Privacy Policy

With the following privacy policy, we would like to inform you about which types of your personal data (hereinafter also referred to as "data") we process, for what purposes, and to what extent. This privacy policy applies to all processing of personal data carried out by us, both in the context of providing our services and in particular on our websites, in mobile applications, and within external online presences, such as our social media profiles (hereinafter collectively referred to as "online offerings").

The terms used are not gender-specific.

Status: April 2025

Table of Contents

1. Responsible Party
2. Contact Data Protection Officer
3. Security Measures
4. Provision of the Online Offer and Web Hosting
5. Transmission and Disclosure of Personal Data
6. Use of Cookies
7. Commercial and Business Services
8. Payment Service Providers
9. Blogs and Publication Media
10. Contact
11. Newsletter
12. Online Marketing
13. Plugins and Embedded Functions and Content
14. Deletion of Data
15. Changes and Updates to the Privacy Policy
16. Rights of Data Subjects

1. Responsible Party

• Müller & Weber B.V.
• Fornheselaan 202 074
• 3734GE Den Dolder
• Netherlands

2. Contact Data Protection Officer

info@vehicle-register.com

3. Security Measures

We implement appropriate technical and organizational measures in accordance with legal requirements, taking into account the state of the art, the implementation costs, and the nature, scope, circumstances, and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as the relevant access, input, and transfer, ensuring its availability and segregation. Furthermore, we have established procedures that ensure the exercise of data subjects' rights, the deletion of data, and responses to data threats. Furthermore, we consider the protection of personal data right from the development and selection of hardware, software, and processes in accordance with the principle of data protection, through technology design, and through data protection-friendly default settings.

SSL encryption (https): To protect the data you transmit via our online offering, we use SSL encryption. You can recognize such encrypted connections by the prefix https:// in your browser's address bar. Nevertheless, we would like to point out that data transmission over the Internet (e.g., when communicating via email) may have security gaps. Complete protection of data from access by third parties is therefore not possible.

4. Provision of the Online Offer and Web Hosting

In order to provide our online offering securely and efficiently, we utilize the services of one or more web hosting providers from whose servers (or servers managed by them) the online offering can be accessed. For these purposes, we may use infrastructure and platform services, computing capacity, storage space, and database services, as well as security and technical maintenance services.

The data processed in the context of providing the hosting service may include all information relating to users of our online offering that arises during use and communication. This usually includes the IP address, which is necessary to deliver the content of online offerings to browsers, and all entries made within our online offering or on websites.

Email sending and hosting:

The web hosting services we use also include the sending, receiving, and storage of emails. For these purposes, the addresses of the recipients and senders, as well as other information regarding the email transmission (e.g., the providers involved), and the content of the respective emails are processed. The aforementioned data may also be processed for the purpose of detecting spam. Please note that emails are generally not sent encrypted over the Internet. Emails are generally encrypted during transport, but (unless a so-called end-to-end encryption method is used) not on the servers from which they are sent and received. We therefore cannot assume any responsibility for the transmission path of emails between the sender and the recipient on our server.

Collection of access data and log files:

We ourselves (or our web hosting provider) collect data on every access to the server (so-called server log files). The server log files may include the address and name of the accessed web pages and files, the date and time of access, the amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page) and, as a rule, IP addresses and the requesting provider.

Server log files can be used for security purposes, e.g., to prevent server overload (particularly in the case of abusive attacks, so-called DDoS attacks), and to ensure server utilization and stability.

Content Delivery Network:

We use a Content Delivery Network (CDN) provided by AWS (further information: https://aws.amazon.com). A CDN is a service that enables faster and more secure delivery of online content, especially large media files such as graphics or program scripts, using regionally distributed servers connected via the Internet.

Types of data processed:

Content data (e.g., text input, photographs, videos), usage data (e.g., websites visited, interest in content, access times), meta/communication data (e.g., device information, IP addresses).

Data subjects:

Users (e.g., website visitors, users of online services).

