Privacy Policy

We thank you for your visit to our website and interest in our company. In this Privacy Policy, we provide you with information about the specific personal data we process during your visit to our website and the rights you have in this regard. The use of terms is based on the definitions in Article 4 of the General Data Protection Regulation (GDPR). 

Personal data means all information relating to an identified or identifiable natural person. This includes their name, address and communication data and their email address. 
Processing means any operation or series of operations, performed with or without the help of automated processing, in connection with personal data; such as its collection, recording, organisation, ordering, storage, adaptation or modification, outputting, querying, use, disclosure by transmission, distribution or any other form of provision, comparison or combination, restriction, deletion or destruction.
Data subject is any identified or identifiable natural person whose personal data are processed by the person responsible for processing.
Person responsible or “person responsible for processing” is the natural or legal person, supervisory authority, institution or other body that alone or together with others decides on the purpose and means of personal data processing.
User refers to all categories of data subjects affected by the processing of the data. This includes our business partners and any other visitors to our website.

1. Name and address of the person responsible 

OTEC Präzisionsfinish GmbH
Heinrich-Hertz-Str. 24
75334 Straubenhardt-Conweiler, Germany
Tel:     + 49 (0) 70 82 / 49 11 20
Fax:    + 49 (0) 70 82 / 49 11 29
E-Mail:     info(at)otec.de

2. Data protection officer

You can reach our data protection officer via email at datenschutz(at)otec.de or via our mailing address by adding “Attn: Data Protection Officer”. 

3. Storage period

Insofar as a more specific storage period has not been defined in this Privacy Policy, we retain your personal data until the purpose of the data processing no longer applies. If you make a justified request for erasure or withdraw consent to data processing, your data will be erased unless we have other legally compliant reasons to store your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data is erased after these reasons no longer apply.

4. General information on the legal basis for the data processing on this website

If you have consented to the processing of the data, we process your personal data on the basis of Art. 6(1)(a) GDPR. In the event of express consent to the transfer of personal data to third countries, data is also processed on the basis of Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or the access to information on your end device (e.g. via device fingerprinting), data is also processed on the basis of Section 25(1) TTDSG [German Telecommunications-Telemedia Data Protection Act]. Consent can be withdrawn at any time. If your data is necessary for the performance of a contract or to carry out pre-contractual measures, we process your data on the basis of Article 6(1)(b) GDPR. Furthermore, we process your data on the basis of Article 6(1)(c) GDPR insofar as this is necessary to comply with a legal obligation. In addition, data may be processed on the basis of our legitimate interest in accordance with Article 6(1)(f) GDPR. The following paragraphs of this Privacy Policy contain information on the specific legal basis relevant in each individual case.

5. Website hosting

Our website is hosted by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany (hereinafter referred to as Hetzner). For more information, please see Hetzner’s privacy policy at https://www.hetzner.com/legal/privacy-policy/. Hetzner is deployed on the basis of Article 6(1)(f) GDPR. We have a legitimate interest in our website running as reliably as possible. We have concluded a commissioned data processing agreement with Hetzner Online GmbH. This is an agreement prescribed under data protection legislation that ensures that the service provider only processes the personal data of our website visitors in line with our instructions and in compliance with the GDPR.

6. Processing of personal data

6.1. Visiting our website

When you visit our website, your browser transfers certain data to our web server for technical reasons. The data in question (“server log files”) are as follows:

  • IP address
  • Date and time of the server request 
  • Browser, language and browser software version
  • Operating system used
  • Host name of the computer accessing the website
  • Website from which the request originated (“referrer URL”)

