A. General Provisions Regarding Data Processing

1. Object of this Privacy Policy

We, GO Europe GmbH, are delighted at the interest you have shown in respect of our website, www.olympia-alarmanlagen.de, and the offers available on its pages. The protection of your personal data is an important, major concern for us. Therefore, we would like to provide you with detailed information on the data we compile through your visit to our website and use of offers there, and how we subsequently process or use it. We would also like to explain the protective measures we have implemented in both a technical and organizational respect. The processing of personal data, such as name, address, e-mail address and telephone number concerning a person, is always completed according to the currently applicable data protection regulations. The aim of this Privacy Policy is to inform you of the type, scope and purposes of the personal data acquired, used and processed by us and clarify aspects in cases where you are affected by the data processing. Although we, as the data controller, have implemented numerous technical and organizational measures for the processing of personal data, an internet-based data transfer can always have some security loopholes, meaning that absolute security cannot be fully guaranteed. Please take this into consideration when using our website.

2. Definition of Terms

This Privacy Policy uses terms which are prescribed by the legislator in the German General Data Protection Regulation (subsequently referred to as GDPR) (Datenschutzgrundverordnung DSGVO). You can read the German GDPR under the following link: http://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32016R0679&from=DE The aim of our Privacy Policy is to provide you with information on the processing of your personal data in a simple, understandable way.

3. Name and Address of Bodies Responsible for the Processing

The data controller within the terms of the data protection law is: GO Europe GmbH Zum Kraftwerk 1 D – 45527 Hattingen Tel.: +49 2324 6801-0 Fax.: +49 2324 6801-95 Email: info@go-europe.com

4. Data Protection Officer

Thomas Humann, Polat & Humann GmbH, Gelsenkirchener Straße 38, 45141 Essen Tel.: +49 201-451 859 17 Fax+49 201-246 705 37 Email: datenschutz@polat-humann.de

5. Deletion and Blocking of Personal Data/ Period of Storage

In cases where nothing else has been regulated regarding the respective processing aspects of personal data which deviates from the provisions in Chapter B. of this Privacy Policy, the data stored by us will be deleted as soon as it is no longer required to fulfill its intended purpose and deletion does not contravene any legal duty to preserve records. In cases where the data of data subjects concerned is not deleted because it is required for other and legally permitted purposes, its processing will be restricted. This means that data will be blocked and not processed for other purposes. This applies, for example, to data related to the data subject which must be retained for commercial or tax-related reasons. In accordance with legal requirements, retention is necessary for six years compliant with § 257 Sec. 1 HGB (German Commercial Code) (account books, inventories, opening balance sheets, annual final statements, business letters, invoices, etc.) and for ten years compliant with § 147 Sec. 1 AO (German Revenue Code) (books, recordings, situation reports, invoices, commercial and business letters, etc.).

6. Rights of the Data Subject

6.1 Right to Confirmation

Each data subject has the right granted by the European legislator to obtain confirmation from the data controller as to whether or not personal data concerning him or her is being processed. If a data subject wishes to make use of this right of confirmation, they may contact us at any time.

6.2 Right to Access

Each data subject has the right granted by the European legislator to obtain information about their personal data stored from the data controller, free of charge and at any time as well as a copy of this information. Furthermore, the European directives and regulations grant the data subject access to the following information: – the purposes of the processing – the categories of personal data to be processed – the recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organizations – where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period – the existence of the right to request correction or deletion of personal data, or restriction of processing of personal data by the data controller with regard to the data subject, or to object to such processing – the existence of the right to lodge an objection to a supervisory authority – where the personal data is not acquired from the data subject directly: any available information as to its source – the existence of automated decision-making, including profiling, referred to in Article 22 Sec.1 and 4 of the GDPR (DSGVO) and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject Furthermore, the data subject has a right to obtain information as to whether personal data is transferred to a third country or to an international organization. Where this is the case, the data subject has the right to be informed of the appropriate safeguards relating to the transfer. If a data subject wishes to make use of this right of access, they may contact us at any time.

6.3 Right to Correction

Each data subject has the right granted by the European legislator to demand immediate correction of inaccurate personal data concerning them by the data controller. Taking into account the purposes of the processing, the data subject also has the right to have incomplete personal data completed, including by means of providing a supplementary statement. If a data subject wishes to make use of this right of correction, they may contact us at any time.

