Data Protection Infromation on
the use of our Website

1. Contact Details of the Data Controller

2. Contact Details of the Data Protection Officer

3. Purposes for Which Personal Data Will Be Processed, and the Legal Basis for Processing

3.1 Processing of Access Data

3.2 Cookies and Related Technologies

3.2.1 General Information

3.2.2 Technically Necessary Cookies and Related Technologies

3.2.3 Consent-Required Cookies such as Analytical and Tracking Cookies and Related Technologies

3.3 Processing Related to the Use of Our Contact Form or Contact via Email

3. 4 Processing Related to Newsletter Subscription and Other Direct Marketing Activities

4. Obligation to Provide Data

5. Automated Decision-Making Including Profiling

6. Data Transfer to a Third Country

7. Categories of Data Recipients and Data Sources

7.1 Categories of Data Recipients

7.2 Data Sources

8. Applications

9. Events

10. Storage Duration and Criteria for Determining Duration

11. Information on Your Rights as a Data Subject

12. Right to Lodge a Complaint with a Supervisory Authority

13. Data Protection Notices for All Third-Party Services Integrated on This Website

13. 1 Data Protection Notice on the Use of LinkedIn Analytics and LinkedIn Ads

13. 2 Data Protection Notice on the Use of Matomo

13. 3 Data Protection Notice on the Use of Google Tag Manager

13. 4 Data Protection Notice on the Use of Sentry

13. 5 Data Protection Notice on the Use of Adobe Typekit Web Fonts

13. 6 Data Protection Notice on the Use of Doubleclick.net by Google

13. 7 Data Protection Notice on the Use of YouTube

13. 8 Data Protection Notice on the Use of Google Fonts API/ gstatic API

13. 9 Data Protection Notice on the Use of Joomag

13. 10 Data Protection Notice on the Use of Friendly Captcha

13. 11 Data Protection Notice on the Use of CookieHub

goetzpartners Holding AG
Prinzregentenstr. 56
D-80538 Munich

This website provides information about various companies, in particular goetzpartners Holding AG and its affiliated companies including goetzpartners Management Consultants GmbH and goetzpartners Corporate Finance GmbH. "goetzpartners" for the purposes of this Privacy Policy means goetzpartners Holding AG, Prinzregentenstr. 56, 80538 Munich. You can find more information at Imprint. 

Holzhofer Consulting GmbH
Martin Holzhofer
Lochhamer Str. 31
82152 Planegg
Tel.: (0 89) 1 25 01 56 00
E-mail: datenschutz@goetzpartners.com 

3.1 Processing of Access Data 

For technical reasons, we automatically process a limited amount of data (so-called connection data) each time our website is accessed. This data is technically required to establish and execute a connection between your end device and our servers. This data is processed in the main memory of the web server for the duration of the connection.
The following data or data categories are collected:

• IP address of your end device on the Internet
• MAC address
• Source port of the calling device or a gateway (e.g.e.g. firewall or proxy)
• Timestamp (date and time) of the retrieval
• Amount of data transferred
• Operating system used
• Message as to whether the retrieval was successful (via HTTP error code)
• Message indicating why a request may have failed (using HTTP error code)
• Referrer (website from which our main page or subpages were accessed)
• User agent (browser type with which you access our website and version)
• Width and height of the display screen
• Language settings of your browser

The IP address, time stamp, HTTP error code, referrer and user agent are automatically logged when our websites are accessed in order to ensure the functionality and protection of our websites. The logs are also used to optimize the website. This data is not used to create user profiles.
The storage of information in the end user's terminal equipment or access to information is carried out in accordance with § 25 para. 2 No. 2 TTDSG. The processing of personal data is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.  A balancing of interests was carried out and came to the conclusion that the processing is necessary to safeguard our legitimate interests and that these outweigh your interests, fundamental rights and freedoms that require the protection of personal data. We have a legitimate interest in making this website and the services offered on it available to users.

3.2 Cookies and Related Technologies 

3.2.1 General Information

This website partially employs the use of cookies and associated technologies, such as scripts. Cookies, which are harmless to your computer and devoid of viruses, serve to enhance the user-friendliness, efficiency, and security of our website. They are small text files that are stored on your device and retained by your browser, typically to “remember” information about you, such as your language preferences or login details. Some of these cookies are established by us and are known as first-party cookies. We also utilize third-party cookies and related technologies, which originate from a domain distinct from the website you are currently visiting.