This data is not stored together with other personal data of the users. 
For technical reasons, our web server must temporarily store the user’s IP address in order to be able to display our website. To facilitate this, it is mandatory that your IP address is stored for the duration of the session. The aforementioned data is stored in the log files in order to ensure that our website functions correctly. Furthermore, this data helps us to optimise our website and ensure the security of our IT systems (e.g. for detecting attacks). The data is not analysed for marketing purposes in this context. The legal basis for the temporary storage of this data and the log files is Article 6(1)(f) GDPR. We have a legitimate interest in the technically error-free display and the optimisation of our website – the server log files are required for this purpose. The aforementioned data is erased once it is no longer required for the purpose for which it was collected. In the event that the data is collected for the purpose of the provision of the website, this is the case when the session is ended. We store the data saved in the log files for up to 7 days. Storage over and above this is possible if this data is required for other reasons (e.g. investigating attacks, misuse or fraudulent activities).  Data that must be stored for longer for documentation purposes is excepted from deletion until final resolution of the given incident. For to technical reasons, the collection of the data for the purpose of the provision of the website and the storage of such data in log files is absolutely necessary for the operation of our website. You are thus not entitled to make an objection.

6.2. Contact form

When you send us queries via the query form, we collect the following data: company*, name, e-mail address, telephone number, postcode, place and country as well as information about the matter in question. Mandatory fields are marked accordingly. We process your personal data in order to respond to your query and deal with the matter in question. We store your data in case of follow-up questions.
If your query is related to the performance of a contract or is needed to carry out pre-contractual measures (e.g. offers), we process your data on the basis of Article 6(1)(b) GDPR. In all other cases, the data is processed on the basis of our legitimate interest in the effective processing of queries sent to us (Article 6(1)(f) GDPR). Your personal data will be processed by our internal departments responsible for the matter in question. The data is not passed on to third parties in this context. The data is used solely for the purposes of processing the dialogue and dealing with the matter in question. We retain the data you entered in the contact form until you demand that we erase it or the purpose of the data storage no longer applies (e.g. after the matter in question has been finally dealt with). Mandatory legal provisions – especially retention periods – are unaffected.

6.3. E-mail, telephone or fax queries

If you contact us via the e-mail addresses provided or by telephone or fax, we store and process your query including all the personal data arising from this (name, address, contact details, query) for the purpose of processing your matter. If your matter is related to the performance of a contract or is needed to carry out pre-contractual measures (e.g. offers), we process your data on the basis of Article 6(1)(b) GDPR. In all other cases, the data is processed on the basis of our legitimate interest in the effective processing of queries sent to us (Article 6(1)(f) GDPR). Your personal data will be processed by our internal departments responsible for the matter in question. The data is not passed on to third parties in this context. The data is used solely for the purposes of processing the dialogue and dealing with the matter in question. We retain the data you sent in the query until you demand that we erase it or the purpose of the data storage no longer applies (e.g. after the matter in question has been finally dealt with). Mandatory legal provisions – especially retention periods – are unaffected.

6.4. Newsletter

On our website you can subscribe to a newsletter, which contains first-hand news about our company. We only send newsletters with the users’ permission. We use a double opt-in procedure in this regard. After signing up for the newsletter, you will receive an email asking you to confirm your subscription. We use this procedure to ensure that no one can subscribe using an email address that is not their own. We log newsletter subscriptions in order to document the subscription process in accordance with statutory requirements. This includes the date, time and IP address at the time of subscription. We collect the following data when you subscribe to the newsletter: name, e-mail address, company, contact details, address, country and language. Mandatory fields are marked accordingly. We send out newsletters for promotional purposes in order to provide information about our company’s products, offers and promotions. The data entered in the newsletter subscription form is processed solely on the basis of your consent (Art. 6(1)(a) GDPR). You can withdraw the consent you granted to the storage of your data and the e-mail address and to the use of this data for sending the newsletter at any time, e.g. using the unsubscribe links in the newsletter or on our website. The lawfulness of the data processing activities already performed remains unaffected by the withdrawal of consent. Your data are processed by our marketing department when you subscribe to the newsletter. We have commissioned iS-Fun Internet Services GmbH, Badhausweg 8, 76307 Karlsbad, Germany to send out the newsletters, within the framework of commissioned data processing. The data processing occurs in Germany. The data you have provided us with for the purposes of subscribing to the newsletter will be stored with us or with our newsletter dispatch service provider until you unsubscribe from the newsletter, and it will be erased from the newsletter distribution list after the newsletter has been unsubscribed or the purpose no longer applies. Data that has been stored with us for other purposes is unaffected.

