Data protection declaration

1. Data protection at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in our data protection declaration listed below this text.

Data collection on our website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find the operator's contact details in the legal notice of this website.

How do we collect your data?

On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form.

Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter our website.

What do we use your data for?

Some of the data is collected to ensure that the website is provided without errors. Other data may be used to analyze your user behavior.

What rights do you have with regard to your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority.

You also have the right to request the restriction of the processing of your personal data under certain circumstances. For details, please refer to the privacy policy under "Right to restriction of processing".

Analysis tools and tools from third-party providers

When you visit our website, your surfing behavior may be statistically evaluated. This is mainly done using cookies and so-called analysis programs. You can object to this analysis or prevent it by not using certain tools. You can find detailed information on this in the following privacy policy.

You can object to this analysis. We will inform you about the objection options in this privacy policy.

2. General notes and mandatory information

Data protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

It is possible that personal data (including customer and employee data) may be passed on within the group of companies. This is usually for internal administrative purposes or to respond to support requests. The legal basis for this is the fulfillment of the contract or contract initiation (Art. 6 para. 1 lit. b GDPR) and a balancing of interests (Art. 6 para. 1 lit. f GDPR)

We would like to point out that data transmission over the Internet (e.g. when communicating by email) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

Note on the responsible body

The controller responsible for data processing on this website is

Hans-Willi Müller
imat-uve gmbh
Krefelder Str. 679-691
41066 Mönchengladbach

Phone: +49 (0)2161 4951 98-0
E-mail: privacy@imat-uve.com

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

Withdrawal of your consent to data processing

Many data processing operations are only possible with your express consent. You can withdraw your consent at any time. All you need to do is send us an informal e-mail. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)

If data processing is carried out on the basis of Art. 6 para. 1 lit. e or f GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims (objection pursuant to Art. 21 (1) GDPR).

If your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) GDPR).

Right to lodge a complaint with the competent supervisory authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged violation. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, blocking, deletion and correction

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data at any time. You can contact us at any time at the address given in the legal notice if you have further questions on the subject of personal data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time at the address given in the legal notice. The right to restriction of processing exists in the following cases:

• If you dispute the accuracy of your personal data stored by us, we generally need time to verify this. For the duration of the review, you have the right to request that the processing of your personal data be restricted.
• If the processing of your personal data was/is carried out unlawfully, you can request the restriction of data processing instead of erasure.
• If we no longer need your personal data, but you need it for the exercise, defense or assertion of legal claims, you have the right to request the restriction of the processing of your personal data instead of its erasure.
• If you have lodged an objection in accordance with Art. 21 para. 1 GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data - apart from its storage - may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

3. Data protection officer

Data protection officer required by law

We have appointed a data protection officer for our company.

Lukas Fischer
SILA Consulting GmbH
Weseler Straße 9
46325 Borken

Phone: +49 (0)2861 / 82549 14
E-Mail:datenschutz@sila-consulting.de

4. Data collection on our website

Cookies

Some of the Internet pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies are used to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognize your browser on your next visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

Cookies that are required to carry out the electronic communication process or to provide certain functions you wish to use (e.g. shopping cart function) are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies to analyze your surfing behavior) are stored, these are treated separately in this privacy policy.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are

• Browser type and browser version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address

This data is not merged with other data sources.

This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - the server log files must be recorded for this purpose.

Contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.

The data entered in the contact form is therefore processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. All you need to do is send us an informal email. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions - in particular retention periods - remain unaffected.

Request by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, we will store and process your request, including all personal data (name, request), for the purpose of processing your request. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 para. 1 lit. a GDPR) and / or on our legitimate interests (Art. 6 para. 1 lit. f GDPR), as we have a legitimate interest in the effective processing of the inquiries addressed to us.

The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

Appointment bookings via Microsoft Bookings

Our website uses the Microsoft Bookings service provided by Microsoft for online appointments. Microsoft 365 and Microsoft Bookings are a service provided by Microsoft Ireland Operations, Ltd. We use this software to make appointments via our website. The connection to the service is only established if you access the online booking function via a link or button on our website, in an email or in the newsletter. To make an appointment, your entries in the form are transmitted to Microsoft. Further information on the handling of your data can be found in Microsoft's privacy policy. The legal basis for the processing of your data in relation to the "Microsoft Bookings" service is Art. 6 para. 1 sentence 1 letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from our claim to offer you a user-friendly website with a wide range of functions and to give you the opportunity to make an appointment with our employees quickly and easily at any time if required. We would like to point out that you are not obliged to use Microsoft Bookings to make an appointment. If you do not wish to use the service, please use one of the other contact options offered to make an appointment.

Further information on the purpose and scope of data collection and processing by Microsoft Bookings can be found in Microsoft's privacy policy athttps://privacy.microsoft.com/de-de/privacystatement. There you will also find further information on your rights in this regard. Microsoft also processes your personal data in the USA. EU standard contracts have been concluded with Microsoft for Office 365 and Teams in order to guarantee an appropriate level of data protection.

