I. Data protection at a glance

  1. General information

This data protection information provides information about the processing of your personal data by Rioca Gastro Frankfurt GmbH (hereinafter referred to as “Sabor”) and its affiliated companies in accordance with the EU General Data Protection Regulation (hereinafter referred to as “GDPR”) when you visit and use this website.

  1. Data collection on our website

2.1 Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find the operator’s contact details in the legal notice of this website.

2.2 How do we collect your data?
On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form.

Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you visit our website.

2.3 What do we use your data for?
Some of the data is collected to ensure that the website is provided without errors. Other data can be used to analyze your user behavior.

2.4 What rights do you have with regard to your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority.

You also have the right to request the restriction of the processing of your personal data under certain circumstances. For details, please refer to the privacy policy under “Right to restriction of processing”.

  1. Analysis tools and tools from third-party providers

When you visit our website, your surfing behavior may be statistically evaluated. This is mainly done using cookies and so-called analysis programs. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. Detailed information on this can be found in the following privacy policy.

You can object to this analysis. We will inform you about the objection options in this privacy policy.

II. Hosting

This website is hosted by an external service provider (hoster). The hoster is Strato AG (hereinafter referred to as “Strato”), Pascalstraße 10, 10587 Berlin, Germany. Personal data collected on this website is stored on Strato’s servers. These are located in Germany. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website.

The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR).

Our hoster will only process your data to the extent necessary to fulfill its performance obligations and follow our instructions with regard to this data. Further processing on servers other than the aforementioned Strato servers will only take place to the extent specified below.

In order to guarantee data protection-compliant processing, we have concluded an order processing contract (AVV) with Strato. You can find more information on the handling of user data in Strato’s privacy policy: https://www.strato.de/datenschutz/.

III General notes and mandatory information

  1. General information

We take the protection of your personal data very seriously and treat this data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

  1. Responsible in terms of data protection law

Rioca Frankfurt Gastro GmbH

Julius-Bausch-Str. 50

73431 Aalen

Germany

Phone: +49 69 200 912 519

kontakt@sabor-retaurant.de

  1. Contact Data Protection Officer / Group Data Protection Officer:

Julius-Bausch-Str. 50

73431 Aalen

datenschutz@i-live.de

To assert your rights, report data protection incidents and for suggestions and complaints regarding the processing of your personal data and to withdraw your consent, please contact our data protection officer.

  1. Storage duration

We only store personal data for as long as is necessary for the purposes for which it is processed or for as long as you have withdrawn your consent. Insofar as statutory retention obligations must be observed, the storage period for certain data may be up to 10 years, regardless of the processing purposes.

  1. General information on the legal basis for data processing on this website

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis. When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures. Insofar as the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis. If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for processing.

  1. Information on data transfer to the USA and other third countries

Among other things, we use tools from companies based in the USA or other third countries that are not secure under data protection law. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries.

For example, US companies are obliged to hand over personal data to security authorities without you as the data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. secret services) may process, evaluate and permanently store your data on US servers for surveillance purposes. We have no influence on these processing activities.

  1. Recipients of personal data

As part of our business activities, we work together with various external bodies. In some cases, it is also necessary to transfer personal data to these external bodies. We only pass on personal data to external bodies if this is necessary for the fulfillment of a contract, if we are legally obliged to do so (e.g. passing on data to tax authorities), if we have a legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR or if another legal basis permits the transfer of data. When using processors, we only pass on our customers’ personal data on the basis of a valid contract for order processing. In the case of joint processing, a joint processing agreement is concluded.

  1. Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can withdraw your consent at any time. All you need to do is send us an informal e-mail. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

  1. Right to object to the collection of data in special cases and to direct marketing (Art. 21 GDPR)

If the data processing is based on Art. 6 para. 1 lit. e or f GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims (objection pursuant to Art. 21 (1) GDPR).

If your personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is associated with such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) GDPR).

  1. Right to lodge a complaint with the competent supervisory authority

In the event of breaches of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged infringement. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.

  1. Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.

  1. Information, correction and deletion

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data at any time. You can contact us at any time at the address given in the legal notice if you have further questions on the subject of personal data.

  1. Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time at the address given in the legal notice. The right to restriction of processing exists in the following cases:

  • If you dispute the accuracy of your personal data stored by us, we generally need time to check this. For the duration of the review, you have the right to request that the processing of your personal data be restricted.
  • If the processing of your personal data was/is carried out unlawfully, you can request the restriction of data processing instead of erasure.
  • If we no longer need your personal data, but you need it for the exercise, defense or assertion of legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
  • If you have lodged an objection pursuant to Art. 21 para. 1 GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

  1. SSL encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “https://” to “https://” and by the lock symbol in your browser line.

If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

IV. Data collection on this website

  1. Cookies

Some of the Internet pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies are used to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognize your browser on your next visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g. shopping cart function) are stored on the basis of Art. 6 para. 1 lit. f GDPR are stored. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies to analyze your surfing behavior) are stored, these are treated separately in this privacy policy.

