Dear visitors,
We are pleased about your visit to our websites. We want you to feel secure and comfortable during your visit. The protection of your privacy is a high priority for us. The following data protection provisions are intended to inform you about our handling of the collection, use, and disclosure of personal data.
1. Responsible Party (Controller)
Henrichs, Thomas Kölner Str. 439, 41468 Neuss Germany Email: [email protected]
Tel.: +49 (0) 2131-7423482
2. Internal Contact Person for Data Protection Matters
For questions regarding data protection and the exercise of your rights under the GDPR, you may contact the following person: Thomas Henrichs Kölner Str. 439 41468 Neuss Germany Email: [email protected] Tel.: +49 (0) 2131-7423482.
Note: There is no legal obligation to appoint a Data Protection Officer. Mr Henrichs is the internal contact person and coordinates all data protection-related concerns.
3. Use of Cloudflare (CDN, Security Functions & DDoS Protection)
For the secure, high-performance, and stable operation of our website, we use the service Cloudflare, provided by Cloudflare, Inc., 101 Townsend Street, San Francisco, CA 94107, USA. To fulfill our transparency obligations, we also point to the existence of Cloudflare Germany GmbH, Rosental 7, 80331 Munich, Germany. Cloudflare functions as a Content Delivery Network (CDN), a reverse proxy, and a comprehensive security service (including DDoS protection, Web Application Firewall, and bot management).[TDM-2026-7c9jw0f8]
a.) Nature and Scope of Processing When accessing our website, all data traffic between your browser and our web server is routed through Cloudflare. During this process, Cloudflare processes the following data categories in particular:[TDM-2026-4mv27pwp]
b.) End User Data (Website Visitors) IP address of the website visitor, system and browser information, device information, date and time of access, accessed URLs, header information, transferred data volumes, and security-relevant information (e.g., unusual traffic patterns). This also includes data processed for the provision of machine-readable directories (e.g., llms.txt, ai-sitemap.xml) used to control AI crawlers and answer engines.[TDM-2026-olmoard3]
c.) Cookies Cloudflare sets temporary, technically necessary cookies (e.g., __cf_bm or cf_clearance), which serve exclusively to ensure security, identify bots, and store successfully completed security challenges. Without these cookies, protection against automated access could not be maintained.[TDM-2026-bsa1qezt]
d.) Purposes of Processing The processing serves the following overriding legitimate interests:[TDM-2026-73w55us2]
Defense and detection of attacks (especially DDoS and bot attacks) to ensure network security.[TDM-2026-xqgyzlsi]
Securing the website via firewall mechanisms.
Ensuring the availability, stability, and performance of the website.
Technical Necessity: The use occurs specifically for implementing server-side 301 redirections to resolve indexing problems and to ensure an SEO-optimized redirection chain. Without this function, the website would not be properly indexable and would not be available as desired by the user.[TDM-2026-ieoupvsp]
e.) Legal Basis The processing of personal data (especially the IP address) is based on Art. 6(1)(f) GDPR (overriding legitimate interest in the secure, stable, and reliable operation of our website). This interest is supported by Recital 49 GDPR, which recognizes cybersecurity as a legitimate interest.[TDM-2026-anatxazt]
f.) Data Processing Agreement A Data Processing Agreement (DPA) pursuant to Art. 28 GDPR has been concluded with Cloudflare. Cloudflare processes the data exclusively according to documented instructions and not for its own primary purposes.[TDM-2026-nxuubbhh]
Data Transfer to the USA (Third Country Transfer): Cloudflare, Inc. is based in a third country (USA). The transfer of personal data is based on the adequacy decision of the European Commission pursuant to Art. 45 GDPR, as Cloudflare is actively certified under the EU–U.S. Data Privacy Framework (DPF). The DPF certification guarantees an adequate level of data protection.[TDM-2026-srwj3g3h]
