Privacy Policy and Special Security Guidelines

We greatly appreciate your interest in our company. Data protection is of particular importance to the management of Scopevisio AG, Bonn. The use of our websites is generally possible without providing any personal data. However, if an individual wishes to utilize specific services offered by our company through our website, it may be necessary to process personal data. If the processing of personal data is required and there is no legal basis for such processing, we generally obtain the consent of the data subject.

The processing of personal data, such as the name, address, email address, or telephone number of an individual, always occurs in accordance with the General Data Protection Regulation (GDPR) and in compliance with the applicable data protection regulations specific to our organization. Through this privacy policy, we aim to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Additionally, this privacy policy serves to enlighten individuals about their rights.

Scopevisio AG, Bonn, as the data controller, has implemented numerous technical and organizational measures to ensure the most comprehensive protection of the personal data processed through this website. However, internet-based data transmissions may have inherent security vulnerabilities, making it impossible to guarantee absolute protection. For this reason, individuals are free to transmit personal data to us through alternative means, such as by telephone.

1. Definitions

The privacy policy is based on the terms used in the General Data Protection Regulation (GDPR). Our privacy policy aims to be easily readable and understandable for the public, as well as for our customers and business partners. To ensure this, we would like to explain the terminology use

In this privacy policy, we use the following terms, among others:

Personal data Personal data refers to any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more specific factors that express the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
Data subject A data subject is any identified or identifiable natural person whose personal data is processed by the data controller.
Processing Processing refers to any operation or set of operations performed on personal data, whether or not by automated means. This includes collecting, recording, organizing, structuring, storing, adapting, altering, retrieving, consulting, using, disclosing by transmission, disseminating, making available, aligning, combining, restricting, erasing, or destroying personal data.
Restriction of processing Restriction of processing involves marking stored personal data with the aim of limiting its processing in the future.
Data controller A data controller is a natural or legal person, authority, agency, or other body that, alone or jointly with others, determines the purposes and means of processing personal data. If the purposes and means of this processing are determined by Union law or the law of the Member States, the data controller may be designated or the specific criteria for their designation may be provided for by Union law or the law of the Member States.
Data processor A data processor is a natural or legal person, authority, agency, or other body that processes personal data on behalf of the data controller.
Recipient A recipient is a natural or legal person, authority, agency, or other body to whom personal data is disclosed, whether or not they are a third party. However, authorities that may receive personal data in the context of a specific investigation under Union law or the law of the Member States are not considered recipients.
Third party A third party is a natural or legal person, authority, agency, or other body other than the data subject, the data controller, the data processor, and the persons who, under the direct authority of the data controller or the data processor, are authorized to process personal data.
Consent Consent is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of their personal data.

2. Name and Address of the Data Controller

The data controller, as defined in Article 4(7) of the General Data Protection Regulation (GDPR) and other applicable data protection laws of the European Union member states and other provisions with data protection character, is:

Scopevisio AG
Rheinwerkallee 3
53227 Bonn
Tel.: 0800 800 800 2
Fax: 0800 500 00 20
Email: info@scopevisio.com
Website: www.scopevisio.com

Inquiries and requests for information, changes, blocking, or deletion can be sent by mail to this address or by email to the email address provided above.

3. Name and Address of the Data Protection Officer

The data protection officer of the data controller is:

Günter Hilgers
EcoVisio GmbH
Rheinwerkallee 3
53227 Bonn
Email: datenschutz@scopevisio.com

Any individual concerned can contact our data protection officer directly with any questions or suggestions regarding data protection.

4. Contact Details of the Supervisory Authority

The competent supervisory authority for the data controller is:

Name: Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Street: Kavalleriestraße 2 – 4
City: 40213 Düsseldorf
Phone: 0211 / 38424-0
Fax: 0211 / 38424-10
Email: poststelle@ldi.nrw.de

5. Cookies

A cookie is a small data record that is stored on your end device and contains data such as personal page settings and login information. This data record is generated and sent to you by the web server to which you have established a connection via your web browser. In general, we use cookies to analyse interest in our websites and to improve the user-friendliness of our websites. In principle, you can also access our websites without cookies. However, if you wish to use our websites fully or conveniently, you should accept those cookies that enable the use of certain functions or make use more convenient. The purposes of the cookies we use can be found in the consent management when you first access our website or subsequently by accessing the cookie services control under ‘Cookies’ on our website.

When you use our website, you will be asked to consent to the use of cookies, unless they are required for the proper operation of the website. You can decide whether you consent to the use of cookies requiring consent in the Consent Manager on our website.

You also have the option of setting your browser so that cookies are displayed before they are stored, only certain cookies are accepted or rejected, or cookies are generally rejected. We would like to point out that changes to settings in the browser always only affect the respective browser. If you use different browsers or change your end device, you will have to make the settings again. You can also delete cookies from your storage medium at any time. For information on cookie settings, how to change them and how to delete cookies, please refer to the help function of your web browser.
The most common types of cookies are explained below for your understanding:

5.1 Session cookies

While you are active on a website, a session cookie is temporarily stored in your computer’s memory, in which a session identifier is stored, e.g. to prevent you from having to log in again each time you change pages. Session cookies are deleted when you log out or lose their validity as soon as your session has automatically expired.

5.2 Persistent or protocol cookies

A persistent or protocol cookie stores a file on your computer for the period specified in the expiry date. These cookies enable websites to remember your information and settings on your next visit. This leads to faster and more convenient access, as you do not have to set your language preferences for our portal again, for example. Once the expiry date has passed, the cookie is automatically deleted when you visit the website that created it.

5.3 Third-party cookies

Third-party cookies originate from providers other than the operator of the website. They can be used, for example, to collect information for advertising, customised content and web statistics.

5.4 Flash cookies

Flash cookies are stored on your computer as data elements of websites if they are operated with Adobe Flash. Flash cookies have no time limit.

5.5.1 Description and purpose of data processing

A cookie consent tool is implemented on the website so that you can control the use of cookies (hereinafter: Usercentrics). Usercentrics is operated by Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, and shows you a cookie list organised by function group, explains the purpose of the cookie function groups and the individual cookies as well as their storage duration.

The Usercentrics Consent Management Platform collects log file and consent data using JavaScript. This JavaScript makes it possible to inform users about their consent to certain tags on our website and to obtain, manage and document this consent.

We process the following data:

– Consent data or consent data (anonymised logbook data (Consent ID, Processor ID, Controller ID), Consent Status, Timestamp)

– Device data or data of the devices used (including truncated IP addresses (IP v4, IP v6), device information, timestamp)

– User data or user data (including email, ID, browser information, SettingIDs, changelog)

The ConsentID (contains the above-mentioned data), the consent status including time stamp are stored in the local memory of your browser and at the same time on the cloud servers used. Further processing will only take place if you submit a request for information or revoke your consent. In this case, the relevant information will be provided to the controller in a compact data format in an easily readable text form for the purpose of data exchange.

No user information is stored for statistics on the use of the consent given or not given. Only the frequency and locations of clicks are stored.

Saving a cookie is technically necessary for the use of Usercentrics.

5.5.2 Legal basis for processing

Usercentrics is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 sentence 1 lit. c GDPR.

5.5.3 Duration of storage, objection and removal options

The data collected in this way is stored until you ask us to delete it, delete the cookie yourself or the purpose for storing the data no longer applies. The associated cookie has a duration of 60 days. The revocation document of a previously granted consent is stored for a period of three years. The retention is based on our accountability pursuant to Art. 5 para. 2 GDPR. Mandatory statutory retention periods remain unaffected.

5.5.4 Order processing

We have concluded an order processing contract with Usercentrics. This is a contract required by data protection law, which ensures that Usercentrics processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

6. Collection of general data and information

Our website collects a series of general data and information each time the website is accessed by a data subject or an automated system. This general data and information is stored in the server log files. The (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrer), (4) the sub-websites which are accessed via an accessing system on our website can be recorded, (5) the date and time of access to the website, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing system and (8) other similar data and information used for security purposes in the event of attacks on our information technology systems.

When using this general data and information, we do not draw any conclusions about the data subject. Rather, this information is required to (1) correctly deliver the content of our website, (2) optimise the content of our website and the advertising for it, (3) ensure the long-term functionality of our information technology systems and the technology of our website and (4) provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber attack. This anonymously collected data and information is therefore analysed by us both statistically and with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

We also use local storage and session storage technology (also known as ‘local data’, ‘local storage’ and ‘session storage’). With local storage, data is stored locally in the cache of your browser, which continues to exist and can be read even after closing the browser window or exiting the programme if you do not actively delete the cache. Local storage allows your preferences to be stored on your computer and used by you when you use our websites. The function of Session Storage corresponds in content to the Local Storage described, except that the corresponding data is automatically removed from your browser’s cache immediately after closing the browser (‘session’).

Third parties cannot access the data stored in Local Storage or Session Storage. They are not passed on to third parties and are not used for advertising purposes. In particular, this technology is used to present our content to you in an appealing graphic display (e.g. pop-up windows, etc.) and to personalise our offer and navigation on our pages for you. You can manage local storage content in the browser via the settings for ‘History’ or ‘Local data’, depending on which browser you are using. If you restrict the described functions accordingly, this may result in functional restrictions.

The legal basis for the processing of personal data

is Art. 6 para. 1 lit. f GDPR (legitimate interest). Our legitimate interest is to maintain the compatibility and stability of this web application for as many users as possible, including combating misuse and troubleshooting.

