top of page
PBI Logo

Privacy Policy

General introduction
With the following Privacy policy, we would like to inform you about how we process your personal data in accordance with the European General Data Protection Act (DSGVO). The Privacy policy applies to all processing of personal data carried out by us in the context of our website.

Controller
Controller according to the GDPR is

PBI Performance Products, Inc.
represented by: Mickey Carter
PBI Performance Products, Inc. – 9800-D Southern Pine Blvd., Charlotte, NC 28273, USA
Phone: +1704-554-2632
Email: international@pbiproducts.com

Data Protection Officer
You can contact our Data Protection Officer as follows:
secjur GmbH
Falkensteiner Ufer 40
22587 Hamburg
Telefon: +49 40/80 90 81 146
Email: dsb@secjur.com
You can contact our Data Protection Officer directly at any time with any questions or suggestions regarding data protection and the exercise of your rights.

Definition of terms
This Privacy policy is based on the terminology of the GDPR. To simplify matters, we would like to explain some important terms in this context:

  • Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

  • Data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.

  • Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

  • Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

  • Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

     

Provision of the website
If you use this website for purely informational purposes without transmitting data to us in any other way (e.g. by registering or using the contact form), we collect technically necessary data via server log files, which are automatically transmitted to our server, among other things:

  • Website from which the website was accessed

  • websites that were accessed via the website, IP address

  • Visited page on our website; amount of data transferred

  • Date and time of access

  • Information about the browser type and version used, other websites that you visit from this website

  • either by clicking on a link on this website or by entering the domain directly in the input bar in the same window of your browser

  • Operating system

The temporary storage of the data is necessary for the course of a website visit in order to be able to display our website to you. This processing is technically necessary to ensure the functionality of the website and the security of the information technology systems. The legal basis for the processing is therefore Art. 6(1)(f) GDPR in order to guarantee the provision, security and stability of our website.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the provision of the website, this is the case when the respective session has ended. The log files are stored 24 hours directly and only accessible to administrators. After that, they are only indirectly available via the reconstruction of backup tapes and are permanently deleted after 4 weeks .
.
For the provision of our online offer, we use storage space, computing capacity and software that we rent or otherwise obtain from the server provider Wix.com Ltd, Tel Aviv, Israel (web host).
The personal data will be transferred to the USA. The European Commission has adopted an adequacy decision pursuant to Art. 45 (3) GDPR for the EU-U.S. Data Privacy Framework. On the basis of this decision, data transfers to organizations based in the USA that are certified accordingly are permitted. The web host is certified under the EU-U.S. Data Privacy Framework.
Content Delivery Network (CDN)
We use a content delivery network (CDN). A CDN is a service with the help of which the content of an online offer, in particular large media files such as graphics or program scripts, can be delivered faster and more securely with the help of regionally distributed servers connected via the Internet. This means that the website is not hosted on a single server, but is delivered via a network of geographically distributed servers that may be connected to each other. The server closest to you as the user is used in each case. As a result, the CDN processes all of the aforementioned personal data required to provide the website.
The legal basis for the use of a CDN is our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR in order to guarantee you the best and fastest connection, from which you as a user also benefit.
We use the provider Wix.com Ltd Nemal St. 40, Tel Aviv 6350671, Israel as our CDN.
The personal data is transferred to the USA. The European Commission has adopted an adequacy decision pursuant to Art. 45 (3) GDPR for the EU-U.S. Data Privacy Framework. On the basis of this decision, data transfers to organisations based in the USA that are certified accordingly are permitted. The CDN provider is certified under the EU-U.S. Data Privacy Framework.
 
Contact form
You have the option of contacting us via E-Mail. We process the following personal data from you when you contact us and respond to your enquiry:
- Telephone number, IP address, E-mail address, Communication content, Name and surname, Date and time of the enquiry    
If you contact us as part of an existing contractual relationship or contact us in advance for information about our range of services or our other services, the personal data you provide will be processed for the purpose of processing and responding to your contact enquiry in accordance with Art. 6(1)(b) GDPR. Otherwise to safeguard our legitimate interests in accordance with Art. 6(1)(f) GDPR for the purpose of responding to customer/contact enquiries.
We delete your personal data as soon as it is no longer required to fulfil the purpose for which it was collected. In the context of contact enquiries, this is generally the case when it is clear from the circumstances that the specific matter in question has been conclusively processed.
The provision of our contact form takes place via Wix.com Ltd. Nemal St. 40 Tel Aviv 6350671 Israel.
 
