This privacy policy is in accordance with the EU General Data Protection Regulation (“GDPR”). Definitions of the terms used (e.g. “personal data” or “processing”) can be found in (Art. 4 GDPR).

The data controller within the meaning of the General Data Protection Regulation is:

LuArtX IT GmbH
Otto-Lilienthal-Strasse 36
71034 Böblingen/Sindelfingen, Germany
E-Mail: info@luartxit.de

The data protection officer of the data controller is:
Dipl.-Ing. (FH) Jan Alkemade
IT-Security e.K.
Egerländer Str. 9
D-61239 Ober-Mörlen
Phone 06002 939593
E-Mail: jan.alkemade@alkemade-it.de

2. Collection and processing of access data

We, the website operator or page provider, collect data about accesses to the website based on our legitimate interest (see Art. 6 para. 1 lit. f. GDPR) and retain them as “server log files” on the website server. The following usage and meta/communication data are logged in this way:

· Visited website
· Access time
· Amount of data sent in bytes
· Source/reference from which you reached the page
· Browser used
· Operating system used
· IP address used

The temporary storage of the IP address by the system is necessary to be able to view the website. For this purpose, the IP address of the user (visitor) must be retained for the duration of the session. The storage in log files is used to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
These purposes also constitute a legitimate interest for the data processing according to Art. 6 para. 1 lit. f GDPR.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. When data is collected for the provision of the website, the purpose expires when the respective session has ended.
In the event that the data is stored in log files, it will be deleted after seven days at the latest. Storage beyond these time limits is possible (e.g. for security reasons, such as to clarify acts of abuse or fraud, storage for evidence purposes). In this case, the IP addresses of the users are deleted or masked, so that an assignment of the visiting client is no longer possible.

3. Contact data collection

We process and store personal data such as first name, last name, IP address, email address, town, postal code and other contents from our contact form. The details given by the user can be stored in a Customer-Relationship-Management System (CRM System) or comparable query organisation. The processing of the data given in the contact form therefore takes place solely on the basis of your consent (Art. 6 para. 1 lit. a of GDPR) or within the framework of contractual/pre-contractual relationships (Art.6 para. 1 lit. b of GDPR). You can revoke this consent at any time.

We will delete the queries as soon as these are no longer necessary. We check the necessity every two years. The legal archiving obligations also apply.

4. Range measurement & cookies

This website uses cookies for the pseudonymised range measurement, either transferred from our server or from the third-party server to the user’s browser. Cookies are small files which are stored on your end device. Your browser accesses these files. The use of cookies increases the user-friendliness and security of this website.

Most of the cookies used by us are so-called session cookies. These are automatically deleted at the end of your visit. A login status, for example, can be stored in such a cookie. Other cookies remain stored on your end device till you delete them.

If you do not want cookies for range measurement to be stored on your end device, you will be requested to deactivate the corresponding option in the system settings of your browser. Stored cookies can be deleted in the system settings of your browser. Note: It is not guaranteed that you can access all functions of the website without restrictions when you make the appropriate settings.

5. Collection and processing of personal data

The website operator collects, uses and shares your personal data only if this is permitted by law or if you consent to the collection of data. Personal data is any information that can be used to identify you and that can be traced back to you – for example, your name, e-mail address and telephone number.

You can also visit this website without providing any personal information. However, in order to improve our online services, we store (without any personal reference) your access data to this website. This access data includes, for example, the file you requested or the name of your Internet provider. Due to the anonymisation of the data, it is not possible to draw conclusions about your identity.

We process data to perform administrative tasks as well as for organisational purposes in our operations, financial accounting and compliance with legal obligations, such as archiving. To this end, we process the same data that we process in the course of providing our contractual services. The legal processing bases are (Art. 6 para. 1 lit. c. GDPR) and (Art. 6 para. 1 lit. f. GDPR). Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in the processing relates to the administration, financial accounting, office organization, archiving of data, i.e. tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of the data regarding contractual services and contractual communication corresponds to the information mentioned in these processing activities.

6. Data security

We take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons.

The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access to, entry into, disclosure of, assurance of availability of and separation of the data.