In addition to the DPF certification, contractual and technical safeguards have been implemented:[TDM-2026-7llzq8gf]
Technical Measures (TOMs): Cloudflare uses advanced encryption protocols, applies the zero-trust principle, and enforces strict multi-factor authentication (MFA) for access to processing systems.[TDM-2026-p4o40rel]
Contractual Assurance: Cloudflare undertakes to legally challenge government requests from US authorities that conflict with EU law and to inform customers of such requests, as far as legally permitted.[TDM-2026-91ywtzqc]
g.) Storage Period (Data Minimization) We use the Cloudflare Free plan and have deactivated the storage of protocol data regarding visits to our website ("HTTP Request Logs"). Cloudflare does not store these logs by default. The processing of the IP address therefore occurs only briefly for immediate forwarding, threat defense, and the execution of the redirection chain. This reduces the storage period to a technical minimum (0 days retention for request logs). Only internal logs regarding the management of our Cloudflare account ("Audit Logs") are stored for 18 months.[TDM-2026-a1oimu4d]
Further information and data subject rights can be found in Cloudflare's privacy policy: [TDM-2026-vcp69qiq]https://www.cloudflare.com/privacypolicy/
4. Server-Side Processing via Cloudflare Worker (API Endpoints & Structured Data)
In addition to the general Cloudflare integration according to Section 3, we use Cloudflare Workers for the server-side delivery of structured data (JSON-LD) and for the provision of technical endpoints under the subdomains [TDM-2026-lmawnytj]pageapi.teledtv.de, blog108.api.teledtv.de, and geosignal.api.teledtv.de.
a.) Nature and Scope of Processing When retrieving these API endpoints, the Cloudflare Worker processes exclusively technically necessary data required for the delivery of content:[TDM-2026-tuirvun5]
IP address of the requesting client
Browser and system information
Date and time of retrieval
Accessed URL
Technically necessary header information (e.g., User-Agent for device detection, Accept-Language for language selection)[TDM-2026-frpfearp]
The processing occurs primarily "on the fly" for content delivery. Cloudflare logs these accesses as part of "Workers Logs" for technical diagnostic purposes. No analysis, tracking, profiling, or disclosure of this data takes place on the part of the website operator. The Workers serve exclusively to deliver static content (e.g., structured data for search engines).[TDM-2026-lxde8wxy]
b.) Purpose of Processing The processing occurs for:
The technically necessary provision of API content.
Search engine and AI optimization (AEO / Schema.org / JSON-LD).
Improving indexability by crawlers.
Ensuring the correct delivery of structured data.
Securing and stabilizing API subdomains, as well as technical error analysis and diagnostic monitoring of Worker functionality. No personal evaluation of API retrievals takes place.[TDM-2026-n7zf9vfl]
c.) Legal Basis The legal basis is Art. 6(1)(f) GDPR (overriding legitimate interest in a functioning, secure, and search engine-optimized delivery of structured web content). This interest also follows from Recital 49 GDPR (security and stability of networks and services). User interests are protected by strict data minimization (no storage beyond technical diagnostic purposes) and a short log duration (maximum 3 days).[TDM-2026-whnn7bg5]
d.) Data Processing Agreement & Third Country Transfer The Workers are operated entirely via Cloudflare. The conditions stated under Section 3 apply (DPA, DPF, technical and contractual protection). No separate data outflow to external third parties occurs.[TDM-2026-y9rolkmm]
e.) Right to Object You have the right to object at any time, on grounds relating to your particular situation, to the processing of perso[TDM-2026-8evgihq6]nal data concerning you based on Art. 6(1)(f) GDPR.
