Data protection is very important to us. We strictly adhere to statutory regulations and respect privacy during data processing. We only ever process personal data in accordance with statutory regulations. The specific legal grounds for data protection can be found in the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

We have put together some information on this website regarding data protection and related topics that are applicable to:

  • business activities with us;
  • events and web seminars hosted by us;
  • communication with us;
  • visits to our website (it-haus.com);
  • subscription to our newsletter;

and related issues (incl. tracking). When setting your preferences for our website, please refer to the additional information in our cookie banner.

Status: February 1st, 2023

The “controller”, as defined in Art. 4 (7) GDPR, and service provider is:
IT-HAUS GmbH (hereinafter referred to as “IT-HAUS” or “we”).

Europa-Allee 26/28, 54343 Föhren (DE)
Tel.: +49 6502 9208-0, Fax: +49 6502 9208-850
Email: info[at]it-haus.com
Managing Directors: Ingo Burggraf, Stefan Sicken, Dr Thomas Simon

Data Protection Officer (internal) is
Ms Tamara Mai
IT-HAUS GmbH
Europa-Allee 26/28, 54343 Föhren (DE)
Email: datenschutz[at]it-haus.com

The term “personal data” is used to refer to all information concerning an identified or identifiable natural person. This includes your name, address, phone number, and the data used to access your customer account. Personal data also includes the IP address of the connection you use to navigate through our pages, as well as all associated data concerning your surfing habits. Non-personal data is all other information (e.g. today’s date).

We would firstly like to inform you about your rights as a data subject.

(1) You can exercise the following rights against IT-HAUS about your personal data:

  • Right of access;
  • Right to rectification or erasure;
  • Right to the restriction of processing;
  • Right to object to data processing;
  • Right to data portability.

Here is a more detailed overview of your rights:

You may ask us to confirm whether your personal data is being processed at any time; this being the case, you have the right to access the personal data stored on you. You may exercise this right by contacting Sarah Müller via email at datenschutz[at]it-haus.com.

If the legal requirements are met, you may also OBJECT to data processing: If we are processing your personal data based on our legitimate interest, you may formally object to this processing. This will particularly be the case if processing is not required for the execution of a contract with you, as indicated with the description of each feature below. When exercising your right to object, we kindly ask you to state the reasons why we should no longer process your personal data. If your objection is justified, we will examine the situation and either stop/adjust our data processing or indicate the essential and legitimate reasons for the continuation of our processing.

You may object to the processing of your personal data for the purposes of marketing and data analysis at any time. Please use the following contact details to inform us of your objection:

IT-HAUS GmbH
Europa-Allee 26/28, 54343 Föhren (DE)
Tel.: +49 6502 9208-0, Fax: +49 6502 9208-850
Email: info[at]it-haus.com

If you have given your consent to data processing, you may withdraw this at any time. Once you have withdrawn your consent, we will no longer be permitted to process your personal data.

You also have the right to rectify any incorrect informationrestrict data processing and request the deletion of your personal data following its collection and processing. Under the conditions laid down in Art. 20 GDPR, you also have the right to data portability, i.e. to receive your personal data in a structured, machine-readable and common format, and to transmit this data to another controller without being impeded by us.

If you would like to exercise your data protection rights, please refer to the contact details in our Legal Notice or send an email to Sarah Müller at datenschutz[at]it-haus.com.

(2) If you have any further questions, suggestions or complaints about our data protection information and the processing of your personal data, you can contact Sarah Müller directly at datenschutz[at]it-haus.com.

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a (data protection) supervisory authority – particularly in the Member State of your habitual residence, place of work or place of the alleged infringement – if you believe the processing of your personal data infringes German or European data protection law. The supervisory authority for Rhineland-Palatinate is: The State Commissioner for Data Protection and Freedom of Information in Rhineland-Palatinate; Postal Address: Postfach 30 40, D-55020 Mainz; Visiting Address: Hintere Bleiche 34, D-55116 Mainz, Tel.: +49 6131 208-2449; Fax: +49 6131 208-2497; Email: poststelle(at)datenschutz.rlp.de.

The aim of the following information is to advise our customers, business partners, suppliers, prospective customers and their assigned contacts as to how we process personal data.

(1) We particularly process personal data:

a) to perform pre-contractual measures and/or contracts, including any warranties, guarantees and returns (legal basis: point (b) of Art. 6 (1) GDPR);

b) to fulfil our statutory obligations (legal basis: point (c) of Art. 6 (1) GDPR); and

c) to pursue our legitimate interest in the protection of our assets, the prevention of defaulted payments, the exercise and defence of our rights and, in the case of the personal data of contacts at companies, the identification of – and communication with – our current and prospective customers, suppliers and other business partners for the execution or initiation of business relations (legal basis: points (b) and (f) of Art. 6 (1) GDPR).

A pre-contractual relationship may arise, for example, if a prospective customer contacts us to request information about our company or services; we will then process that person’s data to process the request.

If you get in touch with us, we will save and, if necessary, store any information you provide (e.g. your email address, first name, surname, company and address) to respond to your enquiry. The legal basis for this is point (b) and (f) of Art. 6 (1) GDPR.

(2) We obtain the personal data of assigned contacts (name and contact details, e.g. email address) for the above purposes from the company itself, the company’s website or the respective contact.

(3) If you open an account on our online store under “Log-in/Register” the data you provide will be saved. Mandatory fields are marked as such; all other information is optional. The legal basis for this is point (b) and (f) of Art. 6 (1) GDPR. You cannot open a customer account without providing your complete and correct basic information, as we will require this data to process your order(s). Information marked as optional does not have to be provided.

(4) You must provide your personal data to successfully place an order on our online store. Information required to process orders is marked as mandatory; further information is optional. We will use the data provided to process your order. The legal basis for this is point (b) and (f) of Art. 6 (1) GDPR.

(5) We will collect and process the data required for the purposes. You cannot place an order with us without providing this data (marked as mandatory fields on the online store). You do not have to fill out data fields marked as optional on the online store. Similarly, you cannot return goods or assert any warranty claims without providing the necessary information.

(6) We may also process your personal data to tell you about other interesting products in our portfolio or to send you emails with technical information (e.g. regarding product recalls for your hardware and current IT security risks). We particularly reserve the right to store the following data in summarised lists and use it to create advertising for other similar goods and services (e.g. to send interesting deals and information in the post): your first name, surname, postal address and – provided we have received these additional details within the scope of the contractual relationship – your date of birth, department and cost centre, your trade name and VAT ID Number. The legal basis for this is point (f) of Art. 6 (1) GDPR or, if you explicitly consent to data processing, point (a) of Art. 6 (1) GDPR. You may object to the storage and usage of your data for these purposes or withdraw your consent at any time by getting in touch with us as indicated above. More information on our newsletter subscription: see below.