The personal data is transferred to the USA. The European Commission has adopted an adequacy decision pursuant to Art. 45 (3) GDPR for the EU-U.S. Data Privacy Framework. On the basis of this decision, data transfers to organisations based in the USA that are certified accordingly are permitted. The provider is certified under the EU-U.S. Data Privacy Framework.
Newsletter and electronic notifications
If you would like to receive information about our new products and services, you can subscribe to our newsletter. In addition to your email address, we process the following personal data when sending the newsletter: First name and surname, First name and surname, Metadata (e.g. device information, IP address, date and time of login)
If you would like to receive information about our new products and services, you can subscribe to our newsletter. We only process your email address when sending the newsletter.
The advertised goods and services are named in the declaration of consent. We use the so-called double opt-in procedure to subscribe to our newsletter. This means that after you have registered, we will send you an email to the email address you have provided, in which we ask you to confirm that you are the owner of the email address provided and that you wish to receive the notifications. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we store the IP addresses you use and the times of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data.
 
The legal basis for sending our newsletter is your consent in accordance with Art. 6(1)(a) GDPR. You can revoke your consent to receive our newsletter at any time by clicking on the unsubscribe link in the emails or by sending your revocation by email to our email address or by post to the contact details given in the legal notice. Your personal data will then be removed from the mailing list.
In addition, you can also give your consent for us to evaluate your user behaviour when sending the newsletter. Our newsletters contain tracking links that enable us to analyse the behaviour of newsletter recipients. For example, we can analyse how many recipients have opened the newsletter message and how often which link in the newsletter was clicked on. This enables us to statistically evaluate the success or failure of online marketing campaigns. The personal data collected through the tracking links is stored and evaluated by us in order to optimise the newsletter dispatch and to adapt the content of future newsletters even better to your interests.
You can object to this tracking at any time by clicking on the separate link provided in each email  or by informing us via another contact channel, as shown above, and revoking your consent. The information will be stored for as long as you have subscribed to the newsletter. After unsubscribing, we store the data purely statistically and anonymously.
We use an external provider to send our newsletter, Mailchimp (The Rocket Science Group LLC) 675 Ponce De Leon Ave NE, Suite 5000 Atlanta, GA 30308 United States. This service provider receives your email address and other necessary data to send the newsletter on our behalf.
 
The personal data is transferred to the USA. The European Commission has adopted an adequacy decision pursuant to Art. 45 (3) GDPR for the EU-U.S. Data Privacy Framework. On the basis of this decision, data transfers to organisations based in the USA that are certified accordingly are permitted. The service provider is certified under the EU-U.S. Data Privacy Framework.
 
Presence in social networks (social media)
We maintain publicly accessible profiles on various social networks. Your visit to these profiles triggers a variety of data processing operations. Below we give you an overview of which of your personal data is collected, used and stored by us when you visit our profiles.
When you visit our profiles, your personal data is not only collected, used and stored by us, but also by the operators of the respective social network. This happens even if you do not have a profile on the respective social network. The individual data processing operations and their scope differ depending on the operator of the respective social network and they are not necessarily traceable for us. For details on the collection and storage of your personal data as well as the type, scope and purpose of its use by the operator of the respective social network, please refer to the following explanations.  

