X

Privacy Policy

We take data protection seriously.

Protecting your privacy when processing personal data is an important concern for us. When you visit our website, our web servers store the IP address of your internet service provider, the website from which you visit us, the websites you visit on our site, and the date and duration of your visit as standard. This information is essential for the technical transmission of the websites and secure server operation. This data is not evaluated in a personalized manner.

Responsible party:

NetDescribe GmbH
Elsenheimerstraße 55
80687 Munich

Tel: +49 89 215 4868 0
Fax: +49 89 215 4868 99
E-mail: info@netdescribe.com

Personal data

Personal data is data about you. This includes your name, address and email address. You are also not required to provide any personal data in order to visit our website. In some cases, we need your name and address as well as
other information in order to provide you with the desired service.

The same applies if we provide you with information material on request or if we answer your inquiries. In these cases, we will always point this out to you. In addition, we only store the data that you have transmitted to us automatically or voluntarily.

If you use one of our services, we generally only collect the data that is necessary to provide you with our service. We may ask you for further information, but this is voluntary. Whenever we process personal data, we do so in order to provide you with our service or to pursue our commercial goals.

Contacting us

When you contact us (e.g. via contact form, email, telephone or via social media), the information provided by the requesting persons will be processed insofar as this is necessary to answer the contact requests and any requested measures.
The contact requests are answered within the framework of contractual or pre-contractual relationships to fulfill our contractual obligations or to answer (pre)contractual inquiries and, moreover, on the basis of the legitimate interests in answering the inquiries.

Processed data types: Inventory data (e.g. names, addresses), contact data (e.g. email, telephone numbers), content data (e.g. entries in online forms).
Data subjects: Communication partners.
Purposes of processing: Contact requests and communication.
Legal basis: Fulfillment of contract and pre-contractual requests (Art. 6 para. 1 lit. b GDPR), Legitimate interests (Art. 6 para. 1 lit. f GDPR).

Automatically stored data

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Date and time of the request
  • Name of the requested file
  • Page from which the file was requested
  • Access status (file transferred, file not found, etc.)
  • Web browser and operating system used
  • Complete IP address of the requesting computer
  • Amount of data transferred

This data is not merged with other data sources. The processing takes place in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.
For reasons of technical security, in particular to defend against attempts to attack our web server, this data is stored by us for a short period of time. It is not possible for us to draw conclusions about individual persons on the basis of this data. After seven days at the latest, the data is anonymized by shortening the IP address to domain level, so that it is no longer possible to establish a connection to the individual user. In anonymized form, the data is also processed for statistical purposes; a comparison with other data sets or
a transfer to third parties, even in excerpts, does not take place. Only within the scope of our server statistics, which we publish every two years in our activity report, is the number of page views presented.

Cookies

When you visit our website, we may store information on your computer in the form of cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters through which websites and servers can be assigned to the specific internet browser in which the
cookie was stored. This enables the visited websites and servers to distinguish the individual browser of the data subject from other internet browsers that contain other cookies. A specific internet browser can be recognized and identified via the unique cookie ID.

Through the use of session cookies, the controller can provide users of this website with a user-friendly service that would not be possible without the setting of cookies. Without consent, we only use technically necessary cookies on the legal basis of legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.

We only use personal cookies to improve our website or for marketing/advertising purposes with your consent. During your first visit, you can voluntarily agree to tracking or analysis via the displayed cookie banner. Your data may be passed on to partners or third-party providers. These
cookies are only stored if you explicitly agree to this, the legal basis is then your consent in accordance with Art. 6 para. 1 lit. a GDPR.
You can change your settings for the use of cookies here at any time: Please click here

Borlabs Cookie

Our website uses the cookie consent technology from Borlabs Cookie to obtain your consent to store certain cookies in your browser and to document this in a data protection-compliant manner. The provider of this technology is Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg (hereinafter Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data will not be passed on to the provider of Borlabs Cookie.

The collected data is stored until you request us to delete it or delete the Borlabs cookie yourself, or the purpose for data storage no longer applies. Mandatory legal retention periods remain unaffected. Details on data processing by Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

The Borlabs cookie consent technology is used to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6 para. 1 sentence 1 lit. c GDPR.

We have concluded a contract über Auftragsverarbeitung (AV) according to Art. 28 GDPR with the above-mentioned provider. This is a contract required under data protection law, which guarantees that this provider processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.

Google Tag Manager

We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or statistics tools and other technologies on our website. Google Tag Manager itself does not create user profiles, store cookies or perform independent analyses. It only serves to manage and play out the tools integrated via it. However, Google Tag Manager collects your IP address, which can also be transferred to Google’s parent company in the United States.

