We are very pleased about your interest in our company. Data protection is of particularly high importance to SKI DOME OBERSCHNEIDER GMBH. Use of our website is generally possible without providing any personal data. However, if a data subject wishes to use special services of our company via our website, processing of personal data may become necessary. If the processing of personal data is required and there is no legal basis for such processing, we generally obtain the data subject’s consent. The processing of personal data, for example the name, address, email address, or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection provisions applicable to SKI DOME OBERSCHNEIDER GMBH. By means of this privacy policy, our company would like to inform the public about the type, scope, and purpose of the personal data we collect, use, and process. Furthermore, data subjects are informed about their rights by this privacy policy aufgeklärt.SKI SKI DOME OBERSCHNEIDER GMBH, as the controller, has implemented numerous technical and organizational measures to ensure the most complete protection possible of personal data processed via this website. Nevertheless, internet-based data transmissions may generally have security gaps, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us via alternative means, for example by telephone.

Definitions
The privacy policy of SKI DOME OBERSCHNEIDER GMBH is based on the terms used by the European legislator when adopting the General Data Protection Regulation (GDPR). Our privacy policy is intended to be easy to read and understand for the public, as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.

In this privacy policy, we use, among others, the following terms:

a) Personal data
Personal data means any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

b) Data subject
A data subject is any identified or identifiable natural person whose personal data are processed by the controller.

c) Processing
Processing means any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting its processing in the future.

e) Profiling
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

f) Pseudonymization
Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

g) Controller or data controller
Controller or data controller is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for its designation may be provided for by Union law or the law of the Member States.

h) Processor
Processor is a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

i) Recipient
Recipient is a natural or legal person, public authority, agency, or another body to which personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union law or the law of the Member States are not regarded as recipients.

j) Third party
Third party is a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

k) Consent
Consent is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which the data subject, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to them.

Name and address of the controller
The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union, and other provisions of a data-protection nature is SKI DOME OBERSCHNEIDER GMBH.

Informational use
If you use this website without otherwise transmitting data to us (e.g., by registering or using the contact form), we collect technically necessary data that are automatically transmitted to our server, including:

• IP address

• Date and time of the request

• Content of the request

• Access status/HTTP status code

• Browser type

• Language and version of the browser software

• Operating system

• This is technically necessary in order to display our website to you. We also use the data to ensure the security and stability of our website. The legal basis for this collection is Art. 6(1)(f) GDPR.

Cookies
Our website uses cookies. Cookies are text files that are stored on a computer system via an internet browser.

Many websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters that enables websites and servers to assign the cookie to the specific internet browser in which the cookie was stored. This allows visited websites and servers to distinguish the individual browser of the data subject from other internet browsers that contain other cookies. A specific internet browser can be recognized and identified via the unique cookie ID.

Through the use of cookies, SKI DOME OBERSCHNEIDER GMBH can provide users of this website with more user-friendly services that would not be possible without setting cookies.

By means of a cookie, the information and offers on our website can be optimized for the user. Cookies allow us, as already mentioned, to recognize users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, the user of a website that uses cookies does not have to enter access data again for each visit, because this is handled by the website and the cookie stored on the user’s computer system. Another example is the cookie of a shopping cart in an online shop. The online shop remembers the items that a customer has placed in the virtual shopping cart via a cookie.

The data subject may prevent the setting of cookies by our website at any time by means of a corresponding setting in the internet browser used, and may thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers. If the data subject disables the setting of cookies in the internet browser used, not all functions of our website may be fully usable.

Collection of general data and information
Our website collects a series of general data and information with each call-up of the website by a data subject or an automated system. This general data and information is stored in the server log files. The following may be recorded: (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system arrives at our website (so-called referrer), (4) the subpages accessed on our website via an accessing system, (5) the date and time of access to the website, (6) an Internet Protocol address (IP address), (7) the internet service provider of the accessing system, and (8) other similar data and information that serve to avert danger in the event of attacks on our information technology systems.

When using this general data and information, SKI DOME OBERSCHNEIDER GMBH does not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the contents of our website correctly, (2) optimize the contents of our website and the advertising for it, (3) ensure the long-term functionality of our information technology systems and the technology of our website, and (4) provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack. These anonymously collected data and information are therefore evaluated by SKI DOME OBERSCHNEIDER GMBH both statistically and with the aim of increasing data protection and data security in our company, in order ultimately to ensure an optimal level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

Handling comments and posts
If you leave a post or comment on this website, your IP address will be stored. This serves the security of the website operator: if your text violates the law, the operator may want to be able to trace your identity.

SSL encryption
To protect the security of your data during transmission, we use encryption methods corresponding to the current state of the art (e.g., SSL) via HTTPS.

Use of script libraries (Google Web Fonts)
To display our content correctly across browsers and in a visually appealing way, we use script libraries and font libraries on this website, such as Google Web Fonts (https://www.google.com/webfonts/). Google Web Fonts are transferred to your browser cache to avoid multiple loading. If the browser does not support Google Web Fonts or blocks access, content will be displayed in a standard font.

Calling script libraries or font libraries automatically triggers a connection to the operator of the library. It is theoretically possible—though currently unclear whether and for what purposes—that operators of such libraries collect data. When our website is accessed, the visitor’s web browser establishes a direct connection to these servers. Among other things, the visitor’s IP address is transmitted to Google and stored there. Google participates in the EU-U.S. Privacy Shield: www.privacyshield.gov/EU-US-Framework You can find Google’s privacy policy here: https://www.google.com/policies/privacy/

Storage period
We process and store your data only for as long as this is necessary for processing or to comply with legal obligations. After the purpose of processing no longer applies, your data will be blocked or deleted. If there are statutory storage obligations beyond this, we will block or delete your data upon expiry of the statutory retention periods. The criterion for the duration of storage of personal data is the respective statutory retention period. After expiry of the period, the corresponding data are routinely deleted, provided that they are no longer required for the performance of the contract or for initiating a contract.

Routine deletion and blocking of personal data
The controller processes and stores personal data of the data subject only for the period required to achieve the purpose of storage, or insofar as this is provided for by the European legislator or another legislator in laws or regulations to which the controller is subject.

If the purpose of storage no longer applies or a storage period prescribed by the European legislator or another competent legislator expires, the personal data are routinely blocked or deleted in accordance with legal provisions.

Rights of the data subject
a) Right to confirmation
Each data subject has the right granted by the European legislator to obtain from the controller confirmation as to whether or not personal data concerning them are being processed. If a data subject wishes to exercise this right to confirmation, they may contact our data protection officer or another employee of the controller at any time.

b) Right of access
Each data subject affected by the processing of personal data has the right granted by the European legislator to obtain from the controller, at any time and free of charge, information about the personal data stored about them and a copy of this information. Furthermore, the European legislator has granted the data subject access to the following information:

• the purposes of the processing

• the categories of personal data concerned

• the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations

• where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period

• the existence of a right to rectification or erasure of personal data concerning them, or restriction of processing by the controller, or a right to object to such processing

• the existence of a right to lodge a complaint with a supervisory authority

• where the personal data are not collected from the data subject: any available information as to their source

• the existence of automated decision-making including profiling pursuant to Article 22(1) and (4) GDPR and—at least in those cases—meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject

Furthermore, the data subject has the right to be informed whether personal data are transferred to a third country or to an international organization. Where this is the case, the data subject also has the right to obtain information about the appropriate safeguards relating to the transfer.

If a data subject wishes to exercise this right of access, they may contact our data protection officer or another employee of the controller at any time.

c) Right to rectification
Each data subject affected by the processing of personal data has the right granted by the European legislator to obtain without undue delay the rectification of inaccurate personal data concerning them. Furthermore, the data subject has the right, taking into account the purposes of the processing, to have incomplete personal data completed, including by means of providing a supplementary statement.

If a data subject wishes to exercise this right to rectification, they may contact our data protection officer or another employee of the controller at any time.

d) Right to erasure (right to be forgotten)
Each data subject affected by the processing of personal data has the right granted by the European legislator to obtain from the controller the erasure of personal data concerning them without undue delay, where one of the following grounds applies and insofar as processing is not necessary:

• The personal data have been collected or otherwise processed for purposes for which they are no longer necessary.

• The data subject withdraws consent on which the processing is based pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, and where there is no other legal ground for the processing.

• The data subject objects to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects pursuant to Art. 21(2) GDPR.

• The personal data have been processed unlawfully.

• The erasure of the personal data is necessary for compliance with a legal obligation under Union law or the law of the Member States to which the controller is subject.

• The personal data have been collected in relation to the offer of information society services pursuant to Art. 8(1) GDPR.

If one of the aforementioned reasons applies and a data subject wishes to request erasure of personal data stored by SKI DOME OBERSCHNEIDER GMBH, they may contact our data protection officer or another employee of the controller at any time. The data protection officer of SKI DOME OBERSCHNEIDER GMBH or another employee will ensure that the erasure request is complied with immediately.