Facebook and Instagram
When you visit our Facebook or Instagram page, certain information about you is processed. We can only view the information stored in your public Facebook or Instagram profile (such as your profile picture or information that you share on a Facebook or Instagram profile ), and only if you have such a profile and are logged into it while you visit our Facebook page.
In addition, the operator of the platform, Meta Platforms Ireland Limited, Serpentine Avenue, Block J, Dublin 4 Ireland (Meta), provides us with anonymized statistics and insights for our Facebook page, which help us to gain insights into the types of actions people take on our page (Page Insights). These Page Insights are created on the basis of certain information about people who have visited our page.
The processing of personal data in connection with the operation of our Facebook company profile is based on a Legitimate Interest Assessment (LIA) pursuant to Art. 6(1)(f) GDPR in order to offer you a contemporary and supportive information and interaction opportunity with and about us. Furthermore, the processing serves our legitimate interests in evaluating the types of actions taken on our Facebook company profile and improving our company profile based on these findings. The legal basis for this processing is therefore Art. 6(1)(f) GDPR. If the contact is aimed at the conclusion of a contract, the legal basis for the processing is Art. 6(1)(b) GDPR.
The processing of the Page Insights is carried out by Meta and us as joint controllers. We cannot assign the information obtained via the Page Insights to individual Facebook profiles that interact with our Facebook page. We have entered into a joint controller agreement with Meta, which sets out the allocation of data protection obligations between us and Meta. Details of the processing of personal data to create Page Insights and the agreement concluded between us and Meta can be found here. With regard to this data processing, you also have the option of asserting your rights of the data subject (see "Your rights as a data subject") against Meta. Further information on this can be found in Meta's Privacy Policy. Meta offers the possibility to object to certain data processing; you can find information and opt-out options here in your account.
Please note that according to Meta's privacy policy, user data is also processed in the USA or other third countries. The European Commission has issued an adequacy decision pursuant to Art. 45 (3) GDPR for the EU-U.S. Data Privacy Framework. On the basis of this decision, data transfers to organizations based in the USA that are certified accordingly are permitted. Meta is certified under the EU-U.S. Data Privacy Framework.

LinkedIn
When you visit our LinkedIn company profile, certain information about you is processed. In the case of direct messages to us or comments on our LinkedIn company profile or under our posts, we receive the message, the comments and your user name.
In addition, LinkedIn processes LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (LinkedIn) as the operator of personal data when you visit our LinkedIn company profile, follow this page or engage with the page in order to provide us with statistics and insights in anonymized form. This gives us insights into the types of actions that people take on our site (Page Insights). For this purpose, LinkedIn processes in particular data that you have already provided to LinkedIn via the information in your profile, such as data on function, country, industry, seniority, company size and employment status. In addition, LinkedIn will process information about how you interact with our LinkedIn company profile, e.g. whether you are a follower of our LinkedIn company page. LinkedIn does not provide us with any personal data about you through the Page Insights. We only have access to the summarized Page Insights. It is also not possible for us to draw conclusions about individual members from the information in the Page Insights.
The processing of your personal data in connection with the operation of our LinkedIn company profile is based on a Legitimate Interest Assessment (LIA) pursuant to Art. 6(1)(f) GDPR in order to offer you a contemporary and supportive information and interaction opportunity with and about us. The processing serves our legitimate interests in evaluating the types of actions taken on our LinkedIn company profile and improving our company profile based on these findings.
This processing of personal data in the context of Page Insights is carried out by LinkedIn and us as joint controllers. We have entered into an agreement with LinkedIn on processing as joint controllers, which sets out the allocation of data protection obligations between us and LinkedIn. The agreement is available here. The following applies:
- LinkedIn and we have agreed that LinkedIn is responsible for exercising your rights under the GDPR. You can contact LinkedIn online via the following link (https://www.linkedin.com/help/linkedin/ask/PPQ?lang=de) or reach LinkedIn via the contact details in the privacy policy. You can contact the Data Protection Officer at LinkedIn via the following link: https://www.linkedin.com/help/linkedin/ask/TSO-DPO. You can also contact us using the contact details provided to exercise your rights in connection with the processing of personal data in the context of page integrations. We will forward your request to LinkedIn in such a case.
- LinkedIn and we have agreed that the Irish Data Protection Commission is the lead supervisory authority overseeing the processing for Page Insights. You always have the right to lodge a complaint with the Irish Data Protection Commission (see www.dataprotection.ie) or any other supervisory authority.
In addition, LinkedIn processes your data as a user for the provision of services, communication, further development of services and research, as well as for advertising, customer support, analysis and security purposes. In principle, LinkedIn is solely responsible for the processing of personal data when you visit our LinkedIn company profile. The categories of personal data that LinkedIn processes in this context are described in LinkedIn's data policy. Further information on the processing of personal data by LinkedIn can be found here.
Please note that, in accordance with the LinkedIn Privacy Policy, personal data is also processed by LinkedIn in the USA or other third countries.