Duration of storage

The aforementioned technical data will be deleted as soon as it is no longer required to ensure the compatibility of this web application for all visitors, but no later than 3 months after using the web application. We have no influence on the storage period of the data in your local storage. You can manage local storage content in the browser via the settings for ‘History’ or ‘Local data’, depending on which browser you are using. If you restrict the described functions accordingly, this may result in functional restrictions.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from ‘http://’ to ‘https://’ and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

7. Scope and purpose of the data collected

7.1 Scopevisio websites – Generally

The following data is stored each time a website or a file accessible via a browser programme is requested:

– The requested web page or file,

– the date and time of the request

– the amount of data transferred,

– the description of the type of web browser and operating system used

– the IP address of the requesting computer,

This information is used to optimise Scopevisio websites and to log any attacks on our services via the Internet.

The data listed will be deleted automatically or by Scopevisio AG employees after one year.

7.2 Scopevisio websites – accounting services

During registration for the accounting services provided by Scopevisio AG, at least the following data from the mandatory fields are stored:

– E-mail address of the user,

– Name of the company,

– First and last name of the user,

– postcode,

– city,

– Sector in which the company operates,

– Legal form of the company,

– Number of employees in the company,

– Estimated number of monthly accounting documents.

Scopevisio AG uses this data to provide the user with a partner who can perform the accounting service selected by the user. For this purpose, the above-mentioned information is passed on to the selected partner.

Scopevisio AG is also authorised to collect and store this data in the context of a registration and to pass it on to a partner for the provision of the accounting service, provided that this purpose of use is separately indicated on the corresponding web pages.

7.3 Scopevisio – AI assistant

We have integrated a solution based on artificial intelligence (AI-based application) on our website to provide you with efficient support for questions relating to our products and services. This application provides you with comprehensive support for your questions in this regard.

The application only supports you with regard to data that is available on the website. General enquiries or enquiries on topics that are not part of the website, in particular enquiries to the World Wide Web (www), cannot be processed via the AI-based application.

In addition to providing information on topics relating to the Scopevisio website, there is also the possibility that we will use your user input to further develop answers to your questions in the application’s learning model.

The data you enter is not transmitted directly to the LLM, but is first sent to our own system (backend). There, your enquiries are enriched with relevant information from the online help and then forwarded to the LLM for processing.

The LLM’s answers are sent back to you via our backend. At no time is there a direct connection between you and the LLM.

This architecture allows you to use the service anonymously.

7.4 Scopevisio websites – contact form, support enquiries and webinars

The Scopevisio websites contain the option of making general contact with Scopevisio AG, submitting enquiries directly to Scopevisio AG’s support team or registering for webinars. At least the following data from the mandatory fields is stored:

– E-mail address,

– Free text (only contact form and support enquiry),

– telephone number (webinars only).

This data is used by Scopevisio AG to respond to enquiries or to announce dates for webinars.

The data stored in individual cases corresponds to the fields specified in the forms and can therefore be seen directly from the forms. The data will only be passed on to third parties with the consent of the respective user.

7.5 Scopevisio Software – Registration

During registration for the Scopevisio Software via the website, the user’s e-mail address is stored. The password for the Scopevisio software entered during the registration process is stored exclusively in encrypted form and cannot be decrypted by Scopevisio AG.

Scopevisio AG expressly points out that the e-mail addresses of all active (i.e. not deleted) users are used to send notifications to these users regarding the availability of our contractually guaranteed services, e.g. notification of maintenance periods. As this is information relating to the fulfilment of the contract, it is not possible to unsubscribe from these messages.

7.6 Scopevisio Software

Each time data is requested or saved, various actions can be performed on the server side in order to read, save and process the data before a transfer or response is sent to the user’s calling computer. The following data is stored as part of these actions:

– The type of action to be performed and all other actions performed automatically as part of the execution,

– the date and time of the start and end of all actions performed

– the customer number used

– the login name of the user used,

– the ID of the user session used,

– the amount of data transferred both from the user’s computer to the Scopevisio AG servers and in the opposite direction,

– the type and amount of data requested but not the content,

– the IP address of the computer.

This data is stored on the Scopevisio AG servers for a maximum period of one year and then deleted automatically or by Scopevisio AG employees. It is used to optimise Scopevisio services, for capacity planning, to investigate misuse and any errors that may occur in the Scopevisio software (bugs).

In addition to the data mentioned above, all data entered directly by users of the Scopevisio software is stored on Scopevisio AG’s servers for the duration of the contractual relationship. This data is not used by Scopevisio AG.

Authorised users may request the deletion of all data entered into the Scopevisio software by themselves by writing to the addresses listed under 2). Scopevisio AG expressly points out that in this case it is no longer possible for Scopevisio AG to fulfil the contract and that there is no entitlement to compensation or reimbursement of any payments already made for the fulfilment of the contract.

7.7 Customer Database

Scopevisio AG maintains an internal customer database in which all relevant customer-related events and notes are stored.

These include:

• Customer number,

• Company name,

• Company address,

• Email addresses of all active (i.e. not deleted) users,

• Names of all active (i.e. not deleted) users,

• Notes on telephone calls,

• Billing information,

• Statistical information on usage.

This data is used to optimise the support provided to Scopevisio AG customers by the support and sales departments. In addition, statistical evaluations of this data are used to optimise the scope of services provided by Scopevisio. This data is not passed on to third parties. Users can request the deletion of this data in writing to the addresses listed under 2).

7.8 Cooperation partners

The personal data collected by Scopevisio AG may, with your express consent, also be passed on to cooperation partners for use within the scope of the previously stated purpose. A list of our cooperation partners can be found here.

These are not included in this privacy policy and may collect and use additional data outside the sphere of influence of Scopevisio AG.

7.9 Extended data use

After the user has given their recorded consent to ‘extended data processing,’ Scopevisio AG is entitled to collect, process, and use personal data, profile data, and demographic data for the purpose of optimising Scopevisio services. After the user has given their consent, Scopevisio AG is not obliged to delete the usage data as soon as possible, i.e. at the latest immediately after the end of the respective use, but is entitled to store it.

Furthermore, after the user has given their consent, Scopevisio AG is not obliged to delete the usage data as soon as possible, i.e. at the latest immediately after the end of the respective use, but is entitled to store it is not obliged to delete the usage data as soon as possible, i.e. at the latest immediately after the end of the respective use, but is entitled to store it.

Furthermore, Scopevisio AG is entitled, with the user’s consent, to pass on their personal data to cooperation partners for the purposes of advertising, market research, information about products and services, the delivery of offers for the conclusion of contracts for servicesand further information optimally tailored to the interests of the user through a newsletter. Consent is given by ticking the appropriate box. The consent given is logged and can only be revoked by written request from the user to the address listed under 2).

Our website contains information that enables quick electronic contact with our Our website contains information that enables quick electronic contact with our company and direct communication with us, which also includes a general address for so-called electronic mail (e-mail address). If a data subject contacts the controller responsible for processing by e-mail or via a contact form, the personal data transmitted by the data subject is automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the controller is stored for the purpose of processing or contacting the data subject. This personal data is not passed on to third parties.

On our website, you have the option of subscribing to our company newsletter.

The personal data transmitted to the controller when subscribing to our newsletter is determined by the input mask used for this purpose. We regularly inform our customers and business partners about our company and our offers by means of a newsletter. The newsletter of our company can only be received by the data subject if we have obtained consent for this in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. Therefore, the data subject can only receive the newsletter if we have obtained consent for this in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. The newsletter of our company can only be received by the data subject if we have obtained consent for this in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. Therefore, the data subject can only receive the newsletter if we The newsletter of our company can only be received by the data subject if we have obtained consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. Therefore, the newsletter can only be received if (1) the data subject has a valid email address and (2) the data subject registers for the newsletter. For legal reasons, a confirmation email is sent to the email address entered by a data subject for the first time for the newsletter dispatch using the double opt-in procedure. This confirmation email serves to verify that the owner of the email address, as the data subject, has authorised the receipt of thenewsletter.

When registering for the newsletter, we also store the IP address assigned by the Internet service provider (ISP) to the computer system used by the data subject at the time of registration, as well as the date and time of registration. The collection of this data is necessary in order to be able to trace any (possible) misuse of the data subject’s email address at a later date and therefore serves to provide legal protection for the controller (legal basis: Art. 6 para. 1 sentence 1 lit. c GDPR).

The personal data collected in the context of a newsletter subscription is used exclusively for the purpose of sending our newsletter. Furthermore, subscribers to the newsletter may be informed by email if this is necessary for the operation of the newsletter service or a related registration, as may be the case in the event of changes to the newsletter offer or changes to the technical conditions. The personal data collected as part of the newsletter service will not be passed on to third parties.

The subscription to our newsletter can be cancelled by the data subject at any time. The consent to the storage of personal data that the data subject has given us for the purpose of sending the newsletter can be revoked at any time. For the purpose of revoking consent, a corresponding link is provided in each newsletter. Furthermore, it is also possible to unsubscribe from the newsletter at any time directly on the website of the controller responsible for processing or to notify the controller responsible for processing in another way.

Our newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in emails sent in HTML format to enable log file recording and log file analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns to be carried out. Using the embedded tracking pixel, we can see whether and when an email was opened by a data subject and which links in the email were clicked on by the data subject. Such personal data collected via the tracking pixels contained in the newsletters is stored and evaluated by the controller in order to optimise the optimise the newsletter dispatch and to tailor the content of future newsletters even better to the interests of the data subject. This personal data is not passed on to third parties.