7. Duration of the retention period of personal data

We process and store your personal data as long as it is necessary for the performance of our contractual and legal obligations or otherwise for the purposes pursued with the processing, i.e. for example for the duration of the entire business relationship (from the initiation, processing to the termination of a contract) as well as in accordance with the statutory retention and documentation obligations. In this context, it is possible that personal data will be retained for the time during which claims can be asserted against our company and to the extent that we are otherwise required to do so by law or legitimate business interests so require (e.g. for evidence and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, it will be – as a matter of principle and insofar as possible – deleted or anonymised. For operational data (e.g. system or other logs), shorter retention periods of twelve months or less generally apply.

8. Data transmission and cooperation with third parties

8. 1. Cooperation with data processors and third parties

If, in the course of our processing, we disclose data to other persons and companies (data processors or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transfer of the data to third parties, such as to payment service providers, is required in accordance with Art. 6 para. 1 lit. b GDPR is necessary for the performance of the contract), if you have consented, a legal obligation provides for this or based on our legitimate interests (e.g. when using agents, web hosts, etc.).
If we commission processors with the processing of data, this is done on the basis of Art. 28 GDPR.

8. 2. Transfer to third countries

If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done in the context of using third-party services or disclosing or transferring data to third parties, this will only be done for the purpose of fulfilling our (pre-)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or allow the processing of data in a third country only if the special requirements of Art. 44 et seq. GDPR are met. This means, for example, that processing takes place based on special guarantees, such as the officially recognized determination of a level of data protection that corresponds to the EU or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”).

8.3. Integration of third-party services and content

In our online service offerings – i.e. analysis, optimization and economic operation of our online offer within the meaning of (Art. 6 para. 1 lit. a . GDPR) – we use content or service offers of third-party providers in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”).
This always requires that the third-party providers of this content know the IP address of the user, since without the IP address they would not be able to send the content to their browser. Thus, the IP address is required to display such content. We endeavour to use only such content whose respective providers use the IP address only for the provision of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The anonymised information may also be stored in cookies on the user’s device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, and can also be combined with such information from other sources.

8.4. Web hosting

The hosting services we use are used to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating this online offering.
To provide these services we or our hosting provider process stock data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors of this online offer based on our legitimate interests in an efficient and secure provision of this online offer pursuant to Art. 6 para. 1 lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of a contract for order processing).

8.5. Data protection on third-party websites

This website may contain hyperlinks to third-party websites. If you follow a hyperlink to one of these websites, please note that we cannot accept any responsibility or guarantee for third-party content or data protection conditions. Please carefully read the applicable data protection conditions before you submit personal data to these websites. The relevant external operators have exclusive responsibility for the content of linked pages. When the link was created, there was no indication that the content of the page to be called up did not comply with the statutory provisions or was contrary to public morals. Please notify us immediately if a third-party site to which we refer by hyperlink does not comply or no longer complies with legal provisions or public morals. The license terms and conditions of use of the respective operators of the Internet offer apply.

9. Website analytics and Google services 

This website uses functions of the web analysis service Google Analytics. The provider is Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Its use is based on Art. 6 para. 1 p. 1 lit. a. GDPR.

Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. If IP anonymisation is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases the full IP address will be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do so you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser add-on available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de. This browser add-on informs Google Analytics via JavaScript that no data and information about website visits may be transmitted to Google Analytics. The installation of the browser add-on is considered by Google as an objection.

As an alternative to the browser add-on or within browsers on mobile devices, please click this link to prevent the future collection by Google Analytics within this website. To this end, an opt-out cookie is placed on your device. If you delete your cookies, you must click this link again.
Further information and the applicable privacy policy of Google can be found on https://www.google.de/intl/de/policies/privacy/ and on http://www.google.com/analytics/terms/de.html . For further information on Google Analytics follow this link https://www.google.com/intl/de_de/analytics/.

9.2. Google Search Console

Google Search Console (GSC) is a web-based application from Google. This analysis and service tool can be used to monitor and manage websites in Google search results and find or solve problems. The application serves as a communicative interface between the domain and Google itself. Especially for search engine optimization (SEO) and website optimization, Search Console is an important component to learn more about the performance and organic visibility of your own domain and improve it. For example, the application provides information on which search terms a website ranks for and which pages are accessed particularly frequently or rarely.