If the personal data have been made public by SKI DOME OBERSCHNEIDER GMBH and our company, as the controller, is obliged pursuant to Art. 17(1) GDPR to erase the personal data, SKI DOME OBERSCHNEIDER GMBH shall take reasonable measures, including technical measures, taking into account available technology and the cost of implementation, to inform other controllers processing the published personal data that the data subject has requested the erasure of any links to, or copies or replications of, such personal data, insofar as processing is not required. The data protection officer of SKI DOME OBERSCHNEIDER GMBH or another employee will take the necessary steps in individual cases.

e) Right to restriction of processing
Each data subject affected by the processing of personal data has the right granted by the European legislator to obtain from the controller restriction of processing where one of the following applies:

• The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.

• The processing is unlawful and the data subject opposes the erasure of the personal data and requests restriction of their use instead.

• The controller no longer needs the personal data for the purposes of processing, but they are required by the data subject for the establishment, exercise, or defense of legal claims.

• The data subject has objected to processing pursuant to Art. 21(1) GDPR pending verification whether the legitimate grounds of the controller override those of the data subject.

If one of the aforementioned conditions is met and a data subject wishes to request restriction of personal data stored by SKI DOME OBERSCHNEIDER GMBH, they may contact our data protection officer or another employee of the controller at any time. The data protection officer of SKI DOME OBERSCHNEIDER GMBH or another employee will arrange the restriction of processing.

f) Right to data portability
Each data subject affected by the processing of personal data has the right granted by the European legislator to receive the personal data concerning them, which have been provided by the data subject to a controller, in a structured, commonly used, and machine-readable format. They also have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on consent pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR or on a contract pursuant to Art. 6(1)(b) GDPR and the processing is carried out by automated means, provided that the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Furthermore, in exercising their right to data portability pursuant to Art. 20(1) GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible and provided that this does not adversely affect the rights and freedoms of others.

To assert the right to data portability, the data subject may contact the data protection officer appointed by SKI DOME OBERSCHNEIDER GMBH or another employee at any time.

g) Right to object
Each data subject affected by the processing of personal data has the right granted by the European legislator to object, on grounds relating to their particular situation, at any time to processing of personal data concerning them which is based on Art. 6(1)(e) or (f) GDPR. This also applies to profiling based on these provisions.

SKI DOME OBERSCHNEIDER GMBH shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or the processing serves the establishment, exercise, or defense of legal claims.

If SKI DOME OBERSCHNEIDER GMBH processes personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data concerning them for such marketing. This also applies to profiling insofar as it is related to such direct marketing. If the data subject objects to SKI DOME OBERSCHNEIDER GMBH to the processing for direct marketing purposes, SKI DOME OBERSCHNEIDER GMBH will no longer process the personal data for these purposes.

In addition, the data subject has the right, on grounds relating to their particular situation, to object to processing of personal data concerning them by SKI DOME OBERSCHNEIDER GMBH for scientific or historical research purposes or for statistical purposes pursuant to Art. 89(1) GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

To exercise the right to object, the data subject may contact the data protection officer of SKI DOME OBERSCHNEIDER GMBH or another employee directly. The data subject is also free to exercise their right to object by automated means in the context of the use of information society services, notwithstanding Directive 2002/58/EC, where technical specifications are used.

h) Automated decisions in individual cases, including profiling
Each data subject affected by the processing of personal data has the right granted by the European legislator not to be subject to a decision based solely on automated processing—including profiling—which produces legal effects concerning them or similarly significantly affects them, provided that the decision (1) is not necessary for entering into, or the performance of, a contract between the data subject and the controller, or (2) is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, or (3) is based on the data subject’s explicit consent.

If the decision (1) is necessary for entering into, or the performance of, a contract between the data subject and the controller or (2) is based on the data subject’s explicit consent, SKI DOME OBERSCHNEIDER GMBH shall implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express their point of view, and to contest the decision.

If the data subject wishes to assert rights with regard to automated decisions, they may contact our data protection officer or another employee of the controller at any time.

i) Right to withdraw consent under data protection law
Each data subject affected by the processing of personal data has the right granted by the European legislator to withdraw their consent to the processing of personal data at any time.

If the data subject wishes to exercise their right to withdraw consent, they may contact our data protection officer or another employee of the controller at any time.

Data protection in applications and the application procedure
The controller collects and processes the personal data of applicants for the purpose of handling the application procedure. Processing may also be carried out electronically. This is the case in particular if an applicant submits corresponding application documents by electronic means, for example by email or via a web form on the website, to the controller. If the controller concludes an employment contract with an applicant, the transmitted data are stored for the purpose of processing the employment relationship in compliance with legal provisions. If the controller does not conclude an employment contract with the applicant, the application documents are automatically deleted two months after notification of the rejection decision, provided that no other legitimate interests of the controller oppose deletion. Other legitimate interest in this sense is, for example, an obligation to provide evidence in proceedings under the General Equal Treatment Act (AGG).

Embedded YouTube videos
On some of our webpages we embed YouTube videos. The operator of the corresponding plugins is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page with the YouTube plugin, a connection to YouTube servers is established. In doing so, YouTube is informed which pages you visit. If you are logged into your YouTube account, YouTube can associate your browsing behavior with you personally. You can prevent this by logging out of your YouTube account beforehand.

When a YouTube video is started, the provider sets cookies that collect information about user behavior. If you have disabled the storage of cookies for the Google ad program, you should not expect such cookies when watching YouTube videos either. However, YouTube also stores non-personal usage information in other cookies. If you want to prevent this, you must block the storage of cookies in your browser. Further information on data protection at “YouTube” can be found in the provider’s privacy policy at: https://www.google.de/intl/de/policies/privacy/

Data protection provisions on the use of Facebook
The controller has integrated components of the company Facebook on this website. Facebook is a social network.

A social network is a social meeting place operated on the internet, an online community that generally enables users to communicate with each other and interact in virtual space. A social network can serve as a platform for exchanging opinions and experiences or enables the internet community to provide personal or business-related information. Facebook enables users of the social network, among other things, to create private profiles, upload photos, and connect via friend requests.

The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The controller responsible for the processing of personal data is, if a data subject lives outside the USA or Canada, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

With each call-up of one of the individual pages of this website operated by the controller and on which a Facebook component (Facebook plug-in) has been integrated, the internet browser on the data subject’s information technology system is automatically prompted by the respective Facebook component to download a display of the corresponding Facebook component from Facebook. An overview of all Facebook plug-ins can be accessed at https://developers.facebook.com/docs/plugins/?locale=de_DE. Within the scope of this technical process, Facebook gains knowledge of which specific subpage of our website is visited by the data subject.

If the data subject is logged into Facebook at the same time, Facebook recognizes with each call-up to our website by the data subject and during the entire duration of the respective stay on our website which specific subpage of our website the data subject visits. This information is collected through the Facebook component and assigned by Facebook to the data subject’s respective Facebook account. If the data subject clicks one of the Facebook buttons integrated into our website, for example the “Like” button, or submits a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.

Facebook always receives information through the Facebook component that the data subject has visited our website, provided that the data subject is logged into Facebook at the time our website is accessed; this takes place regardless of whether the data subject clicks the Facebook component or not. If the data subject does not want such information to be transmitted to Facebook, they can prevent the transmission by logging out of their Facebook account before accessing our website.

Facebook’s published data policy, which can be accessed at https://de-de.facebook.com/about/privacy/, provides information about the collection, processing, and use of personal data by Facebook. It also explains which settings options Facebook offers to protect the data subject’s privacy. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook.

Facebook Pixel and data protection
1. What is conversion tracking?
If you place ads on Facebook, you can find out what users clicked on within Facebook. However, if the goal of the campaign is, for example, a purchase on a website, Facebook’s own tools no longer provide this information, because the user leaves the platform. Since Facebook’s business model is largely based on selling advertising, Facebook introduced the new “tracking pixel” in February 2017 to address this. The “visitor action pixel” makes it possible to measure the success of a Facebook advertising campaign outside the platform on websites. This is not simple click tracking (how many users clicked a link). The Facebook Pixel, which is embedded on the advertiser’s website, allows tracking the user’s path all the way to completing a purchase. This is called conversion tracking.

2. What does the Facebook Pixel do?
The Facebook Pixel (officially “visitor action pixel”, until 2016: conversion tracking pixel) can be embedded on websites outside the platform. For this purpose, a specific tracking code is generated. Various target pages can be defined: from signing up for a newsletter, downloading free content, to purchasing a particular product, it is possible to track what the potential customer did. Only in this way can advertisers determine whether their campaign achieved the desired success. The tracking itself is carried out via cookies, not via the Facebook Pixel itself.

3. What exactly is the data protection issue with the Facebook Pixel?
In conversion tracking, no anonymous or pseudonymized data are collected. After an order, the advertiser can track exactly which path customer XYZ took from the Facebook ad, through the click, to the purchase. In doing so, personal data of the customer are collected, transmitted to Facebook in the USA, and (likely) linked with the user’s profile data at Facebook. Facebook then provides certain information to the advertiser. However, the user who clicks on an ad on Facebook is not informed about this. It is precisely this transmission and evaluation of data without the Facebook user’s knowledge that makes it problematic under data protection law.