Processing of data (customer and contract data)

We collect, process and use personal data only insofar as it is necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures. We collect, process and use personal data about the use of our website (usage data) only insofar as this is necessary to enable or charge the user for the use of the service.

The customer data collected will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.

Data transmission upon conclusion of a contract for online stores, retailers and shipping of goods

We only transfer personal data to third parties if this is necessary in the context of contract processing, for example to the companies entrusted with the delivery of the goods or the credit institution commissioned with payment processing. Any further transmission of data will not take place or will only take place if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.

The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

Use of HubSpot (CRM, appointment transcription & AI summary)

We use Hubspot CRM on this website. The provider is Hubspot Inc. 25 Street, Cambridge, MA 02141 USA (hereinafter Hubspot CRM).

Hubspot CRM enables us, among other things, to manage existing and potential customers and customer contacts. With the help of Hubspot CRM, we are able to record, sort and analyze customer interactions via email, social media or telephone across various channels. The personal data collected in this way can be evaluated and used for communication with the potential customer or for marketing measures (e.g. newsletter mailings). With Hubspot CRM, we are also able to record and analyze the user behavior of our contacts on our website.

We use the followingHubSpotfunctions to organize and follow up on appointments:

• Appointment transcription (audio)
• AI-supportedsummaries of conversations

In particular, the following can be processed:

• Name, e-mail address
• conversation content
• Audio recordings
• transcripts
• AI-generatedsummaries

The use of Hubspot CRM is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the most efficient customer management and customer communication possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Details can be found in Hubspot's privacy policy: https://legal.hubspot.com/de/privacy-policy.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://www.hubspot.de/data-privacy/privacy-shield.

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5812.

Purpose of the processing

• Documentation of conversations
• Improvement of call follow-up
• Quality assurance
• Efficient internal processing of information
• Art. 6 para. 1 lit. b GDPR (fulfillment of contract)
• Art. 6 para. 1 lit. f GDPR (legitimate interest)
• Art. 6 para. 1 lit. a GDPR (consent), in particular for recordings and transcriptions
• EUstandardcontractual clauses
• Additional technical protection measures

Legal basis

The processing takes place on the basis of:

Data transfer and third country transfer

HubSpot may transfer data to the USA.

The protection is provided by:

Order processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

5. Analysis tools and advertising

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called "cookies". These are text files that are stored on your computer and enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

The storage of Google Analytics cookies and the use of this analysis tool are based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user behavior in order to optimize both its website and its advertising.

IP anonymization

We have activated the IP anonymization function on this website. This means that your IP address will be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser plugin

You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de

You can find more information on how Google Analytics handles user data in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Order processing

We have concluded an order processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Demographic characteristics with Google Analytics

This website uses the "demographic features" function of Google Analytics. This allows reports to be created that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google and from visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the section "Objection to data collection".

6. Newsletter

Newsletter data

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected, or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.

The data entered in the newsletter registration form is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the "Unsubscribe" link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

The data you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted after you unsubscribe from the newsletter. Data stored by us for other purposes remains unaffected by this.

7. Plugins and tools

Social media plugins with Shariff

Plugins from social media are used on our pages (e.g. Facebook, Twitter, Google+, Instagram, Pinterest, XING, LinkedIn, Tumblr).

You can usually recognize the plugins by the respective social media logos. To ensure data protection on our website, we only use these plugins together with the so-called "Shariff" solution. This application prevents the plugins integrated on our website from transferring data to the respective provider the first time you enter the site.

Only when you activate the respective plugin by clicking the corresponding button will a direct connection to the provider's server be established (consent). As soon as you activate the plugin, the respective provider receives the information that you have visited our site with your IP address. If you are logged into your respective social media account (e.g. Facebook) at the same time, the respective provider can assign the visit to our pages to your user account.

Activating the plugin constitutes consent within the meaning of Art. 6 para. 1 lit. a GDPR. You can revoke this consent at any time with effect for the future.

YouTube

Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.

When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited.

YouTube can also store various cookies on your device. With the help of these cookies, YouTube can obtain information about visitors to our website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent fraud attempts. The cookies remain on your device until you delete them.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

The use of YouTube is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

Further information on the handling of user data can be found in YouTube's privacy policy at https://policies.google.com/privacy?hl=de

Google Maps

This site uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

You can find more information on the handling of user data in Google's privacy policy: https://policies.google.com/privacy?hl=de.

Google Web Fonts (local hosting)

This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google fonts are installed locally. There is no connection to Google servers.
Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faqand in Google's privacy policy: https://policies.google.com/privacy?hl=de.

8. Audio and video conferencing

Data processing

We use online conferencing tools, among others, to communicate with our customers. The individual tools we use are listed below. If you communicate with us by video or audio conference via the Internet, your personal data will be collected and processed by us and the provider of the respective conference tool.

The conferencing tools collect all data that you provide/enter to use the tools (e-mail address and/or your telephone number). The conference tools also process the duration of the conference, the start and end (time) of participation in the conference, the number of participants and other "contextual information" in connection with the communication process (metadata).

