We have prepared this Privacy Policy (version 27.03.2024‑312755865) to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (short: data) we as the controller – and processors commissioned by us (e.g. hosting providers) – process now and in the future and which lawful options you have. The terms used are to be understood as gender‑neutral.
In short: We inform you comprehensively about the data we process about you.
Privacy policies usually sound very technical and use legal terminology. This privacy policy, however, is intended to describe the most important aspects as simply and transparently as possible. Where it serves transparency, technical terms are explained in a reader‑friendly way, links to further information are provided and graphics are used. We inform you in clear and simple language that, in the course of our business activities, we only process personal data when there is a corresponding legal basis. That would not be possible if we provided the briefest, unclear, legal‑technical explanations – as is often standard on the Internet when it comes to data protection. If questions remain, please contact the controller named below or in the imprint.
This Privacy Policy applies to all personal data processed by us within our company and to all personal data processed by companies commissioned by us (processors). By personal data we mean information within the meaning of Art. 4(1) GDPR such as a person’s name, e‑mail address and postal address. The processing of personal data ensures that we can offer and bill our services and products, whether online or offline. The scope of this Privacy Policy includes:
In short: This Privacy Policy applies to all areas in which personal data is processed in the company via the channels mentioned. Should we enter into legal relationships with you outside these channels, we will inform you separately if necessary.
Below we provide transparent information on the legal principles and provisions – i.e. the legal bases of the General Data Protection Regulation – that enable us to process personal data.
As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. You can of course read this regulation online on EUR‑Lex, the access to EU law, at https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=celex%3A32016R0679.
We process your data only if at least one of the following conditions applies:
Additional bases such as performance of a task carried out in the public interest and protection of vital interests generally do not apply to us. Should such a legal basis nevertheless be relevant, it will be indicated at the appropriate point.
In addition to the EU regulation, national laws also apply:
Where other regional or national laws apply, we will inform you about them in the following sections.
If you have any questions about data protection or the processing of personal data, you will find the contact details of the responsible person/entity below:
Andreas Hubert
Krankenhausstr. 21, 85221 Dachau, Germany
Authorised representative: Andreas Hubert
E‑mail: datenschutz@ahu.services
As a general criterion, we only store personal data for as long as is absolutely necessary to provide our services and products. This means that we delete personal data as soon as the reason for processing no longer applies. In some cases we are legally obliged to store certain data even after the original purpose no longer applies, for example for accounting purposes.
If you wish your data to be deleted or revoke your consent to data processing, the data will be deleted as quickly as possible, provided there is no obligation to retain it.
Where we have further information on the concrete duration of the respective data processing, we inform you below.
Pursuant to Articles 13 and 14 GDPR we inform you about the following rights to ensure fair and transparent processing:
In short: You have rights – please do not hesitate to contact the responsible entity listed above!
If you believe that the processing of your data violates data protection law or your data protection claims have been violated in any other way, you can lodge a complaint with a supervisory authority. In Germany there is a data protection authority for each federal state. For further information you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI). For our company, the following local data protection authority is responsible:
State Commissioner for Data Protection: Prof. Dr. Thomas Petri
Address: Wagmüllerstr. 18, 80538 Munich
Phone: +49 89 212672‑0
E‑mail: poststelle@datenschutz-bayern.de
Website: https://www.datenschutz-bayern.de/
|
Web Hosting Summary 👥 Affected parties: Website visitors 🤝 Purpose: professional hosting of the website and safeguarding of operations 📓 Data processed: IP address, time of website visit, browser used and further data. More details can be found below and/or from the hosting provider used. 📅 Storage period: depends on the respective provider, but usually 2 weeks ⚖️ Legal basis: Art. 6(1)(f) GDPR (legitimate interests) |
When you visit websites nowadays, certain information – including personal data – is automatically created and stored, including on this website. These data should be processed as sparingly as possible and only with justification. By website we mean all pages under a domain, i.e. everything from the homepage to the very last subpage (like this one). By domain we mean, for example, example.com.
To view a website on a computer, tablet or smartphone, you use a program called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox and Apple Safari. We simply call them browsers.
To display the website, the browser must connect to another computer where the website code is stored: the web server. Operating a web server is a complex and time‑consuming task, which is why it is usually handled by professional providers. They offer web hosting and thus ensure reliable and error‑free storage of website data.
When the browser on your device connects and data is transferred to and from the web server, personal data may be processed on your device and on the server.
The purposes of data processing are:
Even while you are visiting our website, our web server – the computer on which this website is stored – usually automatically stores data such as
As a rule, the above‑mentioned data are stored for two weeks and then automatically deleted. We do not pass on this data, but cannot rule out that authorities may access this data in the event of unlawful behaviour.
In short: Your visit is logged by our provider (the company that runs our website on special computers (servers)), but we do not pass on your data without consent!
The lawfulness of the processing of personal data in the context of web hosting results from Art. 6(1)(f) GDPR (protection of legitimate interests), because the use of professional hosting by a provider is necessary in order to present the company securely and user‑friendly on the Internet and to be able to pursue attacks and claims.
