Data Protection

We are delighted to welcome you to our website, and would like to thank you for your interest in International University of Health, Exercise and Sports S.A.. Our management attaches great importance to the protection of your personal data. In general, the International University of Health, Exercise and Sports S.A. website can be used without providing any personal data; however, should you wish to make use of particular services via our website, processing of personal data could become necessary. In such cases, we will always obtain your consent.
We will always process your personal data confidentially and in line with the relevant legal provisions, in particular those of the EU General Data Protection Regulation (GDPR) in conjunction with the applicable country-specific data protection regulations and this Privacy Policy.
We want you to feel secure at all times when visiting our website. To this end, we have taken technical and organizational measures to ensure the most complete protection of your rights in this regard, and are committed to ensuring that both our employees and external service providers comply with the applicable legal requirements. Nevertheless, Internet-based services are always susceptible to security flaws, so absolute protection cannot be guaranteed. You are therefore welcome to transfer personal data to us by alternative means, e.g. by post, telephone or fax.

1. Definitions
Your personal data is protected in accordance with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act, and other sector-specific laws. Accordingly, our privacy policy uses the terms defined there, as outlined below.

a) Personal data
Personal data means any information relating to an identified or identifiable natural person (the “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) Processing
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

c) Restriction of processing
Restriction of processing means the marking of stored personal data with the aim of limiting its processing in the future.

d) Profiling
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
e) Pseudonymization
Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

f) Controller
Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

g) Third party
Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, is authorized to process personal data.

h) Consent
Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. Name and address of the data controller
The persons responsible for data processing pursuant to the General Data Protection Regulation, other data protection laws in the Member States of the European Union and other provisions relating to data protection are:

International University of Health, Exercise and Sports S.A.

50, avenue du Parc des Sports
L-4671 Differdange
Phone : +352 288 494-40
Email: info@lunex-university.net
Website: https://www.lunex-university.net

3. Name and address of data protection officer
The data controller’s external data protection officer is:

Denise Schleip
COGNOS AG
Im Media Park 4e
D- 50670 Cologne
Phone: +49 221 921512-782
Fax: +49 221 921512-10
Email: datenschutz@cognos-ag.de

Your trust and the protection of your data are important concerns to us.. This is why it is important for us to answer any and all questions relating to how your data is protected and used. If you require any information over and above that provided here or have any comments, please do not hesitate to contact us at any time.

4. Rights of data subjects
a) Right to be informed
You have the right to be informed about whether or not personal data concerning you is being processed by a data controller. Where that is the case, you also have the right to be informed of the particulars of the data processing. The right to be informed encompasses the data in question, the purposes for which it is processed, the categories of personal data being processed, and the recipients or categories of recipient to which the personal data is or has been disclosed. It further encompasses the envisaged period for which the personal data will be stored, the origin of the data if it was not collected from you personally, and the existence of any automated decision-making, including profiling. The right to be informed also includes an entitlement to information about the right to rectification or deletion of personal data, and an entitlement to information about the right to lodge a complaint with a supervisory authority.

b) Right to erasure (right to be forgotten)
You have the right to demand from the controller the immediate erasure of personal data concerning you where the following grounds apply and processing is not necessary:

  • The purpose for the collection or processing of the data has ceased to exist, or the data is no longer necessary to this end.
  • You have exercised your right to object to the processing of your personal data.
  • You have withdrawn your consent to data processing and there are no legal grounds to justify continued processing.
  • The erasure arises from a legal obligation.
  • There is no legal basis for processing the data.

c) Right to data portability
You have the right to receive any personal data concerning you, which you have provided to us as a data controller, in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to which the personal data was furnished. This right applies where data was processed automatically in the performance of a contract or on the basis of consent. Furthermore, this right encompasses the entitlement to have the personal data transmitted directly from one controller to another, where technically feasible.

d) Right to object
The right to object includes, on one hand, the option of objecting to the processing of your personal data for marketing purposes. You also have the right to object to processing of personal data that was originally obtained lawfully for other purposes.

e) Right to restriction of processing
Under certain conditions, you have the right to demand that the controller place restrictions on your personal data so as to prevent further processing. For instance, such restrictions can be demanded for the duration of the verification process if the accuracy of the stored data is disputed.

f) Right to rectification
The right to rectification comprises your right as a data subject to demand from us, the controller, the immediate rectification of inaccurate personal data concerning you.