6.4 Right to Deletion

Each data subject has the right granted by the European legislator to demand from the data controller the deletion of personal data concerning them without undue delay, and the data controller has an obligation to delete personal data without undue delay where one of the following grounds applies, as long as the processing is not necessary: – the personal data is no longer necessary in relation to the purposes for which it was acquired or otherwise processed; – the data subject withdraws consent on which the processing is based according to Article 6 Sec. 1 Point a of the GDPR (DSGVO) or Article 9 Sec. 2 Point a of the GDPR (DSGVO), and where there is no other legal ground for the processing; – the data subject objects to the processing pursuant to Article 21 Sec. 1 of the GDPR (DSGVO) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21 Sec. 2 of the GDPR (DSGVO); – the personal data has been unlawfully processed; – the personal data must be deleted for compliance with a legal obligation in Union or Member State law to which the data controller is subject; – the personal data was collected in relation to the offer of information society services referred to in Article 8 Sec. 1 of the GDPR (DSGVO). If one of the aforementioned reasons applies, and a data subject wishes to request the deletion of personal data stored by GO Europe GmbH, they can contact us at any time. We will ensure that the request for deletion is complied with immediately. If the personal data has been made public by GO Europe GmbH and our company is the data controller in the terms of Article 17 Sec. 1 of the GDPR (DSGVO) and therefore obliged to delete the personal data, GO Europe GmbH taking account of available technology and the cost of implementation, must take reasonable steps, including technical measures, to inform other data controllers responsible for processing the disclosed personal data that the data subject has requested deletion by such controllers responsible for any links to this personal data, or copies or replication the personal data, insofar as processing is not required. We will take the necessary steps on a case-by-case basis.

6.5 Right to Restriction of Processing

Each data subject affected by the processing of personal data has the right granted by the European legislator to demand restriction of processing from the data controller where one of the following applies: – the accuracy of the personal data is contested by the data subject, for a period enabling the data controller to verify the accuracy of the personal data; – the processing is unlawful and the data subject opposes the deletion of the personal data and requests the restriction of its use instead; – the data controller no longer needs the personal data for the purposes of the processing, but it is required by the data subject for the assertion, exercise or defense of legal claims; – the data subject has objected to the processing pursuant to Article 21 Sec. 1 of the GDPR (DSGVO) pending the verification of whether the legitimate grounds of the data controller overrides those of the data subject; If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of the processing of personal data stored by GO Europe GmbH, they can contact us at any time. We will then arrange restriction of the processing.

6.6 Right to Data Portability

Each data subject has the right granted by the European legislator to receive the personal data concerning them that was provided to a data controller, in a structured, commonly used and machine-readable format. They have the right to transmit the data to another data controller without hindrance from the data controller to which the personal data has been provided, as long as the processing is based on consent pursuant to Article 6 Sec. 1 Point a of the GDPR (DSGVO) or Article 9 Sec. 2 Point a of the GDPR (DSGVO) or on a contract pursuant to Article 6 Sec. 1 Point b of the GDPR (DSGVO) and the processing is carried out by automated means, so long as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller. Furthermore, in exercising their right to data portability pursuant to Article 20 Sec. 1 of the GDPR (DSGVO), the data subject has the right to have personal data transmitted directly from one data controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others. In order to assert the right to data portability, the data subject may contact us at any time.

6.7 Right to Objection

Each data subject has the right granted by the European legislator to object, on grounds relating to their particular situation, at any time, to the processing of personal data concerning them which is based on Article 6 Sec. 1 Point e or f of the GDPR (DSGVO). This also applies to profiling based on these provisions. GO Europe GmbH must no longer process the personal data in the event of the objection unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights and freedoms of the data subject, or for the assertion, exercise or defense of legal claims. Where GO Europe GmbH processes personal data for direct marketing purposes, the data subject has the right to object to the processing of personal data concerning them for such marketing at any time. This applies to profiling to the extent that it is related to such direct marketing. Where the data subject objects to GO Europe GmbH regarding the processing for direct marketing purposes, GO Europe GmbH will no longer process the personal data for these purposes. In addition, the data subject has the right to object to the processing of personal data concerning them by GO Europe GmbH for scientific or historical research purposes or for statistical purposes pursuant to Article 89 Sec. 1 of the GDPR (DSGVO) on grounds relating to their particular situation, unless processing is necessary for the performance of a task carried out for reasons of public interest. The data subject can exercise their right to object by contacting us directly. In addition, the data subject is free in the context of the use of information society services and, notwithstanding Directive 2002/58/EC, to use their right to object by automated means using technical specifications.