(7) We offer purchase on account as a payment method and cover ourselves by running a credit check on every new customer (creditworthiness data) through Creditsafe Deutschland GmbH (Schreiberhauer Straße 30, D-10317 Berlin) or Creditreform Trier Eberhard KG (Ostallee 3, D-54290 Trier). Goods cannot be purchased on account without this form of data processing.

(8) Personal data will be sent to our internal departments if required to properly perform our tasks. We sometimes use external service providers to process personal data. These have been carefully selected and commissioned by us; they are obliged to follow our instructions and are regularly audited. We generally ensure receivables from customers worth at least 25,000.00 EUR – and, in some case, amounts under this threshold (receivables from abroad) – through the Euler Hermes SA branch (Friedensallee 254, D–22763 Hamburg) of Euler Hermes Deutschland. In order to perform a contract, we may disclose personal data to our bank, payment service providers and/or the shipping company commissioned to deliver goods, provided this is necessary for the delivery of the ordered goods. Moreover, we may disclose personal data to third parties if we perform a contract, hold events or offer similar services alongside business partners. We may also disclose personal data to our legal representatives or competent courts and authorities (e.g. in the case of a dispute).

(9) It may be necessary to transfer data to third countries (outside the European Union and/or European Economic Area) in individual cases, e.g. to perform our contractual obligations. We will indicate this separately in each offer. We will comply with Art. 44 et seq. GDPR at all times.

(10) We do not carry out automated decision-making (incl. profiling).

(11) Your personal data (e.g. address, payment and order details) will be deleted as soon as it is no longer required for your enquiry or the performance of a contract, or as soon as a contract is rescinded and the statutory retention periods have lapsed (e.g. up to 10 years in accordance with the German Commercial Code and/or Fiscal Code). Your personal credit report data (e.g. name, address, date of birth and the credit check issued by the credit agency) will be stored for a period of one year. One of the purposes of this is to ensure that no further credit checks must be performed if more goods are purchased on account in the future. We may also retain your personal data if you have given us your consent, or if there are legal disputes and we use this as evidence within statutory limitation periods of up to thirty years; the standard limitation period is three years.

(12) SSL encryption is always used during orders placed on our online store, in order to prevent your personal data (especially your financial information) from being accessed by unauthorised third parties.

The aim of the following information is to advise our customers, business partners, suppliers, prospective customers and/or their assigned contacts as to how we process personal data for events and web seminars hosted by IT-HAUS GmbH.

(1) Any data submitted during the registration process for one of our events / web seminars will be processed in accordance with the GDPR and BDSG.

(2) To register for events or web seminars, we use our CRM system (Customer Relationship Management) from Microsoft Dynamics 365 from Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521 (server location EU) on our website. If you register to attend one of our events / web seminars, we will save the information you. Required fields are marked as such in the registration form (usually your first name, last name, company and email address); all other information is strictly optional and does not have to be provided.

We will process your personal data:

a) to perform a contract or pre-contractual measures based on point (b) of Art. 6 (1) GDPR (establishment, structuring or modification of a legal relationship);

b) to fulfil our statutory obligations based on point (c) of Art. 6 (1) GDPR; and

c) to pursue our legitimate interest in the identification of – and communication with – our current and prospective customers, suppliers and other business partners for the execution or initiation of business relations based on points (b) and (f) of Art. 6 (1) GDPR.

You cannot register without fully and correctly providing the required information, as we will require this data to properly hold the event / web seminar. Information marked as optional does not have to be provided.

(3) If you get in touch with us via email, we will save the information you provide (e.g. your email address, first name, surname, company and address) to respond to your enquiry. The legal basis for this is point (b) and (f) of Art. 6 (1) GDPR.

(4) If you get in touch with us via our call-back form (“Any Questions?”) on the event page, we will save the information you provide (your phone number is required; all other information is optional), in order to respond to your enquiry. The legal basis for this is point (b) and (f) of Art. 6 (1) GDPR.

(5) We may also process your personal data to inform you about other interesting products and events / web seminars in our portfolio or to send you emails with technical information. We particularly reserve the right to store your first name, last name and company name in summarised lists and to use this information to create advertising for other similar goods and services (e.g. to send interesting deals and information in the post. The legal basis for this is point (f) of Art. 6 (1) GDPR or, if you explicitly consent to data processing, point (a) of Art. 6 (1) GDPR. You may object to the storage and usage of your data for these purposes or withdraw your consent at any time by getting in touch with us as indicated above. You can find more information under Point 3 (“Your Rights”).

(6) Personal data will be sent to our internal departments if required to properly perform our tasks. The data will not be passed on to third parties, with the exception of any necessary disclosures to

  • our service providers who are bound by our instructions;
  • our external teachers;
  • hotel operators (if we book a room for you);
  • transport companies, e.g. Deutsche Bahn(if we book your outward and return journey);
  • the external cooperation partner for our event / web seminar (without whom the event / web seminar would not be possible); and
  • our legal representatives and competent courts and authorities, especially to exercise our legal claims and defend our interests in legal disputes (legal basis: points (b) and (f) of Art. 6 (1) GDPR).

(7) We might have to transfer data to third countries (outside the European Union and/or European Economic Area) if this is necessary in individual cases, such as to registrate and hold the respective event or web seminar, especially if our cooperation partners are based there. You can find this information in the overview of our cooperation partners on the registration page for each event / web seminar. We will always comply with Art. 44 et seq. GDPR. 

(8) We will also observe the legally prescribed deletion deadlines. Your personal data will usually be deleted as soon as it is no longer required for your enquiry or the execution of the event or web seminar and as soon as the statutory retention periods have lapsed (e.g. up to 10 years in accordance with the German Commercial Code and/or Fiscal Code). We may also retain your personal data if you have given us your consent, or if there are legal disputes and we use this as evidence within statutory limitation periods of up to thirty years; the standard limitation period is three years.

(9) We do not carry out automated decision-making (incl. profiling).

(10) SSL encryption is always used during the registration process to prevent your personal data from being accessed by unauthorised third parties.

(1) Information on the processing of personal data 

a) We would like to inform you below about the processing of personal data during the use of our website.

You can use our website without sharing any personal data. Different regulations may apply to the use of individual services on our website, and these will be discussed separately. We will also indicate the specified storage period criteria.

b) If you get in touch with us via a contact form on our website, we will save the information you provide (your email address and, if applicable, your first name, surname, company and address), in order to respond to your enquiry. The legal basis for this is point (b) and (f) of Art. 6 (1) GDPR. We will delete any data obtained in this manner as soon as its storage is no longer necessary, or we will restrict processing if such erasure is prevented by our statutory retention obligations.

c) If our service providers or partners are based outside the European Economic Area (EEA), we will provide you with specific information regarding the consequences of this situation. Regarding cookies: see below.

d) We use SSL, one of the most secure encryption methods currently available, to protect your data from unauthorised access during transmissions via the Internet. Please note, however, that any data transmitted via the Internet may be subject to security gaps, and so complete protection against third-party access is impossible. Please choose an alternative communication channel to email when transmitting sensitive data.