5. Legal basis for processing
For the majority of processing operations, we obtain consent from you. In these cases, Art. 6 (1) lit. a and Art. 7 GDPR constitute the legal basis for processing operations. Processing of personal data can also be necessary for the performance of a contract or for acts preparatory to such a contract, as is the case, in particular, with processing operations related to the supply of information material requested by you or applications for places on our courses. In such cases, processing is based on Art. 6 (1) lit. b GDPR. Insofar as we are subject to a legal obligation to process personal data, for instance to meet tax obligations, the processing is based on Art. 6 (1) lit. c GDPR. In certain cases, the processing of personal data may be required to protect the vital interests of the data subject or another natural person. In this case, the processing would be based on Art. 6 (1) lit. d GDPR. If data processing operations are not covered by any of the above legal bases, Art. 6 (1) lit. f GDPR may apply. This may be the case if, for instance, processing is necessary to safeguard a legitimate interest on the part of International University of Health, Exercise and Sports S.A. or of a third party, except where such interests are overridden by the interests, fundamental rights, and freedoms of the data subject. A legitimate interest is, for example, conducting company business to protect the interests of employees and shareholders and includes analysis and optimization of our marketing activities. Accordingly, we regard the use of cookies to track user behavior as part of our marketing activities, provided it does not relate to sensitive data or identifiable individuals, and the delivery of personalized marketing to the corresponding user profiles, as necessary for the pursuit of our legitimate interests.

6. Transfer to third countries
If we process data in a third country (i.e. in a country outside of the European Union or outside of the European Economic Area) or if data is processed in third countries in connection with the use of services rendered by third parties or disclosed or transferred to third countries, this is done solely for the purpose of fulfilling contractual obligations or in preparation to enter into a contract; on the basis of your consent, a legal obligation, or our legitimate interest. We only process, transfer, or have data processed in a third country in compliance with the provisions of Articles 44 ff of the General Data Protection Regulation (GDPR). Processing is carried out, for example, on the basis of special guarantees, such as the verification of a level of data protection comparable to that guaranteed in the European Union (e.g. EU-US Privacy Shield Framework), compliance with officially recognized contractual obligations or evidence of some other, recognized level of data protection (which goes beyond the voluntary commitment of a “safe harbor” arrangement) (In this regard, see also the expanded requirements of the Düsseldorfer Kreis data protection committee).

7. Cooperation with external data processors and third parties
If, during our processing operations, data is disclosed, transferred, or otherwise made available to other persons and enterprises (external data processors, affiliates of the COGNOS Group, or other third parties), this is always done for a lawful purpose (e. g. when the transfer of payment data to the relevant company within the corporate group is required to fulfill contractual obligations or when address data is transferred to the delivery service for the purpose of sending course materials requested by you, pursuant to Article 6 (1) lit. b GDPR), on the basis of consent, a legal obligation, a legitimate interest, or as necessary for the performance of a data processing contract pursuant to Article 28 GDPR.