6.5. OTEC Campus

When you register for the OTEC Campus, we collect the following data: company, name, address, contact details, participation data and areas of interest. We process your personal data for the registration, organisation and running of the selected workshop and to comply with our contractual obligations.  The legal basis is Article 6(1)(b) GDPR. Our internal departments responsible and our speakers are the recipients of your personal data. When you take part in a workshop where charges apply, we store your personal data for the duration of the statutory retention period. In accordance with Section 257(1) HGB [German Commercial Code], the retention period is 6 years and in accordance with Section 147(1) AO [The Fiscal Code of Germany], this is 10 years.

6.6. OTEC customer portal

In our customer portal, existing customers can view orders and safety data sheets and send queries regarding media. Data is processed for the purpose of the digital provision of contract-related documents and carrying out pre-contractual measures. The legal basis is Article 6(1)(b) GDPR. The internal departments responsible for the particular subject area (e.g. sales, service, accounting) are the recipients of your data. We store your personal data for as long as you use the customer portal or – insofar as statutory retention obligations over and above this apply – for the duration of the legally prescribed retention period. Retention obligations apply due to commercial and tax law reasons. According to statutory requirements, a retention period of six years is applied in accordance with Section 257(1) HGB (e.g. commercial letters, receipts) as well as a retention period of ten years in accordance with Section 147(1) AO (e.g. receipts, commercial and business letters, tax-related documents).

7. Cookies

Our website uses “cookies“. Cookies are small text files that are cached in your internet browser when you access the website. They do not harm your computer or contain malware, e.g. viruses or Trojans.
They are stored on your end device either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically erased after you exit the website. Persistent cookies remain stored on your end device until you erase them yourself or they are automatically erased by your web browser. Cookies can be placed by us (first-party cookies) or by other companies (third-party cookies). Third-party cookies make it possible to integrate certain services from third-party companies into websites (e.g. embedded videos). Cookies have various functions. Numerous cookies are required for technical reasons, as certain website functions would not work without them (e.g. opening the customer portal). Other cookies can be used to analyse user behaviour, embed videos and show maps or for advertising purposes. Whether we place cookies when you visit our website and which cookies these are depends on which areas and functions of our online offering you use and whether you have consented to the use of cookies that are not necessary for technical reasons. We store cookies that are necessary to carry out electronic communication, to provide certain functions you would like to use (e.g. for the customer portal) or for the optimisation of the website (e.g. cookies for counting the web visitors) (necessary cookies) on the basis of Article 6(1)(f) GDPR. We have a legitimate interest in the storage of necessary cookies in order to ensure the error-free and optimised provision of our website. Processing in connection with storing cookies that are not necessary for technical reasons and comparable recognition technologies is based on consent (Art. 6(1)(a) GDPR and Section 25(1) TTDSG); this consent can be withdrawn at any time. You can also configure your browser such that you are informed about the placement of cookies and only permit cookies in individual cases, deny the placement of cookies for certain cases or deny this in general, as well as activate the automatic erasure of the cookies when you close the browser. Deactivating cookies may impair the functionality of this website.