6.8 Automated Decision-Making in Individual Cases, Including Profiling

Each data subject has the right granted by the European legislator not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them, or significantly affects them in a similar way, as long as the decision – is not necessary for the conclusion or fulfillment of a contract between the data subject and a data controller, or – is not authorized by Union or Member State law to which the data controller is subject and which also lays down appropriate measures to safeguard the data subject’s rights and freedoms and legitimate interests or – is not based on the explicit consent of the data subject. If the decision – is necessary for the conclusion or fulfillment of a contract between the data subject and a data controller, or – is based on the explicit consent of the data subject, GO Europe GmbH must implement appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject, at least the right to obtain human intervention on the part of the data controller, to express their point of view and contest the decision. If the data subject wishes to assert rights concerning automated individual decision-making, they can contact us at any time.

6.9 Right to Withdraw a Data Protection Consent

Each data subject has the right granted by the European legislator to withdraw his or her consent to the processing of their personal data at any time. If the data subject wishes to assert the right to withdraw their consent, they can contact us at any time. Each data subject can contact us directly and at any time with regard to queries and suggestions concerning data protection.

6.10 Right of Appeal to a Data Protection Supervisory Body

Each data subject affected by the processing of personal data has the right to appeal to a data protection supervisory body against the processing of their personal data by us.

7. Legal Basis of the Processing

In cases where nothing else has been regulated in the description of the respective data processing operation in Chapter B. of this Privacy Policy, the following regulations apply. Article 6 I lit. a of the GDPR (DSGVO) serves as the legal basis of the processing for GO Europe GmbH in cases where consent must be obtained for a certain processing purpose. If the processing of personal data is necessary in order to fulfill a contract where the contractual party is the data subject, Article 6 I lit. b of the GDPR (DSGVO) serves as the legal foundation. The same applies to processing operations which are necessary to complete precontractual measures, such as in cases of queries related to our services and products. If GO Europe GmbH is subject to a legal obligation which necessitates the processing of personal data, Article 6 I lit. c of the GDPR (DSGVO) serves as the legal foundation. In rare cases, the processing of personal data may be necessary in the vital interests of the data subject or to protect another natural person. In such cases, processing is based on Article 6 I lit. d of the GDPR (DSGVO). Processing operations could also be based on Article 6 I lit. f of the GDPR (DSGVO). This legal foundation is used for processing operations which are not covered by any of the previous legal foundations in cases where processing serves for protecting a legitimate interest of GO Europe GmbH or a third party, and if the interests, fundamental rights and fundamental freedoms of the data subject do not override the first-mentioned interest. Such processing operations are permitted by us because they are explicitly mentioned by the European legislator (cf. Recital 47 Sentence 2 of the GDPR (DSGVO)).

8. Consideration of Legitimate Interests

In cases where nothing else has been regulated in the description of the respective data processing operation in Chapter B. of this Privacy Policy and the processing of personal data is based on Article 6 I lit. f of the GDPR (DSGVO), our overriding interest lies in the execution of our business activities and the economic interests linked to them.

9. Data Protection When Using Our Contact Details

In cases where you use the details provided on our website (such as our e-mail address or fax number) to contact us, the personal data you enter to do this is only processed for the purpose of establishing contact. Where the reason for your contact is an interest in our services or products or in the fulfillment of a contract drawn up with us, Article 6 Sec. 1 lit. b of the GDPR (DSGVO) serves as the legal foundation. In all other cases where you make contact, we have an overriding interest pursuant to Article 6 Sec. 1 lit. f of the GDPR (DSGVO) regarding data processing due to the communication initiated by you. We store the data required for processing contracts until the legal guarantee and, if necessary, contractual warranty deadlines have expired. We store the commercial and tax-related data required for legally defined periods, normally ten years (cf. § 257 HGB (German Commercial Code), § 147 AO (Revenue Code)). The data processed in order to complete precontractual measures is deleted as soon as the measures have been completed and it is clear that a contract will not be concluded. The personal data stored by us for legitimate interests is stored until the purpose of establishing contact has been achieved. You have the right to revoke data processing performed on the basis of Article 6 Sec. 1 f) of the GDPR (DSGVO) and not for the purpose of direct mailing for reasons which result from your particular situation, at any time. In the case of direct mailing, you can revoke processing without specifying any reasons. Recipients of personal data processed according to this regulation are IT service organizations (particularly hosts) with which we have a corresponding order processing agreement in accordance with Article 28 of the GDPR (DSGVO).