Depending on the type of use of customer data via the Facebook Pixel, there are three conceivable legal routes:
1) A legal provision that would allow this. Under current law, there is no such provision for Facebook tracking.
2) Users’ opt-out for “normal” use of the Facebook Pixel.
3) Users’ consent (opt-in) if you use Facebook Custom Audiences and Facebook Look-Alike Audiences.

Data protection provisions on the use of functions of the collecting society WORT (VG WORT)
The controller has integrated counting pixels on this website. A counting pixel is a miniature graphic embedded in websites to enable log file recording and log file analysis, by which a statistical evaluation can be carried out. The integrated counting pixels serve the Scalable Central Measurement Method (SZM) of the collecting society WORT (VG WORT).

The Scalable Central Measurement Method is operated by INFOnline GmbH, Forum Bonn Nord, Brühler Str. 9, 53119 Bonn, Germany.

The Scalable Central Measurement Method serves to determine statistical key figures used to calculate the likelihood of texts being copied. With the embedded counting pixel, it is possible for VG WORT to recognize whether, when, and by how many users (including the data subject) our website was opened and which content was accessed.

The data obtained by means of the Scalable Central Measurement Method are collected anonymously. To record access numbers, either a so-called session cookie is set for the purpose of recognizing users of a website—i.e., a signature created from various automatically transmitted information—or alternative methods are used. The IP address of the data subject’s internet connection is collected and processed only in anonymized form. The data subject is not identified at any time.

The data subject can prevent the setting of cookies by our website at any time, as described above, by means of a corresponding setting in the internet browser used and may thus permanently object to the setting of cookies. Such a setting of the internet browser used would also prevent INFOnline from setting a cookie on the data subject’s information technology system. In addition, cookies that have already been set by INFOnline can be deleted at any time via an internet browser or other software programs.

Furthermore, the data subject has the option to object to the collection of data generated by INFOnline relating to use of this website and to the processing of these data by INFOnline, and to prevent such collection and processing. To do so, the data subject must press the opt-out button under the link http://optout.ioam.de, which sets an opt-out cookie. The opt-out cookie set with the objection is stored on the data subject’s information technology system. If cookies are deleted on the data subject’s system after an objection, the data subject must call up the link again and set a new opt-out cookie. By setting the opt-out cookie, it is possible that the websites of the controller are no longer fully usable for the data subject. The applicable data protection provisions of INFOnline can be accessed at https://www.infonline.de/datenschutz/.

Privacy Policy on the Use of Google+
The controller has integrated the Google+ button as a component on this website. Google+ is a so-called social network. A social network is an online meeting place or community that generally allows users to communicate with each other and interact in a virtual space. A social network can serve as a platform for exchanging opinions and experiences or allow the online community to provide personal or business-related information. Google+ enables users of the social network, among other things, to create private profiles, upload photos, and connect through friend requests.

The operating company of Google+ is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Whenever a single page of this website, operated by the controller, that contains a Google+ button is accessed, the web browser on the information technology system of the data subject is automatically prompted by the respective Google+ button to download a representation of the Google+ button from Google. Through this technical process, Google obtains knowledge of which specific subpage of our website the data subject visits. More information about Google+ can be found at https://developers.google.com/+/.

If the data subject is logged into Google+ at the same time, Google recognizes, with each visit to our website by the data subject and during the entire duration of the visit, which specific subpage of our website the data subject is visiting. This information is collected by the Google+ button and associated by Google with the respective Google+ account of the data subject.

If the data subject clicks one of the Google+ buttons integrated on our website and thereby gives a Google +1 recommendation, Google assigns this information to the personal Google+ user account of the data subject and stores this personal data. Google stores the data subject’s Google +1 recommendation and makes it publicly available in accordance with the terms accepted by the data subject. A Google +1 recommendation made by the data subject on this website is subsequently stored and processed together with other personal data, such as the name of the Google+ account used by the data subject and the profile picture associated with it in other Google services—for example, in Google search results, the Google account of the data subject, or elsewhere, e.g., on websites or in connection with advertisements. Furthermore, Google is able to link the visit to this website with other personal data stored by Google. Google also records this personal information for the purpose of improving or optimizing the various Google services.

Google receives information via the Google+ button whenever the data subject visits our website if the data subject is logged into Google+ at the time of the visit; this happens regardless of whether the data subject clicks the Google+ button or not.

If the data subject does not want personal data to be transmitted to Google, they can prevent such transmission by logging out of their Google+ account before visiting our website.

Further information and Google’s applicable privacy policy can be found at https://www.google.de/intl/de/policies/privacy/. Additional information from Google regarding the Google +1 button is available at https://developers.google.com/+/web/buttons-policy.

Privacy Policy on the Use of Instagram
The controller has integrated components of the Instagram service on this website. Instagram is a service that qualifies as an audiovisual platform and allows users to share photos and videos and also to distribute such data in other social networks.

The operating company of the Instagram services is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.

Whenever a single page of this website, operated by the controller, that contains an Instagram component (Insta button) is accessed, the web browser on the information technology system of the data subject is automatically prompted by the respective Instagram component to download a representation of the Instagram component. Through this technical process, Instagram obtains knowledge of which specific subpage of our website the data subject visits.

If the data subject is logged into Instagram at the same time, Instagram recognizes, with each visit to our website and during the entire duration of the visit, which specific subpage the data subject is visiting. This information is collected by the Instagram component and associated by Instagram with the respective Instagram account of the data subject. If the data subject clicks one of the Instagram buttons integrated on our website, the transmitted data and information are assigned to the personal Instagram user account of the data subject and stored and processed by Instagram.

Instagram receives information via the Instagram component whenever the data subject visits our website if the data subject is logged into Instagram at the time of the visit; this happens regardless of whether the data subject clicks the Instagram component or not. If the data subject does not want such information to be transmitted to Instagram, they can prevent the transmission by logging out of their Instagram account before visiting our website.

Further information and Instagram’s applicable privacy policies can be found at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.

Privacy Policy on the Use of LinkedIn
The controller has integrated components of LinkedIn Corporation on this website. LinkedIn is an internet-based social network that allows users to connect with existing business contacts and establish new business connections. Over 400 million registered users use LinkedIn in more than 200 countries. LinkedIn is currently the largest platform for business contacts and one of the most visited websites in the world.

The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. For privacy matters outside the USA, LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible.

Whenever our website, equipped with a LinkedIn component (LinkedIn plug-in), is accessed, this component causes the browser used by the data subject to download a corresponding representation of the LinkedIn component. More information about LinkedIn plug-ins is available at https://developer.linkedin.com/plugins. Through this technical process, LinkedIn obtains knowledge of which specific subpage of our website the data subject visits.

If the data subject is logged into LinkedIn at the same time, LinkedIn recognizes with each visit to our website and during the entire duration of the visit which specific subpage of our website the data subject is visiting. This information is collected by the LinkedIn component and associated by LinkedIn with the respective LinkedIn account of the data subject. If the data subject clicks a LinkedIn button integrated on our website, LinkedIn assigns this information to the personal LinkedIn user account of the data subject and stores this personal data.

LinkedIn receives information via the LinkedIn component whenever the data subject visits our website if the data subject is logged into LinkedIn at the time of the visit; this happens regardless of whether the data subject clicks the LinkedIn component or not. If the data subject does not want such information to be transmitted to LinkedIn, they can prevent the transmission by logging out of their LinkedIn account before visiting our website.

LinkedIn offers the option at https://www.linkedin.com/psettings/guest-controls to unsubscribe from email messages, SMS messages, and targeted ads as well as to manage ad settings. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame, which may set cookies. Such cookies can be rejected at https://www.linkedin.com/legal/cookie-policy. LinkedIn’s applicable privacy policy is available at https://www.linkedin.com/legal/privacy-policy. LinkedIn’s cookie policy is available at https://www.linkedin.com/legal/cookie-policy.

Privacy Policy on the Use of Myspace
The controller has integrated components of Myspace LLC on this website. Myspace is a social network, an online meeting place or community that generally allows users to communicate with each other and interact in a virtual space. A social network can serve as a platform for exchanging opinions and experiences or allow the online community to provide personal or business-related information. Myspace enables users of the social network to create free user profiles containing photos and videos, blogs, or groups.

The operating company of Myspace is Myspace LLC, 8391 Beverly Blvd., #349, Los Angeles, California 90048, USA.

Whenever a single page of this website, operated by the controller, that contains a Myspace component (Myspace plug-in) is accessed, the web browser on the information technology system of the data subject is automatically prompted by the respective Myspace component to download a representation of the Myspace component. More information about Myspace can be found at https://myspace.com. Through this technical process, Myspace obtains knowledge of which specific subpage of our website the data subject visits.