Purposes of processing:

Content Delivery Network (CDN), contractual services and service.

Legal basis:

Legitimate interests (Art. 6 (1) (f) GDPR). GDPR).

Services and service providers used:

TransIP:

• Hosting platform for e-commerce/websites;
• Service provider: Vondellaan 47, 2332 AA Leiden, Netherlands;
• Website: Terms & Conditions | Privacy Policy

To the extent we use external service providers to process personal data, these service providers have been carefully selected, commissioned in writing, and are bound by our instructions. The service providers will not share this data with third parties, but will delete it after contract fulfillment and the expiration of statutory retention periods, unless consent to longer storage has been obtained.

5. Transfer and Disclosure of Personal Data

As part of our processing of personal data, it may happen that the data is transferred to or disclosed to other bodies, companies, legally independent organizational units, or individuals. Recipients of this data may include, for example, payment institutions in the context of payment transactions, service providers commissioned with IT tasks, or providers of services and content integrated into a website. In such cases, we comply with legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data that serve to protect your data.

Data transfer within the organization: We may transfer personal data to other bodies within our organization or grant them access to this data. If this transfer is for administrative purposes, the data is based on our legitimate entrepreneurial and business interests or occurs if it is necessary to fulfill our contractual obligations or if the consent of the data subject or legal permission has been obtained.

6. Use of Cookies

Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user's computer. A cookie is primarily used to store information about a user during or after their visit to an online service. The stored information can include, for example, the language settings on a website, the login status, a shopping cart, or the location where a video was watched. The term "cookies" also includes other technologies that perform the same functions as cookies (e.g., when user information is stored using pseudonymous online identifiers, also known as "user IDs").

The following cookie types and functions are distinguished:

Temporary cookies (also known as session cookies):

Temporary cookies are deleted at the latest after a user has left an online service and closed their browser.

Permanent cookies:

Persistent cookies remain stored even after the browser is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, the interests of users used for reach measurement or marketing purposes can be stored in such a cookie.

First-party cookies:

First-party cookies are set by us.

Third-party cookies:

Third-party cookies are primarily used by advertisers (so-called third parties) to process user information.

Necessary (also: essential or absolutely necessary) cookies:

Cookies can be absolutely necessary for the operation of a website (e.g., to save logins or other user inputs or for security reasons).

Statistical, marketing, and personalization cookies:

Furthermore, cookies are generally also used for reach measurement and when a user's interests or behavior (e.g., viewing certain content, using functions, etc.) are stored in a user profile on individual websites. Such profiles are used, for example, to show users content that corresponds to their potential interests. This process is also referred to as "tracking," i.e., tracking the potential interests of users. If we use cookies or "tracking" technologies, we will inform you separately in our privacy policy or when obtaining your consent.

Notes on legal bases:

The legal basis on which we process your personal data with the help of cookies depends on whether we ask for your consent. If this applies and you consent to the use of cookies, the legal basis for processing your data is your declared consent. Otherwise, the data processed with the help of cookies will be processed based on our legitimate interests (e.g., in the commercial operation of our online offering and its improvement) or if the use of cookies is necessary to fulfill our contractual obligations.

General information on revocation and objection (opt-out):

Depending on whether the processing is based on consent or legal permission, you have the option at any time to revoke your consent or to object to the processing of your data using cookie technologies (collectively referred to as "opt-out"). You can initially declare your objection using your browser settings, e.g., by deactivating the use of cookies (although this may also limit the functionality of our online offering). An objection to the use of cookies for online marketing purposes can also be declared using a variety of services, especially in the case of tracking, via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/. You can also obtain further objection information in the information about the service providers and cookies used.

Alternatively, we offer the option of resetting the cookie settings for our website here:

Cookie Settings

Processing of cookie data based on consent: Before we process or have data processed as part of the use of cookies, we ask users for consent that can be revoked at any time. Before consent has been given, only cookies necessary for the operation of our online offering will be used. Their use is based on our interest and the interest of the users in the expected functionality of our online offering.