By adjusting the appropriate technical settings in your Internet browser, you can receive notifications before cookies are set and decide on an individual basis whether to accept them, as well as prevent the storage of cookies and the transmission of the data they contain. Cookies that have already been stored can be deleted at any time. However, we would like to draw your attention to the fact that you may not be able to fully utilize all the features of this website if you choose to do so.You can find out how to manage cookies in the most important browsers by clicking on the links below. a. also deactivate):

• Chrome Browser: https://support.google.com/accounts/answer/61416?hl=en
• Mozilla Firefox: https://support.mozilla.org/en/kb/cookies-allow-and-reject
• Safari: https://support.apple.com/en/guide/safari/manage-cookies-and-website-data-sfri11471/mac

We distinguish between the following categories:

• Technically necessary cookies and related technologies ("Necessary Cookies")
• Performance cookies and related technologies ("User Settings")
• Analytical cookies and related technologies
• Marketing cookies and related technologies

Further information on each category, as well as the option to decline each category (with the exception of those technically required), can be found in the ‘Cookie Settings’ in the Consent Banner. These be accessed at any time via the corresponding link in the footer of the website.

3.2.2 Technically Necessary Cookies and Related Technologies

Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Such cookies are technically necessary for the operation of the website and to provide the service desired by the user and therefore cannot be deactivated.

The storage of information in the terminal equipment of the end user or access to information is carried out in accordance with § 25 para. 2 no. 2 TTDSG. The processing of personal data is based on our legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offer in accordance with Art. 6 para. 1 lit. f DSGVO. A balancing of interests has been carried out and has come to the conclusion that the processing is necessary to safeguard our legitimate interests and that these outweigh your interests, fundamental rights and freedoms that require the protection of personal data.

3.2.3 Consent-Required Cookies such as Analytical and Tracking Cookies and Related Technologies(e.g. Tracking scripts)

Advertising, marketing and analysis tools from third-party providers are also integrated on our website. These are not technically necessary for the operation of the website, but serve, for example, to record the behavior of the user, to display advertising tailored to this behavior or to enable an analysis of the use of our website (e.g. Matomo and LinkedIn Ads).

We use these tools to collect the following information, for example:

• Which links do users click on other websites to get to this website?
• Which subpages of this website are visited when, how often and in what order?
• What information are website users looking for?
• Which links or Offers users of the website click on?

We use this information to compile statistics that help us, for example, to understand the following questions:

• Which pages of the website are particularly attractive to users?
• What information are users most interested in?
• What offers should we make to our users?

An overview of all third-party services integrated on the website, as well as detailed information on each of these services, can be found in section 11.

3.3 Processing Related to the Use of Our Contact Form or Contact via Email

When you contact us via the contact form on our website (https://www.goetzpartners.com/en/contakt), your provided information will primarily be stored for the purpose of processing and responding to your inquiry, for potential follow-up inquiries, and possibly for further consultation.

The following data or data categories are collected and processed:

• Topic
• Salutation
• First name, last name
• E-mail address
• Company (voluntary information)
• Individual message

Fields marked with an asterisk (“*”) are mandatory. If you do not provide this information, it will not be possible to contact us via the contact form. All other information is voluntary. If you initiate contact with us via email, we will only collect your personal data (name, email address, individual message) to the extent provided by you. The purpose of data processing is to process and respond to your contact request. The legal basis for the processing of your data is our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. An assessment of interests has been conducted and has concluded that the interests of the data subjects do not outweigh our interests in the processing. We have a legitimate interest in responding to your request and, if applicable, in the execution of pre-contractual measures (e.g., advice on purchase interest, preparation of offers) with business customers, for which the processing of the aforementioned data and data categories is necessary.

3.4 Processing Related to Newsletter Subscription and Other Direct Marketing Activities

You can register for a regular email newsletter and other emails with product and service information from the goetzpartners group by filling out the corresponding registration form at https://www.goetzpartners.com/en/newsletter/general.

The following data or data categories are collected and processed:

• Salutation
• First name
• Surname
• E-mail address
• Telephone number (optional)
• Company (voluntary information)
• Position (voluntary information)

The legal basis for processing is Art. 6 para. 1 lit. a GDPR, i.e., your voluntary and informed consent.

You may additionally consent that, in accordance with §§ 15 ff. AktG, companies affiliated with goetzpartners (the “Group Companies” - see also the overview in this section below) record whether and possibly when you

• open an e-mail sent to you and, if necessary
• click on a link contained in the e-mail to retrieve additional information.