(2) The collection of personal data during visits to our website

a) If you use our website for purely informational purposes (i.e. if you do not register or otherwise provide us with information), we will collect the personal data that your browser transmits to our server. If you would like to view our website, we will collect the data listed below; this is technically necessary to display our website and to guarantee stability and security (legal basis: point (f) of Art. 6 (1) GDPR):

    • IP address;
    • Date and time of the request;
    • Time zone difference to Greenwich Mean Time (GMT);
    • Contents of the request (specific page);
    • Access status / HTTP status code;
    • Volume of data transmitted;
    • Website from which the request comes;
    • Browser
    • Operating system and its interface;
    • Language and version of the browser software.

We will store this data for 14 days before it is automatically deleted.

b) In addition to the data listed above, cookies will be saved on your computer when you use our website. Cookies are small text files that are matched to your browser and saved on your hard drive, allowing certain information to be obtained by the entity that places the cookie (us in this case). Cookies cannot run any programmes or transmit viruses to your computer.

c) Use of cookies:

I. This website uses the following types of cookies, and their scope and functions are explained below:

      • Temporary cookies (see “II”)
      • Permanent cookies (see “III”).

II. Temporary cookies are automatically deleted when you close your browser. This particularly includes session cookies. These are used to store so-called “session IDs”, which allow various requests from your browser to be assigned to one session. This allows your computer to be recognised when you return to our website. Session cookies are deleted when you log out or close your browser.

III. Permanent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can always delete cookies in your browser’s security settings.

IV. We have a legitimate interest in the use of cookies designed to make our website generally safer, more user-friendly and efficient, such as by speeding up navigation on our platform. Our legal basis for the use of such cookies is point (f) of Art. 6 (1) GDPR. Such cookies are described as “essential” in the cookie preferences in our cookie banner.

V. Our legal basis for the use of cookies to process personal data for analytical and marketing purposes / tracking (more on this below) is your consent, which we will explicitly request in accordance with point (a) of Art. 6 (1) GDPR. Your consent is optional and not compulsory for the use of our website. Our cookie banner lets you set your own preferences for the use of cookies on our website. When setting your preferences, please refer to the additional information in our cookie banner.

VI. You can configure your browser settings as you like, e.g. to reject third-party cookies or all cookies. If you do so, however, please note that you may not be able to use all the features of this website.

VII. If our service providers or partners are based in a country outside the European Economic Area (EEA), we will expressly inform you of the consequences of this fact below.  A transfer of personal data to a third country such as the United States must be made, among other things, if the European Commission has decided that the third country, a region or one or more specific sectors in that third country provides an adequate level of protection. It is also possible, for example, for the data exporter and the data importer to conclude a contract using the standard data protection clauses of the EU Commission (Art. 46 Paragraph 2 lit. the consideration of the further requirements according to the GDPR). Regarding the consents we have obtained for the following service providers (see below) in the processing of your personal data, we would like to point out the following: Before giving your consent, please note that your personal data can also be processed in the USA. If you give us your consent, it also extends to processing in this third country, Art. 49 Para. 1 lit. a GDPR. According to the current status, there is probably no adequate level of data protection in the USA without an adequacy decision and without suitable guarantees, since the regulations there do not meet the requirements of European law. With judgment of July 16, 2020 (C-311/18), the European Court of Justice came to the conclusion that the laws on the basis of which American security authorities can access the personal data transmitted to the USA do not restrict access to the personal data from non-Americans. The surveillance programs based on American legislation are not limited to what is strictly necessary. In addition, non-Americans would not be granted any enforceable rights against such access.

(3) Other functions and features of our website

a) Our website can be used for more than just informational purposes; we also offer various services that may be of interest to you. We normally require further personal data to provide such services, and the aforementioned data processing principles apply. More information on our online store, events and web seminars: see above.

b) We sometimes use external service providers to process your data. These have been carefully selected and commissioned by us; they are obliged to follow our instructions and are regularly audited.

(1) You can give your consent to subscribe to our newsletter, which we will then use to keep you informed about any interesting offers we currently have. The advertised goods and services will be indicated in the declaration of consent.

(2) We use the so-called “double opt-in” process for subscriptions to our newsletter via our website. This means we will ask you to confirm that you would like to receive the newsletter by sending an email to the email address provided during your registration. If you do not confirm your registration, your information will be deleted after three weeks. We will also store your IP address, as well as the time of your registration and confirmation. This process allows us to prove your registration and notify you if your personal data is ever misused.

(3) Your email address is the only piece of information we need to send you the newsletter. The provision of any other separately marked data is optional. Following your confirmation, we will save your email address to be able to send you the newsletter. The legal basis for this is point (a) of Art. 6 (1) GDPR.

(4) You may freely withdraw your consent to receiving the newsletter at any time by sending an email to info[at]it-haus.com, or by contacting us through the communication channels contained in our Legal Notice. You will also find a hyperlink at the bottom of every email, which you can use to conveniently unsubscribe from the newsletter.

(5) Please note that we will analyse your user behaviour when sending the newsletter. The legal basis for this is point (f) of Art. 6 (1) GDPR. In order to carry out this analysis, our emails contain so-called “web beacons” and “tracking pixels”, which are single-pixel image files stored on our website. We will link these web beacons and the data described under point 6. (2) with your email address and an individual ID. Links in newsletters also contain this ID. We will use this data to create a user profile and tailor our newsletter to your personal interests. We will establish your personal interests by recording when you read our newsletter and which links you click on. We will link this information with your actions on our website.

The information will be stored as long as you are subscribed to our newsletter. If you unsubscribe, we will store the data anonymously and purely for statistical purposes.

(1) Google Analytics, a web analysis service provided by Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA; “Google”), is used on this website. If you have your habitual residence in the European Union, the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the person responsible for your data. Google Ireland Limited is therefore the company affiliated with Google that is responsible for processing your data and for compliance with applicable data protection law.

This website uses Google Analytics with the extension “anonymizelP()”. This means IP addresses are truncated before processing, making personal identification impossible. If you can be identified through the data collected on you, this will be immediately ruled out.

(2) Google Analytics uses so-called “cookies”; these are text files that are saved on your computer and allow us to analyse your use of the website. The information generated by cookies on your use of this website will generally be transferred to a Google server in the USA and stored there. As IP anonymisation is activated on this website, however, Google will firstly truncate your IP address before transferring data within Member Sates of the European Union or other Contracting States to the Agreement on the European Economic Area. Your IP address will only be transferred to a Google server and then truncated there in exceptional circumstances. The IP address transmitted by your browser via Google Analytics shall not be merged with other Google data. Google will use this information on behalf of the website operator to analyse your use of the website, to compile reports on website activities, and to provide us – as the website operator – with other services related to the use of this website and the Internet.