Types of data processed: Usage data (e.g., websites visited, interest in content, access times), meta/communication data (e.g., device information, IP addresses).

Data subjects:

Users (e.g., website visitors, users of online services).

Legal basement:

Consent (under CCPA and state privacy laws, e.g., VCDPA, CPRA); Legitimate business interests (as defined by U.S. case law and the FTC Act).

7. Commercial and Business Services

We process data from our contractual and business partners, e.g., customers and interested parties (collectively referred to as "Contractual Partners") within the framework of contractual and comparable legal relationships, as well as related measures and within the framework of communication with the contractual partners (or pre-contractually), e.g., to answer inquiries.

We process this data to fulfill our contractual obligations, to secure our rights, and for the purposes of the administrative tasks associated with this information, as well as for business organization. Within the framework of applicable law, we only pass on the data of our contractual partners to third parties to the extent necessary for the aforementioned purposes or to fulfill legal obligations, or with the consent of the contractual partners (e.g., to participating telecommunications, transport, and other auxiliary services, as well as subcontractors, banks, tax and legal advisors, payment service providers, or tax authorities). Data recipients are, in particular, the entities to which we forward the application you may submit as part of our service provision. These bodies are authorized and obligated to process the respective application and to process the data collected for this purpose.

All applications are created automatically and, depending on the specific possibility and only to the extent necessary, sent to the relevant competent authority either by fax or using a postal service provider.

Contractual partners will be informed about other forms of processing, e.g., for marketing purposes, within the framework of this privacy policy.

We will inform contractual partners which data is required for the aforementioned purposes before or during data collection, e.g., in online forms, by special markings (e.g., colors) or symbols (e.g., asterisks, etc.), or in person.

We delete the data after the expiration of statutory limitation periods, unless the data is stored in a customer account, e.g., for as long as it must be retained for legal archiving reasons (e.g., for tax purposes, usually for 10 years). We delete data disclosed to us by the contractual partner as part of an order in accordance with the contract specifications, generally after the end of the order.

To the extent that we use third-party providers or platforms to provide our services, the terms and conditions and privacy policies of the respective third-party providers or platforms apply to the relationship between users and the providers.

Economic analyses and market research:

For business reasons and in order to identify market trends and the wishes of contractual partners and users, we analyze the data available to us on business transactions, contracts, inquiries, etc., whereby the group of data subjects may include contractual partners, interested parties, customers, visitors, and users of our online offering.

The analyses are carried out for the purposes of business evaluations, marketing, and market research (e.g., to determine customer groups with different characteristics). In doing so, we may, where available, consider the profiles of registered users, including their information, e.g., regarding services used. The analyses serve us solely and are not disclosed externally unless they are anonymous analyses with summarized, i.e., anonymized values. Furthermore, we respect the privacy of users and process the data for analysis purposes pseudonymously and, where possible, anonymously (e.g., as summarized data). This is in our legitimate interest.

Ordering process:

We process our customers' data to enable them to select, purchase, or order the selected products, goods, and related services, as well as to pay for and deliver them or execute them.

The required information is marked as such during the ordering or similar purchase process and includes the information required for delivery, provision, and billing, as well as contact information for any follow-up inquiries.

The personal data provided during the ordering process will be stored for 90 days, unless there are legal retention obligations requiring longer storage; data not subject to retention obligations can be deleted by the customer independently, even before the expiration of the aforementioned 90 days.

Further information on commercial services: We process the data of our customers and clients (hereinafter collectively referred to as "customers") to enable them to select, purchase, or commission the selected services or works and related activities, as well as to pay for them, deliver them, execute them, or provide them.

The required information is marked as such during the order, purchase order, or similar contract conclusion and includes the information required for service provision and billing, as well as contact information for any follow-up inquiries.