8. SSL encryption
We use state-of-the-art HTTPS encryption to ensure that your data is protected during online transfer.

9. Cookies
The International University of Health, Exercise and Sports S.A. website uses cookies. Cookies are used to enable web-based applications to manage the status of your visit to a website, and facilitate navigation between the different website services and content. Cookies are installed on the hard drive of your computer and do not cause any damage.
A cookie is a small data file which is transferred from the web server to your device when you browse our website. Cookies only contain information which we or a third party send to your computer; cookies cannot access private data. Accepting cookies does not give us access to your personal information.
Various data is saved in cookies. This is done primarily to store information on the user during or after a visit to a website. There are two main types of cookies: temporary and permanent. Temporary cookies are deleted when the user leaves the website. Permanent cookies remain after the browser has been closed and are used to measure audience reach and analyze user behavior. Some cookies do not originate from the entity responsible for the website, but from third parties. This website uses temporary and permanent cookies. We will explain how these work in this privacy notice.
Most browsers accept cookies by default. If you would like to stop the use of cookies to measure audience reach, analyze user behavior, and display personalized ads, the default cookie setting can be deactivated in your browser. Permanent cookies that are installed for the aforementioned purpose can also be deleted in this way. The placement of cookies for online marketing purposes can also be deactivated via http://www.youronlinechoices.com. Existing cookies can also be deleted via this link. Disabling cookies may mean that some features on our website will no longer be available, and some websites may not be displayed correctly.

10. Access data
When you visit our website, access data relating to this event is saved in a log file either by us or by our hosting provider. We collect usage data in connection with your visit, which is saved temporarily for statistical purposes and subsequently deleted. This data is collected for internal purposes only and is not transferred to third parties.

The data includes:

  • IP address of the device from which the request is sent
  • Date and time of the request
  • Access method/function requested by the end device
  • Input values transferred by the end device from which the request is sent (e.g. file name)
  • Web server access status (file transferred, file not found, command not executed, etc.)
  • Name of file requested and data volume transferred
  • URL from which the file was requested/the desired function was initiated.

We collect this data on the basis of our legitimate interest in the proper functioning of our IT systems as well as in the interest of data security (investigating cyber-attacks). The stored data is anonymized at the earliest possible opportunity (by deleting the last octet in the IP address) or deleted entirely, and is used solely for the purpose of identifying or tracking unauthorized access or attempts to access the web server. This does not apply to data which must remain stored for evidence purposes . This data does not undergo further evaluation, except for statistical purposes where the data is anonymized. The data is not allocated to specific individuals. Individual user profiles are not created. The data collected in this way is used solely within the scope of the EU GDPR.

11. Collection of user data

In some areas of our website we request certain data that can be unambiguously assigned to you as an individual. This is the case, for example, when you order information material or apply for a place of study with us.
We only collect the data required for the purpose at hand, e.g.:

  • Name
  • Mailing address
  • Telephone number
  • Email address
  • Consent to collection and processing of personal data

For applications for a place on a study program, the following information is also collected:

  • Date of birth
  • Place of birth
  • Country of birth
  • Nationality
  • University entrance qualifications

The data input masks show exactly what information is required. Data is always encrypted prior to being transferred. Data that you provide under the Request information and Apply now sections of our website is processed using the CRM software solution Salesforce, among other applications. This software is hosted at a location that does not fall within the scope of the EU GDPR. In this regard, the contractual obligations on the part of the provider, which go beyond the minimum requirement to provide a voluntary commitment in the form of a “safe harbor” arrangement and the test certificates provided (see also: trust.salesforce.com/trust) are evidence of an appropriate level of protection (see also the expanded requirements of the Düsseldorfer Kreis data protection committee). The data collected here is used solely for the purpose of sending information material, for the purpose of direct marketing based on confirmed opt-in, or, in the case of applications for study programs, for the steps required to enter into a contract. Your data is transferred solely to the selected delivery service provider, which in turn uses your personal data for the sole purpose of performing the contract. As you enter your data, access data generated by the provider, such as IP address and date and time of registration, are logged in order to prevent misuse of our services and to help investigate potential offenses. Data will not be transferred for any other purpose, unless a legal obligation to do so exists (for more on this, see Section 10. Access data).
Where data is entered on our website, this is always done on a voluntary basis and solely for the purpose of offering services that require user registration. The relevant data log files can be changed or deleted entirely at any time, provided doing so does not conflict with statutory data retention requirements. Information on your data records will be provided on request. Our data protection officer is at your disposal to assist with this.