This helps the Group companies to tailor the information sent to you even more precisely to your individual areas of interest.

goetzpartners stores the fact of your consent as well as its details, i.e.h. the connection data referred to in section 3.1 above

• when you register for the newsletter on the website and
• when you click on the confirmation link in the e-mail that goetzpartners sends you to verify your e-mail address.

You can revoke your consent at any time and without giving reasons. You have various options to choose from:

• You can unsubscribe by clicking on the "Unsubscribe" button, which can be found in every newsletter.
• You can send an informal e-mail with your unsubscribe request to datenschutz@goetzpartners.com send.

The fields marked with "*" are mandatory. If you do not provide us with this information, you will not be able to subscribe to the newsletter and we will not be able to send you the requested information. All other information is voluntary.

Apart from goetzpartners itself, the sender of the e-mails may be the group companies. These Group companies are currently the following companies:

1. goetzpartners Holding AG, Prinzregentenstrasse 56, 80538 Munich, Germany

2. goetzpartners Management Consultants Holding GmbH, Prinzregentenstraße 56, 80538 Munich, Germany

3. goetzpartners Corporate Finance Holding GmbH, Prinzregentenstraße 56, 80538 Munich, Germany

4. goetzpartners Corporate Finance GmbH, Prinzregentenstraße 56, 80538 Munich, Germany

5. goetzpartners Management Consultants GmbH, Prinzregentenstraße 56, 80538 Munich, Germany

6. goetzpartners Corporate Services GmbH, Prinzregentenstrasse. 56, 80538 Munich, Germany

7 TransConnect Unternehmensberatungs- und Beteiligungs GmbH, Prinzregentenstrasse. 56, 80538 Munich, Germany

8. goetzpartners securities Limited, 7 Pancras Square, London, N1C 4AG, England, United Kingdom

9. goetzpartners Corporate Finance SAS, 19, avenue George V, 75008 Paris, France

10. goetzpartners S.r.l., Piazza Fontana, 6, 20122 Milan, Italy

11. goetzpartners (Schweiz) AG, Kantonsstr. 1, 8807 Freienbach/Zurich, Switzerland

12. goetzpartners Corporate Finance SA, Calle Marqués de Urquijo n 30°, piso 1°, 28008 Madrid, Spain

13. goetzpartners Corporate Finance s.r.o., Melantrichova 17, 110 00 Praha 1, Czech Republic

14. goetzpartners USA Corp.7 World Trade Center, 46th Floor, 250 Greenwich Street, Suite 4620, New York, NY 10007, USA

15. goetzpartners Management Consultants (Shanghai) Co. Ltd.Unit 2104-05, 1045 Middle Huai Hai Road, 200031 Shanghai, People's Republic of China

16. goetzpartners technologies AG, Kantonstr. 1, 8807 Freienbach/Zurich, Switzerland

Should the list of group companies change in the future, goetzpartners will update these data protection notices accordingly.

goetzpartners may transmit your contact data to the other group companies, insofar as this is necessary for the dispatch of the emails and/or the further marketing purposes described below. Various group companies are located in countries outside the EU. This includes some countries for which there is currently no decision by the EU Commission that they provide an adequate level of protection for personal data. With group companies in these countries, goetzpartners ensures an adequate level of data protection by concluding standard contractual clauses of the EU Commission. goetzpartners will provide you with a copy of these standard contractual clauses upon request.

Regardless of these email messages, the goetzpartners group companies may also send you notifications in other ways within the framework of what is legally permissible, with which the group companies market their respective offers that match your areas of interest. The legal basis for the data processing associated with this is Art. 6 Para. 1 lit. f GDPR (balancing of interests, based on the legitimate interest of the goetzpartners group companies in marketing their respective services). You can object to this type of processing of your data at any time, e.g. by sending a note by email to datenschutz@goetzpartners.com.

The data covered in this section is stored by goetzpartners for as long as you receive the newsletter or other marketing information and thereafter for up to three more years (starting from the end of the year in which you unsubscribed from the newsletter). The content of the emails and other messages sent to you, as well as any messages received from you, are stored by goetzpartners in accordance with commercial and tax law retention periods, usually for six years (starting from the end of the year in which the email was sent or received).

As a general rule, the provision of the personal data mentioned in paragraph 3 is neither legally nor contractually required. You are not obliged to provide the data. Therefore, not providing it has no consequences. This only applies as long as no other information is given in the respective processing operations.

Automated individual case decisions including profiling in accordance with Art. 22 para. 1 and 4 GDPR do not take place on the part of goetzpartners.