Data subjects are entitled to revoke the separate declaration of consent given via the double opt-in procedure at any time. After revocation, this personal data will be deleted by the controller.We automatically interpret unsubscribing from the newsletter as revocation.

10. Deletion and blocking of personal data

The controller processes and stores personal data of the data subject only for the period necessary to achieve the purpose of storage or if this is provided for in laws or regulations to which the controller is subject. If the purpose of storage no longer applies or if a storage period prescribed by another competent legislator expires, the personal data is blocked or deleted in accordance with the statutory provisions.

If the data subject requests the deletion of personal data, the controller will delete the data unless there are legal requirements for storage. If the purpose of storage no longer applies or if a storage period prescribed by another competent legislator expires, the personal data will be blocked or deleted in accordance with legal regulations.

11. Rights of the data subject

a) Right to information

You can exercise your right to information under Art. 15 GDPR at any time by contacting us to find out whether we are processing personal data relating to you.

b) Right to rectification

You can exercise your right to rectification under Art. 16 GDPR at any time by contacting us and requesting therectification of inaccurate personal data relating to you.

c) Right to restriction of processing

You can exercise your right to restriction of processing under Art. 18 GDPR at any timeand request the restriction of processing, provided that the legal requirements for this are met.

d) Right to erasure

You may exercise your right to erasure under Art. 17 GDPR at any time and request that personal data concerning you be erased immediately if this is no longer necessary for the purposes for which it was collected or otherwise processed. This right to erasure may be precluded by other legal obligations (e.g. retention obligations).

e) Right to information

You may exercise your right to information under Art. 19 GDPR at any time. If you have asserted your right to erasure, rectification or restriction of processing of your personal data, we are obliged to notify all recipients to whom your personal data has been disclosed of the rectification or deletion of the data or the restriction of processing, unless this proves impossible or involves disproportionate effort. You have the right to be informed about these recipients.

f) Right to data portability

You may exercise your right to data portability in accordance with Art. 20 GDPR at any time. You have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request its transfer to another controller, if this is technically feasible.

g) Right to object

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6(1) (e) or (f) GDPR; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defence of legal claims (objection pursuant to Art. 21(1) GDPR). If we process personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data for such marketing purposes; this also applies to profiling insofar as it is related to such direct marketing. If the data subject objects to us processing for direct marketing purposes, we will no longer process the personal data for these purposes (objection pursuant to Art. 21(2) GDPR). To exercise the right to object, the data subject may contact us directly. The data subject is also free to exercise their right to object by means of automated procedures

h) Right to withdraw consent under data protection law

You have the right to withdraw your consent to the processing of personal data under data protection law at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal.

i) Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

j) Right to receive a copy of the data processed

Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have

the right to lodge a complaint with a supervisory authority, in particular in the Member State of your

place of residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

j) Right to receive a copy of the data processed

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.You have the right to request that the controller rectify any inaccurate personal data concerning you.

12. Data protection for applications and during the application process1

We offer you the opportunity to apply for a position with us or one of our partner companies (e.g. via our applicant platform, by email or by post). Below, we provide information about the scope, purpose and use of your personal data collected during the application process. We assure you that the collection, processing and use of your data is carried out in accordance with applicable data protection law and all other legal provisions and that your data will be treated as strictly confidential.

Scope and purpose of data collection

When you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes taken during job interviews, etc.) to the extent necessary to decide on the establishment of an employment relationship. Detailed information on the type and scope of the data collected can be found at Information Art 13 GDPR Applicants – InviteGroup – Status 20210825.pdf (softgarden.de). The legal basis for this is Section 26 BDSG-neu under German law (initiation of an employment relationship), Art. 6 (1) lit. b GDPR (general contract initiation) and – if you have given your consent – Art. 6 (1) lit. a GDPR. Consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application. If your application is successful, the data you submit will be stored in our data processing systems on the basis of Section 26 BDSG-neu and Art. 6 (1) lit. b GDPR for the purpose of implementing the employment relationship.

Data retention period

If we are unable to offer you a position, you decline a job offer or withdraw your application, we reserve the right to retain the data you have provided on the basis of our legitimate interests (Art. 6 (1) (f) GDPR) for up to 6 months from the the end of the application process (rejection or withdrawal of the application). The data will then be deleted and the physical application documents destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is apparent If it is apparent that the data will be required after the 6-month period has expired (e.g. due to an imminent or pending legal dispute), deletion will only take place when the purpose for further storage no longer applies. Longer storage may also take place if you have given your consent (Art. 6 (1) (a) GDPR) or if statutory retention obligations prevent deletion.

Order processing

For the administrative processes of the application procedure, we use the services of the Invite Group GmbH

Rheinwerkallee 3

53227 Bonn

Email: jobs@scopevisio.com

as a service provider for job advertisements and for analysing applications. We have concluded a contract with Invite Group GmbH, Bonn, for order processing in accordance with Art. 28 GDPR. With regard to the technical processes of the application procedure via the application platform, Invite Group GmbH uses Softgarden e-Recruiting GmbH

Tauentzienstr. 14

10789 Berlin

Tel.: 030 884 940 483

Email: info@softgarden.de

Invite Group GmbH, Bonn has concluded an agreement with the subcontractor in accordance with Art. 28 GDPR for order processing.

13. Data protection provisions regarding the use of fan pages

13.1 Data protection declaration for Facebook fan page

13.1.1 Responsible parties

As the operator of this Facebook page, we (Scopevisio AG, Rheinwerkallee 3, 53227 Bonn, Germany) are jointly responsible with the operator of the social network Facebook (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland, a company of Meta Platforms Inc., 1 Mata Way, Menlo Park, California 94025-1453, USA) are responsible for processing data within the meaning of Art. 4 No. 7 of the General Data Protection Regulation (GDPR). When you visit our Facebook page, personal data is processed by the responsible parties. Below, we provide information about what data is involved, how it is processed and what rights you have in this regard. As the controller of this page, we have entered into agreements with Facebook which, among other things, regulate the conditions for using the Facebook page. The Facebook Terms of Use and the other terms and guidelines listed at the end of the Terms of Use are decisive.

13.1.2 Purposes of processing

The processing of the information is intended, among other things, to enable Facebook to improve its system of advertising, which it distributes via its network. On the other hand, it is intended to enable us, as the operator of the Facebook page, to obtain statistics that Facebook compiles based on visits to our Facebook page. The purpose of this is to control the marketing of our activities. For example, it enables us to gain knowledge about the profiles of visitors who like our Facebook page or use the page’s applications, so that we can provide them with more relevant content and develop features that may be of greater interest to them.In order to better understand how we can use our Facebook page to better achieve our goals, demographic and geographic analyses are also created based on the information collected and made available to us. We can use this information to place targeted, interest-based advertisements without directly obtaining knowledge of the identity of the visitor. If visitors use Facebook on multiple devices, the collection and analysis can also be carried out across devices if the visitors are registered and logged into their own profiles. The visitor statistics created are transmitted to us exclusively in anonymised form. We do not have access to the underlying data.

13.1.3 Legal basis and legitimate interests

We operate this Facebook page to present ourselves to Facebook users and other interested persons who visit our Facebook page and to communicate with them. The processing of users’ personal data is based on our legitimate interests in optimising our company presentation (Art. 6 (1) (f) GDPR). The use of this service is based on your consent in accordance with Art. 6 (1) (a) GDPR and § 25 (1) TDDDG. Consent can be revoked at any time.

13.1.4 Transfer of data
We have no influence on the collection of data by Facebook, nor on the data processing operations carried out by Facebook. We are also unaware of the scope of data collection, the purposes of processing or the storage periods. The transfer of data in anonymised statistics cannot therefore be ruled out.
When you visit our Facebook page, it is conceivable that some of the information collected may also be processed outside the European Union by Facebook Inc. based in the USA. We would like to point out that the USA is considered by the European Court of Justice to be a country with a level of data protection that is insufficient according to EU standards. There is therefore a risk that your data may be processed by US authorities for control and surveillance purposes, possibly without any legal recourse. You can decide for yourself in the consent management section of the Facebook page whether you want to consent to such a transfer or not. In such a case, the transfer is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR.

In addition, the processing of personal data and its security is ensured by the
so-called standard contractual clauses. These ensure that the processing is subject to a
level of security that complies with the GDPR. Meta Platforms Inc., 1 Meta Way, Melo
Park, California 94025-1453 is also certified under the EU-U.S. Data Privacy Framework Programme.
The EU-U.S. Data Privacy Framework is a bilateral adequacy decision for the transfer of
personal data from the EU to the U.S. Proof of certification can be found here:
https://www.dataprivacyframework.gov/s/participant-search/participant-
detail?id=a2zt0000000GnywAAC&status=Active
We ourselves do not pass on any personal data.

13.1.5 Options for objection

Facebook users can use the advertising preferences settings to influence the extent to which their user behaviour may be recorded when visiting our Facebook page. Further options are available in the Facebook settings, the consent management of the fan page or the form for the right of objection. The processing of information using cookies used by Facebook can be prevented by not allowing third-party cookies or Facebook cookies in your browser settings.

13.1.6 Nature of joint responsibility

The agreements with Facebook, including those on joint responsibility, essentially stipulate that requests for information and the assertion of other data subject rights should be made directly to Facebook. As the provider of the social network and the option to integrate Facebook pages there, Facebook alone has direct access to the necessary i formation and can also immediately take any necessary measures and provide information. Should oursupport nevertheless be required, we can be contacted at any time.