If the data subject is logged into Myspace at the same time, Myspace recognizes with each visit to our website and during the entire duration of the visit which specific subpage of our website the data subject is visiting. This information is collected by the Myspace component and associated by Myspace with the respective Myspace account of the data subject. If the data subject clicks a Myspace button integrated on our website, Myspace assigns this information to the personal Myspace user account of the data subject and stores this personal data.

Myspace receives information via the Myspace component whenever the data subject visits our website if the data subject is logged into Myspace at the time of the visit; this happens regardless of whether the data subject clicks the Myspace component or not. If the data subject does not want such information to be transmitted to Myspace, they can prevent the transmission by logging out of their Myspace account before visiting our website.

The privacy policy published by Myspace, available at https://myspace.com/pages/privacy, provides information on the collection, processing, and use of personal data by Myspace.

Privacy Policy on the Use of Pinterest
The controller has integrated components of Pinterest Inc. on this website. Pinterest is a social network, an online meeting place or community that generally allows users to communicate with each other and interact in a virtual space. A social network can serve as a platform for exchanging opinions and experiences or allow the online community to provide personal or business-related information. Pinterest allows users of the social network, among other things, to publish image collections and individual images as well as descriptions on virtual pinboards (so-called pinning), which can then be shared by other users (so-called repinning) or commented on.

The operating company of Pinterest is Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103, USA.

Whenever a single page of this website, operated by the controller, that contains a Pinterest component (Pinterest plug-in) is accessed, the web browser on the information technology system of the data subject is automatically prompted by the respective Pinterest component to download a representation of the Pinterest component. More information about Pinterest can be found at https://pinterest.com/. Through this technical process, Pinterest obtains knowledge of which specific subpage of our website the data subject visits.

If the data subject is logged into Pinterest at the same time, Pinterest recognizes with each visit to our website and during the entire duration of the visit which specific subpage of our website the data subject is visiting. This information is collected by the Pinterest component and associated by Pinterest with the respective Pinterest account of the data subject. If the data subject clicks a Pinterest button integrated on our website, Pinterest assigns this information to the personal Pinterest user account of the data subject and stores this personal data.

Pinterest receives information via the Pinterest component whenever the data subject visits our website if the data subject is logged into Pinterest at the time of the visit; this happens regardless of whether the data subject clicks the Pinterest component or not. If the data subject does not want such information to be transmitted to Pinterest, they can prevent the transmission by logging out of their Pinterest account before visiting our website.

Pinterest’s published privacy policy, available at https://about.pinterest.com/privacy-policy, provides information on the collection, processing, and use of personal data by Pinterest.

Privacy Policy on the Use of SlideShare
The controller has integrated SlideShare components on this website. LinkedIn SlideShare is a file hosting service that allows the exchange and archiving of presentations and other documents such as PDFs, videos, and webinars. The file hosting service allows users to upload media content in all common formats, with the option of making the documents publicly available or marking them as private.

The operating company of SlideShare is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. For privacy matters outside the USA, LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible.

LinkedIn SlideShare provides embed codes for the media content stored there (presentations, PDFs, videos, photos, etc.). Embed codes are program codes that are embedded in websites to display external content on the site. Embed codes allow content to be displayed on a website without storing it on the site’s own server, which could otherwise potentially violate the copyright of the respective content creator. An additional benefit of using an embed code is that the website operator does not use their own storage space, thus relieving their server. An embed code can be placed anywhere on a different website, allowing external content to be displayed within the website’s own text. The purpose of using LinkedIn SlideShare is to relieve our server and avoid copyright violations while using third-party content.

Whenever our website, equipped with a SlideShare component (embed codes), is accessed, this component causes the browser used by the data subject to download the corresponding embedded data from SlideShare. Through this technical process, LinkedIn obtains knowledge of which specific subpage of our website the data subject visits.

If the data subject is logged into SlideShare at the same time, SlideShare recognizes with each visit to our website and during the entire duration of the visit which specific subpage the data subject is visiting. This information is collected by SlideShare and associated by LinkedIn with the respective SlideShare account of the data subject.

LinkedIn receives information via the SlideShare component whenever the data subject visits our website if the data subject is logged into SlideShare at the time of the visit; this happens regardless of whether the data subject clicks the embedded media content or not. If the data subject does not want such information to be transmitted to LinkedIn, they can prevent the transmission by logging out of their SlideShare account before visiting our website.

LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame, which may set cookies. Such cookies can be declined at https://www.linkedin.com/legal/cookie-policy. The applicable LinkedIn privacy policies are available at https://www.linkedin.com/legal/privacy-policy.

Privacy Policy on the Use of Tumblr
The controller has integrated components of Tumblr on this website. Tumblr is a platform that allows users to create and operate a blog. A blog is typically a publicly accessible portal on a website, where one or more persons, called bloggers or web bloggers, can post articles or write thoughts in so-called blog posts. On a Tumblr blog, users can publish texts, images, links, and videos and distribute them digitally. Tumblr users can also incorporate content from other websites into their own blog.

The operating company of Tumblr is Tumblr, Inc., 35 East 21st St, Ground Floor, New York, NY 10010, USA.

Whenever a single page of this website, operated by the controller, that contains a Tumblr component (Tumblr button) is accessed, the web browser on the information technology system of the data subject is automatically prompted by the respective Tumblr component to download a representation of the Tumblr component from Tumblr. More information about Tumblr buttons is available at https://www.tumblr.com/buttons. Through this technical process, Tumblr obtains knowledge of which specific subpage of our website the data subject visits. The purpose of integrating the Tumblr component is to allow our users to share content from this website, promote the website digitally, and increase visitor traffic.

If the data subject is logged into Tumblr at the same time, Tumblr recognizes, with each visit to our website and during the entire duration of the visit, which specific subpage of our website the data subject is visiting. This information is collected by the Tumblr component and associated by Tumblr with the respective Tumblr account of the data subject. If the data subject clicks one of the Tumblr buttons integrated on our website, the transmitted data and information are assigned to the personal Tumblr user account of the data subject and stored and processed by Tumblr.

Tumblr receives information via the Tumblr component whenever the data subject visits our website if the data subject is logged into Tumblr at the time of the visit; this happens regardless of whether the data subject clicks the Tumblr component or not. If the data subject does not want such information to be transmitted to Tumblr, they can prevent the transmission by logging out of their Tumblr account before visiting our website.

The applicable Tumblr privacy policy is available at https://www.tumblr.com/policy/en/privacy.

Privacy Policy on the Use of Twitter
The controller has integrated components of Twitter on this website. Twitter is a multilingual publicly accessible microblogging service, where users can publish and share so-called tweets, i.e., short messages limited to 140 characters. These short messages are accessible to everyone, including persons not registered with Twitter. Tweets are also displayed to the followers of the respective user. Followers are other Twitter users who follow a user’s tweets. Furthermore, Twitter enables addressing a wide audience via hashtags, links, or retweets.

The operating company of Twitter is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

Whenever a single page of this website, operated by the controller, that contains a Twitter component (Twitter button) is accessed, the web browser on the information technology system of the data subject is automatically prompted by the respective Twitter component to download a representation of the Twitter component from Twitter. More information about Twitter buttons is available at https://about.twitter.com/de/resources/buttons. Through this technical process, Twitter obtains knowledge of which specific subpage of our website the data subject visits. The purpose of integrating the Twitter component is to allow our users to share content from this website, promote the website digitally, and increase visitor traffic.

If the data subject is logged into Twitter at the same time, Twitter recognizes, with each visit to our website and during the entire duration of the visit, which specific subpage of our website the data subject is visiting. This information is collected by the Twitter component and associated by Twitter with the respective Twitter account of the data subject. If the data subject clicks one of the Twitter buttons integrated on our website, the transmitted data and information are assigned to the personal Twitter user account of the data subject and stored and processed by Twitter.

Twitter receives information via the Twitter component whenever the data subject visits our website if the data subject is logged into Twitter at the time of the visit; this happens regardless of whether the data subject clicks the Twitter component or not. If the data subject does not want such information to be transmitted to Twitter, they can prevent the transmission by logging out of their Twitter account before visiting our website.

Privacy Policy on the Use of Xing
The controller has integrated components of Xing on this website. Xing is an internet-based social network that enables users to connect with existing business contacts and establish new business connections. Individual users can create a personal profile on Xing. Companies can, for example, create company profiles or post job offers on Xing.

The operating company of Xing is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.

Whenever a single page of this website, operated by the controller, that contains a Xing component (Xing plug-in) is accessed, the web browser on the information technology system of the data subject is automatically prompted by the respective Xing component to download a representation of the Xing component from Xing. More information about the Xing plug-ins can be found at https://dev.xing.com/plugins. Through this technical process, Xing obtains knowledge of which specific subpage of our website the data subject visits.

If the data subject is logged into Xing at the same time, Xing recognizes, with each visit to our website and during the entire duration of the visit, which specific subpage of our website the data subject is visiting. This information is collected by the Xing component and associated by Xing with the respective Xing account of the data subject. If the data subject clicks one of the Xing buttons integrated on our website, such as the “Share” button, Xing assigns this information to the personal Xing user account of the data subject and stores this personal data.