Data transfers to countries outside the EU and the European Economic Area (“third countries”) occur within the framework of the administration, development, and operation of IT systems. The transfer only takes place based on:

• an adequacy decision by the European Commission pursuant to Art. 45 GDPR.
• an approved certification mechanism according to Art. 42 GDPR together with legally binding and enforceable obligations of the controller or processor in the third country.
• standard data protection clauses issued by the Commission in accordance with the examination procedure under Art. 93 Para. 2 GDPR.

Currently, when using our website, personal data is transferred to third countries, particularly through the use of third-party services, in the following cases:

• Transfer of data to Google Inc.1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
• Transfer of data to YouTube, LLC, 901 Cherry Ave.San Bruno, CA 94066, USA.
• Transfer of data to LinkedIn Corp., 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA.
• Transfer of data to InnoCraft Ltd.7 Waterloo Quay PO625, 6140 Wellington, New Zealand.
• Transfer of data to Functional Software Inc.132 Hawthorne St, San Francisco, USA.
• Transfer of data to Adobe Inc., 345 Park Avenue, San Jose, California 95110-2704, USA.
• Transfer of data to Joomag Inc., 75 E. Santa Clara St.Floor 6, San Jose, CA 95113, USA.
• Transfer of data Software Inc., 132 Hawthorne St, San Francisco, USA

The websites and logs are located exclusively on servers in Munich.

7.1 Categories of Data Recipients

For the processing of personal data for the purposes mentioned here, we use the following categories of recipients as processors in accordance with Art. 28 GDPR:

• Provider of servers for the purpose of hosting our websites
• IT service provider for the maintenance of our IT infrastructure
• Providers of marketing and analysis services (e.g.B. Matomo and LinkedIn)
• Service provider for e-mail marketing tool (…)
• Other processors i.S.d. Art. 28 GDPR in the course of order processing[JV1] 

These service providers process information about you on our behalf and based on our instructions and are contractually obligated to comply with applicable data protection laws.

Other recipients are companies affiliated with goetzpartners (see “Group Companies” in paragraph 3.4). As a globally active company, we may therefore also pass on your data to these companies.

Your data will also be passed on insofar as we are legally obliged to do so.

7.2 Data Sources

In the present case, we have received all data from you in connection with the use of our website and through the completion of online forms by you.

If you apply for a job at goetzpartners, goetzpartners will store and process the data you have provided in your application to review and handle this application. If you apply for a job at another company of goetzpartners group, your data can be passed on to the respective company. There they will be processed as described herein. The legal basis for this processing of data is Article 6(1)b) GDPR (contractual and pre-contractual activities).

If your application is successful, goetzpartners (or the respective company of goetzpartners group) will continue to process your data for the purposes of your employment relationship. If your application is not successful, your data will usually be deleted or pseudonymized within 180 days after the end of the application process. You may consent, however, that goetzpartners continues to store your application materials for up to 4 years. This will permit goetzpartners to stay in contact with you and to present suitable positions at goetzpartners and at other companies of goetzpartners group. The legal basis for this is Article 6(1)a) GDPR in connection with your consent. You can withdraw your consent at any time, e.g. via e-mail to info@goetzpartners.com. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

If you register to attend one of our events, we will use the data you provide in your registration to organize the event and, where possible, the details of your attendance. The legal basis for this processing of data is Article 6(1)b) GDPR (contractual and pre-contractual activities).

Some events may be recorded. The recordings will be used to document and report on the event in our intranet, on our website and/or via our social media accounts (see our Privacy Policy details). We will ask for your consent to make and use such recordings of the event. The legal basis for the recordings is Article 6(1)a) GDPR in connection with your consent. You can withdraw your consent at any time, e.g. via e-mail to info@goetzpartners.com. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Personal data is generally only stored for as long as necessary to fulfill the purposes mentioned here, or as provided by the statutory retention periods. Unless otherwise described herein, data entered by you in the sense of paragraphs 3.3 and 3.4 will therefore be deleted at the latest after the expiry of any commercial and tax law retention periods after six years.

In this case, all connection data will be deleted or anonymized at the latest after one week. The anonymized access logs are kept for 30 days. In the event that parts of the access logs are needed for the purpose of securing evidence, these are exempt from deletion until the final clarification of the respective incident.

For promotional approaches, we store your data as long as you object to its use, you revoke your consent, or a solicitation is no longer legally permissible. We store your remaining data as long as we need it to fulfill the specific purpose (e.g., for contract fulfillment or processing) and delete it after the purpose has ceased.

