Privacy

The person responsible within the meaning of the data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

Markus Erhard
Am Eichenwäldchen 18
D-77830 Bühlertal

General information on data processing

We process personal data only in accordance with applicable legal regulations – in particular the GDPR, the Federal Data Protection Act (BDSG), and the Telecommunications Digital Services Data Protection Act (TDDDG).

Your rights as a data subject

You have the following rights towards us in relation to your personal data:

  • You can request confirmation from us as to whether we are processing personal data about you and, if this is the case, you have a right to information about this personal data and to the information listed in detail in Art. 15 DSGVO.
  • According to Art. 16 DSGVO, you have the right to immediately request the correction of incorrect personal data concerning you and, if necessary, the completion of incomplete personal data
  • You have the right to demand that we delete your personal data immediately, provided that one of the reasons listed in Art. 17 DSGVO applies
  • You have the right to request the restriction of processing if one of the conditions listed in Art. 18 DSGVO is met
  • As far as the requirements of Art. 20 DSGVO are met, you have the right to request data transfer.
  • According to Art. 21 DSGVO, you have the right to object to processing, which is based on Art. 6 Para. 1 S. 1 lit. Processing is then based on Art. 6 Paragraph 1 Sentence 1 lit.
  • Insofar as we process your data on the basis of a consent that you have given us, you can revoke this consent at any time. The revocation does not affect the legality of the processing carried out on the basis of the consent up to the revocation, i.e. the revocation affects the permissibility of the processing of your personal data only after it has been explained to us.
  • You also have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of your personal data violates the DSGVO (Art. 77 DSGVO). You can assert this right with a supervisory authority in the member state of your place of residence, your place of work or the place of the alleged violation. You can find an overview of the supervisory authorities in Germany here: https://www.bfdi.bund.de/DE/Service/Anschriften/anschriften_table.html

Collecting general information when visiting our website

Nature and purpose of processing

When you access our website, that is, if you do not register or otherwise provide information, it will automatically collect information from a general nature. This information (server log file) includes, for example, the type of web browser, the domain name of your Internet service provider, your IP address and the like.

They are processed in particular for the following purposes:

  • Ensure a hassle-free connection to the site,
  • Ensuring a smooth use of our website,
  • Evaluation of system security and stability as well as
  • for further administrative purposes.

We do not use your information to draw conclusions about you. Statistically evaluated by us to optimize our website and the underlying technology.

Legal Base

Processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO based on our legitimate interest in improving the stability and functionality of our website.

Recipient

Recipients of the data may be technical service providers who act as processors for the maintenance and maintenance of our website.

Storage Duration

The data will be deleted as soon as it is no longer necessary for the purpose of the survey. This is basically the case for the data used to serve the web page when that particular session is over.

Provision required or required

The provision of the aforementioned personal data is not legally nor contractually required. Without the IP address, however, the service and functionality of our website is not guaranteed. Additionally, individual services may not be available or limited. For this reason, a contradiction is excluded.

International Applicability and Data transfers

If personal data is transferred to service providers in third countries (especially the USA), this will only be done in compliance with appropriate safeguards in accordance with Art. 44 et seq. GDPR, for example via:

  • EU-U.S. Data Privacy Framework (DPF) or
  • EU Standard Contractual Clauses

National Data Protection Regulations in Germany

In addition to the General Data Protection Regulation (GDPR), additional national data protection regulations apply in Germany. These include, in particular, the Federal Data Protection Act (BDSG), which contains specific provisions on the right to information, the right to erasure, the right to object, the processing of special categories of personal data, data processing for other purposes, as well as data transfer and automated decision-making, including profiling. In addition, the data protection laws of the individual federal states may also apply.

Note on the applicability of the GDPR and the Swiss Data Protection Act (DSG)

This privacy policy provides information in accordance with both the Swiss Data Protection Act (DSG) and the GDPR. For reasons of clarity and due to the expanded scope of application, the terms of the GDPR are used in this notice. This particularly applies to the terms "processing" of personal data, "legitimate interest," and "special categories of data," which are referred to in the Swiss Data Protection Act as "processing" of "personal data," "overriding interest," and "personal data worthy of particular protection." The legal meaning of these terms continues to be governed by the definitions of the Swiss Data Protection Act within the scope of application of the Swiss Data Protection Act (DSG). International Data Transfer

Data Processing in Third Countries

If personal data is transferred to a third country outside the European Union (EU) or the European Economic Area (EEA) – for example, when using third-party services or if this is expressly mentioned in the privacy policy – ​​this is always done in compliance with the legal requirements.