Xing receives information via the Xing component whenever the data subject visits our website if the data subject is logged into Xing at the time of the visit; this happens regardless of whether the data subject clicks the Xing component or not. If the data subject does not want such information to be transmitted to Xing, they can prevent the transmission by logging out of their Xing account before visiting our website.

Xing’s published privacy policies, available at https://www.xing.com/privacy, provide information on the collection, processing, and use of personal data by Xing. Xing has also published privacy notes for the Xing Share button at https://www.xing.com/app/share?op=data_protection.

Privacy Policy on the Use of YouTube
The controller has integrated components of YouTube on this website. YouTube is an internet video platform that allows video publishers to upload video clips for free and other users to view, rate, and comment on these videos free of charge. YouTube allows the publication of all types of videos, including full-length films, TV shows, music videos, trailers, or user-generated videos.

The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Whenever a single page of this website, operated by the controller, that contains a YouTube component (YouTube video) is accessed, the web browser on the information technology system of the data subject is automatically prompted by the respective YouTube component to download a representation of the YouTube component. More information about YouTube can be found at https://www.youtube.com/yt/about/de/. Through this technical process, YouTube and Google obtain knowledge of which specific subpage of our website the data subject visits.

If the data subject is logged into YouTube at the same time, YouTube recognizes, with each visit to a page containing a YouTube video, which specific subpage of our website the data subject is visiting. This information is collected by YouTube and Google and associated with the respective YouTube account of the data subject.

YouTube and Google receive information via the YouTube component whenever the data subject visits our website if the data subject is logged into YouTube at the time of the visit; this happens regardless of whether the data subject clicks a YouTube video or not. If the data subject does not want such information to be transmitted to YouTube and Google, they can prevent the transmission by logging out of their YouTube account before visiting our website.

The YouTube privacy policies, available at https://www.google.de/intl/de/policies/privacy/, provide information on the collection, processing, and use of personal data by YouTube and Google.

Use of Google Maps
This website uses the Google Maps API to visually display geographic information. When using Google Maps, Google also collects, processes, and uses data about the use of the map functions by visitors. Further information on data processing by Google can be found in Google’s privacy notices. You can also change your personal privacy settings in the Google Privacy Center. Detailed instructions for managing your data in connection with Google products can be found here.

Use of Google Analytics
This website uses Google Analytics, a web analysis service of Google Inc. (hereinafter: Google). Google Analytics uses so-called “cookies,” i.e., text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. Due to the activation of IP anonymization on these websites, however, your IP address is shortened by Google within the member states of the European Union or in other states parties to the Agreement on the European Economic Area before transmission. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activity, and provide other services related to website and internet usage to the website operator. The IP address transmitted by your browser within the scope of Google Analytics is not merged with other data from Google.

You can prevent the storage of cookies by adjusting your browser settings; however, please note that in this case, you may not be able to use all functions of this website to their full extent. In addition, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de

Additionally or as an alternative to the browser add-on, you can prevent Google Analytics tracking on our pages by clicking this link. An opt-out cookie will be installed on your device. This prevents tracking by Google Analytics for this website and this browser in the future as long as the cookie remains installed in your browser.

Legal Basis for Processing
Article 6(1)(a) GDPR serves as the legal basis for processing activities for which we obtain consent for a specific purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, such as for the delivery of goods or the provision of other services, the processing is based on Article 6(1)(b) GDPR. The same applies to processing necessary for pre-contractual measures, e.g., in case of inquiries about our products or services. If our company is legally obligated to process personal data, e.g., to fulfill tax obligations, the processing is based on Article 6(1)(c) GDPR. In rare cases, processing may be necessary to protect the vital interests of the data subject or another natural person, for example, if a visitor is injured on our premises and information such as name, age, health insurance data, or other vital details must be disclosed to a doctor, hospital, or other third party. In that case, processing would be based on Article 6(1)(d) GDPR.

Finally, processing may be based on Article 6(1)(f) GDPR. This legal basis covers processing activities not captured by the aforementioned provisions when processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights, and freedoms of the data subject do not override it. Such processing is permitted especially because the European legislator explicitly mentioned it. It is considered a legitimate interest, for instance, if the data subject is a customer of the controller (Recital 47, sentence 2 GDPR).

Use of Google Remarketing
This website uses the remarketing feature of Google Inc. The feature is used to present interest-based advertisements to website visitors within the Google advertising network. A so-called “cookie” is stored in the visitor’s browser, allowing the visitor to be recognized when visiting websites that are part of Google’s advertising network. On these websites, advertisements related to content previously viewed by the visitor on websites using Google remarketing may be displayed.

According to Google, no personal data is collected in this process. If you do not wish to use Google’s remarketing function, you can disable it by adjusting the settings at http://www.google.com/settings/ads. Alternatively, you can disable the use of cookies for interest-based advertising via the Network Advertising Initiative by following the instructions at http://www.networkadvertising.org/managing/opt_out.asp.

Legitimate Interests Pursued by the Controller or a Third Party
If the processing of personal data is based on Article 6(1)(f) GDPR, our legitimate interest is the conduct of our business operations for the benefit and well-being of all our employees and shareholders.

Legal or Contractual Obligation to Provide Personal Data; Necessity for Contract Conclusion; Obligation of the Data Subject; Consequences of Non-Disclosure
We inform you that providing personal data is sometimes legally required (e.g., tax regulations) or arises from contractual obligations (e.g., information required for contractual relations). In some cases, concluding a contract may require the data subject to provide personal data that we must process. For example, the data subject must provide personal data if our company enters into a contract with them. Failure to provide personal data may result in the contract not being concluded.

Before providing personal data, the data subject should contact our Data Protection Officer. Our DPO will clarify on a case-by-case basis whether providing personal data is legally or contractually required, necessary for contract conclusion, whether there is an obligation to provide the data, and the consequences of failing to provide it.

Existence of Automated Decision-Making
As a responsible company, we do not use automated decision-making or profiling.

Questions about Data Protection
If you have questions about data protection, please write us an email at [email protected]

Disclosure of Personal Data to Third Parties
Your personal data will only be disclosed in accordance with applicable competition and data protection laws. If necessary to provide contractual services or fulfill legal obligations, your data may be shared with subcontractors or service providers on our behalf (e.g., technical handling of postal/email delivery, customer service). In addition, your data may be shared with persons or companies to process your inquiry or booking. Disclosure to third parties also occurs when legally required or as part of a final court order.

This document provides information on how your personal data is handled when visiting our website. To provide the functions and services of our website, it is necessary for us to collect personal data about you. Below we explain which data we collect, why it is required, and which rights you have regarding your data.

Responsible for processing personal data on this website is (see imprint):

Nikolaus-Gassner-Str. 21
Managing Directors: Hermann & Claudia Oberschneider
A – 5710 Kaprun
Tel.: +43 6547 / 8232
Fax: +43(0)6547-8232-4
Email: [email protected]

Privacy Statement
We are very pleased about your interest in our company. Data protection is of particularly high importance to SKI DOME OBERSCHNEIDER GMBH. Use of our website is generally possible without providing personal data. However, if a data subject wishes to use special services of our company via our website, processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.

The processing of personal data, such as name, address, email address, or telephone number, is always carried out in accordance with the General Data Protection Regulation and in compliance with the country-specific data protection laws applicable to SKI DOME OBERSCHNEIDER GMBH. This privacy policy informs the public about the type, scope, and purpose of the personal data we collect, use, and process. Furthermore, data subjects are informed about their rights under this privacy policy.

SKI DOME OBERSCHNEIDER GMBH, as the controller, has implemented numerous technical and organizational measures to ensure the most comprehensive protection possible of the personal data processed via this website. However, internet-based data transmissions can inherently have security vulnerabilities, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us via alternative means, for example, by telephone.

Definitions
The privacy policy of SKI DOME OBERSCHNEIDER GMBH is based on the terminology used by the European legislator in the General Data Protection Regulation (GDPR). Our privacy policy is intended to be easily readable and understandable for the public as well as for our customers and business partners. To ensure this, we first explain the terms used.

In this privacy policy, we use the following terms:

a) Personal Data
Personal data means any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

b) Data Subject
A data subject is any identified or identifiable natural person whose personal data is processed by the controller.

c) Processing
Processing means any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

d) Restriction of Processing
Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

e) Profiling
Profiling is any form of automated processing of personal data consisting of using personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements of that natural person.

f) Pseudonymization
Pseudonymization is the processing of personal data in such a way that the data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not assigned to an identified or identifiable natural person.

g) Controller
The controller is the natural or legal person, public authority, agency, or other body which alone or jointly with others determines the purposes and means of the processing of personal data. If the purposes and means of processing are determined by Union or Member State law, the controller or the criteria for its nomination may be provided by such law.

h) Processor
A processor is a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

i) Recipient
A recipient is a natural or legal person, public authority, agency, or other body to which personal data are disclosed, whether a third party or not. Authorities that may receive personal data in the context of a specific investigation mandate under Union or Member State law are not considered recipients.

j) Third Party
A third party is a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, or persons authorized to process personal data under the direct authority of the controller or processor.

k) Consent
Consent is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they signify agreement to the processing of personal data relating to them, whether by statement or clear affirmative action.