  1. Cookie consent with Borlabs Cookie

Our website uses Borlabs Cookie’s cookie consent technology to obtain your consent to the storage of certain cookies in your browser and to document this in compliance with data protection regulations. The provider of this technology is Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg (hereinafter referred to as Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data is not passed on to the provider of Borlabs Cookie.

The data collected will be stored until you ask us to delete it or delete the Borlabs cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. Details on data processing by Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

Borlabs cookie consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 sentence 1 lit. c GDPR.

If you wish to revoke this consent, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked for your cookie consent again. You can also change your cookie settings directly here:

Link to cookie settings

  1. Server log files

Our website collects a range of general data and information each time it is accessed, which is temporarily stored in log files on a server. A log file is created as part of an automatic log of the processing computer system. These are stored for 7 days.

can be recorded:

  • the number of views
  • the browser used
  • the pages accessed
  • The referrer URL
  • The domain from which access was made (client domain)
  • The most frequently accessed pages, images etc.

  1. Contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.

The data entered in the contact form is therefore processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. All you need to do is send us an informal email. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions – in particular retention periods – remain unaffected.

  1. Request by e-mail or telephone

If you contact us by e-mail or telephone, we will store and process your inquiry, including all personal data (name, inquiry), for the purpose of processing your request. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR, provided that your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested.

The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

V. Analysis tools and advertising

  1. Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that enables us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store any cookies and does not carry out any independent analyses. It is only used to manage and display the tools integrated via it. However, Google Tag Manager records your IP address, which may also be transmitted to Google’s parent company in the United States.

The use of Google Tag Manager is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the fast and uncomplicated integration and management of various tools on its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

There is no adequacy decision by the EU Commission for data transfers to the USA. Google ensures an adequate level of data protection via the EU standard contractual clauses. A copy of the relevant EU standard contractual clauses will be provided on request. Please contact datenschutz@i-live.de for this purpose.

  1. Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior of website visitors. The website operator receives various usage data, such as page views, length of visit, operating systems used and origin of the user. This data is assigned to the user’s end device. It is not assigned to a user ID.

We can also use Google Analytics to record your mouse and scroll movements and clicks, among other things. Google Analytics also uses various modeling approaches to supplement the collected data records and uses machine learning technologies for data analysis.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is generally transmitted to a Google server in the USA and stored there.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a DSGVO and § 25 Abs. 1 TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://privacy.google.com/businesses/controllerterms/mccs/

We use Google Signals, a feature of Google Analytics, on our website. This function enables us to create extended reports on the use of our website by collecting information about users who log in to their Google account on different devices or in different sessions. Among other things, the following data is collected: Information about your interactions with our website, including pages visited, time spent and actions taken; device information, location data if provided by your device and Google account data if you are logged in with your Google account.

This data is used to improve our services and to better tailor our content to your needs, to create cross-device reports that help us better understand how our website is used and to display personalized advertising that is relevant to you.

You can prevent the collection and processing of your data by Google by downloading and installing the browser plug-in available at the following link:

https://tools.google.com/dlpage/gaoptout?hl=de. You can object at any time by deactivating the “Personalized advertising” function in the settings of your Google account.

You can find more information on how Google Analytics handles user data in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de

  1. Google Ads

The website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on the user data available at Google (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate this data quantitatively by analyzing, for example, which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a DSGVO and § 25 Abs. 1 TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here:

https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/

  1. Google Ads Remarketing

This website uses the functions of Google Ads Remarketing. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With Google Ads Remarketing, we can assign people who interact with our online offer to specific target groups in order to subsequently show them interest-based advertising in the Google advertising network (remarketing or retargeting).

Furthermore, the advertising target groups created with Google Ads Remarketing can be linked to Google’s cross-device functions. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one device (e.g. cell phone) can also be displayed on another of your devices (e.g. tablet or PC).

If you have a Google account, you can object to personalized advertising at the following link: https://www.google.com/settings/ads/onweb/

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a DSGVO and § 25 Abs. 1 TTDSG. Consent can be revoked at any time.

Further information and the data protection provisions can be found in Google’s privacy policy at: https://policies.google.com/technologies/ads?hl=de

  1. Google Conversion tracking

As a Microsoft Advertising customer, we use Microsoft Advertising Conversion Tracking, an analytics service provided by Microsoft Corporation. (One Microsoft Way, Redmond, WA 98052-6399, USA; “Microsoft Advertising”). Microsoft Advertising places a cookie on your computer (“conversion cookie”) if you have reached our website via a Microsoft Advertising ad. These cookies lose their validity after 30 days and are not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, we and Microsoft Advertising can recognize that someone has clicked on the ad and been redirected to our site. Each Microsoft Advertising customer receives a different cookie. Cookies can therefore not be tracked via the websites of Microsoft Advertising customers. The information collected using the conversion cookie is used to generate conversion statistics for Microsoft Advertising customers who have opted for conversion tracking. Microsoft Advertising customers learn the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.

Further information and Microsoft Advertising’s privacy policy can be found at:https://privacy.microsoft.com/de-de/privacystatement.