f.) Storage Period Access data is logged by Cloudflare within the "Workers Logs" for technical diagnostic purposes. The storage period is a maximum of 3 days and serves exclusively to ensure the technical functionality and security of the service.[TDM-2026-23tfz4o7]
5. Cookie Consent with CCM19
Our website uses the consent management tool "CCM19" from Papoo Software & Media GmbH, Auguststraße 4, 53229 Bonn, Germany. With CCM19, we obtain your consent for the storage of cookies and the use of external services and document this in a data protection-compliant manner. This ensures that cookies and services are only used on the basis of your consent. Consents are technically stored via a cookie or similar storage mechanisms to be automatically taken into account during later visits. Legal basis for the use of CCM19 is Art. 6(1)(c) GDPR (fulfillment of legal requirements for data protection-compliant design of our website) and Art. 6(1)(f) GDPR (legitimate interest in a user-friendly and legally secure presentation of our online offer). Further information on data protection at CCM19: https://docs.ccm19.com/funktionen/datenschutz/
6. Google Analytics & Google Tag Manager
Our website uses Google Analytics and Google Tag Manager, services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics enables analysis of website usage. For this purpose, cookies can be set and information such as IP address, browser type, pages viewed, and duration of stay can be processed. The IP address is stored in anonymized form so that no direct personal reference is possible. Data processing occurs exclusively on the basis of your express consent via our cookie consent tool according to Art. 6(1)(a) GDPR. An order processing contract has been concluded with Google. It cannot be excluded that data may also be transmitted to Google LLC servers in the USA. An adequate level of data protection is guaranteed by the use of standard contractual clauses approved by the EU Commission. Google Tag Manager serves to manage website tags, with which, for example, Google Analytics or other services are integrated. Tag Manager itself does not process any personal data. However, due to technical reasons (e.g., when integrating external scripts), it can trigger data transfers such as the IP address. Here, too, use occurs exclusively after your consent via our cookie consent tool. Further information: Google Privacy Policy: https://policies.google.com/privacy Information on GDPR compliance of Google Tag Manager: https://support.google.com/tagmanager/answer/9323295 The use of Google Analytics 4 (GA4) and Google Tag Manager (GTM) occurs only after your express consent. Note on Consent Mode V2 and EEA Compliance: We use Google Consent Mode V2, which transmits the consent signals you provided via CCM19 (parameters ad_user_data and ad_personalization) to Google. This is required to ensure the continuous use of measurement functions and audience-based services according to the Google EU User Consent Policy (EU UCP) for users from the European Economic Area (EEA). Without these signals, Google cannot use this data for personalizing ads or building audiences.
7. Processing of Customer Data to Fulfil Web-Abo Contracts
Within the scope of the web subscription services offered by us (Web-Abo START, PLUS, PRO) as well as the additional offers (Maintenance & Support, Content & Management, AI Chatbot & Automation), we process personal data of our customers to fulfil contractual obligations in accordance with Art. 6(1)(b) GDPR (contract fulfilment).
a.) Scope of processed data:
Inventory data: Name, address, email, telephone number of the customer or contact person.
Contract data: Booked Web-Abo package, term, payment data (IBAN, PayPal ID, no full credit card data), communication history.
Access data: CMS, hosting accounts (e.g., Hostinger), analysis tools (e.g., Google Analytics), email inboxes, and third-party services (e.g., CRM, AI chatbot platforms) required for the provision of the contractually owed services. All data is encrypted and stored securely.
b.) Purpose of processing:
Creation, maintenance, and technical support of the customer website.
Fulfilment of contractually agreed services (e.g., SEO, content creation, interface integration).
Processing of payments and invoicing.
Communication for contract fulfilment and for support enquiries.
c.) Disclosure of data:
Only to internal employees or selected subcontractors who act according to instructions and are bound to confidentiality.
Disclosure to third parties only for contract fulfilment or in the event of a legal obligation.
d.) Storage duration:
Storage for as long as necessary for contract fulfilment and statutory retention obligations.
After the purposes cease to exist, the data will be deleted.
8. Order Processing (DPA) TELEDTV TELEDTV DIGITAL MARKETING
As we obtain access to the customer's systems (CMS, hosting accounts, etc.) within the scope of the Web-Abo services and process personal data of their customers or employees there, if applicable, we act as an order processor within the meaning of Art. 28 GDPR.