(3) If we explicitly request your consent to the processing of personal data, the legal basis will be point (a) of Art. 6 (1) GDPR. Your consent is optional and not compulsory for the use of our website. You have the right to withdraw your consent at any time; this shall have no bearing on the lawfulness of any data processing carried out before the withdrawal of your consent. You can prevent cookies from being saved by setting your preferences in our cookie banner and/or by configuring your browser accordingly. If you do this, however, please note that you may not be able to fully use all the features of this website. You can also stop the data generated by the cookie on your use of this website (incl. your IP address) from being transferred to Google for processing by downloading and installing this browser add-on:

https://tools.google.com/dlpage/gaoptout?hl=de

Opt-out cookies stop your data from being collected during future visits to this website. In order to stop Google Analytics from collecting data across several devices, you will have to enable the opt-out cookie on all the systems you use. You can click here to place the opt-out cookie on this website:

Disable Google Analytics

Please note that you should not delete any opt-out cookies if you do not want your data to be collected. If you have deleted all cookies in your browser, you will have to re-save the opt-out cookie.

(4)  Sessions and campaigns are closed after a certain period of time. Sessions tend to be closed after 30 minutes of inactivity and campaigns after six months. Campaigns can run for a maximum of two years.

(5)  We use Google Analytics to analyse the use of our website and make regular improvements. The statistics we obtain allow us to improve our service and make it more interesting for our users.

(1) Our website uses a LinkedIn Insight Tag for conversion tracking; this service is provided by LinkedIn Ireland Unlimited Company (Attn: Legal Dept., Wilton Plaza, Wilton Place, Dublin 2, Ireland; “LinkedIn”). The LinkedIn Insight Tag places a unique LinkedIn browser cookie (“conversion cookie”) on your browser to enable the collection of the following data: metadata like IP address, timestamp and page events (e.g. page views).

(2) The Insight Tag allows LinkedIn to categorise you as a visitor to our website and establish you as a target group for ads. Accordingly, we use the LinkedIn Insight Tag to make sure our LinkedIn Ads are only displayed to LinkedIn users who have actually shown an interest in our website or who have certain traits (e.g. an interest in certain topics or products, as determined by the websites visited), which we then send to LinkedIn (“Matched Audiences”). We use our LinkedIn Insight Tag to ensure our LinkedIn Ads are shown to potentially interested users and do not cause a nuisance. The LinkedIn Insight Tag also allows us to check the effectiveness of our LinkedIn Ads for the purposes of market research and statistics, as we can see whether users have been redirected to our website after clicking on a LinkedIn Ad (“Conversion”).

(3) If you visit certain pages on our website and the cookie has not yet expired, LinkedIn and we will be able to detect whether you have been redirected to our website after clicking on a LinkedIn Ad. The LinkedIn Insight Tag will also enable LinkedIn to collect data about your visit to our website, including your URL, referrer URL, IP address, device and browser properties (user agent) and timestamp. This data is transferred to LinkedIn and encrypted, and IP addresses are truncated; the direct IDs of LinkedIn members are removed within seven days to pseudonymise the data. The remaining pseudonymised data is then deleted by LinkedIn within 90 days. LinkedIn does not share any personal data with us; it only provides summarised reports on our website target group and the performance of our ads; the information obtained by the conversion cookie is used to create conversion statistics. This allows us to determine the total number of users who have been redirected to a page containing our conversion tracking tag after clicking on one of our LinkedIn Ads. LinkedIn members can determine the use of their personal data for advertising purposes in their account settings.

(4) Our legal basis for processing is your consent, which we will explicitly request in accordance with point (a) of Art. 6 (1) GDPR. Your consent is optional and not compulsory for the use of our website. You may withdraw your consent at any time; this shall have no bearing on the lawfulness of any data processing carried out before the withdrawal of your consent. You can prevent cookies from being saved by setting your preferences in our cookie banner and/or by configuring your browser accordingly.

(5) You can find more detailed information on cookies and LinkedIn’s privacy policy at:

https://www.linkedin.com/legal/cookie-policy

and https://www.linkedin.com/legal/privacy-policy.

https://business.linkedin.com/de-de/marketing-solutions/conversion-tracking 

and https://www.linkedin.com/help/lms/answer/81849/linkedin-insight-tag-haufig-gestellte-fragen?lang=de

(1) This website also uses the online marketing tool “DoubleClick by Google”, a service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). If you have your habitual residence in the European Union, the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the person responsible for your data. Google Ireland Limited is therefore the company affiliated with Google that is responsible for processing your data and for compliance with applicable data protection law. We use this service to improve the attractiveness, contents and functionality of our website by displaying new functions and contents to a percentage of our users and statistically analysing any changes in use. Google Optimize is a service integrated within Google Analytics.

(2) DoubleClick uses cookies to display ads that are relevant to users, to optimise campaign performance reports, and to prevent users from seeing the same ad more than once. Google uses a cookie ID to determine which adds have been placed in a particular browser, in order to stop these from being displayed multiple times. DoubleClick can also use cookie IDs to track so-called “conversions” in relation to ad requests. This is the case, for example, when a user sees a DoubleClick ad and subsequently uses the same browser to visit the advertiser’s website and purchase something there. According to Google, DoubleClick cookies do not contain any personal information.

(3) Due to the marketing tools used, your browser will automatically establish a direct connection to the Google server. We have no control over the scope and further use of the data collected by Google through this tool, and so we can only inform you to the best of our knowledge. By integrating DoubleClick, Google will be notified that you have accessed a specific part of our website or clicked on one of our ads. If you are a registered user of a service provided by Google, it will be able to match the visit to your account. Even if you are not registered and/or logged in to a Google account, the service provider may still be able to locate and save your IP address.

(4) Our legal basis for data processing is your consent, which we will explicitly request in accordance with point (a) of Art. 6 (1) GDPR. Your consent is optional and not compulsory for the use of our website. You have the right to withdraw your consent at any time; this shall have no bearing on the lawfulness of any data processing carried out before the withdrawal of your consent.

(5) Here are several ways to prevent participation in this tracking process:

a) By changing your browser software settings – you can block third-party cookies to stop receiving third-party ads;

b) By disabling cookies for conversion tracking – you can configure your browser to block cookies from the domain “www.googleadservices.com” (https://www.google.com/settings/ads), but this setting will be deleted if you delete your cookies;

c) By disabling targeted ads from providers in the “About Ads” self-regulatory campaign – you can do this at http://www.aboutads.info/choices, but this setting will be deleted if you delete your cookies;

d) By permanently disabling ad personalisation in Firefox, Internet Explorer or Google Chrome at https://www.google.com/settings/ads/plugin. If you do this, however, please note that you may not be able to fully use all the features of this website;

e) By setting your preferences in our cookie banner.