8. Analysis tools and advertising

8.1. Google Tag Manager 

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The Google Tag Manager is a tool that we can use to integrate tracking or statistics tools and other technologies into our website. The Google Tag Manager itself does not create user profiles, store cookies or carry out its own analyses. It is only used to manage and provide the tools that are integrated through it. However, the Google Tag Manager captures your IP address. This can also be transferred to the Google parent company in the United States. The Google Tag Manager is deployed on the basis of Article 6(1)(f) GDPR. We have a legitimate interest in the fast, simple integration and management of various tools on our website.  The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA designed to ensure that European data privacy standards are complied with when data is processed in the USA. Each company certified in accordance with the DPF undertakes to comply with these data privacy standards. More information is available from the provider at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active 

8.2. Google Analytics 

This website uses functions of the Google Analytics web analysis service. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics enables us to analyse the behaviour of the website visitors. It provides us with various usage data, e.g. pages opened, length of visit, operating systems used and the origin of the user.  This data is pooled in a user ID and correlated with the relevant end device of the website visitor. In addition, we can use Google Analytics to record mouse movements, scrolls and clicks, for example. Furthermore, Google Analytics uses various modelling approaches to supplement the data records collected and it uses machine learning technologies during data analysis. Google Analytics uses technologies that facilitate recognition of the user for the purpose of analysing the user behaviour (e.g. cookies and device fingerprinting). The information concerning the use of the website collected by Google is usually transmitted to a Google server in the USA where it is stored. This service is used on the basis of your consent in accordance with Art. 6(1)(a) GDPR and Section 25(1) TTDSG. Consent can be withdrawn at any time. Data transmission to the USA is based on the standard contractual clauses of the European Commission. Details are provided at https://privacy.google.com/businesses/controllerterms/mccs/. The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA designed to ensure that European data privacy standards are complied with when data is processed in the USA. Each company certified in accordance with the DPF undertakes to comply with these data privacy standards. More information is available from the provider at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

IP anonymisation
The Google Analytics IP anonymisation feature is activated. This means that your IP address is truncated by Google within Member States of the European Union or in other countries that are signatories to the Agreement on the European Economic Area before it is transferred to the USA. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there. Google will use this information on our behalf to analyse how you use the website, to create reports about the website activities and to provide other services related to the use of the website and the use of the internet for the website operator. Google does not combine the IP address transferred by your browser in connection with Google Analytics with other data.

Browser plugin
You can prevent Google from collecting and processing your data by downloading and installing the browser plugin provided at
https://tools.google.com/dlpage/gaoptout?hl=en
More information on the handling of user data at Google Analytics is available in the Google privacy policy at https://support.google.com/analytics/answer/6004245?hl=en

Commissioned data processing
We have concluded a commissioned data processing agreement with Google and we apply the strict requirements of the German data protection authorities to the use of Google Analytics.

8.3. Google Ads

We use Google Ads. Google Ads is an online advertising programme run by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms into Google (keyword targeting). In addition, targeted ads can be displayed on the basis of the user data collected by Google (e.g. location data and interests) (group targeting). We as the website operator can analyse this data quantitatively by, for example, analysing which search terms have resulted in our ad being displayed and how many ads have resulted in appropriate clicks. This service is used on the basis of your consent in accordance with Art. 6(1)(a) GDPR and Section 25(1) TTDSG. You can withdraw your consent at any time. Data transmission to the USA is based on the standard contractual clauses of the European Commission. Detailed information is available at https://policies.google.com/privacy/frameworks  and https://privacy.google.com/businesses/controllerterms/mccs/. Google is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA designed to ensure that European data privacy standards are complied with when data is processed in the USA. Each company certified in accordance with the DPF undertakes to comply with these data privacy standards. More information is available from the provider at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active 

8.4. Google Conversion Tracking

This website uses Google conversion tracking. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google conversion tracking enables Google and us to detect whether the user has carried out certain actions. For example, we can thus analyse which buttons have been clicked on our website and how often, and which products have been viewed or purchased particularly frequently. This information is used to create conversion statistics. We identify the total number of users who have clicked on our ads and what actions they have carried out. We do not receive any information that enables us to identify the individual user. Google itself uses cookies or comparable recognition technologies for identification purposes. This service is used on the basis of your consent in accordance with Art. 6(1)(a) GDPR and Section 25(1) TTDSG. Consent can be withdrawn at any time. More information about Google conversion tracking is provided in the Google privacy policy at https://policies.google.com/privacy?hl=en-GB. Google is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA designed to ensure that European data privacy standards are complied with when data is processed in the USA. Each company certified in accordance with the DPF undertakes to comply with these data privacy standards. More information is available from the provider at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active 