10. Changes to These Privacy Policy Provisions

GO Europe GmbH reserves the right to modify these Privacy Policy provisions at any time taking effect in the future. The currently valid version is available on our website. Please refer to the website at regular intervals to ensure you are aware of the currently applicable Privacy Policy provisions.

B. Special Provisions Regarding Data Processing on Our Website

1. Acquisition and Use of Your Data

The scope and type of acquisition and use of your data differs according to whether you visit our website simply to view contents for informational purposes or whether you want to take advantage of services we offer, e.g. on concluding a contract on the website.

2. Informational Use / Acquired Data / Cookies

(1) When the visit to our website is purely informational, meaning you do not complete any bookings or transfer information to us in another way, we only collect the personal data which your browser transfers to our server. If you want to view our website, we collect the following data which is technically necessary in order for us to allow you to view our website and ensure stability and security (the legal basis is Article 6 Para. 1 S. 1 lit. f of the GDPR (DSGVO)): – IP address – Date and time of query – Time zone difference to Greenwich Mean Time (GMT) – Content of the request (actual page) – Access status / HTTP status code – Respective data quantity transferred – Website, from which the request is received – Browser – Operating system and its user interface – Language and version of the browser software. (2) The data processed according to Sec. 1 of this regulation will be stored for the specified purpose for a period of max. 30 days and then deleted. (3) In addition to the data previously mentioned, our cookies will be stored on your computer during the course of the using the website. This occurs due to our legitimate interest pursuant to Article 6 Sec. 1 lit. f of the GDPR (DSGVO) in optimization and economic operation of our online service. Cookies are small text files which are stored on your hard disk and assigned to the browser you use and enable certain information to be copied by us to the location on your computer defined by the cookie. Cookies cannot execute a program or transfer viruses to your computer. They serve to make the overall online service more user-friendly and effective. (4) Use of cookies: a) Our website uses the following types of cookies, whose scope and method of functioning is explained below: – Transient cookies (see b) – Persistent cookies (see c). b) Transient cookies are automatically deleted when the browser is closed. They mainly include the session cookies. These store a so called session ID via which various queries from your browsers can be assigned the basic session. This means that your computer is recognized again when you return to our website. Session cookies are deleted when you log out or close the browser. c) Persistent cookies are automatically deleted after a prescribed time which can vary according to the cookie and can cover several years. You can delete the cookies in the Security Settings of the browser at any time. d) You can configure your browser setting according to your needs and, for example, reject the acceptance of third-party cookies or all cookies. We would like to point out that in such cases, you may not be able to exploit all the functions of the website to the full. (5) Recipients of personal data processed according to the above paragraphs are IT service organizations (particularly hosts) with which we have corresponding order processing agreements in accordance with Article 28 of the GDPR (DSGVO).

3. Matomo

This website uses the Matomo (www.matomo.org) analytic tool which is operated by InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, (“Mataomo”) which acquires and stores data based on our legitimate interest in a web analytic service for statistical evaluation of user behavior for optimization and marketing purposes pursuant to Article 6 Sec. 1 lit. f of the GDPR (DSGVO). Data collected in this way could be used, for the same purpose, to create and evaluate pseudonymized usage profiles. Cookies can be implemented for this. Cookies are small text files which are stored locally in the buffer memory of the internet browser of the website visitor. Cookies enable, amongst other things, recognition of the of the internet browsers. Data collected using Matomo technology (including your pseudonymized IP address) will be processed on our servers. The information generated by the cookie in the pseudonymous user profile is not used to personally identify the visitor to this website and is not merged with personal data concerning the bearer of the pseudonym. If you do not agree with the storage and evaluation of this data from your visit, then you can subsequently object to the storage and use at any time with a click of the mouse. In this case, a so-called opt-out cookie is stored in your browser, with the result that Matomo does not collect any session data. Please note that the complete deletion of your cookies will result in the opt-out cookie being deleted as well and possibly re-activated by you.

