Privacy Policy

1. Data protection at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to identify you personally. For detailed information on the subject of data protection, please refer to our privacy policy listed below this text.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke any consent you have already given at any time. To do so, simply send us an informal email. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Alternatively, you can open the cookie settings via this button and revoke your consent for individual or all cookies:

Data collection on our website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. Their contact details can be found in the legal notice on this website.

Who is responsible for the data collection on this website?

The data processing on this website is carried out by the website operator. You can find his contact details in the imprint of this website.

How do we collect your data?

Your data is collected when you provide it to us. This may include, for example, data that you enter in a contact form.

Other data is automatically collected by our IT systems when you visit the website. This is primarily technical data (e.g., Internet browser, operating system, or time of page view). This data is collected automatically as soon as you enter our website.

What do we use your data for?

Some of the data is collected to ensure that the website is provided without errors. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right to receive information about the origin, recipient, and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, restriction of processing, or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions about data protection. You also have the right to lodge a complaint with the competent supervisory authority.

Analysis tools and third-party tools

When you visit our website, your surfing behavior may be statistically evaluated, provided you have given your consent. Cookies/identifiers may be used for this purpose. Details (purposes, tools, revocation) can be found in the following sections.

Data transfers to third countries

When using individual services mentioned in this privacy policy, personal data may be transferred to third countries (in particular the USA). In these cases, we ensure that the transfer only takes place in compliance with the provisions of Chapter V of the GDPR. This is done in particular

• on the basis of an adequacy decision (e.g., EU-US Data Privacy Framework), provided that the respective provider is certified accordingly,

or

• on the basis of the EU Standard Contractual Clauses (SCC) and, where necessary, additional protective measures (e.g., technical and organizational measures and a transfer impact assessment).

Information on the specific service providers used and the relevant basis for transfer can be found in the following sections on the individual tools.

2. Responsible party and data protection officer

Information about the responsible party

The responsible party for data processing on this website is:

Jürgen Rüffer
Igor Bruss
Michael Schulz, MBA

ALLSAT GmbH
Sokelantstraße 5
30165 Hannover

Phone: (0511) 30399-0
Fax: (0511) 30399-66
info@allsat.de

 

The responsible body is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Legally required data protection officer

We have appointed a data protection officer for our company.

Alexander Raebsch

ALLSAT GmbH
Sokelantstraße 5
30165 Hannover

Phone: (0511) 30399-0
alexander.raebsch@allsat.de

3. Rights of data subjects and other mandatory information

Right to lodge a complaint with the competent supervisory authority

In the event of violations of data protection law, the data subject has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link:  https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done if it is technically feasible.

Information, correction, deletion, restriction, objection

Within the framework of the applicable legal provisions, you have the right to receive information free of charge at any time about your stored personal data, its origin and recipients, and the purpose of data processing. You also have the right to correct or delete your data or to restrict processing and, if the requirements are met, to object to processing on the basis of Art. 6 (1) lit. f GDPR. You can contact the address given in the imprint at any time if you have any further questions.

Objection to advertising emails

We hereby object to the use of contact data published within the scope of the legal notice obligation for sending unsolicited advertising and information material. The operators of the website expressly reserve the right to take legal action in the event of unsolicited advertising information being sent, for example via spam emails.

Data protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

When you use this website, various personal data is collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the Internet (e.g., when communicating by email) can have security gaps. Complete protection of data against access by third parties is not possible.

4. Data collection when visiting the website

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Server log files

When you visit our website, we process technically necessary data in server log files (e.g., IP address, date/time, page/file accessed, referrer URL, browser/OS, status codes) in order to provide the website, ensure system security, analyze errors, and prevent misuse. The legal basis is Art. 6 (1) lit. f GDPR (legitimate interest in the operation, security, and stability of the website). Log data is generally stored for 30 days and then deleted or anonymized, unless security-related storage (e.g., to investigate attacks) is required.

Cookies

We use cookies and similar technologies (e.g., local storage, pixels, tags) to provide our website securely, enable functions, and—if you have consented—to measure reach and conduct marketing.

Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offering more user-friendly, effective, and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies.” They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit.