12. Direct marketing opt-in (email/telemarketing)
If you have expressly consented to email or telemarketing, we will save the data you submit to us, such as your email address and your first and last name. We will use this data solely to send you information on study programs, events, surveys, prize draws run by companies within the COGNOS Group educational network (including International University of Health, Exercise and Sports S.A. gemeinnützige GmbH, Carl Remigius Medical School gemeinnützige GmbH, AMD Akademie Mode & Design GmbH, Ludwig Fresenius Schulen GmbH, Thalamus Schulen GmbH, mentor Personal- und Organisationsentwicklung GmbH, Lunex The International University of Health, Exercise & Sports S.A.) and our cooperation partners from the field of education and training. To receive marketing offers by email, the only information required is your email address. The data you provide will be used solely for marketing, advertising, and, to a lesser extent, our own market research purposes. Subscribers can also be informed by email of circumstances that are relevant for service or registration reasons (e.g. changes in the email service or technical matters).
For proper registration, we require a valid email address. To verify that registration has come from the owner of the email address provided, we use a double opt-in process. To this end, we log your email marketing/telemarketing opt-in consent, the confirmation email sent to you, and the reply requested in it. We also ask you to optionally provide your name so that we can address you personally in our communication. No further data is collected.
Emails are sent by the email marketing service provider mailingwork, Birkenweg 7, 09569 Oederan, Germany. This service includes email reporting to measure the effectiveness of email marketing. The privacy policy of the email marketing service provider can be found here: https://mailingwork.de/datenschutz/. The email marketing service provider operates on the basis of our legitimate interest in direct marketing pursuant to Art. 6 (1) lit. f GDPR as well as for the purpose of fulfilling a data processing contract pursuant to Art. 28 GDPR. The email marketing service provider may use the recipient data in pseudonymized form, i.e. without allocating data to a specific user, for service optimization and statistical purposes. However, the email marketing service provider will not use this data to contact you on their own behalf, or pass it on to third parties. The emails contain a web beacon, which is activated from our service provider’s web server when the email is opened and collects technical data such as browser and system information, your IP address, and the time at which the email was opened. This data is used to improve technical services on the basis of technical data or target groups as well as user behavior derived from data, such as the exact time at which an email has been opened and the location of the person opening the email, which can be determined using the IP address. Data such as the email open rate, opening time, and the click-to-open rate is used for statistical purposes. We receive this information in the form of statistics and percentages. This data cannot be easily linked to individual users. Although it may indeed be possible to link data to individual users, this would involve substantial efforts from a technical perspective. It is, however, neither our intention, nor that of the email marketing service provider to collect and study personal data on individual email recipients. Data analyses are performed for the sole purpose of determining certain patterns in user opening and reading behavior and adapting mailing activities accordingly. For example, we can see on which days and at which times emails are more likely to be opened, enabling us to send emails at these specific times. For organizational reasons, you may not opt out of email reporting separately from the receipt of marketing emails. If you do not wish to be involved in the metrics-based reporting described above, you must opt out of the email service altogether.
You may unsubscribe from the mailing list and/or withdraw your opt-in consent at any time. To do so, simply send an email to datenschutz@cognos-ag.de. You will then receive an email confirming the withdrawal of your opt-in consent.

13. Hosting
We use web hosting for the following: platform services, computing capacity, data storage, database services, security settings, and technical maintenance and services necessary to the operation of our website. To this end, we or our web hosting service provider process, on the basis of a legitimate interest in providing an online service pursuant to Art. 6 (1) lit. f GDPR in conjunction with Art. 28 GDPR, user, contact, usage, and contract data as well as meta data and communication data relating to interested parties, applicants, students, and visitors to our website.

14. Analysis, market research, and opinion polling
We analyze our pool of data on business processes, contracts, and queries with a view to identifying market trends and customer and user requirements, and effectively running our business operations. To this end, we process user, contact, usage, and contract data as well as meta data and communication data relating to interested parties, applicants, students, and visitors to our website on the basis of our legitimate interest in maintaining and optimizing our business pursuant to Art. 6 (1) lit. f GDPR. Such analyses are performed for the purpose of business assessments, marketing and sales, and market research. They enable us to optimize our website content and services, making them more user-friendly, and help us optimize our business operations. Insofar as possible, data is anonymized for analysis and profiling. Analysis and profiling results are not disclosed to third parties.