4. Google AdWords

Based on our legitimate interests (i.e. the economically viable operation of our online offer according to Art. 6, Subs. 1, No. f., GDPR), we use the “Google AdWords” service from Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA on our website. Google AdWords is an online advertising service that enables advertisers to place adverts both in the Google search engine results as well as in the Google advertising network. Google AdWords enables advertisers to determine certain key words in advance which are applied to ensure an ad is only shown in the Google search engine results when the user accesses a relevant search result. Google is certified under the Privacy Shield Agreement and provides a guarantee that it complies with European data protection law https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. The purpose of Google AdWords is to advertise our website by displaying relevant advertising on the websites of third parties and Google search results, and to enable third-party advertising on our website. If you access our website via a Google ad, Google Inc. sets a conversion cookie on your terminal device. This cookie expires after thirty days, and is not used to identify you. During the time before it expires, the conversion cookie determines whether you access certain subsites on our website. The conversion cookie enables us and Google to see whether a certain person who accessed our website via an AdWords ad went on to buy a product or broke off a purchasing process. Google uses the data collected by the conversion cookie to compile visitor statistics on the use of our website. Then we use these statistics to find out the total number of users who found us through AdWords ads. That shows us how successful the specific AdWords ad was and helps us optimize our AdWords ads for the future. Neither our company nor other advertising customers of Google AdWords receive information from Google which could be used to identify individual users. Conversion cookies save personal data such as which websites a user visits. Every time you use our website, personal data, including your IP address, is transmitted to Google in the USA. This personal data is stored by Google in the USA. Google may under certain circumstances pass this personal data on to third parties. You can at any time permanently prevent our website from storing cookies on your device by changing your browser settings accordingly. This browser setting would also prevent Google from setting a conversion cookie on your terminal device. Furthermore, you can at any time delete a cookie already set by Google AdWords using your browser settings or other software. You also have the option of rejecting personalized advertising by Google. To do this, you need to access the link www.google.de/settings/ads from every browser you use and make the required settings there. For more information, and to read the applicable data protection terms of Google, go to: https://www.google.de/intl/de/policies/privacy/.

5. Use of Offers on Our Website

Where you want to take advantage of the services offered on our website, such as orders from our online shop which are subject to charges or use of our contact form, it is necessary that you enter more personal data. For further details, please refer to the following provisions.

5.1 Data Processing for the Purpose of Concluding Contracts

(1) The personal data, which you provide during the ordering process, is necessary in order to conclude a contract with us (e.g. information on contractual party) or legally necessary (e.g. tax regulations). A failure to provide the personal data means that a contract cannot be drawn up with you. In the case of some payment procedures, we need the necessary payment data in order to refer you to a payment service commissioned by us. If you send an e-mail to us prior to concluding a contract, submit a query via a contact form or conclude a contract via our website, we process the data received to complete the precontractual measures and answer you queries in respect of our services and products, for example. The processing of the data you have provided is completed for the purpose of fulfilling the contract or completing precontractual measures pursuant to Article 6 Sec. 1 b of the GDPR (DSGVO) and fulfilling legal obligations pursuant to Article 6 Sec. 1 c of the GDPR (DSGVO). (2) The recipient of this personal data processed according to these regulations are payment services, shipping services, IT service organizations (particularly hosts), if necessary merchandise management system, if necessary suppliers (drop shipping) with whom we have drawn up the corresponding order processing agreements in accordance with Article 28 of the GDPR (DSGVO). (3) We store the data required for processing contracts until the legal guarantee and, if necessary, contractual warranty deadlines have expired. We store the commercial and tax-related data required for legally defined periods, normally ten years (cf. § 257 HGB (German Commercial Code), § 147 AO (Revenue Code)). The data processed in order to complete precontractual measures is deleted as soon as the measures have been completed and it is clear that a contract will not be concluded.