As a rule, there is a data processing agreement pursuant to Art. 28 et seq. GDPR between us and the hosting provider, which ensures compliance with data protection and guarantees data security.
|
1&1 IONOS Web Hosting Summary 👥 Affected parties: Website visitors 🤝 Purpose: website storage and accessibility on the Internet 📓 Data processed: IP address, but primarily technical data 📅 Storage period: visitor data are deleted after 8 weeks ⚖️ Legal basis: Art. 6(1)(f) GDPR (legitimate interests) |
To host our website, we use the web hosting services of IONOS by 1&1 (1&1 IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany).
Through hosting, data from you and/or your end device are also stored on IONOS servers. First and foremost, your IP address – which is considered personal data – is stored. In addition, technical data such as the URL of our website, the name of the Internet browser and the operating system you use are stored.
Our goal is a reliably available and secure website with appropriate performance. IONOS provides the required bandwidth and storage and offers a suitable price‑performance ratio for our needs.
When you visit our website, IONOS stores the following data from you/your computer:
The collected data are used to increase website security, detect errors and perform anonymous statistical analyses. According to IONOS, the anonymised IP address is used only to determine the location of the access.
The data are stored on IONOS’s own servers. Visitor data are stored for 8 weeks. Data are not passed on to third parties and are not transferred to a country outside the EU.
You have the right at any time to access, rectify or erase and restrict the processing of your personal data. You can also revoke your consent to data processing at any time.
We have a legitimate interest in using IONOS to provide our online service. Professional hosting by a provider is required to present our company on the Internet in a secure and user‑friendly manner and to be able to pursue possible cyber attacks. The corresponding legal basis is Art. 6(1)(f) GDPR (legitimate interests).
Further information on data protection at IONOS can be found at https://www.ionos.com/terms-gtc/privacy-policy/.
|
Content Delivery Networks Summary 👥 Affected parties: Website visitors 🤝 Purpose: optimisation of our service (so the website can load faster) 📓 Data processed: data such as your IP address. More details can be found below and in the individual privacy texts. 📅 Storage period: in most cases data are stored only as long as needed to provide the service ⚖️ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests) |
We use a Content Delivery Network (CDN) on our website. A CDN helps us to load our website quickly and reliably regardless of your location. In doing so, personal data from you are stored, managed and processed on the servers of the CDN provider used.
A fast‑loading website is part of our service. With a CDN, our website can be delivered much faster to you. This is particularly helpful if you are abroad, because the website is delivered from a server near you.
When you request a website and its content is cached in a CDN, your request is served by the nearest server. Your browser may transmit personal data to the CDN used. This includes, for example, your IP address, browser type, browser version, which page is loaded, and the time and date of the page visit. Whether cookies are used depends on the network used.
If you wish to completely prevent this data transfer, you can install a JavaScript blocker (e.g. https://noscript.net/) on your PC. Of course, our website may then no longer offer the usual service (such as fast loading).
Where you have consented to the use of a CDN, the legal basis is your consent according to Art. 6(1)(a) GDPR. We also have a legitimate interest in using a CDN to optimise and secure our online service. The corresponding legal basis is Art. 6(1)(f) GDPR. We only use the tool to the extent that you have given consent.
|
BootstrapCDN Summary 👥 Affected parties: Website visitors 🤝 Purpose: optimisation of our service (so the website can load faster) 📓 Data processed: data such as your IP address, browser type, browser version, which web page is loaded, or the time and date of the page visit 📅 Storage period: in most cases data are stored only as long as needed to provide the service ⚖️ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests) |
To deliver our individual pages on all devices quickly and securely, we use the CDN BootstrapCDN, an open‑source service by jsdelivr.com of ProspectOne, Kraków, Poland.
We want to offer you a comprehensive and well‑functioning service. With jsdelivr.com CDN, our website can load much faster, especially for users abroad.
BootstrapCDN delivers JavaScript libraries to your browser. When your browser downloads a file from BootstrapCDN, your IP address is transmitted during the connection. BootstrapCDN may collect and store user data such as IP address, browser type, browser version, which web page is loaded, and the time and date of the visit. According to jsDelivr, no cookies or other tracking services are used for delivery.
BootstrapCDN has servers in various countries and your data may also be stored outside the EEA. Data are retained only as long as necessary to provide the services and to fulfil legal obligations or resolve disputes.
You always have the right to access, rectify and erase your personal data. You can also contact BootstrapCDN at any time.
If you want to prevent this data transfer, you can install a JavaScript blocker (e.g. https://noscript.net/) or disable JavaScript in your browser. Please note that the website may then no longer offer its usual service (such as fast loading).
