yourself, we may also transfer data about you to them in this context. This can also include health data. Recipients further include contractual partners with whom we cooperate.
  • Authorities: We may pass on personal data to offices, courts, and other authorities, both domestically and internationally, if we are legally obliged or entitled to do so, or if it appears necessary to safeguard our interests. This may also include health data. The authorities process data about you that they receive from us under their own responsibility.
  • Other people: This refers to other cases where the involvement of third parties arises from the purposes referred to in Section 4, e.g. beneficiaries, media and associations in which we are involved, or if you are part of one of our publications.

All these categories of recipients can in turn engage third parties, so that your data can also become accessible to them. We can restrict processing by certain third parties (e.g. IT providers), but not by other third parties (e.g. authorities, banks, etc.).

We reserve the right to disclose this information even if confidential data (unless we have expressly agreed with you that we will not disclose this data to specific third parties, unless we are legally obliged to do so). Notwithstanding this, your data will continue to be subject to appropriate data protection even after disclosure in Switzerland and the rest of Europe. For disclosures to other countries, the provisions of Section 8 apply. If you do not wish certain data to be disclosed, please let us know so that we can assess whether and to what extent we can accommodate your request (Section 2).

We also enable specific third parties, on our website and at events organised by us to collect your personal data (e.g. media photographers, providers of tools we have embedded on our website etc.). As far as we are not crucially involved in these data collections, these third parties are solely responsible for them. For concerns and to assert your data protection rights, please contact these third parties directly. See Section 12 for the website.

As explained in Section 7, we also disclose data to other parties. These are not located solely in Switzerland. Your data may therefore be processed in Europe as well as in the USA; however, in exceptional cases, in any country in the world.
 
If a recipient is located in a country without adequate legal data protection, we contractually oblige the recipient to comply with the applicable data protection regulations (for this purpose, we use the European Commission’s revised Standard Contractual Clauses, which can be found here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj(accessible), unless it is already subject to a legally recognised framework for data protection and we cannot rely on an exception. An exception may apply, in particular, in the case of foreign legal proceedings, but also in cases of overriding public interest, or if a contract processing requires such disclosure, if you have consented, or if it concerns data that you have made generally accessible and to the processing of which you have not objected.
 
Many countries outside Switzerland, the EU and the EEA do not currently have laws that ensure an adequate level of data protection under the FADP or the GDPR. The contractual measures mentioned can partially compensate for this weaker or absent legal protection. However, contractual measures cannot eliminate all risks (notably those arising from state access abroad). You should be aware of these residual risks, even if the risk may be low in individual cases and we take further measures (e.g. pseudonymisation or anonymisation) to minimise it.
 
Please also note that data exchanged over the internet is often routed via third countries. Your data may therefore be transferred abroad even if the sender and recipient are located in the same country.

We process your data for as long as required by our processing purposes, the statutory retention periods and our legitimate interests in processing for documentation and evidential purposes, or for as long as storage is technically necessary. Further details on the respective storage and processing periods can be found under the individual data categories in Section 3 or under the cookie categories in Section 12. Unless there are any legal or contractual obligations to the contrary, we will delete or anonymise your data once the storage or processing period has expired as part of our standard procedures.

Documentation and evidence-gathering purposes include our interest in documenting processes, interactions and other facts in the event of legal claims, disputes, for the purposes of IT and infrastructure security, and to demonstrate good corporate governance and compliance. For technical reasons, data may be retained if certain data cannot be separated from other data and we are therefore obliged to store it alongside that data (e.g. in the case of backups or document management systems).

We take appropriate security measures to protect the confidentiality, integrity, and availability of your personal data, to protect it against unauthorised or unlawful processing, and to counteract the risks of loss, accidental modification, unintended disclosure, or unauthorized access.