Name and Address of the Controller
The controller within the meaning of the GDPR, other data protection laws of EU member states, and other regulations with a data protection character is SKI DOME OBERSCHNEIDER GMBH.

Informational Use
If you use this website without providing data in other ways (e.g., by registration or using the contact form), we collect technically necessary data that is automatically transmitted to our server, including:

• IP address

• Date and time of the request

• Content of the request

• Access status / HTTP status code

• Browser type

• Language and version of the browser software

• Operating system

• This is technically required to display our website to you. We also use the data to ensure the security and stability of our website. The legal basis for collection is Article 6(1)(f) GDPR.

Cookies
Our website uses cookies. Cookies are text files stored on a computer system via a web browser.

Many websites and servers use cookies. Many cookies contain a so-called cookie ID, which is a unique identifier of the cookie. It consists of a character string that allows websites and servers to assign the cookie to the specific web browser in which it was stored. This enables visited websites and servers to distinguish the individual browser of the data subject from other browsers containing other cookies. A specific browser can be recognized and identified via the unique cookie ID.

By using cookies, SKI DOME OBERSCHNEIDER GMBH can provide users of this website with more user-friendly services that would not be possible without setting cookies.

Using cookies, the information and offers on our website can be optimized in the user’s interest. As mentioned, cookies allow us to recognize users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, a user of a website that uses cookies does not have to re-enter login details on every visit, because this is handled by the website and the cookie stored on the user’s computer. Another example is a shopping cart cookie in an online shop. The online shop remembers which items a customer has placed in the virtual shopping cart via a cookie.

The data subject can prevent cookies from being set by our website at any time by adjusting their web browser settings, thereby permanently objecting to the setting of cookies. Already set cookies can also be deleted at any time via the web browser or other software. This is possible in all common browsers. If the data subject disables cookies in their browser, some functions of our website may not be fully usable.

Collection of General Data and Information
Our website collects a range of general data and information with each visit by a data subject or an automated system. These general data and information are stored in the server log files. The data may include (1) browser types and versions used, (2) the operating system of the accessing system, (3) the website from which an accessing system reached our website (so-called referrer), (4) the subpages accessed on our website, (5) date and time of access, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing system, and (8) other similar data and information used for threat prevention in case of attacks on our IT systems.

SKI DOME OBERSCHNEIDER GMBH does not draw conclusions about the data subject from the use of these general data and information. These data are required to (1) deliver the content of our website correctly, (2) optimize the content and advertising of our website, (3) ensure the continuous functionality of our IT systems and website technology, and (4) provide law enforcement authorities with the necessary information in the event of a cyberattack. These anonymized data and information are evaluated statistically and for the purpose of improving data protection and security, to ensure an optimal protection level for the personal data we process. The anonymized server log data are stored separately from all personal data provided by the data subject.

Handling of Comments and Contributions
If you leave a comment or contribution on this website, your IP address is stored. This is for the security of the website operator: if your text violates the law, they can track your identity.

SSL Encryption
To protect your data during transmission, we use encryption methods (e.g., SSL) via HTTPS according to the current state of technology.

Use of Script Libraries (Google Webfonts)
To display our content correctly across browsers and visually appealingly, we use script and font libraries such as Google Webfonts (https://www.google.com/webfonts/). Google Webfonts are transferred to your browser cache to avoid multiple loads. If the browser does not support Google Webfonts or blocks access, content is displayed in a standard font.

Loading script or font libraries automatically establishes a connection to the library provider. It is theoretically possible — currently unclear for which purposes — that the library provider collects data. When our website is accessed, the visitor’s browser establishes a direct connection to these servers, transmitting the visitor’s IP address to Google and storing it there. Google participates in the EU-US Privacy Shield: www.privacyshield.gov/EU-US-Framework. Google’s privacy policy for the library provider is available at https://www.google.com/policies/privacy/

Storage Duration
We process and store your data only as long as necessary for processing or to comply with legal obligations. Once the purpose of processing no longer applies, your data will be blocked or deleted. If legal obligations require further storage, we block or delete your data at the end of the statutory retention period. The criterion for storage duration of personal data is the respective legal retention period. After this period, the corresponding data are routinely deleted unless still necessary for contract fulfillment or initiation.

Routine Deletion and Blocking of Personal Data
The controller processes and stores personal data only for as long as necessary to achieve the storage purpose or as provided by the GDPR or other applicable laws.

If the storage purpose no longer applies or a legally prescribed storage period expires, personal data are routinely blocked or deleted in accordance with legal requirements.

Rights of the Data Subject
a) Right of Confirmation
Every data subject has the right, granted by the European legislator, to obtain confirmation from the controller as to whether personal data concerning them are being processed. To exercise this right, the data subject can contact our Data Protection Officer or any other employee of the controller at any time.

b) Right of Access
Every data subject has the right, granted by the European legislator, to obtain free information at any time from the controller about the personal data stored about them and a copy of this information. In addition, the European legislator grants the data subject information on:

• the purposes of processing

• the categories of personal data processed

• the recipients or categories of recipients to whom the personal data have been disclosed, particularly recipients in third countries or international organizations

• where possible, the planned duration for which the personal data will be stored or, if not possible, the criteria used to determine that duration

• the existence of a right to rectification or erasure of personal data or to restrict processing or object to processing

• the existence of a right to lodge a complaint with a supervisory authority

• if the data were not collected from the data subject: all available information about the source of the data

• the existence of automated decision-making including profiling, and where applicable, meaningful information about the logic involved and the significance and envisaged consequences of such processing for the data subject

Furthermore, the data subject has the right to obtain information about whether personal data have been transmitted to a third country or an international organization and, if so, about the appropriate safeguards in connection with the transfer.

To exercise this right of access, the data subject can contact our Data Protection Officer or any other employee of the controller at any time.

c) Right to Rectification
Every data subject has the right to demand the immediate correction of inaccurate personal data concerning them. The data subject also has the right to request completion of incomplete personal data, taking into account the purposes of processing, including by providing a supplementary statement.

Möchte eine betroffene Person dieses Berichtigungsrecht in Anspruch nehmen, kann sie sich hierzu jederzeit an unseren Datenschutzbeauftragten oder einen anderen Mitarbeiter des für die Verarbeitung Verantwortlichen wenden.

d) Recht auf Löschung (Recht auf Vergessen werden)
Jede von der Verarbeitung personenbezogener Daten betroffene Person hat das vom Europäischen Richtlinien- und Verordnungsgeber gewährte Recht, von dem Verantwortlichen zu verlangen, dass die sie betreffenden personenbezogenen Daten unverzüglich gelöscht werden, sofern einer der folgenden Gründe zutrifft und soweit die Verarbeitung nicht erforderlich ist:

• Die personenbezogenen Daten wurden für solche Zwecke erhoben oder auf sonstige Weise verarbeitet, für welche sie nicht mehr notwendig sind.

• Die betroffene Person widerruft ihre Einwilligung, auf die sich die Verarbeitung gemäß Art. 6 Abs. 1 Buchstabe a DS-GVO oder Art. 9 Abs. 2 Buchstabe a DS-GVO stützte, und es fehlt an einer anderweitigen Rechtsgrundlage für die Verarbeitung.

• Die betroffene Person legt gemäß Art. 21 Abs. 1 DS-GVO Widerspruch gegen die Verarbeitung ein, und es liegen keine vorrangigen berechtigten Gründe für die Verarbeitung vor, oder die betroffene Person legt gemäß Art. 21 Abs. 2 DS-GVO Widerspruch gegen die Verarbeitung ein.

• Die personenbezogenen Daten wurden unrechtmäßig verarbeitet.

• Die Löschung der personenbezogenen Daten ist zur Erfüllung einer rechtlichen Verpflichtung nach dem Unionsrecht oder dem Recht der Mitgliedstaaten erforderlich, dem der Verantwortliche unterliegt.

• Die personenbezogenen Daten wurden in Bezug auf angebotene Dienste der Informationsgesellschaft gemäß Art. 8 Abs. 1 DS-GVO erhoben.

Sofern einer der oben genannten Gründe zutrifft und eine betroffene Person die Löschung von personenbezogenen Daten, die bei der SKI DOME OBERSCHNEIDER GMBH gespeichert sind, veranlassen möchte, kann sie sich hierzu jederzeit an unseren Datenschutzbeauftragten oder einen anderen Mitarbeiter des für die Verarbeitung Verantwortlichen wenden. Der Datenschutzbeauftragte von der SKI DOME OBERSCHNEIDER GMBH oder ein anderer Mitarbeiter wird veranlassen, dass dem Löschverlangen unverzüglich nachgekommen wird.