13.1.7 Information on contact options and further rights as a data subject

Further information on our contact details, the rights of data subjects vis-à-vis us and how we process personal data can be found in this privacy policy. Information on how Facebook handles personal data can be found in its privacy policy.

13.2 Privacy Policy for Instagram

13.2.1 Responsible parties

As the operator of this Instagram page, we (Scopevisio AG, Rheinwerkallee 3, 53227 Bonn) are jointly responsible with the operator of the social network Instagram (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland, a company of Meta Platforms Inc., 1 Mata Way, Menlo Park, California 94025-1453, USA) are responsible for data processing within the meaning of Art. 4 No. 7 of the General Data Protection Regulation (GDPR). When you visit our Instagram page, personal data is processed by the controllers. Below, we provide information about what data is involved, how it is processed and what rights you have in this regard As the controller of this page, we have entered into agreements with Facebook which, among other things, govern the terms and conditions for using the Instagram page. The terms and conditions of use of Facebook and Instagram at https://help.instagram.com/581066165581870 and the other terms and conditions and guidelines listed at the end of that page are decisive.

13.2.2 Purposes of processing

The processing of the information is intended, among other things, to enable Facebook to improve its advertising system, which it disseminates via its network. It is also intended to enable us, as the operator, to improve our website.

13.2.2 Purposes of processing

The processing of the information is intended, among other things, to enable Facebook to improve its system of advertising, which it distributes via its network. On the other hand, it is intended to enable us, as the operator of the Instagram page, to obtain statistics that Facebook compiles based on visits to our Instagram page. The purpose of this is to control the marketing of our activities. For example, it enables us to gain knowledge about the profiles of visitors who appreciate our Instagram page or use the page’s applications, so that we can provide them with more relevant content and develop features that may be of greater interest to them. In order to better understand how we can better achieve our goals with our Instagram page, demographic and geographic These evaluations are then made available to us. We can use this information to place targeted, interest-based advertisements without directly obtaining knowledge of the identity of the visitor. If visitors use Instagram on multiple devices, the collection and evaluation can also be carried out across devices if the visitors are registered and logged into their own profiles. The visitor statistics created are transmitted to us exclusively in anonymised form. We have no access to the underlying data.

13.2.3 Legal basis and legitimate interests

We operate this Instagram page to present ourselves to Instagram users and other interested persons who visit our Instagram page and to communicate with them The processing of users’ personal data is based on our legitimate interests in optimising our company presentation (Art. 6 (1) (f) GDPR). The use of this service is based on your consent in accordance with Art. 6 (1) (a) GDPR and § 25 (1) TDDDG. Consent can be revoked at any time.

13.2.4 Transfer of data

We have no influence on the collection of data by Instagram or on the data processing operations carried out by Facebook.Nor are we aware of the scope of data collection, the purposes of processing or the storage periods. The transfer of data i nymised statistics cannot therefore be ruled out. When you visit our Instagram page, it is conceivable that some of the information collected may also be processed outside the European Union by Facebook Inc. based in the USA. We would like to point out that the USA is considered by the European Court of Justice to be a country with a level of data protection that is insufficient according to EU standards. There is therefore a risk that your data may be processed by US authorities for control and surveillance purposes, possibly without any legal recourse. You can decide for yourself in the consent management section of the Instagram page whether you want to consent to such a transfer or not. In such a case, the transfer is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. In addition, the processing of personal data and its security is ensured by the In addition, the processing of personal data and its security is ensured by the so-called standard contractual clauses. These ensure that the processing is subject to a level of security that complies with the GDPR. Meta Platforms Inc., 1 Meta Way, Melo Park, California 94025-1453 is also certified under the EU-U.S. Data Privacy Framework Programme. The EU-U.S. Data Privacy Framework is a bilateral adequacy decision for the transfer of personal data from the EU to the U.S. Proof of certification can be found here: You can find it here:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC&status=Active
We ourselves do not pass on any personal data.

13.2.5 Options for objection
Instagram users can use the advertising preferences settings to influence the extent to which their user behaviour may be tracked when visiting our Instagram page. Further options are available in the Facebook and Instagram settings at:
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Fads%2Fpreferences%2F%3Fentry_product%3Dad_settings_screen
https://www.instagram.com/accounts/login/?next=/accounts/privacy_and_security/
or the form for exercising the right to object at:
https://www.facebook.com/help/contact/1994830130782319 .
The processing of information using cookies employed by Facebook can be prevented by disabling third-party cookies or Facebook cookies in your browser settings.

13.2.6 Nature of joint responsibility
The agreements with Facebook, including those relating to joint responsibility, essentially stipulate that requests for information and the assertion of other data subject rights should be made directly to Facebook. As the provider of the social
network and the option to integrate pages there, Facebook alone has
direct access to the necessary information and can also immediately
take any necessary measures and provide information. However, if our
support is required, we can be contacted at any time.
13.2.7 Information on contact options and other rights as a data subject
Further information on our contact details, the rights of data subjects vis-à-vis us
and how we process personal data can be found in this
privacy policy.
Information on how Facebook handles personal data on Instagram can be found
in their privacy policy (Facebook) and at https://help.instagram.com/519522125107875
(Instagram).

13.2.7 Information on contact options and other rights as a data subject

13.3 Privacy policy for our X account (formerly Twitter)

13.3.1 Responsible party

As the operator of the X account, we (Scopevisio AG, Rheinwerkallee 3, 53227 Bonn, Germany) are jointly responsible with the operator of the social network X (Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland, a company of X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94102, USA) are responsible within the meaning of Art. 4 No. 7 of the General Data Protection Regulation (GDPR). When you visit our X page, personal data is processed by the controllers. Below, we provide information about what data is involved, how it is processed and what rights you have in this regard. As the controller of this page, we have entered into agreements with X that, among other things, As the controller of this page, we have entered into agreements with X which, among other things, govern the terms and conditions for using the X page. The general terms and conditions at https://x.com/de/tos#intlTerms and the other terms and conditions and guidelines listed there are decisive.

13.3.2 Purposes of processing

The processing of the information is intended, among other things, to enable X to improve its system of advertising, which The processing of the information is intended, among other things, to enable X to improve its system of advertising, which it distributes via its network. On the other hand, it should enable us, as the operator of the X site, to obtain statistics that X compiles based on visits to our X site. This is for the purpose of controlling the marketing of our activities. For example, it enables us to gain knowledge about the profiles of visitors who appreciate our X page or use applications on the page in order to provide them with more relevant content and develop features that may be of greater interest to them. In order to better understand how we can better achieve our goals with our X page, demographic and geographic analyses are also created based on the information collected and made available to us. We can use this information to place targeted interest-based advertisements without directly obtaining knowledge of the identity of the visitor. If visitors use X on multiple devices, the collection and evaluation can also be carried out across devices if the visitors are registered and logged into their own profile. The visitor statistics created are transmitted to us exclusively in anonymised form. We have no access to the underlying data.

13.3.3 Legal basis and legitimate interests

We operate this X page in order to present ourselves to users of X and other interested persons who visit our X page and to communicate with them. The processing of users’ personal data is based on our legitimate interests in optimising our company presentation (Art. 6 (1) (f) GDPR). The use of this service is based on your consent in accordance with Art. 6 (1) (a) GDPR and § 25 (1) TDDDG. Consent can be revoked at any time.

13.3.4 Transfer of data

We have no influence on the collection of data by X, nor on the data processing operations carried out by X. We are also unaware of the scope of data collection, the purposes of processing or the storage periods. The transfer of data in anonymised statistics cannot therefore be ruled out. If you visit our X page, it is conceivable that some of the information collected may also be processed When you visit our X page, it is conceivable that some of the information collected may also be processed outside the European Union by X Corp. based in the USA. We would like to point out that the USA is considered by the European Court of Justice to be a country with an inadequate level of data protection according to EU standards. There is therefore a risk that your There is therefore a risk that your data may be processed by US authorities for control and surveillance purposes, possibly without any legal recourse. You can decide for yourself in the consent management section of the X page whether you want to consent to such a transfer or not. In such a case, the transfer is based on your consent in accordance with Art. 6 (1) lit. a GDPR. In addition, the processing of personal data and its security is ensured by the so-called standard contractual clauses. These ensure that the processing is subject to a level of security that complies with the GDPR. Furthermore, X Corporation, 1355 Market Street, Suite 900, San Francisco, CA 94102, USA, is certified under the EU-U.S. Data Privacy Framework Program. The EU-U.S. Data Privacy Framework is a bilateral adequacy decision for the transfer of personal data from the EU to the USA. Proof of certification can be found here: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzNaAAK&status=Active

We ourselves do not pass on any personal data.

13.3.5 Options for objection

Twitter users can use the advertising preferences settings to influence the extent to which their user behaviour may be tracked when visiting our Twitter page. Options are available in the settings in the X account or at https://x.com/de/privacy. The processing of information using the cookies used by X can be prevented by disabling third-party cookies or cookies from X in your browser settings. The agreements with X, including those relating to joint responsibility, essentially stipulate that requests for information and the assertion of other data subject rights should be made directly to X. As the provider of the social network and the option to integrate X pages there, X alone has direct access to the necessary information and can also take any necessary measures and provide information directly. However, if our support is required, we can be contacted at any time.