9. Plugins and Tools

9.1.  YouTube with privacy-enhanced mode

We integrate YouTube videos into our website. The operator of the pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. We use YouTube in privacy-enhanced mode. According to YouTube, this mode ensures that YouTube does not store any information about the visitors to this website before they watch the video. However, privacy-enhanced mode does not automatically rule out data being passed on to YouTube partners. For example, YouTube establishes a connection to the Google Marketing network, irrespective of whether you watch a video or not.
As soon as you start one of our website’s YouTube videos, a connection to the YouTube servers is established. The YouTube server is informed of which of our pages you have visited. When you are logged on to your YouTube account, you enable YouTube to directly correlate your surfing behaviour with your personal profile. You can prevent this by logging out of your YouTube account. Furthermore, after you have started a video, YouTube can store various cookies on your end device or use comparable recognition technologies (e.g. device fingerprinting). YouTube can thus obtain information about visitors to this website. This information is used, for example, to collect video statistics, improve user-friendliness and guard against attempts to commit fraud. Other data processing activities that we have no influence over may be triggered once a YouTube video has started. Processing is based on Art. 6(1)(a) GDPR and Section 25(1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g. device fingerprinting) as per the TTDSG. Consent can be withdrawn at any time. More information about data privacy at YouTube is provided in its data privacy policy at https://policies.google.com/privacy?hl=en-GB. Google is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA designed to ensure that European data privacy standards are complied with when data is processed in the USA. Each company certified in accordance with the DPF undertakes to comply with these data privacy standards. More information is available from the provider at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active 

9.2. Google Fonts (local hosting)

In order to standardise our use of fonts, we use Google Fonts that are provided by Google.  Google Fonts are installed locally. A connection is not established to Google servers. More information about Google Fonts is available at https://developers.google.com/fonts/faq and in the Google privacy policy at https://policies.google.com/privacy?hl=de.

9.3. Google Maps

Our website uses the Google Maps service. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Your IP address must be stored to enable the functions of Google Maps to be used. This information is usually transmitted to a Google server in the USA where it is stored. We do not have any influence on this transmission of data. When Google Maps is activated, Google can use Google Fonts to standardise the display of fonts. When Google Maps is opened, your browser downloads the required web fonts into your browser cache in order that text and fonts are displayed correctly. Google Maps is used in the interests of ensuring that our online offerings have an appealing look and that the places mentioned by us on the website are easy to locate. Processing is based on Art. 6(1)(a) GDPR and Section 25(1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g. device fingerprinting) as per the TTDSG. 
Consent can be withdrawn at any time. Data transmission to the USA is based on the standard contractual clauses of the European Commission. Detailed information is provided at https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/. More information on the handling of user data is available in the Google privacy policy at https://policies.google.com/privacy?hl=en-GB. Google is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA designed to ensure that European data privacy standards are complied with when data is processed in the USA. Each company certified in accordance with the DPF undertakes to comply with these data privacy standards. More information is available from the provider at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active 