Types of data processed:

Inventory data (e.g., names, addresses), payment data (e.g., bank details, invoices, payment history), contact data (e.g., email, telephone numbers), contract data (e.g., subject matter of the contract, term, customer category), usage data (e.g., websites visited, interest in content, access times), meta/communication data (e.g., device information, IP addresses).

Data subjects:

Interested parties, business and contractual partners, customers.

Purposes of processing:

Contractual services and support, contact inquiries and communication, office and organizational procedures, administration and response to inquiries, visitor action analysis, interest-based and behavioral marketing, profiling (creation of user profiles), security measures.

Legal basis:

Contractual necessity (UCC § 1-304), legal compliance (15 U.S.C. § 6801 et seq. [GLBA]), legitimate business interests (FTC Act Section 5)

8. Payment Service Providers

Within the framework of contractual and other legal relationships, due to legal obligations, or otherwise based on our legitimate interests, we offer data subjects efficient and secure payment options and, in addition to banks and credit institutions, use other payment service providers (collectively, "Payment Service Providers").

The data processed by the payment service providers includes inventory data, such as name and address, bank details, such as account numbers or credit card numbers, passwords, TANs and checksums, as well as contract, amount, and recipient-related information. This information is required to process the transactions. However, the data entered is only processed and stored by the payment service providers. This means that we do not receive any account- or credit card-related information, but only information confirming or rejecting the payment. Under certain circumstances, the payment service providers may transmit the data to credit agencies. This transmission is for the purpose of identity and credit checks. For more information, please refer to the terms and conditions and the privacy policy of the payment service providers.

Payment transactions are subject to the terms and conditions and privacy policy of the respective payment service providers, which can be accessed within the respective websites or transaction applications. We also refer to these for further information and to assert your rights of withdrawal, information, and other data subject rights.

Order processing (in particular, invoicing) is handled by the service provider "easybill" (easybill GmbH, Düsselstr. 21, 41564 Kaarst). Name, address, and any other personal data will be passed on to easybill solely for the purpose of processing the order and only to the extent necessary for this purpose. Further information on data protection can be found in easybill's privacy policy: https://www.easybill.de/privacy

Types of data processed:

Inventory data (e.g., names, addresses), payment data (e.g., bank details, invoices, payment history), contract data (e.g., subject matter of the contract, term, customer category), usage data (e.g., websites visited, interest in content, access times), meta/communication data (e.g., device information, IP addresses).

Data subjects:

Customers, interested parties. Purposes of processing: Contractual services and services.

Legal basis:

Contract performance and pre-contractual requests (UCC § 1-304), legitimate business interests (FTC Act § 5)

Services and service providers used:

PayPal:

• Payment services and solutions (e.g., PayPal, PayPal Plus, Braintree);
• Service provider: PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg;
• Website: https://www.paypal.com/de;
• Privacy Policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Targetmedia BV:

Zwaardklamp 3, 1271 GK Huizen, subject to the Targetmedia Terms of Use, available at https://www.digiwallet.nl/en/terms and https://www.digiwallet.nl/en/dw-cookies/privacy-statement

9. Blogs and Publication Media

We use blogs or comparable means of online communication and publication (hereinafter "Publication Media"). Readers' data is processed for the purposes of the Publication Media only to the extent necessary for its presentation and communication between authors and readers, or for security reasons. Furthermore, we refer to the information on the processing of visitors to our Publication Media within the framework of this Privacy Policy.

Comments and Posts: When users leave comments or other posts, their IP addresses may be stored based on our legitimate interests. This is done for our security in case someone leaves illegal content in comments and posts (insults, prohibited political propaganda, etc.). In this case, we ourselves may be held liable for the comment or post and are therefore interested in the identity of the author.

Furthermore, we reserve the right to process user information for the purpose of spam detection based on our legitimate interests.

On the same legal basis, we reserve the right to store users' IP addresses for the duration of surveys and to use cookies to prevent multiple voting.