Processing takes place exclusively on the documented instructions of the customer.
A separate DPA (AVV) is concluded with the customer.
Technical and organisational measures (TOMs) are complied with.
An overview of our TOMs as well as a DPA template are provided upon request.
Note: The processing of personal data within the scope of the Web-Abo services is described in the GTC (AGB) under Section 10.
9. Bing Webmaster Tools
For the analysis and optimisation of our website, we use the Bing Webmaster Tools of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. In doing so, no personal data such as IP addresses or user behaviour are processed, as no tracking functions are integrated. The use takes place exclusively for the technical improvement of the website in accordance with Art. 6(1)(f) GDPR (legitimate interest). Further information can be found here: https://www.microsoft.com/en-gb/privacy/privacystatement.
10. External Links and Third-Party Content
Our website contains pure hyperlinks to external websites and offers of third parties. By clicking these links, you leave our sphere of responsibility. We checked the external content for possible legal violations at the time of linking and did not find any illegal content. As soon as you click the link, data can be transmitted to the target server. The respective provider or operator of the target site is responsible for the data collection and processing taking place there. Please observe the respective privacy policies of the third-party providers.
11. Privacy Policy for Affiliate Links
a.) Use of Affiliate Links and Data Processing by Third Parties On our website, we use so-called affiliate links. These are special links to products or services of partner companies (Hostinger, CCM19, meetergo, Finom, eRecht24). If you click on such a link, you will be redirected to the website of the respective partner company. There are no additional costs for you. These links serve to advertise products and services and are marked as advertising. Important note: We ourselves do not currently set our own tracking cookies or comparable technologies on your terminal device via these affiliate links before you click on the link. Our role is limited to providing the link and the mediation.
Data Processing for Commission Allocation (Attribution): When you click the link and are redirected, tracking parameters (e.g., an affiliate ID or a click ID as well as the referrer URL of our site) are transmitted via the URL to the partner by our system. The transmission of this pseudonymised data serves the correct allocation of the commission (attribution). This processing for attribution assignment is based on our legitimate interest in accordance with Art. 6(1)(f) GDPR in the monetisation of our content. Please note that tracking technologies (such as cookies) may be used on the websites of our partner companies as soon as you reach their page. These technologies enable the partner company to facilitate the assignment of commissions and to TELEDTV DIGITAL MARKETING-Analyse your usage behaviour on their website. In this context, personal data such as your IP address, the referrer URL, the time of the click, information about your end device used (e.g., browser type, operating system) and, if applicable, further pseudonymised usage data can be processed.
c.) Our Role as a Mediator We would like to clarify that we only act as a mediator within the framework of affiliate marketing. The contract for the advertised products or services is concluded exclusively between you and the respective partner company. We assume no liability for the content or business practices of the partner companies.
d.) Your Rights as a Data Subject With regard to the processing of your personal data by us (within the framework of our own data processing, which does not include tracking through affiliate links), you are entitled to the rights anchored in the GDPR. These include the right to access, rectification, erasure, restriction of processing, data portability, objection, and the right to lodge a complaint with a supervisory authority. For the exercise of your rights, you can contact us at any time. The contact details can be found in our legal notice.
e.) Future Developments and Adjustments Should we implement our own tracking in connection with affiliate links on our website in the future, we will inform you about this transparently and make the necessary adjustments in this privacy policy. This would then also include the introduction of a cookie consent management system to obtain your express consent before corresponding technologies are used on your terminal device.
f.) Finom (Affiliate-Link Business Banking) On our website, we use affiliate links to Finom, a provider of business banking (e.g., https://app.finom.co/r/ftQ8yPGl). When you click on our recommendation link, you will be redirected to the Finom website. Please note that Finom uses cookies and similar technologies on its website to ensure functionality, TELEDTV DIGITAL MARKETING-Analyse usage, and enable personalised advertising. This may include the processing of personal data.