The use of Google Tag Manager is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in a quick and uncomplicated integration and management of various tools on its website. Insofar as corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the end device of the user (e.g. device fingerprinting) within the meaning of the TDDDG.
The consent can be revoked at any time.

Google Calendar

This page uses the Google Calendar calendar service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Calendar, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this page has no influence on this data transfer.

Google Calendar is used in the interest of an appealing presentation of our online offers and an easy findability of the dates and events offered by us. This is done on the basis of your consent according to Art. 6 para. 1 lit. a GDPR.

Insofar as corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

More information on the handling of user data can be found in the Google Privacy Policy.

Google Fonts (Local Hosting)

This page uses so-called Google Fonts, which are provided by Google, for the uniform display of fonts. The Google Fonts are installed locally. A connection to Google’s servers does not take place.

Further information about Google Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=en.

Google Maps

This page uses the Google Maps map service. The provider is Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland. With the help of this service, we can integrate map material on our website.

To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. When Google Maps is activated, Google may use Google Fonts for the purpose of uniform font display. When you call up Google Maps, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

Google Maps is used in the interest of an appealing presentation of our online offers and to make it easier to find the locations specified by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. Insofar as corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

More information on the handling of user data can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

The company has a certification according to the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified according to the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

ManageWP

We manage this website with the help of the ManageWP tool. The provider is GoDaddy.com WP Europe, Trg republike 5, 11000 Belgrade, Serbia (hereinafter ManageWP).

With ManageWP, we can, among other things, monitor the security and performance of our website and create automatic backups. ManageWP thus has access to all content of the website including our databases. ManageWP is hosted on the provider’s servers.

ManageWP is used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in operating its website(s) as effectively and securely as possible. Insofar as corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the US that aims to ensure compliance with European data protection standards when data is processed in the US. Every company certified by the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/4957.

YouTube

This website includes videos from YouTube. The operator of the pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in enhanced data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the transfer of data to YouTube partners is not necessarily excluded by the enhanced data protection mode. For example, YouTube establishes a connection to the Google DoubleClick network – regardless of whether you watch a video or not.

As soon as you start a YouTube video on this website, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by
logging out of your YouTube account.

Furthermore, YouTube can store various cookies on your device or use comparable recognition technologies (e.g. device fingerprinting) after starting a video. In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve user-friendliness and prevent fraud attempts.

If necessary, further data processing operations may be triggered after the start of a YouTube video, over which we have no influence. YouTube is used in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the
meaning of Art. 6 para. 1 lit. f GDPR. Insofar as corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Further information about data protection at YouTube can be found in their privacy policy at: https://policies.google.com/privacy?hl=en

Brevo

This website uses Brevo for sending newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin.
Brevo is a service that can be used to organize and evaluate the sending of newsletters, among other things. The data that you enter for the purpose of receiving the newsletter is stored on the servers of Sendinblue GmbH in Germany.

With the help of Brevo, we are able to analyze our newsletter campaigns. For example, we can see whether a newsletter was opened and which links were clicked. In this way, we can determine, among other things, which links were clicked particularly frequently.
We can also recognize whether certain predefined actions were carried out after opening/clicking (conversion rate). For example, we can determine whether you made a purchase after clicking on the newsletter.
Brevo also enables us to divide newsletter recipients into different categories (“cluster”). For example, newsletter recipients can be divided according to age, gender or place of residence. In this way, the newsletter can be better adapted to the respective target group.
If you do not want an analysis by Brevo, you must unsubscribe from the newsletter. For this purpose, we provide you with a corresponding link in every newsletter message.
Detailed information on the functions of Brevo can be found at the following link: https://www.brevo.com/de/newsletter-software/.

The data processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. The lawfulness of data processing operations that have already taken place remains unaffected by the revocation.

The data that you have provided to us for the purpose of sending the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you unsubscribe. Data that is stored by us for other reasons remains unaffected by this.

After unsubscribing from the newsletter distribution list, your email address may be added to a blacklist by us or the newsletter service provider, insofar as this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your and our
interest in complying with the statutory provisions when sending newsletters (legitimate interest according to Art. 6 para. 1 lit. f GDPR). The storage in the blacklist is unlimited in time. You can object to the storage if your interests worthy of protection outweigh our legitimate interests.
For more details, please refer to the privacy policy of Brevo at:
https://www.brevo.com/de/datenschutz-uebersicht/ as well as
https://www.brevo.com/de/legal/privacypolicy/.