Unless otherwise stated, goetzpartners Holding AG is responsible for the processing of your data.

You can request information from us at any time at (Art. 15 GDPR) to the data stored about you and its correction (Art. 16 GDPR) in the event of errors. You can also request the restriction of processing (Art. 18 GDPR), the portability (Art. 20 GDPR) of the data you have provided to us in a machine-readable format or the deletion of your data (Art. 17 GDPR) – insofar as they are no longer required –

You also have the right to object at any time to the use of your data based on public or legitimate interests to (Art. 21 GDPR).

If we process your data on the basis of your consent, you can revoke this consent at any time with effect for the future (Art. 7 para. 3 GDPR). Upon receipt of your revocation, we will no longer process your data for the purposes specified in the consent.

If you wish to make use of your rights as a data subject, please send your request by e-mail to datenschutz@goetzpartners.com or by post to the address stated in point 1.

In addition, in accordance with Art. 77 para. 1 GDPR at any time with a complaint to a supervisory authority. For goetzpartnersuns , the following is generally

Bavarian State Office for Data Protection Supervision, Promenade 18, 91522 Ansbach, P.O. Box 1349, 91504 Ansbach, e-mail: poststelle@lda.bavaria.de, Phone: +49 (0) 981 180093-0, responsible.

Alternatively, you can contact your local supervisory authority.

13.1 Data Protection Notice on the use of LinkedIn Analytics and LinkedIn Ads

On this website, we use “LinkedIn Analytics” and “LinkedIn Ads”, services of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA (“LinkedIn”). Both services store and process information about your user behavior on our website. For this purpose, cookies are used, among other things, which are stored locally in the cache of your web browser on your device and enable an analysis of the use of our website by you.

We use LinkedIn Analytics for marketing and optimization purposes, in particular to analyze the use of our website and to continuously improve individual functions and offers as well as the user experience. Through the statistical evaluation of user behavior, we can improve our offer and make it more interesting for you as a user.

We use LinkedIn Ads so that visitors to this website can be served personalized advertisements on LinkedIn. Furthermore, there is the possibility to create anonymous reports on the performance of the advertisements and information on website interaction. For this purpose, the LinkedIn Insight Tag is integrated on this website, which establishes a connection to the LinkedIn server if you visit this website and are logged in to your LinkedIn account at the same time.

The LinkedIn Insight Tag sets a cookie in the user’s browser. LinkedIn uses this to collect data such as

• URL
• Referrer URL
• Device properties
• Browser properties
• IP address
• Timestamp
• Page views

LinkedIn anonymizes the generated data within 7 days. LinkedIn deletes the data within 90 days. We therefore do not receive any personal data from LinkedIn. We only receive aggregated reports on the demographic composition of our target audience and the effectiveness of our ads. In this process, we receive information on criteria such as

• Industry
• Job title
• Size of the company
• Career level
• Location of website visitors

The cookies used in this context have a storage duration of up to 2 years. You can prevent the installation of cookies by deleting existing cookies and disabling the storage of cookies in the settings of your web browser. We would like to point out that in this case you may not be able to use all functions of our website to their full extent. LinkedIn members can control the use of their personal data for advertising purposes in their account settings. To deactivate the Insight Tag on our website, click here.

For the USA, there is an adequacy decision by the EU Commission pursuant to Art. 45 Para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA who are certified under the DPF, the level of data protection is therefore considered adequate. LinkedIn has certified itself under the DPF and is thus committed to complying with European data protection principles.

The storage of and access to information in the end user’s terminal device is based on informed consent pursuant to § 25 Para. 1 TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR. You give the corresponding consents via the Consent Banner. You can revoke your consents at any time in the “Cookie Settings” of our website. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.

Further information on data protection at LinkedIn can be found in the LinkedIn privacy policy.

13.2 Data protection notice on the use of Matomo (Cloud)

This website utilizes the open-source web analytics service Matomo. The provider is InnoCraft Ltd., 7 Waterloo Quay PO625, 6140 Wellington, New Zealand (“Matomo”).

Matomo employs technologies that enable cross-site recognition of the user for the purpose of analyzing user behavior (e.g., Device Fingerprinting). For this purpose, permanent cookies are stored on your device and read by us. This way, we are able to recognize and count returning visitors.