(6) You can find more information on DoubleClick by Google at https://www.google.com/doubleclick, as well as Google’s general privacy policy at https://www.google.com/intl/de/policies/privacy. Alternatively, you can visit the Network Advertising Initiative (NAI) website at http://www.networkadvertising.org.

(1) Our website uses Google Ads for the purpose of conversion tracking. Google Conversion Tracking is an analytical service provided by Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA; “Google”). If your habitual place of residence is in the European Union, the European Economic Area or Switzerland, the controller responsible for your data is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google Ireland Limited is therefore the company affiliated with Google that is responsible for the processing of your data and compliance with the applicable data protection legislation.

(2) If you click on a Google Ad, a cookie will be placed on your computer for conversion tracking. These cookies are only valid for a limited period; they do not contain any personal data and therefore cannot be used to identify you personally. If the cookie has been placed on your computer and is yet to expire, Google and we will be able to detect whether you have been redirected to our website after clicking on a Google Ad. Every Google Ads customer (advertiser) is given a unique Conversion ID. Therefore, there is no way for cookies to be tracked on the websites of other Google Ads customers. The information obtained by the conversion cookie is used to create conversion statistics. This allows us monitor and improve our advertising by determining the total number of users who have been redirected to a page containing our tracking tag after clicking on one of our Google Ads. We can also see whether users have bought something on our website, call us or subscribed to our newsletter after clicking on our ad. However, we do not receive any information that might be used to personally identify users.

(3) Your data may be transferred to the USA.

(4) If we explicitly request your consent to the processing of personal data, the legal basis will be point (a) of Art. 6 (1) GDPR. Your consent is optional and not compulsory for the use of our website. You have the right to withdraw your consent at any time; this shall have no bearing on the lawfulness of any data processing carried out before the withdrawal of your consent. You can prevent cookies from being saved by setting your preferences in our cookie banner and/or by configuring your browser accordingly.

(5) You can find more detailed information and Google’s privacy policy at

https://www.google.de/policies/privacy/ 

and https://ads.google.com/intl/de_de/home/ 

and https://support.google.com/google-ads/answer/1722054?hl=de 

and https://ads.google.com/intl/de_de/home/how-it-works/ 

and https://support.google.com/google-ads/answer/6146252?utm_medium=et&utm_campaign=de&utm_source=ww-ww-et-b2bfooter_adwords

(1) Our website uses Microsoft Advertising technology (ads.microsoft.com), which is provided and operated by the Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521 (“Microsoft”).

(2) If you have accessed our website via a Microsoft Ad, a cookie will be saved on your device. This lets us see that someone has been redirected to our website and has landed on a predetermined target page (“conversion site”) after clicking on an ad.

This allows us to determine the total amount of users who have clicked on a Microsoft Ad, the amount of time they have spent on our website, which areas of the website have been accessed, and which ad has redirected users to our website. Information concerning your identity will not be recorded. Microsoft uses these cookies to collect and process information, which is then used to create pseudonymised user profiles. Microsoft may also use cross-device tracking to monitor your user behaviour across several electronic devices and subsequently display personalised advertising on Microsoft websites and apps.

(3) This information is collected, transferred to Microsoft servers in the USA and generally stored there for 180 days at most.

(4) Using Microsoft Advertising enables us to track the activities of users on our website if they have accessed our site after clicking on a Microsoft Ad. Our legal basis for data processing is your consent, which we will explicitly request in accordance with point (a) of Art. 6 (1) GDPR. Your consent is optional and not compulsory for the use of our website. You have the right to withdraw your consent at any time; this shall have no bearing on the lawfulness of any data processing carried out before the withdrawal of your consent. You can prevent cookies from being saved by setting your preferences in our cookie banner.

(5) If you do not want information on your behaviour to be used by Microsoft as described above, you can stop the necessary cookies from being placed on your computer by setting your preferences in our cookie banner or by configuring your browser to generally disable the automatic placement of cookies. You can also stop data on your use of this website from being collected by cookies and processed by Microsoft by disabling the analysis function via the following link: http://choice.microsoft.com/de-DE/opt-out. However, this may affect the functionality of the website.

(6) You can find more detailed information about these analytical services on the Microsoft Advertising website: https://help.ads.microsoft.com/#apex/3/de/53056/2. You can find more information on data protection at Microsoft in its privacy statement: https://privacy.microsoft.com/de-de/privacystatement.

(1) We have embedded YouTube videos on our website to improve it and make it more interesting for our users; these videos are saved at http://www.YouTube.com and can be played directly on our website. A cookie will be saved on your device.

(2) When you visit our website, YouTube will be informed that you have accessed a particular sub-page. The data described point 6. (2) above will also be transmitted regardless of whether you have a user account with YouTube and are logged in. If you are logged in to a Google account, your data will be directly matched to your account. If you do not want your data to be matched to your YouTube account, you will have to log out of your account. YouTube will save your data as a user profile and use it to create advertising, conduct market research and/or tailor the design of its website to users’ needs. Data is particularly used in this way (even if users are not logged in) to show targeted advertising and inform other social network users about your activities on our website. You have the right to object to the creation of user profiles, which you may exercise by contacting YouTube.

(3) Our legal basis for data processing is your consent, which we will explicitly request in accordance with point (a) of Art. 6 (1) GDPR. Your consent is optional and not compulsory for the use of our website. You have the right to withdraw your consent at any time; this shall have no bearing on the lawfulness of any data processing carried out before the withdrawal of your consent. You can prevent cookies from being saved by setting your preferences in our cookie banner and/or by configuring your browser accordingly.

(4) Please refer to YouTube’s privacy policy for more information on the purpose and scope of its data collection and processing. This also contains more information on your rights and possible privacy settings. https://www.google.de/intl/de/policies/privacy.

(1) Our website has integrated features provided by TeamViewer GmbH (Jahnstr. 30, D-73037 Göppingen; Tel.: +49 7161 60692 50; Email: service[at]teamviewer.com.

(2) Clicking on the “download” button will let you download the TeamViewer remote maintenance tool. After downloading and installing the executable file (Teamviewer*.exe), a member of the technical support team at IT-HAUS GmbH will be able to connect to your computer and gain access to your system. This will only be possible if you share the ID that appears in the small window with a member of staff. You will have to do this to authorise remote access.

TeamViewer transfers data via an encrypted Internet connection. Nevertheless, we cannot guarantee with absolute certainty that transferred data will not be viewed or accessed by unauthorised third parties. If you do not wish to take this risk, we recommend using our telephone support.