X
When you visit our X profile or profiles within the X platform of Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX 07 Ireland (X), personal data from your X profile will also be processed. If you contact us via the X profile, e.g. by commenting on a tweet or writing us a message via X direct messages, we will process your data (e.g. your name and the content of the communication) in order to process your request. If necessary, we also process your data for the assertion of legal claims and defense in legal disputes as well as for the prevention and investigation of criminal offenses. The processing is carried out on the basis of a Legitimate Interest Assessment (LIA) pursuant to Art. 6(1)(f) GDPR in order to offer you a timely and supportive information and interaction opportunity with and about us. If the contact is aimed at the conclusion of a contract, the legal basis for the processing is Art. 6(1)(b) GDPR.
In addition, X collects so-called usage data when you visit our X profile. This includes your IP address, the application used, information about your end device (including device ID and application ID), information about websites accessed, your location and your mobile phone provider. This data is assigned to your X profile.
X also uses certain data that it has collected from users of the X platform (e.g. "re-tweets") to compile aggregated usage statistics and make them available to the respective operators of the X profile (X Analytics). We also receive aggregated usage statistics. The information we receive from X-Analytics does not allow any conclusions to be drawn about individual users. We ourselves do not have access to personal data that X processes for X-Analytics. X determines which data is processed for X-Analytics and how. We have no legal or actual influence on the processing by X. X provides information on this in its privacy policy (X Privacy Policy) and via the option to view your own data at X (X Help Center).
This processing serves our legitimate interests in evaluating the types of actions taken on our X company profile and improving our company profile based on these findings. The legal basis for this processing is therefore Art. 6(1)(f) GDPR.
Please note that, in accordance with the X Privacy Policy, personal data is also processed by X in the USA or other third countries.