The personal information provided in comments and posts, any contact and website information, as well as the content information, will be permanently stored by us until the user objects.

10. Contact

When you contact us (e.g., via contact form, email, telephone, or social media), the information provided by the person contacting you will be processed to the extent necessary to respond to the contact requests and any requested actions.

Responses to contact requests within the framework of contractual or pre-contractual relationships are made to fulfill our contractual obligations or to respond to (pre-)contractual inquiries and, in addition, based on our legitimate interest in responding to the inquiries.

Types of data processed: Inventory data (e.g., names, addresses), contact data (e.g., email, telephone numbers), content data (e.g., text entries, photographs, videos).

Data subjects:

Communication partners.

Purposes of processing:

Contact requests and communication.

Legal basis:

Contract performance and pre-contractual requests (UCC § 1-304), legitimate business interests (FTC Act § 5)

11. Newsletter

We only send newsletters, emails, and other electronic notifications (hereinafter "newsletters") with the recipient's consent or legal permission. If the newsletter's content is specifically described when subscribing to the newsletter, it is decisive for the user's consent. Otherwise, our newsletters contain information about our services and us.

To subscribe to our newsletter, it is generally sufficient to provide your email address. However, we may ask you to provide a name for the purpose of addressing you personally in the newsletter or other information if this is necessary for the purposes of the newsletter.

Double opt-in procedure:

Registration for our newsletter is generally carried out using a so-called double opt-in procedure. This means that after registration, you will receive an email asking you to confirm your registration. This confirmation is necessary to prevent anyone from subscribing using someone else's email address. Newsletter subscriptions are logged in order to be able to verify the registration process in accordance with legal requirements. This includes storing the registration and confirmation times, as well as the IP address. Changes to your data stored by the shipping service provider are also logged.

Deletion and restriction of processing:

We may store unsubscribed email addresses for up to three years based on our legitimate interests before deleting them in order to be able to prove previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the previous consent is confirmed at the same time. In the case of obligations to permanently observe objections, we reserve the right to store the email address on a blocking list (so-called "blacklist") for this purpose alone.

The registration process is logged based on our legitimate interests for the purpose of proving its proper execution. If we commission a service provider to send emails, this is done based on our legitimate interests in an efficient and secure shipping system.

Notes on legal bases:

Newsletters are sent based on the recipient's consent or, if consent is not required, based on our legitimate interests in direct marketing, provided and to the extent permitted by law, e.g., in the case of advertising to existing customers. If we commission a service provider to send emails, this is done on the basis of our legitimate interests. The registration process is recorded based on our legitimate interests to demonstrate that it was carried out in compliance with the law.

Content:

Information about us, our services, promotions, and offers.

Analysis and performance measurement: The newsletters contain a so-called "web beacon," i.e., a pixel-sized file that is retrieved from our server when the newsletter is opened or, if we use a shipping service provider, from their server. During this retrieval, technical information, such as information about your browser and system, as well as your IP address and the time of retrieval, is initially collected.

This information is used to technically improve our newsletter based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined using the IP address) or access times. This analysis also includes determining whether the newsletters are opened, when they are opened, and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our intention nor, if used, that of the shipping service provider to observe individual users. Rather, the evaluations serve to identify the reading habits of our users and adapt our content to them or to send different content according to the interests of our users.

The evaluation of the newsletter and the measurement of success are based, subject to the express consent of the user, on our legitimate interests for the purpose of using a user-friendly and secure newsletter system that serves both our business interests and meets the expectations of the user.

Unfortunately, a separate revocation of the performance measurement is not possible; in this case, the entire newsletter subscription must be canceled or revoked.

Types of data processed: Inventory data (e.g., names, addresses), contact data (e.g., email, telephone numbers), meta/communication data (e.g., device information, IP addresses), usage data (e.g., websites visited, interest in content, access times).

Data subjects:

Communication partners.

Purposes of processing:

Direct marketing (e.g., by email or post).