Wurden die personenbezogenen Daten von der SKI DOME OBERSCHNEIDER GMBH öffentlich gemacht und ist unser Unternehmen als Verantwortlicher gemäß Art. 17 Abs. 1 DS-GVO zur Löschung der personenbezogenen Daten verpflichtet, so trifft die SKI DOME OBERSCHNEIDER GMBH unter Berücksichtigung der verfügbaren Technologie und der Implementierungskosten angemessene Maßnahmen, auch technischer Art, um andere für die Datenverarbeitung Verantwortliche, welche die veröffentlichten personenbezogenen Daten verarbeiten, darüber in Kenntnis zu setzen, dass die betroffene Person von diesen anderen für die Datenverarbeitung Verantwortlichen die Löschung sämtlicher Links zu diesen personenbezogenen Daten oder von Kopien oder Replikationen dieser personenbezogenen Daten verlangt hat, soweit die Verarbeitung nicht erforderlich ist. Der Datenschutzbeauftragte von der SKI DOME OBERSCHNEIDER GMBH oder ein anderer Mitarbeiter wird im Einzelfall das Notwendige veranlassen.

e) Recht auf Einschränkung der Verarbeitung
Jede von der Verarbeitung personenbezogener Daten betroffene Person hat das vom Europäischen Richtlinien- und Verordnungsgeber gewährte Recht, von dem Verantwortlichen die Einschränkung der Verarbeitung zu verlangen, wenn eine der folgenden Voraussetzungen gegeben ist:

• Die Richtigkeit der personenbezogenen Daten wird von der betroffenen Person bestritten, und zwar für eine Dauer, die es dem Verantwortlichen ermöglicht, die Richtigkeit der personenbezogenen Daten zu überprüfen.

• Die Verarbeitung ist unrechtmäßig, die betroffene Person lehnt die Löschung der personenbezogenen Daten ab und verlangt stattdessen die Einschränkung der Nutzung der personenbezogenen Daten.

• Der Verantwortliche benötigt die personenbezogenen Daten für die Zwecke der Verarbeitung nicht länger, die betroffene Person benötigt sie jedoch zur Geltendmachung, Ausübung oder Verteidigung von Rechtsansprüchen.

• Die betroffene Person hat Widerspruch gegen die Verarbeitung gem. Art. 21 Abs. 1 DS-GVO eingelegt und es steht noch nicht fest, ob die berechtigten Gründe des Verantwortlichen gegenüber denen der betroffenen Person überwiegen.

Sofern eine der oben genannten Voraussetzungen gegeben ist und eine betroffene Person die Einschränkung von personenbezogenen Daten, die bei der SKI DOME OBERSCHNEIDER GMBH gespeichert sind, verlangen möchte, kann sie sich hierzu jederzeit an unseren Datenschutzbeauftragten oder einen anderen Mitarbeiter des für die Verarbeitung Verantwortlichen wenden. Der Datenschutzbeauftragte von der SKI DOME OBERSCHNEIDER GMBH oder ein anderer Mitarbeiter wird die Einschränkung der Verarbeitung veranlassen.

f) Recht auf Datenübertragbarkeit
Jede von der Verarbeitung personenbezogener Daten betroffene Person hat das vom Europäischen Richtlinien- und Verordnungsgeber gewährte Recht, die sie betreffenden personenbezogenen Daten, welche durch die betroffene Person einem Verantwortlichen bereitgestellt wurden, in einem strukturierten, gängigen und maschinenlesbaren Format zu erhalten. Sie hat außerdem das Recht, diese Daten einem anderen Verantwortlichen ohne Behinderung durch den Verantwortlichen, dem die personenbezogenen Daten bereitgestellt wurden, zu übermitteln, sofern die Verarbeitung auf der Einwilligung gemäß Art. 6 Abs. 1 Buchstabe a DS-GVO oder Art. 9 Abs. 2 Buchstabe a DS-GVO oder auf einem Vertrag gemäß Art. 6 Abs. 1 Buchstabe b DS-GVO beruht und die Verarbeitung mithilfe automatisierter Verfahren erfolgt, sofern die Verarbeitung nicht für die Wahrnehmung einer Aufgabe erforderlich ist, die im öffentlichen Interesse liegt oder in Ausübung öffentlicher Gewalt erfolgt, welche dem Verantwortlichen übertragen wurde.

Ferner hat die betroffene Person bei der Ausübung ihres Rechts auf Datenübertragbarkeit gemäß Art. 20 Abs. 1 DS-GVO das Recht, zu erwirken, dass die personenbezogenen Daten direkt von einem Verantwortlichen an einen anderen Verantwortlichen übermittelt werden, soweit dies technisch machbar ist und sofern hiervon nicht die Rechte und Freiheiten anderer Personen beeinträchtigt werden.

Zur Geltendmachung des Rechts auf Datenübertragbarkeit kann sich die betroffene Person jederzeit an den von der SKI DOME OBERSCHNEIDER GMBH bestellten Datenschutzbeauftragten oder einen anderen Mitarbeiter wenden.

g) Recht auf Widerspruch
Jede von der Verarbeitung personenbezogener Daten betroffene Person hat das vom Europäischen Richtlinien- und Verordnungsgeber gewährte Recht, aus Gründen, die sich aus ihrer besonderen Situation ergeben, jederzeit gegen die Verarbeitung sie betreffender personenbezogener Daten, die aufgrund von Art. 6 Abs. 1 Buchstaben e oder f DS-GVO erfolgt, Widerspruch einzulegen. Dies gilt auch für ein auf diese Bestimmungen gestütztes Profiling.

SKI DOME OBERSCHNEIDER GMBH verarbeitet die personenbezogenen Daten im Falle des Widerspruchs nicht mehr, es sei denn, wir können zwingende schutzwürdige Gründe für die Verarbeitung nachweisen, die den Interessen, Rechten und Freiheiten der betroffenen Person überwiegen, oder die Verarbeitung dient der Geltendmachung, Ausübung oder Verteidigung von Rechtsansprüchen.

Verarbeitet die SKI DOME OBERSCHNEIDER GMBH personenbezogene Daten, um Direktwerbung zu betreiben, so hat die betroffene Person das Recht, jederzeit Widerspruch gegen die Verarbeitung der personenbezogenen Daten zum Zwecke derartiger Werbung einzulegen. Dies gilt auch für das Profiling, soweit es mit solcher Direktwerbung in Verbindung steht. Widerspricht die betroffene Person gegenüber der SKI DOME OBERSCHNEIDER GMBH der Verarbeitung für Zwecke der Direktwerbung, so wird die SKI DOME OBERSCHNEIDER GMBH die personenbezogenen Daten nicht mehr für diese Zwecke verarbeiten.

Zudem hat die betroffene Person das Recht, aus Gründen, die sich aus ihrer besonderen Situation ergeben, gegen die sie betreffende Verarbeitung personenbezogener Daten, die bei der SKI DOME OBERSCHNEIDER GMBH zu wissenschaftlichen oder historischen Forschungszwecken oder zu statistischen Zwecken gemäß Art. 89 Abs. 1 DS-GVO erfolgen, Widerspruch einzulegen, es sei denn, eine solche Verarbeitung ist zur Erfüllung einer im öffentlichen Interesse liegenden Aufgabe erforderlich.

Zur Ausübung des Rechts auf Widerspruch kann sich die betroffene Person direkt an den Datenschutzbeauftragten von der SKI DOME OBERSCHNEIDER GMBH oder einen anderen Mitarbeiter wenden. Der betroffenen Person steht es ferner frei, im Zusammenhang mit der Nutzung von Diensten der Informationsgesellschaft, ungeachtet der Richtlinie 2002/58/EG, ihr Widerspruchsrecht mittels automatisierter Verfahren auszuüben, bei denen technische Spezifikationen verwendet werden.

h) Automated Individual Decisions, Including Profiling
Every data subject has the right granted by the European legislator not to be subject to a decision based solely on automated processing — including profiling — which produces legal effects concerning them or similarly significantly affects them, unless the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is permitted under Union or Member State law to which the controller is subject, and such law contains appropriate measures to safeguard the rights, freedoms, and legitimate interests of the data subject, or (3) is based on the explicit consent of the data subject.

If the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is based on the explicit consent of the data subject, SKI DOME OBERSCHNEIDER GMBH takes appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject, including at least the right to request human intervention by the controller, to express their point of view, and to contest the decision.

To exercise rights related to automated decisions, the data subject can contact our Data Protection Officer or any other employee of the controller at any time.

i) Right to Withdraw Data Protection Consent
Every data subject has the right granted by the European legislator to withdraw consent to the processing of personal data at any time.

To exercise the right to withdraw consent, the data subject can contact our Data Protection Officer or any other employee of the controller at any time.