For the use of the above-mentioned service, we have concluded a data processing agreement (DPA). This is a contract required under data protection law, which ensures that this processes the personal data of our website visitors only according to our
Instructions and in accordance with the GDPR.

Newsletters

For sending the newsletter, we use the so-called double opt-in procedure, i.e. we will only send you a newsletter by email if you have previously expressly confirmed to us that we should activate the newsletter service. We will then send you a notification email and ask you to confirm that you would like to receive our newsletter by clicking on a link contained in this email. When you register
for our newsletter, we save your IP address and the date of registration. This storage serves solely as proof in the event that a third party misuses your email address to register you for receiving the newsletter without your knowledge or authorization. Should you
If you no longer want to receive newsletters from us later, you can object to this at any time without incurring any costs other than the transmission costs according to the basic rates.

Online job application

Your application data transmitted to us will be collected and processed electronically by us for the purpose of processing the application procedure. This includes in particular the following personal data: including contact details, master data, qualification data. If your application is followed by the conclusion of an employment contract, your transmitted data can be stored by us in your personnel file for the purpose of the usual organization and administration process in compliance with the relevant legal regulations.
The data transmitted by you will be automatically deleted if your job application is rejected two months after notification of the rejection or 6 months after the position has been filled. This does not apply if a longer storage period is necessary due to legal requirements (e.g. the burden of proof under the General Equal Treatment Act) or if you have expressly consented to a longer storage period in our database of interested parties.

Safety

We have taken technical and administrative security precautions to protect your personal data against loss, destruction, manipulation and unauthorized access. All our employees and service providers working for us are obliged to comply with the applicable data protection laws.

Whenever we collect and process personal data, it is encrypted before it is transmitted. This means that your data cannot be misused by third parties. Our security measures are subject to a constant improvement process and our data protection declarations are constantly being revised. Please make sure that you have the latest version.

Rights of data subjects

You have the right to information, correction, deletion or restriction of the processing of your stored data at any time, a right to object to the processing and a right to data portability and to lodge a complaint in accordance with the requirements of
Data protection law.

Right to information: You can request information from us as to whether and to what extent we process your data.

Right to rectification: If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.

Right to erasure: You can request that we delete your data, provided that we process it unlawfully or the processing disproportionately interferes with your legitimate interests worthy of protection. Please
note that there may be reasons that prevent immediate deletion, e.g. in the case of statutory retention obligations.
Regardless of the exercise of your right to erasure, we will delete your data immediately and completely, provided that there is no legal or statutory retention obligation to the contrary.

Right to restriction of processing:
You can request that we restrict the processing of your data if

  • You dispute the accuracy of the data, for a period that enables us to verify the accuracy of the data.
  • The processing of the data is unlawful, but you refuse to delete it and instead request a restriction on the use of the data,
  • We no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
  • You have objected to the processing of the data.

Right to data portability:
You can request that we provide you with your data that you have provided to us in a structured, common and machine-readable format and that you can transmit this data to another controller without hindrance from us, provided that

  • We process this data based on your consent, which can be revoked, or to fulfill a contract between us, and
  • This processing is carried out using automated methods.
    If technically feasible, you can request that we transmit your data directly to another controller.

Right to object: If we process your data on the basis of a legitimate interest, you can object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. You can object to the processing of your data for the purpose of direct advertising at any time without giving reasons.

Right to complain:
If you believe that we are violating German or European data protection law when processing your data, please contact us to clarify any questions. You also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision. If you want to assert one of the aforementioned rights against us, please contact our data protection officer. If in doubt, we may request additional information to confirm your identity.

Changes to this privacy policy

We reserve the right to change our privacy policy if this should become necessary due to new technologies. Please make sure that you have the latest version.
If fundamental changes are made to this privacy policy, we will announce them on our website.

All interested parties and visitors to our website can reach us with data protection questions at:

Mr. Wojtek Dragon
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
Tel.: 0941 2986930
Fax: 0941 29869316
E-Mail: anfragen@projekt29.de
Internet: www.projekt29.de

Hosting

We host the contents of our website with the following provider:

Hetzner

The provider is Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen (hereinafter Hetzner).

For details, please refer to Hetzner’s privacy policy: https://www.hetzner.com/en/legal/privacy-policy/.

Hetzner is used on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our website as reliably as possible. Insofar as corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Order Processing

We have concluded a contract for order processing (AVV) for the use of the above-mentioned service. This is a contract required under data protection law which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.