Video platforms

Youtube channel
We operate a "YouTube channel" to draw attention to our services and service offerings and to interact with our customers and visitors to the YouTube channel (users). The video platform is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland (Google Ireland). Google Ireland is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; (Google)).
If you contact us via our YouTube channel, e.g. by commenting on one of our videos, we process your data (e.g. your name and the content of the communication) in order to process your request. If necessary, we will also process your data for the assertion of legal claims and defence in the event of legal disputes in connection with your contributions. The legal basis for the processing of the data that we collect in connection with the use of our company website is our legitimate interests pursuant to Art. 6(1)(f) GDPR in order to offer you a contemporary and supportive information and interaction opportunity with and about us and to better present our services and service offerings. If the contact is aimed at the conclusion of a contract, the legal basis for the processing is Art. 6(1)(b) GDPR.
When you visit our YouTube channel or other pages of the YouTube platform, Google Ireland collects so-called usage data. Google Ireland also uses certain data that it has collected from users of the YouTube platform (e.g. which videos users watch) to compile aggregated usage statistics and make them available to the respective operators of the YouTube channel (YouTube Analytics). We also receive such aggregated usage statistics. The information we receive from YouTube Analytics does not allow us to draw any conclusions about individual users. We ourselves do not have access to personal data that Google Ireland processes for YouTube Analytics. Google Ireland determines which data is processed for YouTube Analytics and how. Google Ireland provides information on this in its privacy policy.
The personal data is also transferred to the USA. The European Commission has issued an adequacy decision pursuant to Art. 45 (3) GDPR for the EU-U.S. Data Privacy Framework. On the basis of this decision, data transfers to organisations based in the USA that are certified accordingly are permitted. Google is certified under the EU-U.S. Data Privacy Framework.
23.2 Youtube integration website
Our website uses plugins from the YouTube video platform to embed videos and play them directly on our website. The video platform is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland (Google Ireland). Google Ireland is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; (Google)).
When you activate embedded videos on our website, a connection to the YouTube servers is established and data transmission is started. We have no influence on the scope and content of the data that is transmitted to YouTube and possibly other YouTube partners by activating the plugin. Among other things, the YouTube server is informed which of our pages you have visited. According to YouTube, this information is used, among other things, to collect video statistics, improve user-friendliness and prevent abusive behaviour. YouTube uses cookies to collect information about user behaviour. The cookies remain on your end device until you delete them. If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account before activating the play button. Further information on the handling of user data can be found in YouTube's privacy policy.
The legal basis for this use is the voluntary and revocable consent given by you in accordance with Art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future by making the corresponding changes or adjustments in your cookie settings.
The YouTube videos are integrated in the so-called "extended data protection mode", which, according to the provider, only initiates the storage of user information when the video(s) is/are played.
The transfer of data to YouTube partners is not necessarily excluded by the extended data protection mode. Regardless of whether you watch a video, YouTube establishes a connection to the Google DoubleClick network.
The personal data is also transferred to the USA. The European Commission has issued an adequacy decision pursuant to Art. 45 (3) GDPR for the EU-U.S. Data Privacy Framework. On the basis of this decision, data transfers to organisations based in the USA that are certified accordingly are permitted. Google is certified under the EU-U.S. Data Privacy Framework.
Integration of map services
On our website we use the map service Google Maps from Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; (Google)). This allows us to display interactive maps directly on the website and enables you to conveniently use the map function.
By using Google Maps, information about the use of this website, including your IP address and the (start) address entered as part of the route planner function, is collected. When you access a page on our website that contains Google Maps, your browser establishes a direct connection to Google's servers. The map content is transmitted by Google directly to your browser, which integrates it into the website. We have no influence on the scope of the data collected by Google in this way. To the best of our knowledge, this is at least the following data:
- Date and time of the visit to the website in question
- Internet address or URL of the website accessed
- IP address, (start) address entered as part of route planning
The data transfer takes place regardless of whether Google provides a user account that you are logged in to or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your Google user account, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or customising its website. Such an analysis is carried out in particular (even for users who are not logged in) to provide customised advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
The legal basis for the use of the maps is Art. 6 para. 1 S. 1 lit. a GDPR, i.e. the integration only takes place with your consent.
The personal data is also transferred to the USA. The European Commission has issued an adequacy decision pursuant to Art. 45 (3) GDPR for the EU-U.S. Data Privacy Framework. On the basis of this decision, data transfers to organisations based in the USA that are certified accordingly are permitted. Google is certified under the EU-U.S. Data Privacy Framework.
Cookie banner
When you visit our website or a sub-website for the first time and it contains cookies, you will be shown a "cookie banner". There you will be informed about the individual cookies that we use. You can find out about each individual cookie with regard to the name, the provider, the purpose of the processing and the storage period.
With our cookie banner, we inform you about the cookies we specifically use. In addition, we give you the opportunity to decide whether you want to consent to the setting of cookies that are not necessary. Processed are:

  • · Usage data (e.g., web pages visited, time of access)

  • · Meta and communication data (e.g., IP address)

The legal basis for the use of the cookie banner is Art. 6(1) s. 1 lit. f GDPR. We have an overriding legitimate interest in using the cookie banner, which allows us to obtain the legally required consent for the use of cookies that are not necessary and to comply with our duty to provide information regarding cookies.
The cookie banner stores the preferences until you reset or customize them.
The cookie banner is provided via the provider Wix. [IF TRANSFER TO THIRD COUNTRY: The personal data is thereby transferred to USA. Wix is certified under the EU-U.S. Data Privacy Framework. [IF NOT FURTHER CERTIFIED: To ensure an adequate level of data protection at the recipient of your personal data, we have entered into standard contractual clauses (SCCs) by the European Commission for the protection of personal data pursuant to Art. 46(1), (2) lit. c GDPR. For more information and a copy of the SCCs please contact [our data protection officer / the contact address provided].
 