Where you have consented to the use of BootstrapCDN, the legal basis is your consent pursuant to Art. 6(1)(a) GDPR. We also have a legitimate interest in using BootstrapCDN to optimise and secure our online service. The corresponding legal basis is Art. 6(1)(f) GDPR. We only use BootstrapCDN to the extent that you have given consent.
|
Cloudflare Summary 👥 Affected parties: Website visitors 🤝 Purpose: optimisation of our service (so the website can load faster) 📓 Data processed: data such as IP address, contact and log information, security fingerprints and performance data for websites 📅 Storage period: in most cases data are stored for less than 24 hours ⚖️ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests) |
We use Cloudflare (Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA) to make our website faster and more secure. Cloudflare may use cookies and processes user data. Cloudflare provides a CDN and various security services. These services sit between the user and our hosting provider.
Cloudflare helps us to make our website faster and more secure (including reverse proxy, CDN, DDoS protection, WAF). By storing our website at local data centres and blocking spam software, Cloudflare can significantly reduce bandwidth usage and loading times.
Cloudflare generally forwards only the data controlled by website operators. In most cases Cloudflare receives data such as IP address, contact and log information, security fingerprints and performance data for websites. Cloudflare processes these data in compliance with applicable laws, including the GDPR. Cloudflare may also work with third parties who process personal data only in accordance with Cloudflare’s instructions and confidentiality and security measures.
Cloudflare stores your information primarily in the USA and the EEA. As a rule, Cloudflare stores user‑level data for free, Pro and Business domains for less than 24 hours. Exceptions may apply in connection with security incidents.
Cloudflare keeps log data only as long as necessary and in most cases deletes them within 24 hours. Permanent logs are anonymised.
Where you have consented to the use of Cloudflare, the legal basis is your consent pursuant to Art. 6(1)(a) GDPR. We also have a legitimate interest in using Cloudflare to optimise and secure our online service. The corresponding legal basis is Art. 6(1)(f) GDPR. Cloudflare participates in the EU‑US Data Privacy Framework and also uses Standard Contractual Clauses where appropriate.
|
jQuery CDN Summary 👥 Affected parties: Website visitors 🤝 Purpose: optimisation of our service (so the website can load faster) 📓 Data processed: data such as your IP address 📅 Storage period: in most cases data are stored only as long as needed to provide the service ⚖️ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests) |
We deliver JavaScript libraries (jQuery) via the CDN of StackPath (LCC, 2012 McKinney Ave. Suite 1100, Dallas, TX 75201, USA). Through this service, personal data are stored, managed and processed.
With jQuery, our website can be loaded much faster, especially for users abroad.
As soon as a connection to the CDN server is established, your IP address is recorded and stored (unless these data are already cached in your browser from a previous visit). According to StackPath, aggregated and anonymised data may be used to enhance security and services.
StackPath has servers in various countries (USA and EEA). Personal data processed on our behalf are retained only as long as necessary to provide the services and to fulfil legal obligations or resolve disputes.
You can install JavaScript blockers (e.g. https://www.ghostery.com/ or noscript.net) or disable JavaScript in your browser. The website may then no longer function as usual.
Where you have consented to the use of jQuery CDN, the legal basis is your consent pursuant to Art. 6(1)(a) GDPR. We also have a legitimate interest in using jQuery CDN to optimise and secure our online service. The corresponding legal basis is Art. 6(1)(f) GDPR. StackPath participates in the EU‑US Data Privacy Framework and uses Standard Contractual Clauses. The StackPath Data Processing Addendum is available at https://www.stackpath.com/legal/data-processing-addendum.
|
Web Design Summary 👥 Affected parties: Website visitors 🤝 Purpose: improvement of user experience 📓 Data processed: which data are processed depends strongly on the tools used. Usually, for example, IP address, technical data, language settings, browser version, screen resolution and browser name. More details can be found with the respective web design tools. 📅 Storage period: depends on the tools used ⚖️ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests) |
We use various tools that serve our web design. Web design is not only about looks, but also about functionality and performance. The goal is to improve your experience on our website (UX and usability). Under “Web Design” we include all services that enhance the visual and structural design of our website (e.g. fonts, plugins or other embedded web design functions).
How you perceive information on a website depends strongly on its structure, functionality and visual design. A good and professional web design has economic advantages for us and improves your experience.
Depending on the tools used, data such as language settings, IP address, browser version, screen resolution and browser name may be transmitted. For details, please refer to the privacy policies of the respective tools.
How long data are processed depends on the web design elements used. In general, data are only retained as long as necessary to provide the service. In the case of statutory requirements, data may be stored longer.
You can withdraw your consent to the use of cookies/third‑party tools at any time (via our consent tool or browser settings). Some data are collected automatically when a page is loaded and transmitted to third‑party providers (e.g. Google). Please contact the support of the provider concerned for deletion requests.
Where you have consented to the use of web design tools, the legal basis is your consent under Art. 6(1)(a) GDPR. We also have a legitimate interest in improving web design on our website. The corresponding legal basis is Art. 6(1)(f) GDPR. We only use web design tools to the extent that you have given consent.
This section continues analogously to your German version (icons via Font Awesome; data such as IP address and which icon files are loaded; storage; right to object; legal basis). If you paste the remaining German content, I will complete the exact English mirror.
Language notice: This English version is provided for convenience. In case of discrepancies, the German Datenschutzerklärung prevails.