15. Contacting us via our website
When using our contact form to send an inquiry, the data you enter including your contact data is saved for the purpose of processing your request and for any follow-up questions. No data is disclosed to third parties. However, should this become necessary in order to process your inquiry, we will obtain your consent in advance.

16. Deletion and blocking of personal data
We process and save your personal data only insofar as necessary for data storage reasons or as required under the provisions of relevant European directives and/or regulations. Data is stored in compliance with any and all applicable retention periods. Under Section 257 (1) of the German Commercial Code (HGB) the statutory period of retention for records in Germany is 6 years, under Section 147 (1) of the German Fiscal Code (AO) 10 years; further, the retention periods applicable under the higher educational acts of the German Federal States and other relevant regulations are also binding. Your data will be routinely deleted on expiry of said periods, unless required for the performance of a contract or for acts preparatory to a contract.

17. Data protection in relation to Google Analytics and target group selection
This website uses certain functions of the web analytics service Google Analytics provided by the company Google Inc. of 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. This involves the use of cookies that are installed on your computer for the purpose of analyzing website usage. The information on your usage of this website collected using this technology is generally transferred to Google servers in the US, where it is stored. Google uses this data to analyze website usage, to compile reports on website activities, and to perform other services in connection with usage analytics. We receive statistics from Google detailing the overall number of users and associated pseudonymous user profiles which contain dwell times for each profile. In pursuit of our legitimate interest, we use these statistics to form target groups on the basis of the assumption that a visit to our website relates to presumed interests.

The IP address transmitted by your browser for the purpose of Google analytics is not merged with other Google data because, prior to data collection, the use of cookies prevents data being linked with individual data subjects.

We use Google Analytics based on a legitimate interest in the analysis and optimization of our marketing activities and, thus, also our economic interests pursuant to Art. 6 (1) lit. f. GDPR. We have taken measures to protect your interests in deciding that the interests of the data controller prevail. We also believe that this can help enhance user-friendliness. Further, we have entered into a data processing contract with Google pursuant to Art. 28 GDPR. Under the agreement we have with Google, user data is deleted or anonymized after 14 months. We have activated the anonymize.ip function. This means that prior to data collection, Google removes the last octet of your IP address within EU Member States or in other countries which are party to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the US and shortened there. Google’s certification under the EU-US Privacy Shield Framework guarantees that it provides a level of data protection comparable to that guaranteed in the European Union.
You can prevent cookies from being stored on your device via the corresponding browser settings. However, this may cause you to experience reduced functionality on our website. In addition, you can prevent Google from using cookies to collect data relating to your website usage, including your IP address, and subsequently processing said data by downloading and installing the following browser plugin: https://tools.google.com/dlpage/gaoptout?hl=en. Please note that if you do not wish online metrics to be tracked, you must not delete cookies that prevent site analytics. If you delete all existing cookies via the relevant browser settings, the cookies needed to prevent site analytics will have to be reset. More information on how Google uses data as well as other settings and opt-out options can be found in Google’s privacy policy https://policies.google.com/technologies/ads and in the Google ads settings https://adssettings.google.com/authenticated.

