Data Privacy
General notes
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally. For detailed information on the subject of data protection, please refer to our data protection declaration listed below this text.
The operators of this site take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations (esp. DSGVO) as well as this privacy policy.
When you use this website, various personal data is collected. Personal data is data that can personally identify you. This privacy policy explains what data we collect, what we use it for and for what purpose.
If you have any concerns about data protection, please feel free to contact us using the contact options listed at the end of this privacy policy.
Data collection on this site
The data processing is carried out by the website operator. The data is collected through your communication of the same. This can be done via a contact form, in person or via telecommunication media.
Automatic data collection
The following data is automatically collected by the third-party provider Visitor Analytics when you visit the website:
-
Information about the device you are using and its characteristics.
(e.g. operating system, anonymized IP address) -
Information on the technical characteristics of the website visit
(e.g. Internet browser, time of the page call) -
Number of page visits
-
Statistically relevant behavior of visitors to our website
This is technical data. This data is collected automatically when you enter this website. Part of the data is collected to ensure error-free operation of the website. Other data may be used to analyze your user behavior. In no case will the collected data be used to identify individual users or to match the data with additional information about an individual user.
Contact form, chat & meeting booking
When using the contact form or the integrated chat on the website, as well as when booking a meeting with us via the website using the third-party provider HubSpot, all information from the corresponding input fields, including the contact data provided, will be stored by us after consent for the purpose of processing the request and in case of follow-up questions. The data will never be passed on to third parties without consent.
Hosting
This website is hosted externally. The personal data collected on this website is stored on the hoster's servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact details, names, website accesses and other data generated via a website.
External hosting is carried out for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO). If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a DSGVO and § 25 Para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device as defined by the TTDSG. The consent can be revoked at any time. Our hoster will only process your data insofar as this is necessary for the fulfillment of its service obligations and follow our instructions regarding this data.
We use the following hosting service:
Wix.com LTD
40 Namal Tel Aviv, 6350671
Israel
The Hoster has entered into a Contract for the Processing of Personal Data (CPC) with all of its Users, where each party undertakes to process personal data only within the purposes and instructions set forth therein. The processing of data by the Host takes place on the territory of the European Union, Israel or a third country that the European Commission has decided ensures an adequate system level of protection (transfer based on an adequacy decision).​​
Notes on the legal basis for data processing
If you have consented to data processing, we process your personal data on the basis of Art. 6 (1) lit. a DSGVO. In the case of explicit consent to the transfer of personal data to third countries, the data processing is also based on Art. 49 para. 1 lit. a DSGVO. If you have consented to the storage of cookies or to the access to information in your terminal device, the data processing is additionally carried out on the basis of Section 25 (1) TTDSG. The consent can be revoked at any time. If your data is required for the performance of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Art. 6 (1) lit. b DSGVO. Furthermore, if your data is required for the fulfilment of a legal obligation, we process it on the basis of Art. 6 para. 1 lit. c DSGVO. Furthermore, the data processing may be carried out on the basis of our legitimate interest according to Art. 6 para. 1 lit. f DSGVO.
Data transfer to third countries
Among other things, we use tools from companies based in the USA or other third countries that may not be secure from a data protection perspective. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as the data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.
Right of withdrawal and appeal
You can revoke a given consent to data processing operations at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
In the event of violations of the GDPR, the data subjects shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged violation. The right of appeal is without prejudice to further administrative or judicial remedies.
Information, correction, deletion and data transferability
​Within the framework of the legal provisions, you have the right to receive information free of charge at any time about the origin, recipient and purpose of your stored personal data. You also have a right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances. If you have any questions about data protection, you can contact us at any time.
Unless a more specific storage period has been specified within this data protection declaration, your personal data will remain with us until the purpose for the data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer apply.
Other information on data privacy
We never sell your personal data to third parties.