We use technically necessary cookies on the basis of Art. 6 (1) lit. f GDPR (legitimate interest in technically error-free and secure provision) or Art. 6 (1) lit. b GDPR (if necessary for the performance of a contract). For all non-essential cookies/technologies, information is only stored on your device or accessed with your consent in accordance with Section 25 (1) TDDDG; the subsequent processing of personal data is then based on Art. 6 (1) lit. a GDPR.

Borlabs Cookie

We use Borlabs Cookie (provider: Borlabs GmbH, Hamburger Str. 11, 22083 Hamburg, Germany) to manage your consent.

Borlabs Cookie stores your consent decision (e.g., in the “borlabs-cookie” cookie) and can process consent information for verification purposes.

The legal basis is Art. 6 (1) lit. f GDPR (legitimate interest in legally compliant documentation and control of consents) and § 25 (2) No. 2 TDDDG, insofar as the setting of the cookie is technically necessary. You can change or revoke your settings at any time via cookie settings.

(Note: Without consent, certain functions/integrations may not be available.)

5. Communication

Contact form

If you contact us via the contact form, we will process the data you provide (e.g., name, email address, message) for the purpose of processing your inquiry and for follow-up questions.

Legal basis

The legal basis is Art. 6 (1) (b) GDPR, insofar as it concerns pre-contractual measures or the performance of a contract; otherwise Art. 6 (1) lit. f GDPR (legitimate interest in the efficient processing of inquiries). The data will be deleted as soon as the inquiry has been finally processed, at the latest after 6 months, unless there are legal retention obligations to the contrary.

6. Analysis tools and marketing

Google Tag Manager (GTM)

We use Google Tag Manager (“GTM”) to manage website tags (e.g., integration/control of analysis and marketing services). The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When GTM is loaded, a connection to Google servers may be established; for technical reasons, device/browser information and the IP address, among other things, are transmitted. GTM itself is used to deliver/control tags and, according to Google, does not collect visitor profiles; standard HTTP request log data is deleted after a short period of time (e.g., 14 days).

Legal basis

GTM is only used with your consent via our cookie settings (Art. 6 (1) (a) GDPR). The storage of information in your end device or access to it (e.g., cookies/identifiers) is based on § 25 (1) TDDDG. You can revoke your consent at any time via the cookie settings with effect for the future.

Data transfer to third countries

Transfer to third countries (in particular the USA) cannot be ruled out. Depending on the provider status, this is based on an adequacy decision (e.g., EU-US Data Privacy Framework) or appropriate safeguards (e.g., EU standard contractual clauses).

Google Analytics 4

We use Google Analytics 4 to analyze website usage and improve our offering. The provider is Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). (possibly affiliated with Google LLC, USA). Google Analytics may use cookies/identifiers and process information about your use of this website (e.g., page views, interactions, technical information, IP address if applicable).

Legal basis

Use is only permitted with your consent (Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TDDDG, insofar as cookies/identifiers are used).

You can revoke your consent at any time via the cookie settings.

Data transfer to third countries

Transfer to third countries (in particular the USA) cannot be ruled out. Depending on the provider status, this is done on the basis of the EU-US Data Privacy Framework (in the case of certification) or, alternatively, on the basis of standard contractual clauses.

Demographic evaluation/signals

In Google Analytics 4, we use Google signals and functions to extend the analysis with additional information from the Google ecosystem (e.g., for cross-device evaluations and marketing/remarketing functions). Processing is carried out exclusively on the basis of your consent (Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TDDDG, insofar as cookies/identifiers are used). You can revoke your consent at any time via the cookie settings and also control the corresponding settings in your Google account (ad/privacy settings).

Order processing

We have concluded an order processing agreement (AVV) with Google and implement the requirements of the German data protection authorities when using Google Analytics.

IP addresses

Google Analytics 4 does not log or store IP addresses; according to Google, IP addresses are not stored permanently.

Storage period

The data collected via Google Analytics is stored for 14 months and then deleted or anonymized (depending on the configuration).

For more information on how Google Analytics handles user data, please refer to Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de

Meta Pixel (Facebook Pixel)

We use Meta Pixel to measure the effectiveness of our advertisements (conversion tracking), to create target groups (custom audiences/retargeting), and to optimize our campaigns. The provider is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, Ireland. Cookies/identifiers may be set and information about your use of our website may be processed (e.g., page views, interactions, technical information such as browser/device, IP address if applicable, event data).