Data Protection in Job Applications and Recruitment
The controller collects and processes personal data of applicants for the purpose of handling the application process. Processing may also occur electronically, particularly if an applicant submits application documents electronically, e.g., via email or a web form on the website. If the controller concludes an employment contract with the applicant, the submitted data will be stored for the purpose of managing the employment relationship in compliance with legal regulations. If no employment contract is concluded, the application documents will be automatically deleted two months after the rejection decision, provided no other legitimate interests of the controller prevent deletion. Such legitimate interests may include, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).

Embedded YouTube Videos
On some of our web pages, we embed YouTube videos. The operator of the corresponding plugins is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page with the YouTube plugin, a connection to YouTube servers is established. YouTube is informed about which pages you visit. If you are logged into your YouTube account, YouTube may associate your browsing behavior with your personal account. You can prevent this by logging out of your YouTube account before visiting our website.

When a YouTube video is played, the provider uses cookies to collect information about user behavior. Users who have disabled cookies for the Google Ads program will not be subject to such cookies when viewing YouTube videos. YouTube also stores non-personal usage information in other cookies. To prevent this, you must block the storage of cookies in your browser. More information on YouTube privacy can be found at https://www.google.de/intl/de/policies/privacy/

Privacy Policy for Facebook
The controller has integrated components from Facebook on this website. Facebook is a social network, an online community that generally allows users to communicate and interact in a virtual space. Facebook allows users to create private profiles, upload photos, and connect via friend requests.

The operator of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. For data subjects outside the USA or Canada, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland is responsible for processing personal data.

When accessing any page of this website containing a Facebook component (Facebook plug-in), the visitor’s browser is automatically prompted to download a representation of the Facebook component from Facebook. An overview of all Facebook plug-ins is available at https://developers.facebook.com/docs/plugins/?locale=de_DE. Through this process, Facebook learns which specific subpage of our website the data subject visits.

If the data subject is logged into Facebook, Facebook recognizes with each visit which page is visited. These data are collected and assigned to the data subject’s Facebook account. If the user clicks a Facebook button (e.g., “Like”) or leaves a comment, Facebook assigns this information to the personal account and stores it.

Facebook receives information via the component whenever the data subject visits our website if logged in, regardless of whether they click the component. If the data subject does not want this, they can log out of Facebook before visiting the website.

Facebook’s privacy policy, available at https://de-de.facebook.com/about/privacy/, explains how Facebook collects, processes, and uses personal data, the privacy settings available, and applications to suppress data transfer.

Facebook Pixel and Privacy
1. What is Conversion Tracking?
The Facebook Pixel allows advertisers to track the effectiveness of their campaigns outside the Facebook platform, including conversions on websites, by following user actions from the ad click to purchase. It is not simple click tracking; it enables monitoring the customer journey to measure campaign success. Tracking occurs via cookies, not the pixel itself.

2. How does the Facebook Pixel work?
The pixel is embedded on websites with a specific tracking code. Different target pages can be defined, e.g., newsletter signups, content downloads, or product purchases. Only this allows advertisers to see whether the campaign achieved the desired outcome.

3. Privacy issues with Facebook Pixel
Conversion tracking collects personal data. The advertiser can trace exactly how a customer moved from the Facebook ad to purchase. This personal data is transmitted to Facebook in the USA and likely linked with the user’s Facebook profile, without the user being informed. This data transfer and analysis without user knowledge raises privacy concerns.

Legal ways to use Facebook Pixel vary:
1. Legal authorization – currently not provided under current law for Facebook tracking.
2. User opt-out for standard Pixel use.
3. User consent (opt-in) when using Facebook Custom Audiences and Look-Alike Audiences.

Privacy Policy for VG WORT (Copyright Collection Society)
The controller has integrated tracking pixels. A tracking pixel is a tiny image embedded in web pages to allow log file recording and analysis, enabling statistical evaluation. The integrated pixels serve the Scalable Central Measurement Procedure (SZM) of VG WORT.

SZM is operated by INFOnline GmbH, Forum Bonn Nord, Brühler Str. 9, 53119 Bonn.

SZM collects statistical data to calculate the probability of text reproduction. The embedded pixel allows VG WORT to determine when, how often, and by how many users (including the data subject) our website is accessed and which content is viewed.

Data collected via SZM are anonymized. A session cookie or alternative methods may be used for user recognition. The IP address is anonymized, and the data subject is never identified.

Data subjects can prevent cookies via browser settings, as described above. Already set cookies can be deleted at any time. Data subjects can also opt out of data collection and processing by INFOnline via the Opt-Out button at http://optout.ioam.de, which sets an opt-out cookie. If cookies are deleted after opting out, a new opt-out cookie must be set. Note that this may limit full use of our website. INFOnline privacy policies are available at https://www.infonline.de/datenschutz/

Privacy Policy for Twitter
Every time a page on this website containing a Twitter component (Twitter button) is accessed, the visitor’s browser is automatically prompted to download the respective Twitter component from Twitter. More information about Twitter buttons can be found at https://about.twitter.com/de/resources/buttons. Through this technical process, Twitter learns which specific subpage of our website the visitor accesses. The purpose of integrating the Twitter component is to allow users to share our website’s content, increase its visibility, and boost visitor numbers.

If the visitor is logged into Twitter, Twitter recognizes, during the entire visit, which specific subpage of our website the visitor accesses. This information is collected and associated with the visitor’s Twitter account. Clicking a Twitter button assigns the transmitted data to the visitor’s personal Twitter account, which Twitter stores and processes.

Twitter receives this information whenever the visitor is logged in, regardless of whether the component is clicked. To prevent this, log out of Twitter before visiting the website.

Twitter’s privacy policy is available at https://twitter.com/privacy?lang=de.

Privacy Policy for Xing
This website integrates Xing components. Xing is an online social network that allows users to connect with existing business contacts and establish new contacts. Users can create personal profiles, and companies can create corporate profiles or post job offers.

Operator: XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.

Each page visit with a Xing component prompts the browser to download it. If logged in, Xing recognizes which subpage is visited and associates this information with the user’s Xing account. Clicking a Xing button (e.g., “Share”) assigns the data to the personal account and stores it.

Xing receives this information whenever the user is logged in, regardless of whether the component is clicked. To prevent this, log out before visiting.

Xing’s privacy policy is available at https://www.xing.com/privacy, and privacy information for the Xing Share Button is at https://www.xing.com/app/share?op=data_protection.

Privacy Policy for YouTube
This website integrates YouTube components. YouTube is a video portal that allows video publishers to upload clips for free and users to view, rate, and comment on them. YouTube hosts all types of videos, including movies, TV shows, music videos, trailers, and user-generated videos.

Operator: YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA).

Visiting a page with a YouTube component prompts the browser to download it. YouTube and Google thereby know which specific subpage was visited. If logged in, the visit is associated with the user’s YouTube account. Logging out prevents this data collection.

YouTube’s privacy policy: https://www.google.de/intl/de/policies/privacy/. More information: https://www.youtube.com/yt/about/de/.

Use of Google Maps
This website uses Google Maps API to display geographical information visually. Google may collect, process, and use data about the usage of map features. Detailed information can be found in Google’s privacy notices, and you can adjust your personal privacy settings in the Google Privacy Center.

Use of Google Analytics
This website uses Google Analytics, a web analytics service from Google Inc. (“Google”). Google Analytics uses cookies to analyze website usage. Information generated about your use of this site is usually transmitted to a Google server in the USA and stored there. IP anonymization is enabled, meaning your IP is truncated in the EU or EEA before transfer. The IP address transmitted by your browser is not merged with other Google data.

You can prevent cookies by configuring your browser, but this may limit website functionality. You can also prevent data collection via Google Analytics by downloading the browser add-on here: http://tools.google.com/dlpage/gaoptout?hl=de, or by using the Opt-Out cookie via this link.

Legal Basis for Processing
- Consent (Art. 6 I lit. a GDPR): When we request consent for a specific purpose.
- Contract (Art. 6 I lit. b GDPR): Processing necessary to fulfill a contract with the data subject.
- Legal obligation (Art. 6 I lit. c GDPR): Compliance with statutory duties, e.g., taxes.
- Vital interests (Art. 6 I lit. d GDPR): Protecting life in rare cases, e.g., injury requiring medical info disclosure.
- Legitimate interest (Art. 6 I lit. f GDPR): Processing not covered by other bases, required for company or third-party legitimate interests, provided the subject’s rights do not override.

Use of Google Remarketing
This site uses Google’s remarketing function to display interest-based ads across the Google network. A cookie recognizes previous visitors when they access sites in the Google advertising network. Google claims no personal data is collected. To opt out: http://www.google.com/settings/ads or http://www.networkadvertising.org/managing/opt_out.asp.

Legitimate Interests
Our legitimate interest (Art. 6 I lit. f GDPR) is the operation of our business for the benefit of employees and stakeholders.

Provision of Personal Data
Providing personal data may be legally or contractually required (e.g., tax info or contract details). Failure to provide data may prevent contract conclusion. Before providing data, contact our Data Protection Officer for guidance.

Automated Decision-Making
We do not use automated decision-making or profiling.

Questions
For any questions regarding data protection, contact us at [email protected].