Technical and organisational security measures may include, for example, the encryption and pseudonymisation of data, logging, access restrictions, the storage of backups, guidelines for our staff, confidentiality agreements and controls. We protect the data you transmit via our website during transmission using appropriate encryption mechanisms. However, we can only secure areas that we control. We also require our data processors to implement appropriate security measures. However, security risks cannot generally be completely ruled out; residual risks are unavoidable.

Under certain circumstances, applicable data protection law grants you the right to object to the processing of your data, in particular for the purposes of direct marketing, profiling carried out for direct marketing purposes, and other legitimate interests in processing.
 
To make it easier for you to control the processing of your personal data, you also have the following rights in connection with our data processing, depending on the applicable data protection law:
  • The right to request information from us as to whether we process your data and, if so, what data we process;
  • the right to have data corrected if it is inaccurate;
  • the right to request the erasure of data;
  • the right to request that we provide you with certain personal data in a commonly used electronic format or transfer it to another data controller;
  • the right to withdraw consent, where our processing is based on your consent;
  • the right to request further information necessary for the exercise of these rights;
 
If you wish to exercise the above rights in relation to us, Please contact us in writing, in person at our offices or, unless otherwise stated or agreed, by email; You will find our contact details in section 2. In order to prevent misuse, we must verify your identity (e.g. with a copy of your ID, unless this can be done in another way).
 
Please note that these rights are subject to certain conditions, exceptions or restrictions under the applicable data protection legislation (e.g. to protect third parties or trade secrets). We will inform you accordingly where necessary.
 
If you are not satisfied with the way we handle your rights or data protection, please let us know (section 2). In particular, if you are located in the EEA, the United Kingdom or Switzerland, you also have the right to lodge a complaint with your country’s data protection supervisory authority. A list of authorities in the EEA can be found here: https://edpb.europa.eu/about-edpb/board/members_de. You can contact the UK regulatory authority here: https://ico.org.uk/global/contact-us/. You can contact the Swiss supervisory authority here: https://www.edoeb.admin.ch/edoeb/de/home/deredoeb/kontakt.html.
We use various technologies on our website that enable us and third parties we engage to recognise you when you use the site and, in some cases, to track your activity across multiple visits. This section provides further information on this.
 
At its core, it is about being able to distinguish your access (via your system) from the access of other users, so that we can ensure the functionality of the website and carry out analyses and personalisations. We do not wish to deduce your identity, even though we can do so to the extent that we or third parties engaged by us can identify you by combining this with registration data. However, even without registration data, the techniques used are designed in such a way that you are recognised as an individual visitor on every page view, for example, by our server (or the servers of third parties) assigning a specific identification number (so-called «cookie») to you or your browser.
 
Biscuits are individual codes (e.g. a serial number) that our server or a server of our service providers or advertising partners transmits to your system when connecting to our website, which your system (browser, mobile) accepts and stores until the programmed expiry date. With every further access, your system transmits these codes to our server or the server of the third party. This way you are recognised again, even if your identity is unknown.
 
can also further techniques used, with which you can be recognised with a greater or lesser probability (i.e. distinguished from other users), e.g. «fingerprinting». Fingerprinting combines your IP address, the browser you use, the screen resolution, the language selection and other details that your system sends to every server, which results in a more or less unique fingerprint. This makes it possible to do without cookies.
 
Whenever you come across a Server accessing (e.g. when using a website or an app, or because an image is integrated visibly or invisibly in an email), your visits can therefore be «tracked». If we integrate a provider of an analysis tool on our website, this provider can track you in the same way, even if you cannot be identified in individual cases.
 
We use such technologies on our website and allow certain third parties to do so as well. You can program your browser to block, deceive or delete certain cookies or alternative technologies. You can also extend your browser with software that blocks tracking by certain third parties. Further information on this can be found on your browser's help pages (usually under the keyword «privacy») or on the websites of the third parties we list below.
 