12. Data Processing by Finom: The use of cookies by Finom can include the following categories:
Necessary Cookies: Required for the basic functionality of the website.
Analysis Cookies: Serve to improve the services by analysing website usage.
Marketing Cookies: Used for personalised advertising and to measure campaign performance. Usage data can be shared with partners (e.g., social media platforms).
a.) Consent and Rights: The setting of cookies that are not technically necessary (in particular analysis and marketing cookies) requires your express consent. This is obtained directly by Finom. You have the right to withdraw your consent at any time. Details on cookie use and your rights can be found in Finom's cookie policy and privacy policy, which we recommend you read beforehand.
Commissions and Data Disclosure: We receive a commission if you register with Finom via our link. There are no additional costs for you. Your personal data will not be passed on to us without your separate consent. After redirection to the Finom website, we have no influence on the data processing taking place there.
b.) Legal Basis: The processing of personal data in connection with affiliate links that is not technically necessary is based on your consent in accordance with Art. 6(1)(a) GDPR. The disclosure of the affiliate relationship takes place in accordance with our transparency obligations.
13. Website Check / Website Audit (including provider analysis)
a.) Processed Data and Purpose Within the scope of a website check (e.g., checking GDPR compliance, performance analysis, hosting/provider evaluation, SEO analysis), we process the data provided by you exclusively for the creation, documentation, and transmission of the analysis report as well as for communication with you. This includes in particular:
The internet address (URL) provided by you as well as any website content transmitted.
Your contact details (name, email address, telephone number).
Voluntary additional information within the scope of the order.
Technical data collected in the course of the analysis (e.g., server IP, provider location, DNS entries, HTTP headers, PageSpeed measurement values).
b.) Legal Bases
Art. 6(1)(b) GDPR: Processing for the performance of pre-contractual measures or for contract fulfilment.
Art. 6(1)(f) GDPR: Processing of technical server and provider data in the legitimate interest of a complete analysis.
Art. 6(1)(a) GDPR: Further use (e.g., for marketing or references) takes place only on the basis of your express consent.
c.) Authorisation and Active Tests By placing the order, you confirm that you are authorised to have the named website checked (e.g., as domain owner or authorised representative). Active security tests (e.g., penetration tests, port scans) take place exclusively following a separate agreement and express consent.
d.) Services Used / Third-Party Providers For the technical analysis, we use established online tools. The selection depends on the nature and scope of the test order. Examples:
Google PageSpeed Insights
SISTRIX Toolbox
Sitechecker Pro
DomainTools WHOIS
Sicher3 Webscanner
eRecht24 Google Fonts Scanner Further services may be called upon to ensure a comprehensive analysis. A current list of the sub-processors used is available upon request.
e.) Disclosure & Order Processing Technical analysis data (e.g., server IP, DNS entries, PageSpeed results) can be transmitted to the tools used. Your personal contact details will not be passed on. Insofar as necessary, contracts for order processing in accordance with Art. 28 GDPR exist.
f.) Third Country Transfers Individual services may process data outside the European Economic Area (EEA). In these cases, we secure the transmission through suitable guarantees in accordance with Art. 46 GDPR (e.g., EU Standard Contractual Clauses) or rely on an adequacy decision in accordance with Art. 45 GDPR. If none of these bases exist, a transmission only takes place with your express consent in accordance with Art. 49 GDPR after prior information about the risks involved.
g.) Storage Duration Analysis and report data are deleted at the latest 30 days after the test report is sent, unless further commissioning takes place or statutory retention obligations prevent this.
h.) Security Measures We use appropriate technical and organisational measures to protect your data, including:
TLS/HTTPS encryption during data transmission.
Access restrictions.