Among other functions, the following functions can be used and website performances can be analysed:

– Impressions express how often a website URL for a particular search term was displayed and possibly viewed in Google search results.
– Clicks indicate how many times a searcher clicked on a website URL after it was displayed in search results.
– The CTR (Click Through Rate) is the ratio between impressions and clicks. It is calculated as follows: (Number of clicks / number of impressions) x 100.
– The average position indicates the average position in Google search results and is calculated as follows: Highest position per day / days in a given period.

Cookies are not set and tracking, e.g. of movement data on the website, also does not take place.

More details about the Google Search Console can be found here: https://support.google.com/webmasters/answer/9128668?hl=de.
The Google Search Console property is linked to our Google Analytics property so that data from both products is combined and displayed in Search Console Insights . When linked to Google Analytics your Search Console performance data is shared with the linked Google Analytics property.

Search Console Insights helps us better assess the performance of our content. This way, questions like the following are easier to answer:
1. What is my best performing content?
2. How powerful are new contents?
3. How do users discover my content on the web?
4. Which users use Google search before they access my content?
5. Which article refers users to my website and content?

For more information, please visit: https://search.google.com/search-console/insights/about

9.3. Google Maps

We integrate the maps of the service “Google Maps” of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, to visually display geographical information. When using Google Maps, Google also processes data about the use of the Maps functions by visitors of the websites. The processed data may include, in particular, IP addresses and location data of the users. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no control on this data transmission. Google may transfer the information obtained through Maps to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. Nevertheless, it would be technically possible for Google to identify at least individual users based on the data received. It would be possible that personal data and personality profiles of users of the website could be processed by Google for other purposes of which we do not have or may gain control. For more information about the data processing by Google please visit https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated. In Google’s “Privacy Centre”, users can change their individual settings so that they can manage and protect their personal data (https://support.google.com/accounts/answer/3024190).

By using this website, you consent to the collection, processing and use of automatically collected data by Google Inc, its agents and third parties. Thus, your data will be processed based on your consent pursuant to Art. 6 Para. 1 lit. a GDPR.

9.4. Google ReCaptcha

We use “Google reCAPTCHA” on our website. The provider of this service is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

The purpose of reCAPTCHA is to verify whether data entry on our websites, e.g. in contact forms, is done by a human or by an automated programme. The reCAPTCHA service can be used to prevent abusive computer-controlled input on websites by querying certain numerical sequences or image elements. For this purpose, reCAPTCHA analyses the behaviour of the website visitor based on various parameters and information, such as the IP address, the time spent on the website by the website visitor or the mouse movements made by the user. The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run completely in the background.

The storage and analysis of the data is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its web offers from abusive automated spying and from SPAM. If a corresponding consent was requested (e.g. consent to store cookies), the processing is carried out according to Art. 6 para. 1 lit. a GDPR.

For further information about Google reCAPTCHA and Google’s privacy policy, please visit  https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.

9.5. Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is a tool that allows us to embed tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any independent analyses. It is only used for the administration and execution of integrated tools. However, Google Tag Manager collects your IP address, which may also be transferred to Google’s parent company in the United States.

The use of Google Tag Manager is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in a fast and uncomplicated integration and management of various tools on his website. If a corresponding consent was requested, the processing is generally based on Art. 6 para. 1 lit. a GDPR; such consent can be revoked at any time.

9.6. Google AdWords

This website uses the online advertising programme “Google AdWords” and as part of it the conversion tracking. Google Adwords places a cookie on your computer if you have accessed our website via a Google ad. These cookies expire after 30 days and are not used for personal identification. If the user visits certain pages of our website and the cookie has not yet expired, we and Google can recognize that the user clicked on the ad and was redirected to this page. Each Google AdWords customer receives a different cookie. Cookies can therefore not be tracked through the websites of AdWords customers.

The information obtained with the help of the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. Clients get information about the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information with which users can be personally identified.

If you do not wish to participate in the tracking process, you can easily deactivate the Google conversion tracking cookie via your internet browser under user settings. Thus, you will not be included in the conversion tracking statistics. For further information about Google’s privacy policy please visit http://www.google.de/policies/privacy/

10. Font Awesome

This site uses so-called web fonts provided by Fonticons, Inc. for the uniform representation of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

For this purpose, the browser you use must connect to the servers of Fonticons, Inc. Thus, Fonticons, Inc. obtains knowledge that our website was accessed via your IP address.