The following cookies (techniques with comparable functionalities to fingerprinting are also included here) are distinguished:
 
  • Essential cookies: Some cookies are essential for the functioning of the website as such or for specific features. For example, they ensure that you can navigate between pages without losing information entered in a form. They also ensure that you remain logged in. These cookies are temporary («session cookies»). If you block them, the website might not work. Other cookies are necessary for the server to store decisions or inputs you have made beyond a session (i.e., a visit to the website) if you make use of this function (e.g., selected language, granted consent, the automatic login function, etc.). These cookies have an expiry date of up to 24 months.
  • Performance Cookies: To optimise our website and related offerings and to better tailor them to the needs of users, we use cookies to record and analyse the use of our website, potentially even beyond the session. We do this through the use of third-party analytics services. These are listed below. Performance cookies also have an expiry date of up to 24 months. Further details can be found on the third-party websites.
 
We currently use the services of the following providers
 
Google Analytics
Where you have given your consent, this website uses Google Analytics 4, a web analytics service provided by Google LLC. The data controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland („Google“). Google Analytics uses cookies that enable an analysis of your use of our websites. The information collected via the cookies regarding your use of this website is generally transmitted to a Google server in the USA and stored there.
We use the User ID feature. The User ID allows us to assign a unique, persistent ID to one or more sessions (and the activities within those sessions) and analyse user behaviour across devices.
In Google Analytics 4, IP address anonymisation is enabled by default. Due to IP anonymisation, your IP address is truncated by Google within Member States of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. According to Google, the IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. During your visit to the website, your user behaviour is recorded in the form of „events“. Events may include:
  • page views
  • First visit to the website
  • Start of the meeting
  • Your „click path“, interaction with the website
  • Scrolls (whenever a user scrolls to the bottom of the page (90%))
  • Clicks on external links
  • Internal search queries
  • Interaction with videos
  • File downloads
  • advertisements viewed / clicked on
  • Language setting
The following information is also recorded:
  • Your approximate location (region)
  • Your IP address (in abbreviated form)
  • technical information about your browser and the devices you use (e.g. language settings, screen resolution)
  • Your internet service provider
  • the referrer URL (the website or advertising material via which you arrived at this website)
On behalf of the operator of this website, Google will use this information to evaluate your use of the website and to compile reports on website activity. The reports provided by Google Analytics are used to analyse the performance of our website and the success of our marketing campaigns.
The recipients of the data are/may be
  • Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as a data processor under Article 28 of the GDPR)
  • Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
  • Alphabet Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
It cannot be ruled out that US authorities may access data stored by Google.
Where data is processed outside the EU/EEA and there is no level of data protection equivalent to European standards, we have taken steps to ensure an adequate level of data protection with the service provider using EU standard contractual clauses Closed. Google Ireland's parent company, Google LLC, is based in California, USA. Data may be transferred to the USA and access to data stored by Google by US authorities cannot be ruled out. From a data protection perspective, the USA is currently considered a third country. You do not have the same rights there as within the EU/EEA. In certain circumstances, you may not have any legal remedies against access by authorities.
The data we send that is linked to cookies is automatically deleted after 14 months. Data that has reached the end of its retention period is automatically deleted once a month.
The legal basis for this data processing is your consent pursuant to Art. 6(1) sentence 1 lit. a GDPR.
You can withdraw your consent at any time with future effect by accessing the cookie settings and changing your selection there. The lawfulness of the processing carried out on the basis of the consent until the withdrawal remains unaffected.
You can also prevent the storage of cookies from the outset by adjusting your browser software accordingly. However, if you configure your browser to reject all cookies, this may limit the functionality of this and other websites. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address), and the processing of this data by Google, by
  1. Your consent to the use of the cookie not given or
     
    b. The browser add-on to disable Google Analytics HERE Download and install.
Further information on Google Analytics' terms of use and Google's data protection policies can be found at https://marketingplatform.google.com/about/analytics/terms/de/ and under https://policies.google.com/?hl=de.
 