With the help of Matomo, we are able to collect and analyze data about the use of our website by individual visitors. This allows us, among other things, to find out when which page views occurred and from which region they originate. We also collect various log files (e.g., IP address, referrer, geolocation, primary language of the browser, user-agent of the browser, date and time of the request, used screen resolution, page build time, etc.) and can thereby measure whether our website visitors perform certain actions (e.g., clicks, purchases, website searches, scroll behavior, etc.). The IP address is anonymized before storage. The raw data is stored for up to 14 months. The cookies themselves are stored in your browser for up to 393 days.

The storage of and access to information in the end user’s terminal device is based on informed consent pursuant to § 25 Para. 1 TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR. You give the corresponding consents via the Consent Banner. You can revoke your consents at any time in the “Cookie Settings” of our website. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.

Further information on the handling of user data by Matomo Analytics can be found at Datenschutzerklärung von Matomo.

13.3 Data Protection Notice on the Use of Google Tag Manager

This website uses the Google Tag Manager of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

This service allows website tags to be managed via an interface. This application is used to manage JavaScript tags and HTML tags that are used to implement tracking and analysis tools in particular. Data processing serves the purpose of designing and optimizing our website to meet your needs. The Google Tool Manager only implements tags. This means that no cookies are used and, as a rule, no data is collected. The Google Tag Manager triggers other tags, which in turn may trigger other tags. Record data. However, the Google Tag Manager does not access this data. If deactivation has been carried out at domain or cookie level, it will remain in place for all tracking tags if they are implemented with Google Tag Manager.

However, Google Tag Manager records your IP address, which may be transmitted to a Google server in the USA and stored there. For the USA, an adequacy decision by the EU Commission i.S.d. Art. 45 para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified in accordance with the DPF, the level of data protection is therefore considered appropriate. Google has certified itself in accordance with the DPF and has therefore undertaken to comply with European data protection principles.

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 para. 1 TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 S. 1 lit. a GDPR. You grant the corresponding consent via the consent banner. You can revoke your consent at any time in the "Cookie settings" of our website. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

You can find more information about Google Tag Manager at: developers.google.com/tag-platform/tag-manager.

13.4 Data Protection Notice on the Use of Sentry

We use Sentry, an error management tool, for our website. The provider of the service is Functional Software Inc.132 Hawthorne St, San Francisco, USA ("Sentry").

Sentry is used to improve the technical stability of our service by monitoring system stability and detecting code errors. Cookies are used for this purpose and system errors are logged.

Sentry serves these purposes alone and does not analyze data for advertising purposes. The user data, such asB. Information on the device or time of error is collected anonymously and is therefore not personal. The data is stored for a maximum of 90 days after the analysis and then deleted completely.

Your data may be transferred to the USA. For the USA, an adequacy decision by the EU Commission i.S.d. Art. 45 para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified in accordance with the DPF, the level of data protection is therefore considered appropriate. Sentry has been certified in accordance with the DPF and is therefore committed to complying with European data protection principles.

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 para. 1 TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 S. 1 lit. a GDPR. You grant the corresponding consent via the consent banner. You can revoke your consent at any time in the "Cookie settings" of our website. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Further information on this can be found in Sentry's privacy policy: https://sentry.io/privacy/

13.5 Data Protection Notice on the Use of Adobe Typekit Web Fonts

We use Adobe Fonts on our website for the uniform display of fonts, a web font hosting service provided by Adobe Inc., 345 Park Avenue, San Jose, California 95110-2704, USA (“Adobe”).

When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to Adobe’s servers. This gives Adobe, among other things, knowledge that our website was accessed via your IP address.

Your data may be transferred to the USA. For the USA, there is an adequacy decision by the EU Commission pursuant to Art. 45 Para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA who are certified under the DPF, the level of data protection is therefore considered adequate. Adobe has certified itself under the DPF and is thus committed to complying with European data protection principles.

The storage of and access to information in the end user’s terminal device is based on informed consent pursuant to § 25 Para. 1 TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR. You give the corresponding consents via the Consent Banner. You can revoke your consents at any time in the “Cookie Settings” of our website. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.

You can find more information at https://www.adobe.com/en/privacy/policies/typekit.html

13.6 Data Protection Notice on the Use of Doubleclick.net by Google (Google Ads Conversion Tracking)

This website uses the online marketing tool DoubleClick by Google and the associated conversion tracking (visit action evaluation). This is an analysis service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA ("Google").