13.3.7 Information on contact options and further rights as a data subject

Further information on our contact details, the rights of data subjects vis-à-vis us and how we process personal data can be found in this privacy policy. Information on the handling of personal data by X on X can be found in their privacy policy at: https://x.com/de/privacy. As the entity responsible for this page, we have entered into agreements with LinkedIn that, among other things, govern the terms and conditions for using the LinkedIn page. The terms and conditions of use of LinkedIn are decisive and can be found at: The LinkedIn terms of use at https://www.linkedin.com/legal/user-agreement?src=or-se-arch&veh=www.google.com%7Cgo-pa&trk=sem_lms_gaw
13.6.2 Purposes of processing
The processing of the information is intended, among other things, to enable LinkedIn to improve its system of advertising that it disseminates via its network. On the other hand, it is intended to enable us, as the operator of the LinkedIn page, to obtain statistics that LinkedIn compiles based on visitors to our LinkedIn page. This is for the purpose of managing the marketing of our activities. For example, it enables us to gain knowledge about the profiles of visitors who appreciate our LinkedIn page or use the page’s applications in order to provide you with relevant content and develop functions that may be of greatest interest to you. In order to better understand how we can better achieve our goals with our LinkedIn page, demographic and geographic evaluations are also created based on the information collected and made available to us. We can use this information to place targeted, interest-based advertisements without directly obtaining knowledge of the visitor’s identity. If visitors use LinkedIn on multiple devices, the collection and evaluation can also be carried out across devices if the visitors are registered and logged into their own profiles on each device. The information collected is used to create statistics that LinkedIn compiles based on visitors to our LinkedIn page. If visitors use LinkedIn on multiple devices, the collection and analysis can also be carried out across devices if the visitors are registered and logged into their own profiles. The visitor statistics created are transmitted to us exclusively in anonymised form. We do not have access to the underlying data.

13.6.3 Legal basis and legitimate interests
We operate this LinkedIn page to present ourselves to LinkedIn users and other interested parties who visit our LinkedIn page and to communicate with them. We operate this LinkedIn page to present ourselves to LinkedIn users and other interested persons who visit our LinkedIn page and to communicate with them. The processing of users’ personal data is based on our legitimate interests in optimising our company presentation (Art. 6 (1) (f) GDPR). The use of this service is based on your consent in accordance with Art. 6 (1) lit. a GDPR and § 25 (1) TDDDG. Consent can be revoked at any time.

13.6.4 Disclosure of data

We have no influence on the collection of data by LinkedIn or on the data processing operations carried out by LinkedIn.
We are also unaware of the scope of data collection, the purposes of processing or the storage periods. Furthermore, we are not aware of the scope of data collection, the purposes of processing or the storage periods. The forwarding of data in anonymised statistics cannot therefore be ruled out. When you visit our LinkedIn page, it is conceivable that some of the information collected may also be processed outside the European Union by LinkedIn Corporation, which is based in the USA. We would like to point out that the US is considered by the European Court of Justice to be a country with an inadequate level of data protection according to EU standards. There is therefore a risk that your data may be processed by US authorities for control and surveillance purposes, possibly without any legal recourse. You decide for yourself in the consent management section of the LinkedIn page whether you want to consent to a transfer or not. In such a case, your data will be transferred on the basis of your consent to the use of LinkedIn in accordance with Art. 6 (1) lit. a in conjunction with Art. 49 (1) lit. a GDPR, as consent to the use of LinkedIn always implies a transfer of data to the USA. In addition, the processing of personal data and its security is ensured by the so-called standard contractual clauses. These ensure that the processing is subject to a level of security that complies with the GDPR. Both Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, USA, and LinkedIn Corporation, 1000 W Maude Ave, Sunnyvale, CA 94085 (USA) are also certified under the EU-U.S. Data Privacy Framework Programme. The EU-U.S. Data Privacy Framework is a bilateral adequacy decision for the transfer of personal data from the EU to the USA. Proof of certification can be found here: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzNaAAK&status=Active We ourselves do not pass on any personal data.

13.6.5 Options for objection

LinkedIn users can influence the extent to which their user behaviour is recorded when visiting our LinkedIn page in the consent management section of the LinkedIn page. LinkedIn offers further options in the settings of the LinkedIn account and via the consent management of the fan page. The processing of information by means of the cookie used by LinkedIn can be prevented by not allowing third-party cookies or those from LinkedIn in your browser settings.

13.7.1 Information about the use of cookies

The use of cookies by third parties, such as Google, is described in the following sections. The processing of information using the cookies employed by LinkedIn can be prevented by disabling third-party cookies or LinkedIn cookies in your browser settings.

13.6.6 Nature of joint responsibility

The agreements with LinkedIn, including those relating to joint responsibility, essentially mean that requests for information and the assertion of other data subject rights should be made directly to LinkedIn. This is because, as the provider of the social network and the option of integrating LinkedIn pages into it, LinkedIn alone has direct access to the necessary information and can also take any necessary measures directly. As the provider of the social network and the option to integrate LinkedIn pages there, LinkedIn alone has direct access to the necessary information and can also immediately take any necessary measures and provide information. If our support is nevertheless required, we can be contacted at any time.

13.6.7 Information on contact options and further rights as a data subject

Further information on our contact details, the rights of data subjects vis-à-vis us and how we process personal data can be found in their privacy policy.

13.6.8 Further information on data protection

Further information on our contact details, the rights of data subjects vis-à-vis us and how we process personal data can be found in their data protection declaration. Information on how LinkedIn handles personal data on LinkedIn can be found in their privacy policy (https://www.linkedin.com/legal/privacy-policy?_l=de_DE).

14. Privacy Policy on the Use of Facebook Pixel, Facebook Custom Audiences, and Facebook Conversion

Within our online offering, we use the so-called “Facebook Pixel” of the social network Facebook, operated by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland, a company of Meta Platforms Inc., 1 Meta Way, Menlo Park, California 94025-1453, USA (“Facebook”).

With the help of the Facebook Pixel, Facebook is able to identify visitors to our online offering as a target group for displaying ads (so-called “Facebook Ads”). Accordingly, we use the Facebook Pixel to show our Facebook Ads only to Facebook users who have shown interest in our online offering or who have certain characteristics (e.g., interests in specific topics or products, based on the websites visited) that we transmit to Facebook (so-called “Custom Audiences”).
With the help of the Facebook Pixel, we also want to ensure that our Facebook Ads match the potential interests of users and do not appear annoying.

Furthermore, the Facebook Pixel allows us to track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “Conversion”).
We receive only statistical data from Facebook without reference to any specific individual. This enables us to evaluate the effectiveness of Facebook advertising for statistical and market research purposes.

If you are logged into Facebook, we refer you additionally to their privacy policy:
https://www.facebook.com/about/privacy/

Facebook’s Privacy Policy

Data processing by Facebook is carried out within the scope of Facebook’s data usage policy. Accordingly, you can find general information on the display of Facebook Ads in Facebook’s data usage policy. Specific information and details about the Facebook Pixel and how it works can be found in Facebook’s help section.

Legal Basis for the Processing of Personal Data

The storage of “Facebook Pixel cookies” and the use of this tool are based on your consent within the scope of our consent management system. Processing is carried out exclusively based on Art. 6 para. 1 lit. a GDPR. You can withdraw or modify your consent at any time via the consent management tool.

Data Transfer

When you visit our website, it is possible that some of the collected information is processed outside the European Union by Facebook Inc. based in the USA.
We would like to point out that the European Court of Justice has assessed the USA as a country with an inadequate level of data protection according to EU standards. There is a risk that your data may be processed by U.S. authorities for surveillance and control purposes, possibly without any legal remedies available to you.
You decide in the Facebook site’s consent management whether you agree to such a transfer or not. The transfer of your data in such a case is based on your consent to the use of Facebook in accordance with Art. 6 para. 1 lit. a in conjunction with Art. 49 para. 1 lit. a GDPR, as the use of Facebook always involves a possible data transfer to the USA.

In addition, the processing and protection of personal data is secured by so-called Standard Contractual Clauses. These ensure that processing is subject to a level of security equivalent to that of the GDPR.
Meta Platforms Inc., 1 Meta Way, Menlo Park, California 94025-1453, is also certified under the EU-U.S. Data Privacy Framework Program. The EU-U.S. Data Privacy Framework is a bilateral adequacy decision for the transfer of personal data from the EU to the USA.
You can find proof of certification here:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC&status=Active

We do not share any personal data.

Opt-Out Options

Facebook users can control to what extent their user behavior may be tracked under the ad preferences settings. Further options are available in the Facebook settings, in the consent management tool on our website, or via the opt-out form.

Processing of information via Facebook’s cookies can also be prevented by adjusting your browser settings to block third-party cookies or Facebook cookies.

Data Processing Agreement

For the processing of data in which Facebook acts as a data processor, we have concluded a data processing agreement with Facebook, obligating them to protect our customers’ data and not disclose it to third parties.

15. Privacy Policy on the Use of Google Analytics 4

If you have given your consent, this website uses Google Analytics 4, a web analytics service provided by Google LLC. The controller responsible for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

Scope of Processing
Google Analytics uses cookies that enable an analysis of your use of our website. The information collected through these cookies about your use of this website is generally transmitted to a Google server in the USA and stored there.

We use Google Signals. This enables additional information to be collected in Google Analytics about users who have enabled personalized ads (interests and demographic data), and ads can be delivered to these users in cross-device remarketing campaigns.