Independent Analytics
We use the Independent Analytics tool on our website, a privacy-friendly analysis tool, to evaluate website usage and optimise our services. This tool has been developed to work without the use of cookies and does not store or process any personal data of visitors.
The data collected by Independent Analytics is.
The processing of anonymised data is carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in improving our web offering.
All data is processed and stored locally on our web server. Data is not passed on to third parties.
As Independent Analytics does not store any personal data, it is not possible to identify individual users.
Legal basis: Consent (Art. 6(1)(1)(a) GDPR); Service provider: Execution on servers and/or computers under its own data protection responsibility; Website: https://independentwp.com/. Privacy Policy: https://independentwp.com/privacy-policy/.
 
Google Maps
On certain pages, you will find maps that are embedded from Google Maps. Google Maps is a product of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The maps are displayed using an iFrame. This means that a third-party website is accessed within that area of the webpage. Data processing within this iFrame is beyond our control. Google will assign the access to your Google account. Google Maps will set a cookie as soon as the page is loaded.
 
Malware
WordPress Security and Backup; provided by Inactiv.com Media Solutions Private Limited, Bangalore, India; Website: https://www.malcare.com/;Privacy Policy https://www.malcare.com/privacy/;GDPR https://www.malcare.com/gdpr/
 
 
Google Fonts
We are embedding the fonts („Google Fonts“) locally via our server.
 
UpdraftPlus
We use the backup service „UpdraftPlus“. UpdraftPlus, trademark of Simba Hosting Ltd.
UK registered company number: 8570611, VAT number: 202 1260 80, Product development and marketing in co-operation with XIBO Ltd, Cardiff, UK.
 
 

We operate pages and other online presences (e.g. «Fanpages», «channels», «profiles») on social networks and other third-party platforms, and collect data about you there as described in section 3 and below. We receive this data from you and the platforms when you interact with us via our online presence (e.g., when you communicate with us, comment on our content, or visit our presence). At the same time, the platforms analyse your use of our online presences and link this data with other data they know about you (e.g., concerning your behaviour and preferences). They also process this data for their own purposes, for which they are solely responsible, in particular for marketing and market research purposes (e.g. to personalise advertising) and to manage their platforms (e.g. which content they show you).

We receive data about you when you communicate with us via online presences or view our content on the relevant platforms, or visit or are active on our online presences (e.g. publish content, leave comments). These platforms also collect technical data, registration data, communication data, behavioural and preference data from you or about you, among other things (see Section 3 for definitions). These platforms regularly statistically analyse how you interact with us, how you use our online presences, our content or other parts of the platform (what you view, comment on, «like», share, etc.) and link this data with further information about you (e.g. information on age and gender, and further demographic information). In this way, they also create profiles about you and statistics on the use of our online presences. They use this data and these profiles to show you our or other advertising and other content on the platform in a personalised way and to manage the platform's behaviour, but also for market and user research and to provide us and other entities with information about you and the use of our online presence. We can partially control the analyses that these platforms create regarding the use of our online presences.

We process this data for the purposes described in Section 4, particularly for communication, marketing purposes (including advertising on these platforms, see Section 12), and market research. Information on the relevant legal bases can be found in Section 5. Content published by you yourself (e.g., comments on an announcement) may be further disseminated by us (e.g., in our advertising on the platform or elsewhere). We, or the operators of the platforms, may also delete or restrict content from or about you in accordance with the usage guidelines (e.g., inappropriate comments).

For further details on the platform operators' processing activities, please refer to the platforms' privacy notices. There you will also find out in which countries they process your data, what rights you have regarding access, deletion, and other data subject rights, and how you can exercise these rights or obtain further information.

This Privacy Policy does not form part of a contract with you. We can adapt this Privacy Policy at any time. The version published on this website is the current version at all times.

Sources:
This privacy policy was based on the trusted, publicly accessible «DSAT Data Protection Self-Assessment Tool» (dsat.chcreated, checked, adapted, and supplemented.
 
We use the Privacy Icons from the PRIVACY ICONS association for added transparency.

 

Last updated: 01.06.2026