For transfers to the USA, we primarily rely on the Data Privacy Framework (DPF), which is recognized as a secure legal framework by the EU Commission's adequacy decision of July 10, 2023. In addition, we have concluded standard contractual clauses with the respective service providers that comply with the EU Commission's requirements and contractually ensure the protection of your data.

Through this two-tiered safeguard – the DPF as the main protection mechanism and the standard contractual clauses as an additional measure – we guarantee comprehensive protection of your data. Should the legal situation regarding the DPF change, the standard contractual clauses will automatically apply as a fallback option. This ensures that your data continues to be adequately protected even in the event of future legal or policy changes.

WordPress as a Content Management System (CMS)

WordPress.com provides hosting and software for creating, publishing, and managing websites, blogs, and other online offerings. The service is offered by Aut O’Mattic A8C Ireland Ltd., Grand Canal Dock, 25 Herbert Pl, Dublin, D02 AY86, Ireland. Data processing is based on our legitimate interest pursuant to Art. 6 (1) (f) GDPR. Further information can be found on the website: https://wordpress.com and in the privacy policy at: https://automattic.com/de/privacy/. You can view a data processing agreement at https://wordpress.com/support/data-processing-agreements/. For data transfers to third countries, the Data Privacy Framework (DPF) and standard contractual clauses provided by WordPress are used.

Cookies

Note on Consent Management (Cookies & Tracking)

This website functions without a consent banner, as it uses only technically necessary cookies and does not establish connections to external sources that may be questionable from a data protection perspective. The legal basis for the use of technically necessary cookies is Section 25 (2) No. 2 of the Telemedia Act (TDDDG) in conjunction with Article 6 (1) (f) of the GDPR.

Nature and purpose of processing

Like many other websites, we also use so-called "cookies". Cookies are small text files that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website.

This will give us certain data, such as IP address, browser used and operating system.

Cookies can not be used to launch programs or to transfer viruses to a computer. Based on the information contained in cookies, we can facilitate navigation and enable the correct display of our websites.

In no event will the data we collect be shared with third parties or, without your consent, linked to your personal information.

Of course, you can also view our website without cookies. Internet browsers are regularly set to accept cookies. In general, you can deactivate the use of cookies at any time through the settings of your browser. Please use the help functions of your internet browser to find out how to change these settings. Please note that some features of our website may not work if you have disabled the use of cookies.

Storage duration and used cookies

The following technically necessary cookies may be used on our websites:

Cookie Name Time Description
wp-settings-* WordPress / Essential Session Saves the user's WP Admin settings
wp-settings-time-* WordPress / Essential Session Sets the time at which the wp-settings-* cookie was set
wordpress_logged_in_[session id] WordPress / Essential Session Detects if and with which session ID the user has logged in
wordpress_sec_[session id] WordPress / Essential Session Detects if and with which session ID the user has logged in
pll_language Polylang / Essential 1 year Detects the default browser language
wc_cart_hash_* WooCommerce / Essential Session Helps WooCommerce determine when shopping cart contents/data change
wc_cart_created WooCommerce / Essential Session Stores the time the shopping cart was created
woocommerce_cart_hash WooCommerce / Essential Session Helps WooCommerce determine when its content / data changes
woocommerce_items_in_cart WooCommerce / Essential Session Helps WooCommerce determine when its content / data changes
wp_woocommerce_session_ WooCommerce / Essential 2 days Contains a unique code for each customer to know where the shopping cart data in the database is for each customer
woocommerce_recently_viewed WooCommerce / Essential Session Enables the Recently Viewed Products widget
store_notice[notice id] WooCommerce / Essential Session Allows customers to close the shop notice

Insofar as these cookies may (also) concern personal data, we will inform you about this in the following sections.