10. Buttons for social media

Our website contains buttons with hyperlinks to the social media networks YouTube, Facebook, Instagram and LinkedIn in which we have public profiles. You can identify the particular provider by the logo. We use these profiles to communicate with users and to provide them with information about our offerings and career opportunities. When you visit our website, no personal data is initially transferred to these social media platforms. Data is only transferred to them when you click on the relevant button. In this case, the provider in question receives the information that you have opened the corresponding website of our online offering (e.g. date, time, IP address, website opened). The provider of the respective services or content may process your data for other purposes of its own. Since we have no control over the data collected by third parties or its processing by them, we cannot make any binding statements about the purpose and scope of such processing. For more information about the purpose and scope of the collection and processing of your data, please consult the privacy policies of the respective providers who bear responsibility under data protection law. More information about the processing of data and consent withdrawal options is also available in these policies. 
LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland); privacy policy: https://www.linkedin.com/legal/privacy-policy 
Facebook (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland); privacy policy: https://www.facebook.com/about/privacy
Instagram (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland); privacy policy: https://privacycenter.instagram.com/policy/ 
YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland); privacy policy: https://policies.google.com/privacy?hl=en-GB

11. DATA SECURITY AND HOSTING

We implement technical, contractual and organisational measures to ensure the security of data processing consistent with the state of technology. We therefore ensure compliance with the provisions of data protection laws and the General Data Protection Regulation in particular, and ensure the data processed by us is protected against destruction, loss, modification and unauthorised access. These security measures include encrypted transmission of data between your browser and our servers. Please note that SSL encryption for data transmissions sent over the internet is only active when the lock symbol appears in your browser window and the address begins with http://https://. SSL (Secure Socket Layer) uses encryption technology to protect data transmissions against illegal access by third parties. If this option is not available, you can decide not to send certain data over the internet.

12. Your rights

When we process the personal data you provide, you have the following rights. 
Right of access (Art.15 GDPR): You have the right to demand access to information about the personal data about yourself that has been processed. This right also includes a copy of the appropriate data.
Right to rectification (Art. 16 GDPR). You have the right to demand the rectification of personal data concerning yourself without undue delay if it is inaccurate. Taking into account the purposes of the processing, you have the right to demand the completion of the personal data concerning yourself if it is incomplete.
Right to erasure (Art. 17 GDPR). You have the right to demand that the personal data concerning yourself is erased without undue delay if one of the grounds stated in this article applies.
Right to restriction of processing (Art. 18 GDPR). You have the right to demand that the processing of your personal data is restricted if one of the grounds stated in this article applies.
Right to data portability (Art. 20 GDPR). You have the right to receive the personal data concerning yourself that you have provided us with in a structured, commonly used and machine-readable format and, under certain circumstances, you have the right to transfer this data to another controller without hindrance.
Right to object (Art. 21 GDPR). You have the right, on grounds relating to your particular situation, to object at any time to the processing of your data if the data is processed on the basis of an assessment of interests in accordance with Article 6(1)(f) GDPR. This also applies to profiling based on this provision as per Article 4(4) GDPR. If you make an objection, we will cease processing your personal data unless it can be demonstrated that there are overriding and compelling legitimate grounds for the processing or the processing is for the establishment, exercise or defence of legal claims.
Withdrawal of consent (Art. 7(3) GDPR). In accordance with Art. 7(3) GDPR, you have the fundamental right to withdraw the consent you have granted to the processing of personal data at any time. 
With the right of access and the right to erasure, the restrictions as per Sections 34 and 35 German Federal Data Protection Act (BDSG) shall apply.
Right to lodge a complaint (Art. 77 GDPR). You have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). The supervisory authority responsible for our site is the Baden-Württemberg state officer for data protection and freedom of information [Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg], Postfach 10 29 32, 70025 Stuttgart, Germany, telephone: 0049 (0)711/61 55 41– 0, e-mail poststelle(at)lfdi.bwl.de.

13. Amendments to the Privacy Policy

We reserve the right to amend the Privacy Policy in order to adapt it in line with changed legal situations or due to changes in the service or data processing. This only applies with regard to data processing policies, however. Insofar as user consent is required or components of the Privacy Policy contain provisions regarding the contractual relationship with users, the amendments are only made with the users’ consent. Please read the contents of the Privacy Policy regularly.

Non-binding contact request