Legal basis

Use is only permitted with your consent (Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TDDDG). You can change or revoke your settings at any time via cookie settings.

Data transfer to third countries

Transfer to third countries (in particular the USA) cannot be ruled out. Depending on the provider status, this is based on an adequacy decision (e.g., EU-US Data Privacy Framework) or appropriate safeguards (e.g., EU standard contractual clauses).

Storage period

We process the event data collected within the scope of the Meta Pixel for the purposes mentioned for up to 12 months and then delete or anonymize it, provided that there are no legal retention obligations to the contrary.

For certain processing operations in connection with the Meta Pixel (in particular the transmission of event data), we and Meta may act as joint controllers. The essential contents of the agreement are set out in Meta’s Controller Addendum (available in the Meta legal texts).

LinkedIn Insight Tag (Inside Tag/Pixel)

We use the LinkedIn Insight Tag to measure the success of our LinkedIn campaigns (conversion tracking), for reach analysis, and for retargeting. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (affiliated with LinkedIn Corporation/LinkedIn services outside the EU). Cookies/identifiers may be set and information about the use of our website may be processed (e.g., page views, referrer URL, timestamp, device/browser data, IP address if applicable).

Legal basis

Use is only permitted with your consent (Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TDDDG).  You can change or revoke your settings at any time via cookie settings.

Data transfer to third countries

Data transfer to third countries (in particular the USA) cannot be ruled out. Depending on the provider status, this is based on an adequacy decision (e.g., EU-US Data Privacy Framework) or appropriate safeguards (e.g., EU standard contractual clauses) .

Storage period

We process the event data collected by the LinkedIn Insight Tag for the purposes mentioned above for up to 12 months and then delete or anonymize it, unless there are legal retention obligations that prevent this.

Leadinfo (B2B recognition)

We use Leadinfo (LeadInfo B.V., Rotterdam, Netherlands) to recognize B2B visits and optimize our sales/marketing activities. Companies can be identified based on their IP address and other technical information.

Legal basis

Use is only permitted with your consent (Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TDDDG, insofar as cookies/identifiers are used). You can change or revoke your settings at any time via cookie settings.

Storage period

Data is deleted as soon as it is no longer required for the purpose, at the latest after 12 months, unless there are legal retention obligations.

7. External content/embedded content

YouTube

Our website embeds YouTube videos. The operator of the site is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube is disabled by default and will only be loaded after you give your consent via our cookie settings.

When you visit a page with an embedded YouTube video, a connection to the YouTube servers is established after you have given your consent. The YouTube server is informed which of our pages you have visited.

If you are logged into your YouTube account, you enable YouTube to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

Legal basis

Once you have given your consent, personal data (e.g., IP address, device/browser information, usage data) may be transmitted to Google/YouTube when you visit pages with embedded videos. The legal basis is your consent (Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TDDDG, insofar as cookies/identifiers are used). You can change or revoke your settings at any time via cookie settings.

Further information on the handling of user data can be found in YouTube’s privacy policy at: https://www.google.de/intl/de/policies/privacy.

Google Maps

We integrate Google Maps to display our location on a map. The map is disabled by default and is only loaded after you activate it by clicking on it. Only then is a connection to Google’s servers established and personal data (e.g., IP address, device/browser information) can be transmitted.

Legal basis

The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Use is based on your consent (Art. 6 (1) (a) GDPR; insofar as cookies/identifiers are used in conjunction with § 25 (1) TDDDG). If you do not activate the map, no data will be transferred. You can change or revoke your settings at any time via cookie settings.

Data transfer to third countries

A transfer to third countries (in particular the USA) cannot be ruled out; depending on the provider status, this is based on an adequacy decision (e.g., EU-US Data Privacy Framework) or appropriate safeguards (e.g., EU standard contractual clauses).

For more information on how user data is handled, please refer to Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/.

8. Security / Abuse Protection

Cloudflare Turnstile

We use Cloudflare Turnstile (hereinafter “Turnstile”) on this website. The provider is Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA (hereinafter “Cloudflare”).

Turnstile is used to check whether data entry on this website (e.g., in a contact form) is performed by a human or by an automated program (bot). Turnstile analyzes the behavior of the website visitor based on various characteristics.