18. Data protection in relation to Google Ads conversion tracking
Our website uses Google Ads, an analytics service provided by Google Inc. of 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
With the help of this online advertising service, ads are run in search engine results and Google’s advertising network so as to be viewed by users who are presumed to have an interest in them. This enables us to deliver more targeted marketing both for and within our online services and show you ads that are presumed to be within your field of interest. When you open our or other websites belonging to Google’s advertising network, Google generates a code that incorporates web beacons, graphics and codes into the website. As a result, cookies or similar technologies are installed on your device, enabling Google to determine which websites are visited and at what times, what subject matter you are interested in, and the technical specifications of your device (operating system, browser). Each user has a different cookie to ensure that there is no possibility of cookies being tracked anywhere other than on the websites of Google Ads advertisers. Each company that uses Google Ads also receives a conversion cookie. This enables Google to produce statistics for each of the advertisers. All that we receive from Google is statistical data in the form of an anonymized dataset of the total number of users who have responded to one of our campaigns by clicking on the relevant ad, taking them to a website containing a web beacon. We receive no information relating to sensitive data or identifiable persons. Google saves and processes this data solely in the form of a pseudonymous profile containing site usage statistics, i.e. with no name or email address. The ads are not shown to a specific person, but are intended for the owner of the relevant cookie, i.e. the respective site usage profile. For this not to apply, Google must obtain express consent from the user not to apply pseudonymization. The data collected in this case is transmitted to servers in the US, where it is stored. Google is certified under the Privacy Shield Agreement, which provides a guarantee of compliance with European privacy laws. For more details, see https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
We use the online advertising program on the basis of a legitimate interest in the analysis and optimization of our marketing activities and, thus, economic interests pursuant to Art. 6 (1) lit. f. GDPR. Our marketing only uses cookies that do not involve sensitive data and cannot be used to identify individuals. Any targeted ads and the analysis thereof is generally transparent for those affected. Without reference to identifiable persons, your legitimate specific interests are upheld; in addition, running interest-based ads is considered to be in the interests of users, meaning they are not overridden by the interests of the controller.

Under Art. 6 (1) f GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of persona data concerning you. To this end, cookies can be permanently blocked via Internet browser cookie settings. Existing cookies can also be deleted in this way. Cookies can be disabled, for example, via http://optout.aboutads.info/?c=2#!/ or https://www.networkadvertising.org/choices/. Further, the data subject has the right to object to interest-based targeting by Google. Further information on this as well as on Google’s privacy policy can be found here: https://policies.google.com/privacy?hl=en. For instructions, go to https://support.google.com/ads/answer/2662922?hl=en. Please note that deleting all cookies in your browser settings will also delete the cookies intended to block these functions. In this case, the cookies revoking consent will have to be re-enabled.

19. Data protection for Google remarketing and audience targeting
Our website uses the remarketing feature offered by Google Inc. of 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. This tool is used to analyze user behavior and interests. When you visit our website, Google will install a cookie on your device via your browser. This cookie tracks website visits as well as anonymized data on site usage. Visitors are then assigned to a target group under the assumption that the delivery of relevant advertisements to this group is in line with their presumed interests. No personal data on website users is saved. If you subsequently visit another website belonging to Google’s advertising network, you will be shown advertisements which have a high likelihood of reflecting products and content accessed previously.
Your data may also be transmitted to the US. Google’s certification under the EU-US Privacy Shield Framework, https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active, guarantees that it provides a level of data protection comparable to that guaranteed in the European Union. Processing takes place pursuant to Art. 6 (1) lit. f GDPR on the basis of a legitimate interest in targeting website visitors by delivering personalized, interest-based ads to users of the provider’s website when they visit other sites belonging to Google’s advertising network, as well as on the grounds of a legitimate interest in the analysis and optimization of our marketing activities and, thus, also our economic interests pursuant to Art. 6 (1) lit. f. GDPR. You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 (1) f GDPR. To this end, you can permanently block the use of cookies by Google by downloading and installing the plugin available at the following link: https://www.google.com/settings/ads/plugin. Alternatively, you can disable the use of third-party cookies by visiting https://www.networkadvertising.org/choices/ and following the opt-out instructions given there. More information on Google remarketing and the associated privacy policy can be found at: https://www.google.com/privacy/ads/.

20. Data protection in relation to Google Tag Manager
Our website uses the tool Google Tag Manager provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, US Google). This tool allows marketers to manage website tags via an interface. The Tool Tag Manager itself, which implements the tags, is a cookie-free domain. The tool triggers other tags that may in turn collect data. Google Tag Manager does not access this data. Disabling at domain or cookie level will not affect any tracking tags implemented by the Google Tag Manager, which will remain in place. Further information and the privacy policy for Google Tag Manager can be found at https://policies.google.com/privacy?hl=en.