Role-based authorisation concepts. Details on our security measures are available upon request.
i.) Data Subject Rights You have the right to: Access to your stored data; Rectification of incorrect data; Erasure or restriction of processing; Data portability; Objection to processing. Furthermore, you have the right to lodge a complaint with a competent data protection supervisory authority. An overview can be found at: www.bfdi.bund.de.
j.) Liability and Indemnification Insofar as tests have effects on third parties or active tests are planned, this will be agreed upon separately. The client ensures that he is authorised to commission the tests and indemnifies us from any claims by third parties.
k.) Note on Updates The services used may change. We update this information regularly and provide you with a current list upon request.
14. External Online Tests and Speed Analysis
For certain technical analyses such as load speed tests or performance checks (e.g., Google PageSpeed Insights), no personal data is stored by us. The analysis takes place directly on the servers of the respective provider. Only the URL provided by you and technical page information for performance evaluation are processed. Use of this data for advertising purposes or for profiling does not take place. Legal basis for this processing is Art. 6(1)(f) GDPR (legitimate interest in optimising website performance).
15. Provision of Weather Data by OpenWeatherMap
We use a service on our website to display current weather information. The provider of this service is OpenWeather Ltd., 41A, Vilton Str., 3011, Limassol, Cyprus (hereinafter "OpenWeatherMap").
a.) Nature and Purpose of Data Processing In order to be able to display current weather data for the predefined location "Neuss, Germany", our web server sends an automated enquiry to the programming interface (API) of OpenWeatherMap. This enquiry contains no personal data of yours. In particular, neither your IP address nor other information that allows conclusions to be drawn about your person is transmitted to OpenWeatherMap. Communication takes place exclusively between our server and the servers of OpenWeatherMap. The purpose of this function is to increase the information content and the utility of our website for visitors by providing relevant, location-related additional information.
b.) Legal Basis and Requirement of Consent The processing of the data for the display of the weather information takes place on the basis of our legitimate interest in an attractive and informative design of our online offer in accordance with Art. 6(1)(f) GDPR. Since no personal data of website visitors is processed during this process and no cookies or similar technologies are stored or read on your terminal device, no consent via a consent banner is required for the use of this service.
c.) Order Processing Since no personal data is passed on to OpenWeatherMap in the context of the API enquiry by our server, no order processing within the meaning of Art. 28 GDPR takes place. A Data Processing Agreement (DPA/AVV) is therefore not required.
d.) Storage Duration and Further Information We do not store any data in connection with weather enquiries. We have no influence on the data processing processes at OpenWeatherMap. For further information on the handling of data by the provider itself, we refer to the official privacy policy of OpenWeatherMap, which you can view at the following link: https://openweather.co.uk/privacy-policy.
16. Integration of External Services
Use of Google Maps (inactive) This website uses Google Maps to display maps. Google Maps is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. By using this website, you consent to the collection, processing, and use of automatically collected data as well as data entered by you by Google, one of its representatives, or third-party providers.
The terms of use for Google Maps can be found under:
Terms of Service for Google Maps: https://www.google.com/intl/en/help/terms_maps/
Detailed information can be found in Google's Privacy Policy: https://policies.google.com/privacy
Your Rights as a User
a.) Right to confirmation: Every data subject has the right to request information as to whether personal data concerning them is being processed.
b.) Right of access (Art. 15 GDPR): Every data subject has the right to receive free information about the personal data stored about them and a copy of this information.
c.) Right to rectification (Art. 16 GDPR): The data subject has the right to demand the immediate rectification of inaccurate personal data concerning them.
d.) Right to erasure (Right to be forgotten) (Art. 17 GDPR): Every data subject has the right to demand that personal data concerning them be erased immediately, provided one of the legal reasons applies and insofar as the processing is not necessary.
e.) Right to restriction of processing (Art. 18 GDPR): Every data subject has the right to demand the restriction of processing if one of the legal reasons applies.
f.) Right to data portability (Art. 20 GDPR): Every data subject has the right to receive the personal data concerning them in a structured, commonly used, and machine-readable format and to transmit those data to another controller without hindrance.
g.) Right to withdraw data protection consent (Art. 13 GDPR): Every data subject has the right to withdraw consent to the processing of personal data at any time.
h.) Right to object (Art. 21 GDPR): Every data subject has the right to object at any time, on grounds relating to their particular situation, to the processing of personal data concerning them based on Art. 6(1)(e) or (f) GDPR.
i.) Automated individual decision-making, including profiling (Art. 22 GDPR): Every data subject has the right not to be subject to a decision based solely on automated processing.