(3) We will only process personal data to provide our technical support services within the scope of existing contracts (point (b) of Art. 6 (1) GDPR). If we use external service providers to render our services, they too will only access personal data for this purpose and on a contractual basis. The service providers commissioned by us have been audited and are contractually obliged to act in compliance with data protection legislation.

Whenever technical support services are requested, we will also save the name of the contact, the date and time, the amount of time needed, and an email address. This information will only be collected to create technical support documentation and for billing purposes.

(4) If we provide our technical support services via the TeamViewer tool, the members of our technical support team will be granted access to your screen, including all accessible information there. It is therefore in your interest to close all programmes and windows that are not related to the technical support services. You should also ensure that our members of staff do not come into contact with your personal data. We reserve the right to immediately end the session if our members of staff establish that personal data will be unnecessarily accessed during the provision of technical support services. You may also end the technical support session at any time.

The members of staff responsible for remote maintenance at IT-HAUS GmbH have been obliged in writing to maintain confidentiality and comply with data protection regulations. We ensure compliance with data protection regulations by implementing technical and organisational measures.

(5) Personal data will be deleted as soon as it is no longer required for the provision of our services, unless this erasure is prevented by statutory retention obligations.

(6) You can find more information about data protection and the TeamViewer support tool at https://www.teamviewer.com/de/privacy-policy/ and https://www.teamviewer.com/de/security/.

(1) We use Google Maps on our website. This lets us display interactive maps and lets you comfortably use the maps feature. A cookie will be saved on your device.

(2) Google Maps is a service provided by Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA; “Google”). If your habitual place of residence is in the European Union, the European Economic Area or Switzerland, the controller responsible for your data is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google Ireland Limited is therefore the company affiliated with Google that is responsible for the processing of your data and compliance with the applicable data protection legislation.

(3) When you visit our website, Google will be informed that you have accessed a particular sub-page. The data described under point 6. (2) above will also be transmitted regardless of whether you have a user account with Google and are logged in. If you are logged in to a Google account, your data will be directly matched to your account. If you do not want your data to be matched to your Google account, you will have to log out of the account. Google will save your data as a user profile and use it to create advertising, conduct market research and/or tailor the design of its website to users’ needs. Data is particularly used in this way (even if users are not logged in) to show targeted advertising and inform other Google users about your activities on our website. You have the right to object to the creation of user profiles, which you may exercise by contacting Google.

(4) Our legal basis for data processing is your consent, which we will explicitly request in accordance with point (a) of Art. 6 (1) GDPR. Your consent is optional and not compulsory for the use of our website. You have the right to withdraw your consent at any time; this shall have no bearing on the lawfulness of any data processing carried out before the withdrawal of your consent. You can prevent cookies from being saved by setting your preferences in our cookie banner and/or by configuring your browser accordingly.

(1) We currently insert links to the following social media sites: Facebook, Instagram, Twitter, XING, LinkedIn and YouTube. Each social media provider can be identified by the label on its button, its first letter or its logo. You can use these buttons to communicate directly with us through our social media sites. We also use these links to let you interact with the social networks and other users, so that we can improve our services and make them more interesting to our users. The legal basis for this is point (f) of Art. 6 (1) GDPR. If you are asked to consent to data processing (e.g. by ticking a check box or clicking a confirmation button), the legal basis for data processing will be point (a) of Art. 6 (1) GDPR. Your consent is optional and not compulsory for the use of our website.

(2) If you are redirected to one of our social media sites after clicking on a marked field, the data specified under point 6. (2) will be transferred to the social media provider. If such information is transferred to Facebook or XING, the respective providers state that IP addresses in Germany will be anonymised following their collection. When using social media sites, your personal data will be transmitted to the respective social media provider and stored there. As each social media provider mainly collects data through cookies, we recommend that you delete all cookies via your browser’s security settings before clicking a button.

(3) Social media providers may also collect other data. We currently have no control over their processes used to collect and process data, and we do not know the full scope of data collection, the purposes of data processing or the data retention periods. Moreover, we do not have any comprehensive information on the erasure of data collected by social media providers.

(4) Social media providers save your data as a user profile and use it to create advertising, conduct market research and/or tailor their websites to users’ needs and, in the case of Facebook, to carry out research and innovation for social purposes. Data is particularly used in this way (even if users are not logged in) to show targeted advertising and inform other social media users about your activities on our social media sites. You have the right to object to the creation of such user profiles, which you may exercise by contacting the respective social media provider.

(5) As far as we are aware (and according to information provided by Facebook, Instagram and Twitter), this data transfer takes place irrespective of whether you have a user account with the social media provider and are logged in. If you are logged in to your account with the social media provider, the data collected on you on our website will be directly matched to your account with the social media provider. We recommend that you regularly log out of your account with social media providers after use – and especially before clicking on a button – as this may prevent your data from being matched to your account with the social media provider.

(6) You can find more information on the purpose and scope of the data collection and processing carried out by social media providers in their respective privacy policies, which you can find below. These also contain more information on your relevant rights and possible privacy settings.

(7) Address of each social media provider and URLs with more information:

a) For Facebook and Instagram: Facebook Inc. (16015 California Ave, Palo Alto, California 94304, USA) and/or Facebook Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, D2 Dublin, Ireland);
https://www.facebook.com/policy.php; More information on data collection:
https://www.facebook.com/help/186325668085084,
https://www.facebook.com/help/instagram/155833707900388,
https://www.facebook.com/about/ads,
https://help.instagram.com/1896641480634370?ref=ig.

b) XING AG, Gänsemarkt 43, D-20354 Hamburg; http://www.xing.com/privacy.

c) LinkedIn Ireland Unlimited Company (Attn: Legal Dept., Wilton Plaza, Wilton Place, Dublin 2, Ireland; „LinkedIn“)
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy

d) Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland
https://twitter.com/privacy.

e) YouTube: https://www.google.de/intl/de/policies/privacy.

(1) Our website uses wao.io, which is a service provided by Sevenval Technologies GmbH (Am Bahnhofsvorplatz 1, D-50667 Köln). On the one hand, this allows us to analyse and optimise our website and ensure its cost-effective operation. On the other hand, wao.io improves the security of our website by protecting it against attacks like clickjacking, cross-site scripting and SQL injection.

(2) wao.io must process the user’s IP address to ensure the secure transmission of our website to the user’s browser. This data is anonymised and stored in log files for seven days.

(3) Pseudonymised information is also stored in cookies on the user’s device. Two tracking cookies are used in addition to fleeting session cookies. The purpose is to present and analyse user behaviour (reporting and analytics). This serves exclusively to guarantee the security of our homepage and internal billing purposes. The data obtained by cookies cannot be used to personally identify individual users; you can delete it at any time by changing your browser settings.