21. Google Maps
Our website implements the Google Maps API service, an application provided by Google (Google Inc., 1600 Amphitheatre Parkway, Mountain View, California, 94043, US) to allow geographical information to be visualized. When using Google Maps, data pertaining to the use of Google Maps functions by our website users is collected, processed and used. This may also include IP addresses and location data. Details on how Google uses your data can be found in Google’s privacy policy at https://policies.google.com/?hl=en. However, this data is not collected without your consent, which is given regularly via your mobile device settings. Your data may also be transmitted to the US. Google’s certification under the EU-US Privacy Shield Framework, https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active guarantees that it provides a level of data protection comparable to that guaranteed in the European Union.
To opt out of data use by Google, the relevant settings can be changed here: https://adssettings.google.com/authenticated.

22. Social media presence
To be able to communicate with active customers, interested parties, and users, and keep them updated on the latest news and services in a way that is in keeping with the spirit of our age, we maintain a social media presence. To this end, user data can be processed in countries outside of Europe, where different data protection standards apply. We would therefore like to draw your attention to the fact that this can involve certain risks for the user: For instance, data processing is subject to different requirements in terms of transparency or legal enforcement. User data is also used for market research and advertising purposes. In addition, the data collected, e.g. on user behavior, may be used to deliver targeted content or services or to create user profiles based on the user’s interests. These are in turn used to run targeted, interest-based ads both on social media and through other channels. This information is often collected with the help of cookies installed on user devices and subsequently analyzed according to specific criteria. The individual profile data saved on social media sites can also be linked to the data saved with the help of cookies. Providers certified under the EU-US Privacy Shield Framework are obligated to comply with EU data protection regulations.
The maintenance of a presence on social media and the resulting processing of personal data take place pursuant to Art. 6 (1) lit. f. GDPR on the basis of our legitimate interest in effective, up-to-date information on and communication with users and interested parties. Where consent to data processing has been obtained, processing takes place pursuant to Art. 6 (1) lit. a and Art. 7 GDPR. For details of the individual policies on data processing and opt-out options, we ask that you refer to the individual providers’ specifications. Please note that the most effective way to enforce user rights and obtain information is through the individual providers themselves. Only they hold the relevant databases and have the technical and organizational means to this end. We are happy to assist you further with this where necessary.

23. Privacy Policy for the Use of Social Plugins

On our websites social plugins of different social networks are integrated. These allow you to bookmark these pages and share content with other participants. You can recognize them by the logos that can be viewed on the social networking websites. To protect your data, we rely on the solution “Shariff” in the implementation. As a result, these buttons are integrated on the website only as a graphic that contains a link to the corresponding website of the button provider. By clicking on the graphic you will be redirected to the services of the respective provider. Only then will your data be sent to the respective provider. Unless you click on the graphic, there will be no exchange between you and the providers of the social media buttons. Information about the collection and use of your data in the social networks can be found in the respective terms of use of the respective providers.

We have integrated the social media buttons of the following companies on our website:

a) Facebook Like / Share

Social Network Operator: Facebook Inc., 1601 South California Avenue, Palo Alto, California 94304, United States
Privacy Policy Facebook: https://www.facebook.com/policy.php

b) Google+ button

Social Network Operator: Google Inc., 1600 Amphitheater Parkway Mountain View, California 94043, USA
Privacy Policy Google+: https://www.google.com/intl/en/policies/technologies/product-privacy/

c) Twitter Tweet button

Social Network Operator: Twitter Inc., 795 Folsom St., Suite 600, San Francisco, California 94107, United States
Privacy Policy Twitter: https://twitter.com/en/privacy

d) Instagram social plugin

Social Network Operator: Instagram Inc., 1601 Willow Road, Menlo Park, California 94025, USA
Privacy Policy Instagram: https://help.instagram.com/155833707900388

e) YouTube social plugin

Social Network Operator: YouTube LLC, 901 Cherry Ave., San Bruno, California 94066, USA
Privacy Policy YouTube: https://www.google.com/intl/en/policies/privacy/

f) LinkedIn social plugin

Social network operator: LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, United States
Privacy Policy LinkedIn: https://www.linkedin.com/legal/privacy-policy