The use of web fonts is based on consent pursuant to Art. 6 para. 1 lit. a GDPR; such consent can be revoked at any time.

If your browser does not support web fonts, a default font is used by your computer. For more information about Font Awesome, please visit https://fontawesome.com/help and reed the Fonticons, Inc. privacy policy: https://fontawesome.com/privacy.

11. YouTube

Our website uses plugins from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. The YouTube videos are not loaded until the visitor gives his consent. As long as the visitor does not accept the consent, YouTube cookies are not set. After your consent has been granted, a connection to the servers of YouTube is established. This tells the YouTube server which of our pages you have visited.

If you are logged on to your YouTube account, you allow YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

For more information on the handling of user data, please read YouTube’s privacy policy on: https://www.google.de/intl/de/policies/privacy

Opt-Out: https://adssettings.google.com/authenticated

12. SSL or TLS encryption

In order to protect your data in the best possible way during transmission, the website operator uses SSL/TLS encryption. You can identify such encrypted connections by the green padlock in front of the address line or by the prefix https:// in the page link in the address line of your browser. Unencrypted pages are marked by http://.

All data that you transmit to this website – for example when making inquiries or logging in – cannot be read by third parties thanks to SSL/TLS encryption.

13. Social Media

With each individual call-up of our website that is equipped with a LinkedIn component (LinkedIn plug-in), this component causes the browser used by the data subject to download a corresponding representation of the component from LinkedIn. For further information on the LinkedIn plug-ins please visit https://developer.linkedin.com/plugins. As part of this technical procedure, LinkedIn receives information about which specific subpage of our website is visited by the data subject.

If the data subject is logged in to LinkedIn at the same time, LinkedIn – at each call-up of our website by thy data subject and for the entire duration – identifies which specific subpage of our website the data subject is visiting. This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of the data subject. If the data subject activates a LinkedIn button integrated on our website, LinkedIn assigns this information to the personal LinkedIn user account of the data subject and stores this personal data.

LinkedIn always receives information via the LinkedIn component that the data subject has visited our website if the data subject is logged into LinkedIn at the same time when calling up our website; this takes place regardless of whether the data subject clicks on the LinkedIn component or not. If the data subject does not want this information to be transmitted to LinkedIn, he or she can prevent the transmission by logging out of his or her LinkedIn account before accessing our website.

LinkedIn offers on https://www.linkedin.com/psettings/guest-controls the option to unsubscribe from email messages, SMS messages, and targeted ads, as well as to manage ad settings. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame, which may place cookies. Such cookies can be rejected on https://www.linkedin.com/legal/cookie-policy.
LinkedIn’s applicable privacy policy is available on https://www.linkedin.com/legal/privacy-policy.

14.    Newsletter subscription

We provide a newsletter in which we inform you about current events and special offers. If you would like to subscribe to the newsletter, please provide a valid e-mail address. By subscribing to the newsletter, you agree to receive the newsletter and consent to the following procedures.

The newsletter is sent by the mailing service provider Mailchimp, a mailing platform of the provider The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA. For information about the data protection regulations of the shipping service provider please visit: https://mailchimp.com/legal/privacy/.

If you subscribe to the newsletter, we validate your e-mail address by means of a double opt-in procedure. We will then use your e-mail address to send you our newsletter at regular intervals. Your data is stored on the servers of The Rocket Science Group, LLC in the USA. For information on the security regulations of the shipping service provider in the area of the collected data and the infrastructure please visit: https://mailchimp.com/about/security/.
Based on the collected data in Mailchimp we carry out statistical surveys and analyses. Among other things, it is analysed whether you open the newsletter, which links you click on, etc. If you do not want Mailchimp to perform any analysis, you must unsubscribe the newsletter.

Revocation and termination
You can revoke your consent to receive the newsletter at any time and thus cancel the newsletter subscription. After your cancellation, your personal data will be deleted from the servers of The Rocket Science Group, LLC. This does not affect data that has been stored in our CRM system for other purposes. Your consent to receive the newsletter will expires at the same time. At the end of each newsletter you will find a direct link to the cancellation.

14.1. Zoho MarketingAutomation

15.     Cooperation with Cyon as processor