You can use your browser settings to delete individual cookies or the entire cookie portfolio. In addition, you will receive information and instructions on how to delete these cookies or block their storage in advance. Depending on the provider of your browser, you will find the necessary information under the following links:

Registration on our website

Nature and purpose of processing

When registering for the use of our personalized services, some personal information will be collected, such as name, address, contact and communication information (e.g., telephone number and e-mail address). If you are registered with us, you can access contents and services that we only offer to registered users. Registered users also have the option of changing or deleting the data specified during registration at any time. Of course, we also provide you with information about the personal data we hold about you at any time.

Legal basis

The processing of the data entered during registration takes place on the basis of the user's consent (Article 6 (1) (a) DSGVO).

If the registration serves the fulfillment of a contract of which the data subject is a party or the implementation of pre-contractual measures, an additional legal basis for the processing of the data is Art. 6 para. 1 lit. b DSGVO.

Recipient

The recipient of the data may be a technical service provider who acts as a processor for the operation and maintenance of our website.

Storage Duration

In this context, data will only be processed as long as the corresponding consent has been obtained. Thereafter, they will be deleted, as far as no legal storage requirements preclude. To contact us in this regard, please use the contact details given at the end of this Privacy Policy.

Provision required or required

Your personal information is provided voluntarily, solely on the basis of your consent. Without the provision of your personal data, we can not grant you access to our content and services.

Comments

Nature and purpose of processing

If users leave comments on our site, they will also save the time of their creation and the username previously chosen by the site visitor. This is for our security, as we may be prosecuted for any illegal content on our website, even if it was created by users.

Legal basis

The processing of the data entered as a comment takes place on the basis of a legitimate interest (Article 6 (1) (f) DSGVO).

By providing the comment function we want to allow you an easy interaction. Your details will be stored for the purpose of processing the request and for possible follow-up questions.

Recipient

Recipients of the data may be processors.

Storage Duration

The data will be deleted as soon as it is no longer necessary for the purpose of the survey. This is basically the case when the communication with the user has been completed and the company can see from the circumstances that the matter in question has been finally clarified.

Provision required or required

The provision of your personal data is voluntary. Without the provision of your personal data, we can not grant you access to our comment function.

Subscribing to comments

As a registered user of our website, you have the option to subscribe to comments. After registration, you will receive a confirmation email to verify that you are the owner of the specified email address. You can unsubscribe at any time using a link in the notification emails. In this case, the data provided as part of the comment subscription will be deleted. If you have provided us with this data for other purposes, such as sending our newsletter, this will remain unaffected.

Storage of Comments

Comments and the associated data will be stored on our website and remain there until the commented content has been completely removed or deletion of the comments is required for legal reasons (e.g., in the case of offensive content).

Legal Basis

Comments are stored based on your consent (Art. 6 (1) (a) GDPR). You can revoke your consent at any time. An informal email to us is sufficient for this purpose. The legality of the data processing carried out up to the time of revocation remains unaffected.

Contact

Nature and purpose of processing

The data you enter will be stored for the purpose of individual communication with you. This requires a valid e-mail address and your name. This serves to assign the request and the subsequent answering of the same. The specification of additional data is optional.

Legal basis

The processing of the data entered into the contact form is based on a legitimate interest (Article 6 (1) (f) DSGVO).

By providing the contact form, we would like to make it easy for you to contact us. Your details will be stored for the purpose of processing the request and for possible follow-up questions.

If you contact us to request an offer, the processing of the data entered in the contact form for the implementation of pre-contractual measures (Article 6 (1) (b) DSGVO) will be carried out.

Recipient

Recipients of the data may be processors.

Storage Duration

Data will be deleted no later than 6 months after processing the request.

If there is a contractual relationship, we are subject to the statutory retention periods according to HGB and delete your data after these deadlines.

Provision required or required

The provision of your personal data is voluntary. However, we can only process your request if you provide us with your name, your e-mail address and the reason for the request.