  1. META Pixel (formerly Facebook Pixel)

For marketing purposes, our website uses so-called remarketing tags (also known as “META pixels”) of the social network Facebook, a service of Facebook Inc, 1601 Willow Road, Menlo Park, California 94025, USA (“Facebook”). When you visit our website, a connection is established between your browser and a META server via these tags. Facebook receives the information that our website has been accessed with your IP address. The data is generally processed in Germany or countries of the European Union. If processing takes place in third countries in certain cases, processing will only take place if the adequacy of the level of data protection in the third country has been determined by the EU Commission in accordance with Article 45 GDPR, on the basis of the EU standard contractual clauses or if an adequate level of data protection is otherwise ensured at the data recipient. Facebook uses this information to provide us with statistical and anonymous data about the general use of our website and the effectiveness of our Facebook ads (“Facebook ads”) and Instagram ads (“Instagram ads”).

If you are a member of Facebook and/or Instagram and have allowed Facebook/Instagram to do so via the privacy settings of your account, Facebook/Instagram can also link the information collected about your visit to our website to your member account and use it for the targeted placement of Facebook/Instagram ads. You can view and change the privacy settings of your Facebook/Instagram profile at any time.

If you deactivate data processing by Facebook, Facebook will only display general Facebook ads that are not selected based on the information collected about you.

You can find more information on this in Facebook’s data policy and Instagram’s data policy.

  1. IP anonymization

We have activated the IP anonymization function on this website. This means that your IP address will be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

VI Plugins and tools

  1. Google Maps

This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), GordonHouse, Barrow Street, Dublin 4, Ireland.

To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. If Google Maps is activated, Google may use Google Web Fonts for the purpose of uniform display of fonts. When you call up Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. A GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here:

https://privacy.google.com/businesses/gdprcontrollerterms/ and

https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

You can find more information on the handling of user data in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

  1. Reservation tool – Gewinnblick

On our website, we use the online table reservation software of Gewinnblick GmbH, Hans-Urmiller-Ring 43a, 82515 Wolfratshausen, which is integrated into our website via iframe. If you click on “Book table” or a corresponding button, you will be forwarded to Gewinnblick and can reserve a table there. In the event of a reservation, your first name, surname, email address, telephone number – if you provide these – and the reservation data (reservation time, reservation date, number of people and any special requests) will be collected by Gewinnblick on the basis of your contractual relationship with Gewinnblick and forwarded to us.

We have concluded an order processing agreement (AVV) with Gewinnblick GmbH. Further information on data protection at Gewinnblick can be found at: https://www.gewinnblick.de/datenschutz/

  1. WordPress

These pages were created using the WordPress content management system (CMS). WordPress stores technical information in the form of cookies and enables us to analyze your interactions with the website in order to improve the user experience. No personal data is processed without your consent, unless this is necessary to provide the website. Some plugins are used to make the user experience as intuitive as possible. You can find more information about WordPress at https://de.wordpress.org.

We use the Elementor plugin, a website builder plugin, to create the design and functionality of our website. Elementor stores data locally and in session storage in your browser. This storage is necessary to display and operate the website correctly. This data is not passed on to third parties unless external services are integrated.

VII Our social media presence

  1. General information

We maintain publicly accessible profiles in social networks. The individual social networks we use are listed below.

Social networks such as Facebook, Instagram etc. can generally analyze your user behavior comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media presences triggers numerous data protection-relevant processing operations. In detail:

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies that are stored on your device or by recording your IP address.

With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are logged in or were logged in.

Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

1.1 Legal basis

Our social media presence is intended to ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a GDPR).

1.2 Responsible party and assertion of rights

If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. You can exercise your rights (information, rectification, erasure, restriction of processing, data portability and complaint) both vis-à-vis us and vis-à-vis the operator of the social media platform. us as well as vis-à-vis the operator of the respective social media portal (e.g. Facebook).

Please note that, despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing procedures of the social media portals. Our options are largely determined by the corporate policy of the respective provider.

1.3 Storage period

The data collected directly by us via the social media presence will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal provisions – esp. retention periods – remain unaffected.

We have no influence on the storage period of your data that is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

  1. Social networks in detail

2.1 Facebook

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. According to Facebook, the data collected is also transferred to the USA and other third countries.

We have concluded an agreement on joint processing (Controller Addendum) with Platforms Ireland Limited (Facebook) in accordance with Art. 26 GDPR. This agreement defines the responsibilities for the processing of personal data collected when you visit our Facebook page.

You can adjust your advertising settings yourself in your user account. To do this, click on the following link and log in: www.facebook.com/settings.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: www.facebook.com/legal/EU_data_transfer_addendum and de-de.facebook.com/help/566994660333381. Details can be found in Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

2.2 Instagram

We have a profile on Instagram. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Instagram uses the EU Commission’s Standard Contractual Clauses (SCCs) as a legal basis for the transfer of personal data from the European Economic Area (EEA) to countries outside the EU, including the USA.

Details can be found here:

www.facebook.com/legal/EU_data_transfer_addendum, help.instagram.com/519522125107875 and

de-de.facebook.com/help/566994660333381.

  • Changes to the privacy policy

Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration.

Current status: August 2024