In Google Analytics 4, IP address anonymization is enabled by default. As a result, your IP address is shortened by Google within member states of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. According to Google, the IP address transmitted by your browser in the context of Google Analytics is not combined with other data held by Google.

During your website visit, your user behavior is recorded as “events.” Events can include:

Page views
First visit to the website
Start of a session
Your “click path,” interaction with the website
Scrolling (each time a user scrolls to the bottom of the page (90%))
Clicks on external links
Internal site searches
Interaction with videos
File downloads
Viewed / clicked ads
Language settings

Additionally, the following data is collected:

Your approximate location (region)
Your IP address (in shortened form)
Technical information about your browser and device (e.g., language setting, screen resolution)
Your internet provider
The referrer URL (which website/advertising source brought you to this site)

Purpose of Processing
On behalf of the operator of this website, Google uses this information to evaluate your pseudonymous usage of the website and compile reports on website activity. The reports provided by Google Analytics serve to analyze the performance of our website and the success of our marketing campaigns.

Recipients
The recipients of the data may include:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as a processor under Art. 28 GDPR)
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Alphabet Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

It cannot be ruled out that U.S. authorities may access the data stored by Google.

Data Transfer to Third Countries
If data is processed outside the EU/EEA and there is no adequate level of data protection, we have entered into EU Standard Contractual Clauses with the service provider to ensure an adequate level of data protection.
The parent company of Google Ireland, Google LLC, is based in California, USA. Therefore, it is possible that Google may also process your personal data in the USA.
We would like to point out that the USA is considered by the European Court of Justice to have an insufficient level of data protection by EU standards. There is a risk that your data may be accessed by U.S. authorities for control and monitoring purposes, possibly without any legal remedies available to you.
By consenting to the use of Google Analytics 4 in the consent management tool, you also agree to such a transfer of your data to the USA.
This transfer is based on your consent to the use of Google cookies pursuant to Art. 6 para. 1 lit. a in conjunction with Art. 49 para. 1 lit. a GDPR, as the use of Google cookies may always involve a data transfer to the USA.

In addition, the processing of personal data and its security is safeguarded by so-called Standard Contractual Clauses. These ensure that the processing is subject to a level of security equivalent to that of the GDPR.
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, USA, is also certified under the EU-U.S. Data Privacy Framework Program. The EU-U.S. Data Privacy Framework is a bilateral adequacy decision for the transfer of personal data from the EU to the USA.
You can find the certification here:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active

We do not share any personal data ourselves.

Storage Duration
The data we send and link to cookies is automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once per month.

Legal Basis
The legal basis for this data processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with Art. 49 para. 1 lit. a GDPR.

Withdrawal of Consent
You can withdraw your consent at any time with future effect by accessing the cookie settings at
https://www.scopevisio.com/cookies/ and changing your preferences.
The legality of processing carried out based on your consent before its withdrawal remains unaffected.

You can also prevent the storage of cookies altogether by configuring your browser settings accordingly.
Please note that if your browser is set to reject all cookies, it may result in limited functionality of this and other websites.
Furthermore, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, and the processing of this data by Google, by either:
a. Not giving your consent to the setting of cookies, or
b. Downloading and installing the browser add-on to deactivate Google Analytics [HERE].

Further information on Google Analytics terms of use and data protection can be found at:

16. Google Ads (formerly Google AdWords)

16.1 Google Ads Conversion

This website uses Google AdWords, an online advertising program provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

As part of Google AdWords, we use what’s known as conversion tracking. We use Google Ads Conversion to draw attention to our attractive offers on external websites using advertising materials (so-called Google Ads). Our goal is to show you advertising that is relevant to your interests, make our website more appealing, and enable a fair calculation of advertising costs.

When you click on a Google ad, a cookie is placed on your device for conversion tracking. If a user visits certain pages of this website and the cookie hasn’t expired, Google and we can recognize that the user clicked on the ad and was redirected to our website. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted in to conversion tracking. We learn the total number of users who clicked on an ad and were redirected to a page with a conversion tracking tag. However, we do not receive any information that personally identifies users.

We ourselves do not collect or process personal data as part of these advertising activities.

Due to the marketing tools used, your browser automatically establishes a direct connection to Google’s servers. We have no control over the scope and further use of the data that Google collects via this tool. Based on our current knowledge, we inform you as follows: through the integration of Ads Conversion, Google is informed that you have accessed the corresponding part of our website or clicked on one of our ads. If you are registered with a Google service, Google may link the visit to your Google account. Even if you are not registered or logged in with Google, it is still possible that Google will learn and store your IP address.

Legal basis for processing:
The storage of Google cookies and use of this tool takes place based on your consent within our Consent Management system. Processing is carried out exclusively under Art. 6 (1)(a) of the GDPR.

Data transfers:
Google also processes your personal data in the USA. We point out that the European Court of Justice considers the USA to have an inadequate level of data protection under EU standards. This means there is a risk that your data could be processed by U.S. authorities for control and monitoring purposes—possibly without legal remedies available to you.
Data transfer is therefore based on your explicit consent to the use of Google cookies in accordance with Art. 6 (1)(a) and Art. 49 (1)(a) GDPR.

Furthermore, Google secures the processing of personal data via Standard Contractual Clauses (SCCs) to ensure a level of protection equivalent to that of the GDPR.
Google LLC, 160 Amphitheatre Parkway, Mountain View, CA 94043-1351, USA, is also certified under the EU-U.S. Data Privacy Framework Program—a bilateral adequacy decision governing the transfer of personal data from the EU to the USA.
Proof of certification is available here:
Data Privacy Framework Certification

We do not share any personal data ourselves.

Opt-out from data collection:
If you do not wish to participate in tracking, you can object by disabling the Google conversion tracking cookie via your browser’s user settings. In that case, you will not be included in the conversion tracking statistics.

For more information about how Google handles user data in relation to Google Ads and conversion tracking, please visit:
https://www.google.de/policies/privacy/

You can configure your browser to:

Inform you when cookies are set
Allow cookies only in individual cases
Block cookies entirely or in specific cases
Automatically delete cookies when the browser is closed

Please note: if you deactivate cookies, the functionality of this website may be limited.

Storage period:
These cookies expire after 30 days and are not used for personal identification of users.

16.2 Google Ads Remarketing

We use the remarketing function within the Google Ads service. This function allows us to display interest-based ads to users of our website when they visit other websites in the Google Display Network (e.g., on Google Search, YouTube, or other websites).

To do this, we analyze how users interact with our website—for example, which products or offers they showed interest in. This allows us to present users with targeted advertising even after they have left our website.

For this purpose, Google stores a number in the browsers of users who visit certain Google services or websites in the Google Display Network. This number is stored in a cookie and is used to identify a specific web browser on a specific device. It is not used to identify a person.

Legal basis for processing:
The storage of Google remarketing cookies and the use of this tool is based on your consent via our Consent Management system. The processing is carried out exclusively under Art. 6 (1)(a) of the GDPR.
You may withdraw or change your consent at any time using our consent management tool.

You can configure your browser to:

Notify you when cookies are set
Allow cookies only in individual cases
Block cookies entirely or in specific cases
Automatically delete cookies when the browser is closed

Please note: disabling cookies may restrict website functionality.

Google may also process your personal data in the USA. As mentioned above, the European Court of Justice considers the USA to have inadequate data protection according to EU standards. There is a risk that your data may be accessed by U.S. authorities without legal remedies available to you.

By consenting to the use of Google cookies via our consent tool, you also agree to such data transfers to the USA. This is based on Art. 6 (1)(a) in conjunction with Art. 49 (1)(a) GDPR.

Additionally, Google secures this processing using Standard Contractual Clauses (SCCs).
Google LLC is also certified under the EU-U.S. Data Privacy Framework.
Certification details:
Data Privacy Framework Certification

We do not share any personal data ourselves.

Opt-out from data collection:
You can prevent participation in this tracking process in several ways:

a) By setting your browser to block third-party cookies—this will prevent ads from third-party providers
b) By installing the Google opt-out browser plugin:
https://www.google.com/settings/ads/plugin
c) By disabling interest-based ads from providers participating in the “About Ads” self-regulation program:
http://www.aboutads.info/choices (Note: setting may be lost if you delete your cookies)
d) By permanently disabling interest-based ads in Firefox, Internet Explorer, or Google Chrome:
http://www.google.com/settings/ads/plugin
e) Via your settings in the Consent Management tool on our website

Please note: in such cases, not all functions of our site may be available to their full extent.

Storage period: Up to 180 days (for cookies used by this website)

17. Microsoft Ads

We use the Microsoft Advertising service on our website, provided by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland (formerly Bing Ads), a company of the Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, USA.

Purpose of Processing

Microsoft Advertising is an online marketing service that supports us—through the tool Universal Event Tracking (UET)—in delivering targeted advertisements via the Microsoft Bing search engine.

Microsoft Ads enables us to track user activity on our website, provided users reached the site via a Microsoft Ads advertisement.

We have integrated a Microsoft Advertising UET tag on our website. This is a piece of code that works in conjunction with a cookie to store certain non-personal data about website usage. This includes:

Time spent on the website
Which areas of the website were accessed
Through which ad users reached the website

Your IP address is collected in encrypted form only. The cookie also stores a so-called Global UID (Globally Unique Identifier) assigned to your browser and/or a User ID linked to your Microsoft account.