DoubleClick uses cookies to serve ads that are relevant to users, to improve campaign performance reports or to prevent a user from seeing the same ads more than once. Google uses a cookie ID to record which ads are displayed in which browser and can thus prevent them from being displayed more than once. In addition, DoubleClick can use cookie IDs to recognize so-called Record conversions that are related to ad requests. This is the case, for example, when a user sees a DoubleClick ad and later accesses the advertiser's website with the same browser and buys something there. According to Google, DoubleClick cookies do not contain any personal data.

Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our level of knowledge:

By integrating DoubleClick, Google receives the information that you have accessed the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or If you have not logged in, there is a possibility that the provider will find out your IP address and store it. The information collected with the help of the DoubleClick cookie is used to create conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any information with which users can be personally identified.

In addition, the DoubleClick Floodlight cookies used enable us to understand whether you perform certain actions on our website after you have accessed or clicked on one of our display/video ads on Google or on another platform via DoubleClick (conversion tracking). DoubleClick uses this cookie to understand the content with which you have interacted on our websites in order to be able to send you targeted advertising later.

Your data is usually transmitted to the servers of Google LLC in the USA. For the USA, an adequacy decision by the EU Commission pursuant Art. 45 para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified in accordance with the DPF, the level of data protection is therefore considered appropriate. Google has certified itself in accordance with the DPF and has therefore undertaken to comply with European data protection principles.

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 para. 1 TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 S. 1 lit. a GDPR. You give the corresponding consent via the Consent Banner. You can revoke your consent at any time in the "Cookie settings" of our website. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Further information on DoubleClick and data protection at Google can be found under the following links:

https://support.google.com/campaignmanager/answer/9015629?hl=en

https://www.google.en/policies/privacy/

13.7 Data Protection Notice on the Use of YouTube

On our website, we use the function for embedding YouTube videos from YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA ("YouTube"). YouTube is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google").

The YouTube videos can be played directly from our website. With this integration, content from the YouTube website is displayed in parts of a browser window. However, the YouTube videos can only be accessed by clicking on them separately. This technique is also known as "framing". When you call up a (sub)page of our website on which YouTube videos are integrated in this form, a connection to the YouTube servers is established and the content is displayed on the website by notifying your browser.

YouTube content is only integrated in "extended data protection mode". This is provided by YouTube itself and ensures that YouTube does not initially store any cookies on your device. However, when the relevant pages are accessed, the IP address and other data (e.g.B. browser used, operating system and its interface, language and version of the browser software, date and time of the query) and thus in particular which of our Internet pages you have visited. However, this information cannot be assigned to you unless you log in to YouTube or another Google service (e.g. Google Analytics) before accessing the page. B. Google+) or are permanently registered.

As soon as you start playing an embedded video by clicking on it, YouTube only stores cookies on your device through the extended data protection mode, which do not contain any personally identifiable data, unless you are currently logged in to a Google service. These cookies can be prevented by appropriate browser settings and extensions.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

The data collected is usually sent to a YouTube server or a YouTube server. Google in the USA and stored there. For the USA, an adequacy decision by the EU Commission i.S.d. Art. 45 para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified in accordance with the DPF, the level of data protection is therefore considered appropriate. YouTube resp. Google has certified itself in accordance with the DPF and has therefore undertaken to comply with European data protection principles.

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 para. 1 TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 S. 1 lit. a GDPR. You grant the corresponding consent via the consent banner. You can revoke your consent at any time in the "Cookie settings" of our website. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

For more information on the collection and use of data by YouTube and Google, please refer to YouTube's privacy policy at https://www.youtube.com/t/privacy

13.8 Data Protection Notice on the Use of Google Fonts API/ gstatic API

This website uses external fonts for better visual presentation (so-called Fonts) such as Google Fonts and gStatic are used. These are services provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA ("Google").

These web fonts are integrated via a server call, usually a Google server in the USA. This establishes a connection with your end device and, among other thingsa. transmits to the server which of our Internet pages you have visited. Google also collects the IP address of your device's browser. This data is not linked to your Google account.

Your data may be transferred to the USA. For the USA, an adequacy decision by the EU Commission i.S.d. Art. 45 para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified in accordance with the DPF, the level of data protection is therefore considered appropriate. Google has certified itself in accordance with the DPF and has therefore undertaken to comply with European data protection principles.