5.2 Newsletter

(1) By providing your consent and specification of your e-mail address you can subscribe to our Newsletter, with which we can inform you of all our latest information and offers. The goods or services purchased are specified in the declaration of consent. The compulsory field for sending our newsletter is simply your e-mail address. (2) To register for our newsletter, we use the so called double-opt-in process. This means that, following your registration, we send an e-mail to the e-mail address specified in which we request confirmation that you want the newsletter delivered to you. If you do not confirm your registration within 24 hours, your data is blocked and automatically deleted after one month. Furthermore, we store the IP addresses used and the time stamp for the registration and confirmation. The purpose of the process is to prove your registration and, if necessary, be able to clear any possible misuse of your personal data. Following confirmation of the newsletter, we store the information you provided in accordance with Sec. 2  for the purpose of sending the newsletter and providing proof of a possible misuse of your e-mail address in accordance with Sec. 2. (3) Furthermore, we complete a performance measurement by enclosing a so called “web beacon” with every newsletter, i.e. a pixel-sized file which is downloaded by our server when the newsletter is opened. Within the scope of this download, information is compiled on the browser you are using, the ID of the click, details of your e-mail address and concrete e-mailing, your IP address or DNS name and the time of the download. This information is used for technical improvement of the services according to the technical data, or target groups and their reading habits according to the location of viewing (determined with the aid of the IP address) or the access times. The statistical analyses also includes determining whether the newsletters are opened, when they were opened and which links were clicked. Due to the technology used, this information could be assigned to the individual newsletter recipients. However, it is not our intention to observe individual users. The evaluations serve to provide us with information to determine the reading habits of our users and adapt our contents to them or supply different contents according to the different interests of the users. (4) The legal basis for the processing of your personal data is the consent explicitly granted by you in accordance with Article 6 Sec. 1 lit. a of the GDPR (DSGVO) and, with regard to the data processed pursuant to Sec. 2, our legitimate interest pursuant to Article 6 Sec. 1 lit. f of the GDPR (DSGVO) for a performance measurement of our advertising efforts and as well as providing proof of any possible misuse of the e-mail address used. (5) You can revoke your consent to sending the newsletter and cancel the newsletter at any time. To revoke the subscription, simply click on the link provided in every newsletter e-mail or send an e-mail to datenschutz@go-europe.com or send a message to the contact address stipulated in the Legal Notice. (6) Your e-mail address is only stored for the newsletter distribution for the duration of the requested registration. The other data, stored in accordance with Sec. 1, will be deleted maximally one month after you have deregistered. (7) Recipients of personal data processed according to these regulations are IT service organizations (newsletter service, particularly hosts) with which we have corresponding order processing agreements in accordance with Article 28 of the GDPR (DSGVO).

6. Social Media Plug-ins

We do not use any “social media plug-ins” on our website. We only provide links to the following social media services: Facebook Service provider: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA The data compiled, should you visit the Facebook site, is set out in the privacy policy notice from Facebook at: www.facebook.com/help. Options to protect your personal privacy within the Facebook website are provided at: www.facebook.com/policy. YouTube Service provider: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA The data compiled, should you visit the site, is set out in the privacy policy notice from Google at: www.google.com/privacy. Options to protect your personal privacy are provided at www.google.com/dashboard. Embedding of YouTube Videos Based on our legitimate interest within the terms of Article 6 Sec. 1 lit. f. of the GDPR (DSGVO) regarding the presentation of our services using audiovisual media, we have integrated components from YouTube on our website which are stored at www.youtube.com and can be played directly from our website. These are all embedded in “enhanced data protection mode”, i.e. no data concerning the data subject as user will be transferred to YouTube if they do not play the videos. The data is only transferred when the video is actually played. We have no influence in respect of this data transfer. YouTube is operated by Google Inc., located in the 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google is certified under the Privacy Shield Agreement. This provides a guarantee that it complies with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). As a result of visiting our website, YouTube receives the information that you have accessed the corresponding subsite of our website. In addition, the data specified in B. Item 2 Sec. 1 of this Private Policy is also transferred. This occurs regardless of whether YouTube is provided with a user account via which you have logged in or whether no user account exists. If you have logged in using Google, your data is assigned directly to your account. If you do not want the data to be assigned to your YouTube profile, you must logout before activating the button. YouTube saves your data as a user profile and uses it for advertising, market research and/or needs-based design of its website. Such an evaluation is used particularly (even for users who are not logged in) to provide advertising aligned to demand and to inform other users in the social network of your activities on our website. You have a right to objection against the development of these user profiles, whereby you must exercise it against YouTube.

7. Security Measures

We meet organizational, contractual and special technical measures complying with state-of-the-art technology in order to ensure that the Privacy Policy provisions are maintained and that the data processed by us is protected from coincidental or intentional manipulation, loss, destruction or against access by unauthorized persons.