Use of cookies
We use cookies on our website. These are text files that your browser automatically creates and that are stored on your IT system when you visit our website. Cookies provide certain information to the organisation that sets the cookie. By using cookies, it is not possible to execute programmes or transfer viruses to your end device.
If you do not wish to use cookies, you can switch them off in the settings.
In legal terms, a distinction must be made between necessary and non-necessary cookies.
Necessary cookies
We use necessary cookies. These are cookies that are technically necessary to provide all the functions of our website. The legal basis for data processing is our legitimate interest within the meaning of Art. 6 para. 1, sentence 1 lit. f GDPR. We have an overriding legitimate interest in being able to offer our website in a technically flawless manner. The legal basis for the use of cookies vis-à-vis our contractual partners who make use of services contractually owed by us via our website is Art. 6 para. I lit. b GDPR, the provision of our contractual services.

Non-essential cookies
We also use non-essential cookies (e.g. analysis and marketing cookies). These are cookies that are not technically necessary. We use them to understand your behaviour on our website and to improve our offering. The legal basis for data processing is your consent in accordance with Art. 6(1)(a) GDPR. The cookies are only set after you have given your consent via our "cookie banner".
Storage duration
A distinction is made between the following types of cookies with regard to the storage period:

  • Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after a user has left an online service and closed their end device (e.g. browser or mobile application).

  • Permanent cookies: Permanent cookies remain stored even after the end device has been closed. For example, the login status can be saved or favourite content can be displayed directly when the user visits a website again. The user data collected with the help of cookies can also be used to measure reach. Unless we provide users with explicit information on the type and storage duration of cookies (e.g. when obtaining consent), users should assume that cookies are permanent and that they can be stored for up to two years.
     

For more information, please refer to the information we provide in the cookie banner.

Your rights
In the course of our processing of personal data, personal data may be transferred to other recipients or disclosed to them. The recipients of this personal data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we comply with the legal requirements and, in particular, conclude corresponding contracts or agreements with the recipients of your personal data that serve to protect your personal data.

Transfer of personal data
In the course of our processing of personal data, personal data may be transferred to other recipients or disclosed to them. The recipients of this personal data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and in particular conclude corresponding contracts or agreements with the recipients of your personal data that serve to protect your personal data.

Erasure of data
The personal data processed by us will be erased in accordance with the legal requirements as soon as the consent given for processing is revoked or other permissions cease to apply (e.g. if the purpose for processing this personal data no longer applies or it is not required for the purpose). If the personal data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted to these purposes. This means that the personal data is blocked and not processed for other purposes. This applies, for example, to personal data that must be retained for commercial or tax law reasons or whose storage is necessary for the assertion, exercise or defense of legal claims or to protect the rights of another natural person or legal entity.
Our data protection information also contains further information on the retention and erasure of personal data, which take priority for the respective processing.
Your rights as a data subject
As a data subject, you have various rights under the GDPR, which arise in particular from Art. 15 to 21 GDPR. If you wish to exercise any of your rights, please contact us via the contact addresses provided above or our Data Protection Officer.

Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions. If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct marketing. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

Right to access
You have the right to obtain confirmation as to whether or not personal data concerning you is being processed and, where that is the case, access to the personal data and further information and a copy of the personal data in accordance with legal requirements.

Right to rectification
In accordance with the statutory provisions, you have the right to request the completion of personal data concerning you or the rectification of inaccurate personal data concerning you.
Right to erasure and restriction of processing
You have the right to obtain from us the erasure of personal data concerning you without undue delay where one of the grounds provided for by law applies and insofar as the processing or storage is not necessary.
You have the right to obtain from us the erasure of personal data concerning you without undue delay.

Restriction of processing
You have the right to obtain from us the restriction of processing if one of the legal requirements is met.
Right to receive personal data in a machine-readable format
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format or to request its transmission to another controller in accordance with the legal requirements.

Right to withdraw consent
You have the right to withdraw your consent at any time.
Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the provisions of the GDPR.
.
Amendment and updating of the privacy policy
We will amend the privacy policy as soon as changes to the data processing carried out by us make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.
If we further develop our website and our offers or if legal or official requirements change, it may be necessary to amend this data protection notice. You can access the current data protection information at any time here.
Status: Feb 2026

bottom of page