(4) We have a legitimate interest in improving the security of our website by protecting it against attacks like clickjacking, cross-site scripting and SQL injection, and so our legal basis for data processing is point (f) of Art. 6 (1) GDPR.

(5) The service provided by wao.io only uses servers in the EU.

(6) More information on wao.io can be found at:

https://wao.io/de/ 

and https://wao.io/de/features 

and https://wao.io/de/faq

(1) We use the marketing, analysis and service tool ClickDimensions. The provider of this service is ClickDimensions LLC, 5901 Peachtree Dunwoody Road, NE Suite B500, Atlanta, GA 30328, USA (server location EU). ClickDimensions collects and analyzes Data about the behavior of the users of a website. This data includes, among other things, the access to Internet pages and the length of stay. The purpose of ClickDimensions as an analysis tool is to provide interest-relevant Information for users based on their behavior on the website and the associated optimization of marketing activities. ClickDimensions uses cookies, which are stored in the user’s browser and which enable an analysis of the use of the website by the user. The information collected by ClickDimensions about your use of this website is transmitted to a ClickDimensions server, stored, analyzed and the result made available to us.

(1) The legal basis for processing the data is the consent of the user point (a) of Art. 6 (1) GDPR. Consent is voluntary and not necessary for the use of our homepage. If you prevent access, this may result in functional restrictions on the website. You have the right to revoke your consent at any time without affecting the legality of the processing carried out based on the consent up to the time of revocation. You can prevent the storage of cookies, among other things, by a corresponding setting in our cookie banner.

(2) Further information on the subject of ClickDimensions can be found here: https://clickdimensions.com/about/privacy-policy/

(1) We use the “Microsoft Bookings” service (part of the Microsoft Office 365 cloud service) from Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521 (Microsoft). The connection to the service is only established for scheduling appointments if you call up the online booking function via a button on our website. Your entries, your IP address, the page you have accessed, the time of access and your browser configuration will then be transmitted to Microsoft.

(2) In order to schedule appointments, you must enter your name and email address on the planning page. Optionally, the telephone number, address and notes can also be given.

When you submit your appointment request, your data will be transferred to the Microsoft cloud. The data is then processed within the framework of the Microsoft 365 cloud service in Microsoft data centers in the EU and internally by our respective specialist department for coordinating and keeping appointments. You can find more information on handling user data in the Microsoft’s privacy policy https://privacy.microsoft.com/de-de/privacystatement.

(3) The legal basis for data processing is your consent, point (a) of Art. 6 (1) GDPR. When using Microsoft Office 365, please note that Microsoft may also process your personal data in the USA before giving your consent. If you give us your consent, it also extends to processing in this third country, point (a) of Art. 49 (1) GDPR. According to the current status, there is probably no adequate level of data protection in the USA without an adequacy decision and without suitable guarantees, since the regulations there do not meet the requirements of European law. With its judgment of July 16, 2020 (C-311/18), the European Court of Justice concluded that the surveillance programs based on American legislation are not limited to what is necessary. In addition, non-Americans would not be granted any enforceable rights against such access.

(4) You have the option to revoke your consent at any time without affecting the legality of the processing carried out based on the consent up to the time of revocation.

(5) We remind you that you are not obliged to use “Microsoft Bookings” to arrange an appointment with us. If you do not want to use the service, you can use the other contact options we offer to make an appointment without any disadvantage.

(6) The data collected for scheduling an appointment will be deleted in compliance with statutory retention requirements. Otherwise, it will be deleted if the purpose for processing no longer exists. For more information on your rights, see point 3 („Your rights “).

(1) You can participate in online surveys on our website. We use the WordPress plugin eForm for this, which is installed locally on our system.

(2) The information you provide as part of the survey (name, email address, possibly telephone number) will be saved by us in order to answer and process your information. The legal basis for this is point (b) and (f) of Art. 6 (1) GDPR. Participation is voluntary. We will delete any data obtained in this manner as soon as its storage is no longer necessary, or we will restrict processing if such erasure is prevented by our statutory retention obligations. In order to save the information, you have provided, it is technically necessary for a cookie to be set. Your IP address, as well as the date, time and content of your information are temporarily stored and automatically deleted after 1 month. For further information on the use of technically necessary cookies, see also Point 6. (2).

(1) We use the Friendly Captcha service on our homepage. Friendly Captcha is a new system that makes it more difficult for website visitors to use websites using automated programs and scripts (so-called “bots”). The provider of this service is Friendly Captcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany.

(2) Friendly Captcha is used to check whether data is entered on our website (e.g. in a contact form) by a person or by an automated program. For this purpose, Friendly Captcha program code has been integrated on our website so that the visitor’s device can establish a connection to the Friendly Captcha servers in order to receive an arithmetic task from Friendly Captcha. The visitor’s device solves the arithmetic task, and sends the calculation result to our web server. This contacts the Friendly Captcha server via an interface and receives an answer wether the device has solved the task correctly. We have provided our website with appropriate security rules and can therefore continue to process or reject these inquiries depending on the result.

(3) Your IP address and a time stamp will be sent to Friendly Captcha. IP addresses are only stored in hashed (one-way encrypted) form and neither allow us nor Friendly Captcha to draw any conclusions about an individual. The data will be deleted after 30 days.

(4) The legal basis for processing is our legitimate interest in protecting our website from unauthorized access by bots, as well as spam protection and protection against attacks (e.g. mass inquiries), point (f) of Art. 6 (1) GDPR. Friendly Captcha does not set any cookies on the visitor’s device.

(5) Further information on data protection when using Friendly Captcha can be found at https://friendlycaptcha.com/legal/privacy-end-users/.

(1) We have our own pages on Facebook (https://de-de.facebook.com/ithaus/) and Instagram (https://www.instagram.com/it_haus_gmbh); Company: Facebook Inc. (16015 California Ave, Palo Alto, California 94304, USA) and/or Facebook Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, D2 Dublin, Ireland).

(2) By visiting our fan pages, you can read our posts, react to them, comment on them and make your own user posts. Any information you provide and make available to us in this context (e.g. username, pictures, interests, contact details, location, age, gender and language) will only be used to communicate with our existing and potential customers on the basis of our overriding legitimate interest (point (f) of Art. 6 (1) GDPR). It is in our interest to provide a platform on which we can display up-to-date information, and which you can use to send us requests and receive a response as quickly as possible. If the fan page is ever closed, your data will be deleted if possible.