Legal basis:

Contract performance and pre-contractual requests (UCC § 1-304), legitimate business interests (FTC Act § 5)

Opt-out option:

You can unsubscribe from our newsletter at any time, i.e., revoke your consent or object to further receipt. You will find a link to unsubscribe from the newsletter either at the end of each newsletter or you can use one of the contact options listed above, preferably email.

12. Online Marketing

We process personal data for online marketing purposes, which may include, in particular, the marketing of advertising space or the presentation of advertising and other content (collectively referred to as "content") based on users' potential interests, as well as the measurement of their effectiveness.

For these purposes, so-called user profiles are created and stored in a file (so-called "cookie"), or similar processes are used to store user information relevant to the presentation of the aforementioned content. This information may include, for example, content viewed, websites visited, online networks used, as well as communication partners and technical information such as the browser used, the computer system used, and information on usage times. If users have consented to the collection of their location data, this data may also be processed.

Users' IP addresses are also stored. However, we use available IP masking procedures (i.e., pseudonymization by shortening the IP address) to protect users. Generally, no user data (such as email addresses or names) is stored as part of the online marketing process, but rather pseudonyms. This means that neither we nor the providers of the online marketing process know the actual identity of the users, but only the information stored in their profiles.

The information in the profiles is generally stored in cookies or similar processes. These cookies can generally be read later on other websites that use the same online marketing process, analyzed for the purpose of displaying content, and supplemented with additional data and stored on the server of the online marketing process provider.

In exceptional cases, clear data can be assigned to the profiles. This is the case, for example, if the users are members of a social network whose online marketing process we use, and the network links the user profiles with the aforementioned information. Please note that users can enter into additional agreements with the providers, e.g., by consenting during registration.

We generally only receive access to aggregated information about the success of our advertisements. However, as part of so-called conversion measurements, we can check which of our online marketing processes have led to a so-called conversion, i.e., for example, to the conclusion of a contract with us. Conversion measurements are used solely to analyze the success of our marketing measures.

Unless otherwise stated, we ask you to assume that cookies used will be stored for a period of two years.

Notes on legal bases: If we ask users for their consent to the use of third-party providers, the legal basis for data processing is consent. Otherwise, user data is processed based on our legitimate interests (i.e., interest in efficient, economical, and user-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this privacy policy.

The individual tools we use are as follows:

Smartlook

Microsoft Bing Ads: We use Bing Ads (www.bingads.microsoft.com), provided and operated by Microsoft. The associated data transfer to the USA is based on the European Commission's standard contractual clauses. Microsoft places a cookie on your device if you accessed our website via a Microsoft Bing ad. This allows Microsoft and us to recognize that someone clicked on an ad, was redirected to our website, and reached a predetermined landing page. We only learn the total number of users who clicked on a Bing ad and were then redirected to the landing page.

Microsoft uses the cookie to process information from which usage profiles are created using pseudonyms. These usage profiles are used to analyze visitor behavior and to display advertisements. The legal basis for the use of Bing Ads is Art. 6 (1) (a) GDPR.

Further information is available at https://www.microsoft.com/de-de/servicesagreement/.

You can prevent the use of Google Ads on our website using this switch:

Microsoft Bing Ads

Google Tag Manager: Google Tag Manager is a solution that allows us to manage so-called website tags via a single interface (and thus integrate, for example, Google Analytics and other Google marketing services into our online offering). The Tag Manager itself (which implements the tags) does not process any personal user data. Regarding the processing of user personal data, please refer to the following information on Google services. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://marketingplatform.google.com; Privacy Policy: https://policies.google.com/privacy.

Types of data processed: Usage data (e.g., websites visited, interest in content, access times), meta/communication data (e.g., device information, IP addresses), location data (data indicating the location of an end user's device).

Data subjects: Users (e.g., website visitors, users of online services), interested parties.