The analysis begins automatically as soon as the website visitor calls up one of our pages (on the website) with Turnstile activated. Turnstile evaluates various information for the analysis (e.g., IP address, length of time the website visitor stays on the website or a subpage, or mouse movements and/or mouse clicks made by the user on the website). The data collected during the analysis is forwarded to Cloudflare.

Legal basis

The legal basis is Art. 6 (1) lit. f GDPR (protection against misuse/spam). If Turnstile uses cookies/identifiers or accesses information on your terminal equipment, this is done – depending on technical necessity – on the basis of Section 25 (2) No. 2 TDDDG (required) or after consent (Section 25 (1) TDDDG).

Data transfer to third countries

A transfer to third countries (in particular the USA) cannot be ruled out; depending on the provider status, this is carried out on the basis of an adequacy decision (e.g., EU-US Data Privacy Framework) or appropriate safeguards (e.g., EU standard contractual clauses).

9. Other tools

Font Awesome (local integration)

We use Font Awesome to ensure consistent icon display. The files are loaded locally from our server. No data is transferred to third parties.

EWWW Image Optimizer

We use EWWW Image Optimizer for the technical optimization of images (e.g., compression) to improve the loading times and performance of our website. Processing takes place exclusively on the server side as part of the provision of our website.

Legal basis

Art. 6 (1) lit. f GDPR (legitimate interest in a technically efficient and user-friendly website).

Data transfer to third countries

No transfer to third countries takes place within the scope of this tool, as processing is carried out locally on our server.

Storage period

This tool does not create any independent user profiles; optimized image files are stored within the scope of website provision. Revocation is not necessary in this respect, as processing is based on our legitimate interest. This tool does not store any independent personal data.

Strong Testimonials

We use Strong Testimonials to display and manage customer testimonials/references on our website. The plugin is used exclusively for the presentation of content and is operated locally.

Legal basis

If a review is published on the basis of consent (e.g., publication with real name/photo), the legal basis is Art. 6 (1) lit. a GDPR.

Data transfer to third countries

No transfer to third countries takes place within the scope of this plugin.

Storage period

Reviews are generally stored and published for as long as is necessary for the purpose of presenting customer experiences, in particular until the review is removed from the website or until the data subject revokes their consent or requests deletion.

Revocation/deletion

You may revoke your consent at any time with future effect or object to publication; in this case, we will remove the review or anonymize it, provided that there are no legal retention obligations to the contrary.

Slider Revolution

We use Slider Revolution to design and display sliders/animations on our website. The plugin is used to display website content in a user-friendly and appealing way and is operated locally.

No personal data is stored.

Legal basis

Art. 6 (1) (f) GDPR (legitimate interest in a technically and visually optimized presentation of our website).

Data transfer to third countries

No transfer to third countries takes place within the scope of this plugin.

Storage period

No separate user profiles are created. Revocation is not necessary in this respect, as processing is based on our legitimate interest.

The Events Calendar

We use The Events Calendar to manage and display events (e.g., dates, event information) on our website. If a form is provided in connection with events, we process the data you submit to handle your request and for follow-up questions. Processing takes place locally to provide the respective content.

Legal basis

Art. 6 (1) (f) GDPR (legitimate interest in providing event information).

If you contact us via a form in connection with an event, the processing is carried out to handle your request (Art. 6 (1) (b) GDPR, insofar as it concerns pre-contractual measures or the performance of a contract; otherwise Art. 6 (1) (f) GDPR).

Data transfer to third countries

No data is transferred to third countries within the scope of this plugin.

Storage period

Event data is stored for as long as it is necessary to display the events.

If data is transmitted via a form, it will be deleted as soon as the request has been processed, at the latest after 6 months, unless there are legal retention obligations to the contrary.

Popup Maker

We use Popup Maker to display pop-up windows, e.g., for information or interaction notices on the website. The plugin is operated locally and serves to provide information in a user-friendly manner. Cookies may be set to prevent pop-ups from being displayed repeatedly.

Legal basis

Art. 6 (1) lit. f GDPR (legitimate interest in effective user guidance and information presentation).

Insofar as cookies are technically necessary, the storage of information in your end device or access to it is based on § 25 (2) No. 2 TDDDG.

Data transfer to third countries

No transfer to third countries takes place within the scope of this plugin.

Storage period

Cookies are stored for 30 days or until you delete them in your browser. No independent user profiles are created.