We do not knowingly or intentionally collect data from minors. If you suspect that data has been collected from persons who are not of legal age, please contact us using the contact options provided.
Our online offer may contain links to other websites. These links are usually marked as such. We have no influence on the extent to which the applicable data protection regulations are implemented and adhered to on the linked websites.
We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can generally always have security gaps. Complete protection of data against access by third parties is not possible.
Integration of third party services
For some functions on our website, we use services from third-party providers. The names of the third-party providers have been listed in the above statement for each of the corresponding functions. For the purpose of clarity, the corresponding providers are listed below:
​
HubSpot, Inc.
HubSpot is a tool for digital marketing. Within the scope of our website, we use the functionality for booking online meetings via HubSpot. HubSpot concludes a data processing agreement with all of its users, which sets out the conditions for processing personal data, including in particular data collected in Europe, as part of HubSpot's services.
​
Visitor Analytics Ltd.
Visitor Analytics is a simple website analytics service that collects traffic on our website and general information from website visitors. We have entered into an order processing agreement with Visitor Analytics, which is provided by the provider as standard.
Data processing via social media
We are represented on various social media platforms through our company page. Currently, we maintain a company page on the following social media platforms:
-
LinkedIn
-
Xing
Visiting our company page on these platforms may lead to the processing of your personal data. This includes information associated with your social media profile as well as any messages and statements made therein. Additionally, your visit to our company page may result in the automatic collection of certain data, some of which may qualify as personal data.
As the sole responsible party, we process all information explicitly provided to us via our social media pages, irrespective of the specific platform. This primarily encompasses contact data, usernames, or messages. We explicitly request you to provide us with this personal data or notify you that we will process the data provided to us with your permission.
For the collection of your personal data through our social media pages, you can find the relevant legal bases in the "Notes on legal basis for data processing" section.
​
When you visit our LinkedIn company page, LinkedIn Ireland Unlimited Company (Ireland/EU - "LinkedIn") assumes sole responsibility for the processing of your personal data. For detailed information, please refer to LinkedIn's privacy policy available at the following link: https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy
By interacting with our LinkedIn company page, such as visiting or following the page, LinkedIn processes personal data provided to us in an anonymized form to gain insights into the behavior of visiting profiles on our page through statistics. The processed data includes information that you have stored on your own LinkedIn profile, such as job position, country, industry, company size, employment status, etc. Moreover, it is recorded how you interact with our company page, e.g., whether you are a follower. These statistics are anonymized and only provided to us as aggregated data, ensuring that no individual profiles can be identified.
LinkedIn and we act as joint data controllers for the collection of personal data. The data collection serves our legitimate interest in evaluating user interactions and behavior on our company website, enabling us to enhance the user experience based on the insights gained.
The distribution of data protection obligations between LinkedIn and us is defined in a joint agreement accessible at the following link: https://legal.linkedin.com/pages-joint-controller-addendum.
According to the agreement, LinkedIn is responsible for enabling you to exercise your rights under the General Data Protection Regulation (GDPR). To do so, you can contact LinkedIn using the details provided in their privacy policy, or you may also contact us. In the latter case, we will forward your request to LinkedIn. Additionally, the Irish Data Protection Commission, as per mutual agreement, acts as the lead supervisory authority concerning the personal data processed by LinkedIn. Therefore, you have the option to contact the Irish Data Protection Commission or any other supervisory authority with any complaints at any time.
Lastly, we wish to bring to your attention that the personal data collected by LinkedIn may also be processed in the USA or other third countries where data protection standards comparable to those in the EU might not be ensured.
Responsible party for data processing & contact options
Hülsmann, Lehmann, Mutschlechner & Zimmerer Ingenieurgesellschaft bR
Lillweg 3
80939 Munich
+39 342 1411838
viktor.mutschlechner@femavi.de
​​
Last update: September 2024
In the event of any discrepancies or inconsistencies between the English and German versions of this privacy policy, the German text shall prevail and be legally authoritative.