Purposes of processing: Tracking (e.g., interest-/behavior-based profiling, use of cookies), remarketing, visitor action analysis, interest-based and behavior-based marketing, profiling (creation of user profiles), conversion measurement (measurement of the effectiveness of marketing measures), reach measurement (e.g., access statistics, recognition of returning visitors), target group building (determination of target groups relevant for marketing purposes or other content delivery), cross-device tracking (cross-device processing of user data for marketing purposes).

Security measures: IP masking (pseudonymization of the IP address).

Legal basis: Consent (Art. 6 (1) (a) GDPR), Legitimate Interests (Art. 6 (1) (f) GDPR). Opt-out option: We refer to the privacy policy of the respective providers and the opt-out options specified for the providers (so-called "opt-out"). If no explicit opt-out option has been provided, you have the option of deactivating cookies in your browser settings. However, this may limit the functions of our online offering. We therefore recommend the following opt-out options, which are summarized for each region: a) Europe: https://www.youronlinechoices.eu. b) Canada: https://www.youradchoices.ca/choices. c) USA: https://www.aboutads.info/choices. d) Cross-regional: https://optout.aboutads.info.

You can prevent the use of cookies on our website using this switch: Google Tag Manager

13. Plugins and Embedded Functions and Content

We integrate functional and content elements into our online offering that are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). These may include, for example, graphics, videos, social media buttons, and posts (hereinafter collectively referred to as "content").

Integration always requires that the third-party providers of this content process the users' IP address, as without the IP address they would not be able to send the content to their browser. The IP address is therefore necessary for the display of this content or functions. We endeavor to only use content whose respective providers use the IP address solely to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. These "pixel tags" enable information, such as visitor traffic on the pages of this website, to be evaluated. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, the time of visit, and other information about the use of our online services, as well as be linked to such information from other sources.

Notes on legal bases: If we ask users for their consent to the use of third-party providers, the legal basis for data processing is consent. Otherwise, user data is processed based on our legitimate interests (i.e., interest in efficient, economical, and user-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this privacy policy.

Types of data processed: Usage data (e.g., websites visited, interest in content, access times), meta/communication data (e.g., device information, IP addresses).

Data subjects: Users (e.g., website visitors, users of online services).

Purposes of processing: Provision of our online services and user-friendliness, contractual services and support.

Legal basis: Legitimate interests (Article 6 (1) (f) GDPR).

14. Deletion of Data

The data we process will be deleted in accordance with legal requirements as soon as the consents permitted for processing are revoked or other permissions no longer apply (e.g., if the purpose for processing this data no longer applies or it is no longer required for that purpose).

If the data is not deleted because it is required for other legally permissible purposes, its processing will be limited to these purposes. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons, or whose storage is necessary to assert, exercise, or defend legal claims or to protect the rights of another natural or legal person.

Further information on the deletion of personal data can also be found in the individual data protection notices of this Privacy Policy.

15. Changes and Updates to the Privacy Policy

We ask you to regularly inform yourself about the content of our Privacy Policy. We will update this privacy policy as soon as changes to the data processing we carry out make this necessary. We will inform you as soon as the changes require your cooperation (e.g., consent) or other individual notification.

If we provide addresses and contact information of companies and organizations in this privacy policy, please note that these addresses may change over time and ask you to check the information before contacting us.

16. Rights of Data Subjects

As a consumer, you have certain rights under U.S. privacy laws, including those established by:

1. California Consumer Privacy Act (CCPA) Sections 1798.100-1798.199
2. Virginia Consumer Data Protection Act (VCDPA) § 59.1-575
3. Federal Trade Commission Act Section 5 (15 U.S.C. § 45)

Key rights include:

• Right to know what personal information is collected (CCPA § 1798.100)
• Right to delete personal information (CCPA § 1798.105)
• Right to correct inaccurate information (VCDPA § 59.1-576)
• Right to opt-out of data sales (CCPA § 1798.120)
• Right to non-discrimination for exercising these rights (CCPA § 1798.125)