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 para. 1 TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 S. 1 lit. a GDPR. You grant the corresponding consent via the consent banner. You can revoke your consent at any time in the "Cookie settings" of our website. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

You can find more information at https://developers.google.com/fonts/faq?tid=331597391040 bzw. https://www.google.en/intl/en/policies/

13.9 Data Protection Notice on the Use of Joomag

We use the Joomag digital publishing platform to display various publications, the content of which is integrated into our website via an iFrame. Joomag is a service provider that enables the digital delivery of magazines and other written content. The operator is Joomag, Inc. 75 E. Santa Clara St.Floor 6, San Jose, CA 95113, USA.

If you call up such a publication during your visit to our website, various data will be transmitted to Joomag. These include, for exampleB. IP address, access times, time zone and language, information on the terminal device used, the browser type and operating system and which subpage of our website you have visited. In addition, Joomag collects information about how you use the corresponding publicationiation in order to better understand the functionality of its applications on yourrem device. All data is collected anonymously.

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 para. 1 TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 S. 1 lit. a GDPR. You grant the corresponding consent via the consent banner. You can revoke your consent at any time in the "Cookie settings" of our website. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Further information on data protection at Joomag can be found here:https://www.joomag.com/en/privacy

13.10 Data Protection Notice on the Use of Friendly Captcha

On this website, we use the Friendly Captcha service provided by Friendly Captcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany. This service is primarily used to differentiate whether an entry has been made by a natural person or abusively by machine and automated processing - e.g. by a computer. by a bot or other spam software. By spam we mean any unsolicited information that is sent to us electronically. Friendly Captcha therefore serves the security of our website and thus ultimately also your security.

With classic captchas, you usually have to solve text or image puzzles or tick a checkbox to confirm that you are not a bot.

With the new Friendly Captcha version, only one button ("Anti-Robot Verification") needs to be clicked. The entire detection process and the corresponding risk analysis then run in the background.

According to our information, the following information is collected in relation to your end device and your browser and transmitted to Friendly Captcha:

• Referrer URL (the address of the page from which the visitor comes)
• IP address of the requesting computer
• Information about the browser and operating system used
• an anonymized counter per IP address to control the cryptographic tasks

Friendly Captcha stores the anonymized counter separately from the rest of the data. In this way, it cannot be associated with other websites. The tool uses one-way hashing to anonymize the IP addresses.

No cookies are set or used for this purpose. Friendly Captcha only receives the data when you click on the button to start the "Anti-Robot Verification". The provider has summarized details on this processing here: https://friendlycaptcha.com/en/legal/privacy-end-users/

The use of Friendly Captcha is in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in establishing individual responsibility on the Internet and preventing misuse and spam and thus ensuring the security of our website. The storage of and access to information in the end user's terminal equipment may take place according to § 25 Abs. 1 and 2 TTDSG.

Further information on data protection at Friendly Captcha can be found at https://friendlycaptcha.com/en/privacy/

13.11 Data Protection Notice on the Use of CookieHub

This website uses CookieHub's consent management platform to obtain your consent to the storage of certain cookies and related technologies on your device and to document this in accordance with data protection regulations. The provider of this technology is CookieHub ehf, Hafnargata 55, 230 Reykjanesbæ, Iceland ("CookieHub").

CookieHub is used to consent to the storage of cookies and related technologies in a legally compliant manner and to ensure the revocation of this consent. Furthermore, consent is documented for legal proof and the setting of cookies and related technologies is technically controlled. CookieHub stores information about the categories of cookies and related technologies used by the website and whether users have given or withdrawn their consent to the use of the individual categories. This enables us toa. to prevent cookies and related technologies from being set in the user's browser, even though no consent has been given for this.

In addition, the following personal data is collected and transmitted to CookieHub:

• Your consent(s) or the revocation of your consent(s)
• IP address
• Information about your browser
• Information about your end device
• Time of your visit to the website

CookieHub itself uses a cookie to store information so that the preferences of returning visitors can be saved. In this context, log files are also created which, among other thingsa. Collect your IP address. The data collected in this way is stored until you ask us to delete it, delete the CookieHub cookie yourself or the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected.

Since the cookie used by CookieHub serves the sole purpose of managing your consent and is therefore technically necessary for the telemedia service you have expressly requested to be made available, no consent is required in this case (cf. § 25 para. 2 No. 2 TTDSG). The use of CookieHub generally takes place in order to obtain the legally required consents for the use of cookies and related technologies. The legal basis for this is Art. 6 para. 1 S. 1 lit. c GDPR.

Further information on data protection at CookieHub can be found at https://www.cookiehub.com/en/data-privacy-policy

Status October 2023

This privacy policy is subject to constant review and goetzpartners reserves the right to make changes at any time. Such changes will be published accordingly on this website.