Furthermore, the provider of the tool processes all technical data that is required to process the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection

If content is exchanged, uploaded or provided in any other way within the tool, it is also stored on the tool provider's servers. Such content includes, in particular, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards and other information shared while using the service.

Please note that we do not have full control over the data processing operations of the tools used. Our options are largely determined by the company policy of the respective provider. Further information on data processing by the conference tools can be found in the privacy policies of the tools used, which we have listed below this text.

Purpose and legal basis

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 sentence 1 lit. b GDPR). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). If consent has been requested, the tools in question are used on the basis of this consent; consent can be withdrawn at any time with effect for the future.

Storage period

The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory statutory retention periods remain unaffected.

We have no influence on the storage period of your data that is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

Conference tools used

We use the following conference tools:

GoTo Webinar

We use GoTo Webinar. The provider is LogMeIn, Inc, 320 Summer Street Boston, MA 02210, USA. Details on data processing can be found in GoTo Webinar's privacy policy: https://www.logmeininc.com/de/legal/privacy.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://logmeincdn.azureedge.net/legal/lmi-customer-dpa-2020v1-de.pdf.

Microsoft Teams

We use Microsoft Teams. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Details on data processing can be found in the Microsoft Teams privacy policy: https://privacy.microsoft.com/de-de/privacystatement.

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link:https://www.dataprivacyframework.gov/participant/6474.

The followingMicrosoftproductsand their functions are usedin particular as part of our website and our services:

• Microsoft Teams / Copilot Enterprise
  • Appointment recordings (video & audio)
  • Automatic transcription of conversations
  • AI-supportedsummaries (meeting summary)
• Facilitatoragent
  • Automatic creation of meeting notes
  • Derivation of tasks andto-dosfrom meetings
    
• Microsoft Loop
  • Collaborative editing of content and tasks
    
    The following personal data in particular can be processed:

• Master data (name, e-mail address)
• Communication content (spoken content, chat messages)
• Audio and video data
• Transcription data
• Meeting metadata (time, duration, participants)
• AI-generatedsummaries and task lists
  

Purpose of the processing

Processing is carried out for the following purposes

• Conducting and documenting meetings
• Efficient collaboration and task tracking
• Automated creation of minutes and summaries
• Improvement of internal work organization

Legal basis

The processing takes place on the basis of:

• Art. 6 para. 1 lit. b GDPR (fulfillment of contract), provided that the use takes place within the framework of existing contractual relationships
• Art. 6 para. 1 lit. f GDPR (legitimate interest) in efficient communication, documentation and cooperation
• Art. 9 para. 2 lit. a GDPR (consent), insofar as special categories of personal data (e.g. health data from conversation content) are processed in individual cases

AI processing

The AIfunctions(e.g. transcription, summaries, task extraction) are automated.

There is no automated decision-making with legal effect within the meaning of Art. 22 GDPR.

Data transfer and transfer to third countries

Microsoft generally processes data within the EU or the EEA.

However, access from third countries (e.g. USA) cannot be ruled out.

The protection takes place via:

• EU standardcontractualclauses(SCC)
• Additional technical and organizational measures
• Adequacy decisions of theEUCommission, if applicable

Order processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

9. Podcast

Provision of the podcast via our website

We provide a podcast on our website that can be accessed directly via our website and subscribed to via an RSS feed. The audio files are provided via the external podcast hosting service letscast.fm.

When the podcast is accessed via our website, we or letscast.fm process personal data that is technically necessary to deliver the content and to ensure system security and stability. In particular, the following data may be processed:

• IP address
• Date and time of access
• Podcast episode accessed
• Browser used and, if applicable, operating system
• referrer URL

Processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR (legitimate interest).

There is a contractwith letscast.fm for order processing in accordance with Art. 28 GDPR.

Podcast subscription (RSS feed)

You can subscribe to our podcast via an RSS feed. We do not actively collect any personal datawhen you subscribe . The feed is retrieved directly between the user's end device or the podcast app and the letscast.fm servers.

Access data (e.g. IP address) may also be processed here for technical reasons. Processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR.

Reach measurement and statistics

We receive statistical evaluations of the use of our podcast via letscast.fm (e.g. number of downloads or views of individual episodes). These statistics are aggregated and anonymized so that no conclusions can be drawn about individual users.

The processing serves to analyze and improve our podcast offer and is carried out on the basis of Art. 6 para. 1 lit. f GDPR.

Integration of external podcast platforms

Our podcast is also distributed via external platforms, in particular Spotify, Apple Podcasts, Deezer and other podcast platforms.

If you listen to or subscribe to our podcast via these platforms, the data processing takes place exclusively in the area of responsibility of the respective platform operator. We have no influence on the type, scope and purpose of data processing there.

It cannot be ruled out that personal data may be processed in third countries (e.g. USA). For further information, please refer to the privacy policies of the respective providers.

Use of Google Analytics in connection with the podcast

If users access the podcast via our website, personal data is also processed in the context of the use of Google Analytics, provided that its use is described and effectively activated in this privacy policy. A direct personal evaluation of individual podcast usage does not take place.

 

Version April 23, 2026