Storage Duration

The collected information is transmitted to Microsoft servers in the USA and stored there for a maximum of 180 days.

Data Sharing

Microsoft processes your personal data in the USA.
We would like to point out that the European Court of Justice considers the USA to have an inadequate level of data protection according to EU standards.
This means your data may be accessed by U.S. authorities for monitoring or surveillance purposes, potentially without the possibility of legal recourse.

By giving your consent via our Consent Management tool for the use of Microsoft Ads, you also agree to such a data transfer to the USA.
This transfer is based on your consent in accordance with Art. 49 (1)(a) GDPR.

Additionally, Microsoft ensures the security of personal data processing via Standard Contractual Clauses (SCCs). These ensure a level of protection equivalent to the GDPR.

Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA, is also certified under the EU-U.S. Data Privacy Framework Program, a bilateral adequacy decision for the transfer of personal data from the EU to the USA.
Certification proof is available here: Microsoft Certification – Data Privacy Framework

We ourselves do not share any personal data

You can configure your browser to:

Inform you when cookies are set
Allow cookies only in specific cases
Block cookies entirely or for certain cases
Automatically delete cookies when the browser is closed

Please note: if you disable cookies, the functionality of this website may be limited.

Furthermore, Microsoft may be able to track your user behavior across multiple devices through cross-device tracking, and thus display personalized ads on Microsoft websites and apps.
You can deactivate this behavior here: http://choice.microsoft.com/de-de/opt-out

In addition, you can manage your consent to Microsoft Ads cookies—and thus to the execution of this service—via the Consent Management tool on our website.
By default, these cookies and the service are not active.

Data Processing Agreement

For the processing of data where Microsoft acts as a data processor, we have concluded a data processing agreement with Microsoft Corporation, in which the rights and obligations regarding data protection are clearly defined.

18. Google Consent Mode V2

Corporations like Google—just like other so-called “gatekeepers”—are required under the Digital Markets Act (DMA) to obtain user consent for the collection and processing of data, and to demonstrate this consent to legislators. This consent is mandatory before user data can be processed for personalized advertising purposes. The requirement is based on Article 5(2)(b) of the DMA.

Gatekeepers are defined as companies that hold a dominant market position with their platform services. In the area of online advertising, Google is considered to hold such a dominant position.

Under the “traditional” consent management model, you as a user give your consent primarily to us, the website operator. These consents relate to the use of your data and cookies and are collected through our website’s consent management system. This process remains the same even with Google Analytics’ new consent mode.

However, under the DMA, your consent must now also be granted directly to Google. Google simplifies this process by shifting the responsibility for obtaining consent onto us, the website operators.

With Consent Mode, Google has introduced an interface between our opt-in procedure and Google Analytics, ensuring your consent also applies to Google.

Google distinguishes between basic and advanced implementations of Consent Mode. These two versions differ in how the tags behave:

In the basic implementation, Google tags are blocked until you have actively consented to their use.
In the advanced implementation, Google tags are loaded before the consent dialog appears. If no cookie consent is given, these tags send pings without cookies.

In this case, Google Analytics runs, sends reduced data, but does not set any cookies. The Google code executes and sends a “ping” with a unique Ping ID (a number generated specifically for that page load). Google also receives automatically transmitted information such as:

your IP address,
browser details,
system information,
and the visited URL.

In the advanced Consent Mode, it is not possible to analyze user behavior in a continuous context. Without cookies, Google cannot track user activity across different websites. Each visit is treated as coming from a different user, since a new Ping ID is created each time a page is visited.

Still, even without user consent, Google can determine whether visitors arrived via a Google ad, using so-called Conversion IDs.

To avoid potential privacy concerns and ensure compliance with any required consent, we have opted for implementation via server-side tracking. This method involves collecting user data without transmitting it directly from the user’s browser to Google. The process works as follows:

The website operator collects data that users send to the server, including:
- IP address
- Referrer URL
- Visited URLs
- Timestamps
The collected data is stored as a digital fingerprint and pseudonymized.
- Importantly, the user ID generated during a ping to Google is removed, as it could potentially allow direct identification of a user.
Only pseudonymized data is then transmitted to Google.

19. Google Fonts

In order to display our content correctly and in a graphically appealing manner across all browsers, we use Google Fonts from Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as ‘Google’) to display fonts on our website. We have integrated this script library locally on our web server so that when you visitour website, no connection to Google is established and no ‘Google cookie’ is set.

Legal basis for processing

The legal basis for the integration of Google Fonts is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR in a correct and graphically appealing presentation of the website. Since we have integrated the script library locally on our own web server, no data is transferred to Google. In this respect, no express consent on your part is required for the use of Google Fonts.

Transfer of data

Due to the local integration of the script library on our web server, no data is transferred to third parties.

Storage period

We do not collect any personal data through the local integration of the script library on our server

20. LinkedIn Analytics (LinkedIn Ads)

We use ‘LinkedIn Ads’ on our website, a service provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, a company of Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, USA (hereinafter referred to as ‘LinkedIn’). LinkedIn Analytics stores and processes information about your user behaviour on our website. LinkedIn Analytics uses cookies for this purpose, among other things. LinkedIn Analytics stores and processes information about your user behaviour on our website. LinkedIn Analytics uses cookies, among other things, for this purpose. We use LinkedIn Ads for marketing and optimisation purposes, in particular to analyse the use of our website and to continuously improve individual functions and offers as well as the user experience. By statistically evaluating user behaviour, we can improve our offering and make it more interesting for you as a user.

Legal basis for processing

The storage of ‘LinkedIn Analytics cookies’ and the use of this tool are based on your consent within the framework of consent management. Processing is carried out exclusively on the basis of Art. 6 (1) lit. a GDPR. You can revoke or change your consent at any time in consent management. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.

Transfer of data

When you visit our website, it is possible that some of the information collected may also be processed outside the European Union by LinkedIn Corporation, based in the USA. We would like to point out that the USA has been assessed by the European Court of Justice as a country with a level of data protection that is insufficient according to EU standards. There is therefore a risk that your data may be processed by US authorities for control and surveillance purposes, possibly even without legal recourse. You can decide for yourself in Consent Management whether you want to consent to such a transfer or not. In such a case, the transfer of your data is based on your consent to the use of LinkedIn cookies in accordance with Art. 6 (1) lit. a in conjunction with Art. 49 (1) lit. a GDPR, as consent to thuse of LinkedIn cookies does not always exclude data transfer to the US. In addition, the processing of personal data and its security is ensured by the so-called standard contractual clauses. These ensure that the processing is subject to a level of security that complies with the GDPR. Furthermore, Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, USA is certified under the EU-U.S. Data Privacy Framework Program. The EU-U.S. Data Privacy Framework is a bilateral adequacy decision for the transfer of personal data from the EU to the USA. Proof of certification

can be found here: https://www.dataprivacyframework.gov/s/participant-search/participant-de-tail?id=a2zt0000000KzNaAAK&status=Active We ourselves do not pass on any personal data.

Opt-out options

LinkedIn users can use the advertising preferences settings to influence the extent to which their user behaviour may be tracked when visiting our LinkedIn page. LinkedIn offers further options in the settings of the LinkedIn account and via the consent management of the fan page.The processing of information using the cookies used by LinkedIn can be prevented by disabling third-party cookies or LinkedIn cookies in your browser settings.

We would like to point out that in this case you may not be able to use all the functions of our website to their full extent. Please note that in this case, you may not be able to use all the functions of our website to their full extent. You can also prevent LinkedIn from collecting the aforementioned information by setting an opt-out cookie on one of the following linked websites:

• https://www.linkedin.com/policies/cookies/

• https://www.linkedin.com/psettings/guest-controls

• http://optout.aboutads.info/?c=2#!/

• http://www.youronlinechoices.com/de/praferenzmanagement/

21. Data protection provisions regarding the use of YouTube1

We have integrated YouTube videos into our website. This allows us to present interesting videos directly on our site. YouTube is a video portal that has been a subsidiary of

Google LLC since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. These videos are all embedded in ‘extended data protection mode’, which means that no data about you as a user is transferred to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in the next paragraph also be transferred in extended data protection mode. We have no influence on this data transfer. When you visit the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned in section 2 of this declaration is transmitted. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly associated with your account. If you do not want this assignment to your YouTube profile, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for advertising, market research and/or the needs-based design of its website. Such evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right

Legal basis for processing

The storage of ‘YouTube cookies’ and the use of this tool are based on your consent – by actively watching the video. Processing is carried out exclusively on the basis of Art. 6 (1) lit. a GDPR. You can revoke or change your consent at any time in the consent management section of the homepage.You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.

Transfer of data

It is conceivable that some of the information collected may also be processed outside the European Union by YouTube Inc. or Google Inc. based in the USA. We would like to point out that the USA is considered by the European Court of Justice to be a country with an insufficient level of data protection according to EU standards. There is therefore a risk that your data may be processed by US authorities for control and surveillance purposes, possibly without any legal recourse. You can decide for yourself in the consent management system whether you wish to consent to such a transfer or not. In such a case, your data will be transferred on the basis of your consent to the use of YouTube cookies in accordance with Art. 6 para. 1 lit. a in conjunction with Art. 49 para. 1 lit. a GDPR, as consent to the use of Google cookies cannot always exclude data transfer to the USA. In addition, the processing of personal data and its security is ensured by the so-called standard contractual clauses. These ensure that the processing is subject to a level of security that complies with the GDPR. In addition, Google LLC, 160 Amphitheatre Parkway, Mountain View, CA 94043-1351, USA is certified under the EU-U.S. Data Privacy Framework Programme. The EU-U.S. Data Privacy Framework is a bilateral adequacy decision for the transfer of personal data from the EU to the USA. Proof of certification can be found here https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active We ourselves do not pass on any personal data.