Inquiry by phone

Type and purpose of processing

As part of our website, it is possible to contact us by phone. In the course of this, personal data is transmitted to us and processed. These are in particular:

  • First name, last name
  • Telephone number
  • Customer number
  • Payment data
  • Contract data
  • Reason for your Call

Legal basis

Due to the express request of the user via telephone and / or the request for a telephone call back, the legal basis for the processing of the data is Art. 6 Para. 1 lit. f) DSGVO. If the establishment of contact by phone is also aimed at concluding and / or executing a contract, the additional legal basis for processing is Art. 6 Para. 1 lit. b) DSGVO.

Recipient

Recipients of the data may be processors.

Storage Duration

The data are stored for the duration of the purpose for which they were collected and deleted as soon as they are no longer required or are not subject to any further statutory retention requirements (e.g. 10 years according to AO, 6 years according to HGB).

Provision mandatory or required

The provision of your personal data is voluntary. However, we can only process your request if you provide us with your name, email address and the reason for the request.

Handling of applicant data

As part of our website, we offer you the opportunity to apply to us (e.g. online contact form, by post or via email). In the following, we would like to inform you about the scope, use and general purpose of the data collected in the context of your application. The collection, processing and use of your data takes place both in accordance with the applicable data protection law and all other statutory provisions. Your data will be treated as strictly confidential.

Scope and purpose of the data collection

As far as it is necessary for a decision, we process your personal data as part of our application process. Such personal data are e.g. your application documents, your contact or communication data or also notes in the context of job interviews.

Legal basis

The legal basis for data collection is §26 BDSG (initiation of an employment relationship) in conjunction with either Art. 6 Para. 1 lit b) DSGVO (implementation of pre-contractual measures) or Art. 6 Para. 1 lit. a) DSGVO (consent to the processing of personal data Data). You can withdraw your consent at any time. All personal data that we aggregate will only be passed on to persons who are involved in processing your application. In the event of a successful application, we will save the data you have transmitted on the basis of Section 26 BDSG and Art. 6 Paragraph 1 lit.

Storage Duration

In the event that you reject a job offer, withdraw your application or we are unable to make you a job offer, we reserve the right to store the data you have provided for up to 6 months after the application process has ended. The legal basis for this is Article 6 (1) (f) DSGVO. The storage serves in particular for evidence purposes in the event of a legal dispute. All personal data / application documents are then digitally deleted and physically destroyed. If the storage of your data is still necessary after the 6 month period has expired (e.g. due to an impending legal dispute), we will only delete your data when the purpose for continuous storage no longer applies. In addition, extended storage can take place if statutory storage requirements exclude deletion or if you have given your consent in accordance with Art. 6 Para. 1 lit. a) DSGVO.

Admission to the applicant pool

In the event that we cannot make you a job offer, there is the possibility of including you in our applicant pool. For this purpose, all your documents, data and information from the application will be transferred to the applicant pool and you may be contacted by us about suitable vacancies.

You will be included in the previously mentioned pool of applicants exclusively on the basis of your previously given consent in accordance with Article 6 (1) (a) DSGVO. Such consent is voluntary and has no connection to the current application process. You can withdraw your consent at any time. If there are no statutory retention requirements, your data will be irrevocably deleted. Applicant pool data will be irrevocably deleted no later than two years after consent has been given.

Use of Font Awesome (local hosting)

For a consistent and attractive display of fonts, we use Font Awesome on this website. The integration is done locally, so no connection is established to the servers of Fonticons, Inc.

Further information on data protection at Font Awesome can be found in the privacy policy at: https://fontawesome.com/privacy.

Use of Google Fonts (local hosting)

For a consistent display of fonts, this website uses Google Fonts. The fonts are embedded locally on our server, so no connection to Google's servers is established.

Further information about Google Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://policies.google.com/privacy?hl=de.

Reviews

We have displayed the reviews and customer opinions on the website from external sources such as Google, Facebook, Yelp, Trustpilot and other portals with rating options. We cannot guarantee that these reviews are only from our customers.

SSL encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http: //" to "https: //" and by the lock symbol in your browser line.

If the SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

Change to our privacy policy

We reserve the right to amend this privacy policy to always comply with the current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. Your new visit will be subject to the new privacy policy.

Last update: October 15th 2025