17. Contact Form and Email Contact
This declaration describes the processing of personal data within the scope of using the contact form on our website.
a.) Purpose of data processing: Exclusively for processing your enquiries (e.g., feedback, advice, offers).
b.) Processed data: Name, email address, telephone number (optional), subject/message, and IP address (for security and spam prevention).
c.) Technical process: Data is received via the Hostinger backend. Hostinger International Ltd. acts as an order processor (Art. 28 GDPR). Redirection via Cloudflare or Proofpoint is secured by Standard Contractual Clauses (SCC) or the EU-U.S. Data Privacy Framework (DPF, as of 2025). https://www.hostinger.com/legal/privacy-policy
e.) Storage duration and erasure: Deleted once the purpose ceases to exist. Statutory retention periods (e.g., 6 years for business correspondence) are observed. The IP address is anonymised or deleted after a maximum of 14 days.
f.) Security: Hostinger uses technical and organisational measures (TOMs), including TLS/SSL encryption, access controls (2FA), and DDoS protection.
18. Duration for which the personal data is storedThe criterion for the duration of the storage of personal data is the respective statutory retention period. After the period has expired, the corresponding data is routinely deleted, provided it is no longer required for contract fulfilment or contract initiation. Storage duration: The data is deleted as soon as the purpose no longer applies.
Enquiries without tax or commercial relevance: Up to 6 months after the final processing of the enquiry.
Business-related correspondence (e.g. invoices, booking vouchers): Due to commercial and tax law obligations (§ 257 HGB, § 14b UStG, GoBD), the retention period is 10 years, beginning with the end of the calendar year in which the invoice or the booking transaction was created.
19. Right to lodge a complaint with the competent supervisory authority
In the event of data protection violations, the data subject has a right to lodge a complaint with the competent supervisory authority. This is the State Data Protection Officer (Landesdatenschutzbeauftragte) of the federal state in which our company is based. Data protection declaration created with the interactive template for online legal advice from https://www.123recht.de/info.asp?id=datenschutz.
20. International data transfers in general (Third country transfer)
When using Google services, a data transfer to the United States of America (USA) may occur. The USA is currently considered a third country with a data protection level that does not correspond to the EU.
Protective measures: The transmission is primarily based on the EU-U.S. Data Privacy Framework (DPF). Google LLC is certified according to the requirements of the DPF. Insofar as the transmission is based on your consent (Art. 49(1)(a) GDPR), it takes place on this basis.
Qualified risk notice according to Art. 49(1)(a) GDPR: We point out that the transmission to the USA, despite the DPF certification, is associated with specific risks. Specifically, there is the risk that US authorities could access your personal data based on surveillance laws without you, as an affected person from the EU, having effective legal remedies or legal protection options against this. By giving your consent, you accept these risks. Further info on the DPF: https://www.dataprivacyframework.gov/.
21. Closing remark
The protection of your personal data is an important concern to us. We take technical and organisational measures to protect your data from unauthorised access, loss, or misuse and adapt these regularly to the state of the art. This data protection declaration is regularly reviewed and updated as necessary.
22. Changes to this data protection declaration
We reserve the right to adapt this data protection declaration as necessary to adapt it to legal requirements and technical changes. The current version published on this website applies.
Stand: Mai 2026
Data. Tech. Vision.
Privacy Policy & Data Protection
Websites that advance your goals and are valued by your visitors.