Opt-out options

YouTube users can use the advertising preferences settings to influence the extent to which their user behaviour may be tracked when visiting our LinkedIn page. Further

The processing of information by means of the cookies used by YouTube can be prevented by adjusting your browser settings.

21. Data protection provisions regarding the use of YouTube1

We have integrated YouTube videos into our website. This allows us to present interesting videos directly on our site. YouTube is a video portal that has been a subsidiary of

Legal basis for processing

Transfer of data

Opt-out options

YouTube users can use the advertising preferences settings to influence the extent to which their user behaviour may be tracked when visiting our LinkedIn page. Further

information on the purpose and scope of data collection and its processing by YouTube can be found in the privacy policy. There you will also find further information about your rights and settings options for protecting your privacy: https://www.google.de/intl/de/policies/privacy. The processing of information by means of the cookies used by YouTube can be prevented by adjusting your browser settings.

Third-party cookies or those from LinkedIn are not permitted. Please note that in this case you may not be able to use all the functions of our website to their full extent. Further information on the purpose and scope of data collection and its processing by YouTube can be found in the privacy policy. There you will also find further information on your rights and settings options for protecting your privacy: https://www.google.de/intl/de/policies/privacy.

22. HubSpot

On this website, we use the services of HubSpot Germany GmbH, Am Postbahnhof 17, 10243 Berlin, and its subcontractors HubSpot Inc., 2nd Floor, 30 Wall Quay, Dublin 1, Ireland, and HubSpot Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141, USA. HubSpot is an integrated software solution that enables us to manage existing and potential customers as well as customer contacts. This enables us to cover various aspects of our online marketing. These include, among others:

• Email marketing,

• Social media publishing & reporting,

• Reporting,

• Contact management (e.g. user segmentation & CRM),

• landing pages and

• contact forms.

This software is used in the field of inbound marketing and helps us, among other things, to better coordinate and optimise our marketing strategy by means of statistical analyses and evaluation of logged user behaviour. We also use HubSpot to create websites and as a technology for sending newsletters. In doing so, we collect personal data that you voluntarily provide to us, such as contact details. We use the data you enter solely for personalisation purposes and to tailor the content to the interests of our readers. This information also helps us to improve our offering in order to provide you with a better customer experience. We do not pass on this data to third parties without your express consent

Legal basis for processing

The use of Hubspot is based on Art. 6 (1) lit. f GDPR. We have a legitimate interest in customer management and customer communication that is as efficient as possible. However, the storage of ‘Hubspot cookies’ and the use of this tool are based exclusively on your consent within the framework of consent management. Processing is carried out exclusively on the basis of Art. 6 (1) lit. a GDPR and § 25 (1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g. device fingerprinting) within the meaning of the TTDSG. You can revoke or change your consent at any time in the consent management system. In addition, you can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited. Further information can be found in the terms of use and privacy policy of HubSpot Inc. at www.hubspot.com/terms-of-service and at www.hubspot.com/privacy-policy . If you do not want the information about your visit to be used for the purposes described, you can also notify us of this by email or post at any time. All information collected by us is subject to this privacy policy. Newsletters are sent via Hubspot exclusively on the basis of your consent in the context of the so-called double opt-in procedure (Art. 6 para. 1 sentence 1 lit. a GDPR).

Transfer of data

We have entered into an agreement with Hubspot for the processing of data in data centres in the EU. Nevertheless, it is conceivable that some of the information collected may also be processed outside the European Union by HubSpot Inc. based in the USA. We would like to point out that the USA has been assessed by the European Court of Justice as a country with an insufficient level of data protection according to EU standards level of data protection. There is therefore a risk that your data may be processed by US authorities for control and surveillance purposes, possibly without any legal recourse. You decide for yourself in consent management whether you want to consent to such a transfer or not. In such a case, the transfer of your data is based on your consent to the use of Hubspot in accordance with Art. 6 (1) lit. a in conjunction with Art. 49 (1) lit. a GDPR, as consent to the use of Hubspot can never exclude data transfer to the US. In addition, the processing of personal data and its security is safeguarded by the so-called standard contractual clauses. These ensure that the processing is subject to a level of security that complies with the GDPR. In addition, HubSpot Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141, USA participates in the EU-U.S. Data Privacy Framework programme and is certified accordingly. The EU-U.S. Data Privacy Framework is a bilateral adequacy decision for the transfer of personal data from the EU to the USA. The certification can be found here: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active

We ourselves do not pass on any personal data.

23. Legal basis for processing1)

Unless otherwise stated: Art. 6 (1) sentence 1 lit. a GDPR serves as the legal basis for our company for processing operations in which we obtain consent for a specific processing purpose If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, with processing operations necessary for the delivery of goods or the provision of other services or consideration, the processing is based on Art. 6 I lit. b GDPR The same applies to processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of enquiries about our products or services. If our company is subject to a legal obligation that requires the processing of personal data, such as for the fulfilment of tax obligations, the processing is based on Art. 6 I lit. c GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our premises were to be injured and his name, age, health insurance details or other vital information had to be passed on to a doctor, hospital or other third party. In this case, the processing would be based on Art. 6 I lit. d GDPR

.Ultimately, processing operations could be based on Art. 6 I lit. f GDPR. This legal basis applies to processing operations that are not covered by any of the aforementioned legal bases, if the processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail. Such processing operations are permitted in particular because they have been specifically mentioned by the European legislator. In this regard, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47, sentence 2 GDPR).

24. Legitimate interests in processing pursued by the controller or a third party

If the processing of personal data is based on Article 6 I lit. f GDPR, our legitimate interest is the performance of our business activities for the benefit of all our employees and our shareholders.

25. Duration for which personal data is stored1

The criterion for the duration of storage of personal data is the respective statutory retention period. After expiry of the period, the corresponding data is routinely deleted, provided that it is no longer required for the performance or initiation of a contract.

26. Legal or contractual provisions for the provision of personal data

necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of non-provision1 We hereby inform you that the provision of personal data is in some cases required by law (e.g. tax regulations) or may also result from contractual provisions (e.g. information about the contractual partner). Sometimes, in order to conclude a contract, it may be necessary for a data subject to provide us with personal data, which we must then process. The data subject is obliged to provide us with personal data, for example, if our company concludes a contract with them. Failure to provide personal data would mean that the contract with the data subject could not be concluded. Before providing personal data, the data subject must contact one of our employees. Our employee will explain to the data subject on a case-by-case basis whether the provision of personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide personal data, and what the consequences of not providing personal data would be.

1)
This privacy policy was created in the marked sections by the privacy policy generator, which is operated and made available in
cooperation between DGD Deutsche Gesellschaft für Datenschutz GmbH, Dachau (available at: https://dsgvo-
muster-datenschutzerklaerung.dg-datenschutz.de) and the law firm Wilde/Beuger/Solmecke Rechtsanwälte GbR, Cologne
(available at: https://www.wbs-law.de/it-recht/datenschutzrecht/datenschutzerklaerung-generator/).
These texts are subject to the copyright of DGD Deutsche Gesellschaft für
Datenschutz GmbH, Dachau, and the law firm Wilde/Beuger/Solmecke Rechtsanwälte GbR, Cologne.

Privacy Policy of Scopevisio AG

1. Definitions

2. Name and Address of the Data Controller

3. Name and Address of the Data Protection Officer

4. Contact Details of the Supervisory Authority

5. Cookies

5.1 Session cookies

5.2 Persistent or protocol cookies

5.3 Third-party cookies

5.4 Flash cookies

5.5 Cookie consent with Usercentrics

5.5.1 Description and purpose of data processing

5.5.2 Legal basis for processing

5.5.3 Duration of storage, objection and removal options

5.5.4 Order processing

6. Collection of general data and information

7. Scope and purpose of the data collected

7.1 Scopevisio websites – Generally

7.2 Scopevisio websites – accounting services

7.3 Scopevisio – AI assistant

7.4 Scopevisio websites – contact form, support enquiries and webinars

7.5 Scopevisio Software – Registration

7.6 Scopevisio Software

7.7 Customer Database

7.8 Cooperation partners

7.9 Extended data use

8. Subscription to our newsletter

9. Newsletter tracking

10. Deletion and blocking of personal data

11. Rights of the data subject

12. Data protection for applications and during the application process1

13. Data protection provisions regarding the use of fan pages

13.1 Data protection declaration for Facebook fan page

13.2 Privacy Policy for Instagram

13.3 Privacy policy for our X account (formerly Twitter)

14. Privacy Policy on the Use of Facebook Pixel, Facebook Custom Audiences, and Facebook Conversion

15. Privacy Policy on the Use of Google Analytics 4

16. Google Ads (formerly Google AdWords)

17. Microsoft Ads

18. Google Consent Mode V2

19. Google Fonts

20. LinkedIn Analytics (LinkedIn Ads)

21. Data protection provisions regarding the use of YouTube1

21. Data protection provisions regarding the use of YouTube1

22. HubSpot

23. Legal basis for processing1)

24. Legitimate interests in processing pursued by the controller or a third party

25. Duration for which personal data is stored1

26. Legal or contractual provisions for the provision of personal data

Get in touch