(3) We use Facebook Insights and Instagram Insights to receive statistical data about the people who visit our fan pages. This data cannot be matched to specific individuals. This function allows us to better analyse our pages and tailor them to users’ needs and interests. Facebook uses this function to process personal data. We receive general summaries regarding visitors to our fan pages, mainly including the following information: date of visit; page activities; pages accessed; page preview; likes; comments; follows / shares; page range; recommendations; interaction with posts; Instagram story views and interaction; videos; page subscribers; demographic data of the persons who like our page, based on age, gender and language details found on their profiles; country of origin and number of fans there; city and number of fans there; language and number of fans speaking that language; organic / paid. Moreover, we can see whether a particular user has liked or subscribed to one of our pages. We can also match comments on our Facebook pages to individual users. Any personal data that becomes accessible to us will only be used to communicate with our existing and potential customers, and to provide specific recipients with up-to-date information based on our overriding legitimate interest (point (f) of Art. 6 (1) GDPR). Facebook provides more information on “Insights” at https://www.facebook.com/legal/terms/page_controller_addendum#.

(4) Our Facebook and Instagram pages let you contact us in various ways and for various purposes. We will only use the data you provide to process your enquiry. The legal basis for this is point (b) and (f) of Art. 6 (1) GDPR. Your messages will be deleted once your enquiry has been fully processed, unless they must be retained for other reasons (e.g. to comply with statutory retention periods).

(5) We will not use our fan page to carry out any data processing other than the processes required to enable its basic functions. Please note that Facebook Ireland Limited may use tracking tools and cookies – regardless of how we use the fan page. You can find more information in the Facebook privacy statements listed above.

(6) Further statements from Facebook and the company’s privacy information can be found at the addresses indicated under point 16. (7) above. You can configure how Facebook processes your personal data in the “settings” tab of your Facebook and Instagram profiles.

(7) We work with Facebook Ireland Limited as joint controllers for the processing of Insights data. Our agreement with Facebook pursuant to Art. 26 GDPR (joint controllers) can be accessed at https://www.facebook.com/legal/terms/page_controller_addendum#. In accordance with the GDPR, Facebook Ireland is primarily responsible for the processing of Insights data and must fulfil all duties arising from the GDPR with regard to the processing of this data (e.g. Art. 12 and 13 GDPR – Obligation to Provide Information –, Art. 15 to 22 GDPR – Rights of Data Subjects – and Art. 32 to 34 GDPR – Data Security and the Notification of Data Breaches –).

(8) You can exercise the rights described under point 3. (“Your Rights”) at any time and free of charge by contacting us through one of the communication channels listed above. If you contact us regarding the processing of Insights data and the duties assumed by Facebook Ireland, we must forward all relevant information to Facebook Ireland immediately – and at the latest within 7 (seven) calendar days – and Facebook will then respond to your enquiry. If you would like to exercise your rights, please get in touch with Facebook Ireland Limited directly at 4 Grand Canal Square, Grand Canal Harbour, D2 Dublin, Ireland. We would like to indicate the following once again: We have a legitimate interest in the running of our Facebook and Instagram pages to ensure effective marketing on global platforms; in accordance with Art. 21 GDPR, you have the right to object to data processing carried out for this purpose with future effect at any time (see “Your Rights” under point 3 above).

(1) We have our own IT-HAUS page on Twitter (https://www.twitter.com/it_haus); Company:  Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.

(2) By visiting our Twitter page, you can read our posts, react to them, comment on them, re-tweet them and make your own tweets. Any information you provide and make available to us in this context (e.g. username, pictures, interests, contact details, location, age, gender and language) will only be used to communicate with our existing and potential customers on the basis of our overriding legitimate interest (point (f) of Art. 6 (1) GDPR). It is in our interest to provide a platform on which we can display up-to-date information, and which you can use to send us requests and receive a response as quickly as possible. If the fan page is ever closed, your data will be deleted if possible.

(3) We use Twitter Analytics to receive statistical data about the people who visit our Twitter page. This data cannot be matched to specific individuals. This function allows us to better analyse our page and tailor it to users’ needs and interests. Twitter uses this function to process personal data. We receive general summaries regarding visitors to our Facebook fan page, mainly including the following information: date of visit; demographic characteristics based on age and gender details saved on their profiles; interests; followers; devices; buying intentions based on their purchases and other consumer behaviour; target groups; keywords (based on their latest tweets or tweets with which they have recently interacted); geographic analysis (restriction to a country / region / city); number of impressions; number of interactions; interaction rate; and number of video views, link clicks, photo / video clicks, likes, re-tweets, replies, detail extensions and profile clicks. Any personal data that becomes accessible to us will only be used to communicate with our existing and potential customers, and to provide specific recipients with up-to-date information based on our overriding legitimate interest (point (f) of Art. 6 (1) GDPR).

(4) Our Twitter page lets you contact us in various ways and for various purposes. We will only use the data you provide to process your enquiry. The legal basis for this is point (b) and (f) of Art. 6 (1) GDPR. Your messages will be deleted once your enquiry has been fully processed, unless they must be retained for other reasons (e.g. to comply with statutory retention periods).

(5) We do not use our Twitter page to carry out any data processing other than its basic functions. Please note that Twitter Inc. may use tracking tools and cookies – regardless of how we use the page. You can find more information in the Twitter privacy statements and at https://help.twitter.com/de/rules-and-policies/twitter-cookies.

(6) Further statements from Twitter and the company’s privacy information can be found at the addresses indicated under point 16. (7) above. You can configure how Twitter processes your personal data in the “settings and privacy” tab of your Twitter profile.

(7) In accordance with the GDPR, Twitter Inc. and/or Twitter International Company is primarily responsible for the processing of Analytics data and must fulfil all duties arising from the GDPR with regard to the processing of this data (e.g. Art. 12 and 13 GDPR – Obligation to Provide Information –, Art. 15 to 22 GDPR – Rights of Data Subjects – and Art. 32 to 34 GDPR – Data Security and the Notification of Data Breaches –).

(8) You can exercise the rights described under point 3. (“Your Rights”) at any time and free of charge by contacting us through one of the communication channels listed above. If you would like to exercise your rights, please get in touch directly with Twitter International Company, Dublin, Ireland. We would like to indicate the following once again: We have a legitimate interest in the running of our Twitter page to ensure effective marketing on global platforms; in accordance with Art. 21 GDPR, you have the right to object to any data processing carried out for this purpose with future effect at any time (see “Your Rights” under point 3. above).

Our Privacy Policy does not apply to the contents of any external links found on our website. If we provide such links, we will endeavour to ensure that they also meet our data protection and security standards. However, we have no control over other providers’ compliance with data protection and security regulations. You should therefore refer to the data protection regulations published by these other providers.

(1) We reserve the right to change our security and data protection measures, provided this is necessary following technical developments or changes to our services. In such cases, we will also adjust our Privacy Policy (if necessary) and inform you of such changes therein.

(2) Any such changes will take effect upon the release of our revised Privacy Policy. You should therefore always refer to the current version of our Privacy Policy. You can see when this Privacy Policy was last updated by referring to the date at the top of this page.

IT-HAUS GmbH implements suitable technical and organisational measures to prevent unauthorised third parties from viewing or accessing its internal databases.