Data protection

1. Data protection at a glance

General information

The following privacy policy is intended to inform you about the nature, scope and purpose of the processing of personal data (hereinafter referred to as ‘data’) within our online offering and the associated websites and functions. (hereinafter collectively referred to as ‘online offering’). With regard to the terms used in our privacy policy, such as ‘processing’ or ‘controller’, we refer to the definitions in the General Data Protection Regulation (see Art. 4 GDPR). Furthermore, we would like to inform you about your rights.

In principle, it is possible to use our website without providing any personal data. However, we would like to point out that the processing of personal data may be necessary if a data subject wishes to use certain services via our website.

As the controller responsible for data processing, we have implemented numerous technical and organisational measures to ensure the most complete protection possible of any personal data processed via this website. Nevertheless, Internet-based data transmissions can generally have security gaps, which means that even we cannot guarantee absolute protection. For this reason, every data subject is free to transmit any necessary personal data to us by alternative means, for example by telephone.

Responsible for data processing

Responsible for data processing within the meaning of the GDPR and the BDSG (new):

CO-Improve GmbH & Co. KG

Alfred-Herrhausen-Allee 3-5

D-65760 Eschborn

Fon: +49 (0) 6196 / 96754-0

Fax: +49 (0) 6196 / 96754-11

E-Mail: office@co-improve.com

Website: www.co-improve.com

Contact person for data protection at CO-Improve:

CO-Improve GmbH & Co. KG

Dirk Meissner

Fon: 06196-96754-20

E-Mail: dm@co-improve.com

Relevant legal basis

The processing of personal data, e.g. name, address, e-mail address or telephone number of a data subject, is carried out by us exclusively in accordance with the requirements of the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations applicable to us in Germany. In accordance with the provisions of Art. 13 GDPR, we inform you below of the legal basis of our data processing: The legal basis for obtaining consent is Art. 6 para. 1 lit. a and Art. 7 GDPR, the legal basis for processing to fulfil our contractual performance obligations and respond to enquiries is Art. 6 para. 1 lit. b GDPR, the legal basis for processing to fulfil our legal obligations is Art. 6 para. 1 lit. c GDPR, and the legal basis for processing to protect our legitimate interests is Art. 6 para. 1 lit. f GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR forms the legal basis.

Deletion and blocking of data

We adhere to the principles of data avoidance and data minimisation. The personal data processed by us will be deleted or restricted in their processing in accordance with Art. 17 and 18 GDPR. Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons. According to the legal requirements in Germany, data is stored in particular for 6 years in accordance with Section 257 (1) HGB and for 10 years in accordance with Section 147 (1) AO.

Disclosure of personal data

We only pass on your personal data to third parties within the scope of the intended purpose for processing. Our employees and suppliers/partners are obliged by us to maintain confidentiality and secrecy and by law to observe data secrecy.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, our site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

2. Data collection, types of processed data, categories of data subjects, processing purposes

Hosting

We use hosting services to provide the services listed below: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating this website. In doing so, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offer in order to pursue our legitimate interests in the efficient and secure provision of this offer in accordance with Art. 6 Para. 1 lit. f and Art. 28 GDPR.

Collection of access data

Each time our website is accessed by a data subject or by an automated system, our website collects a range of general data and information in order to pursue our legitimate interests in accordance with Art. 6 (1) (f) GDPR. This general data and information is stored in the server log files. The (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the referrer URL, (4) the sub-websites that are accessed via an accessing system on our website, (5) the date and time of access to the website, (6) the IP address, (7) the Internet service provider of the accessing system, (8) logs, status code and data volume are recorded; (9) the directory protection user and (10) other similar data and information used for security purposes in the event of attacks on our IT systems.

When using this general data and information, no conclusions are drawn about the data subject. This information is required in order to (1) correctly deliver the content of our website, (2) optimise the content of our website and the advertising for it, (3) ensure the long-term functionality of our IT systems and the technology of our website, (4) enable us to respond to contact requests and communicate with users and (5) provide law enforcement authorities with the information necessary for prosecution in the event of an attack. This anonymously collected data and information is therefore analysed by us statistically and with the aim of increasing data protection and data security in order to ensure an optimal level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

Data processing in the fulfilment of services

We also process our customers' data as part of our contractual services, which include conceptual and strategic consulting, training, etc.

We process inventory data, contact data, content data, contract data, payment data, usage data and metadata. We do not process special categories of personal data. The group of data subjects includes customers, interested parties and their customers, users, website visitors, employees and third parties. The purpose of the processing is the provision of contractual services, billing and customer service on the basis of Art. 6 para. 1 lit. b GDPR. We process data that is required to justify and fulfil the contractual services and only disclose the data to third parties if this is necessary in the context of order fulfilment. When processing the data provided to us in this context, we act in accordance with the instructions of the client and the legal requirements of order processing in accordance with Art. 28 GDPR. The data will not be processed for any purposes other than those specified in the order. The data will be deleted after expiry of the statutory warranty or comparable obligations, whereby the necessity of storage is reviewed every 3 years. If there are statutory retention obligations, the data will be blocked accordingly.

Data processing within the framework of the company organisation

As part of the organisation of the company, internal administrative tasks, financial accounting and the fulfilment of legal obligations, we process the same data that we also process as part of the provision of our contractual services in accordance with Art. 6 para. 1 lit. c and f GDPR. Customers, interested parties, business partners and website visitors are affected. The purpose of the processing is administration, financial accounting, organisation, archiving, maintenance of business activities, performance of our tasks and provision of the contractually owed services. In doing so, we disclose data to the tax authorities, tax consultants, auditors, fee offices and payment service providers. We also store information on suppliers, event organisers and other business partners on the basis of our business interests. This company-related data is generally stored permanently.

We analyse the data we have on business transactions, contracts, enquiries, etc. in order to operate our company economically and to be able to identify market trends and customer requirements. In doing so, we process inventory data, communication data, contract data, payment data, usage data and metadata on the basis of Art. 6 Art. 1 lit. f GDPR. Data subjects are customers, interested parties, business partners, visitors and users of the online offering. The analyses are not disclosed externally, unless they are anonymous analyses with summarised values.

Contact us

Cooperation with processors and third parties

If we disclose data to other persons and companies (processors or third parties) as part of our processing, transfer it to them or otherwise grant them access to the data, this is done exclusively on the basis of legal permission (e.g. if the transfer of data to third parties, such as payment service providers, is necessary for the fulfilment of the contract in accordance with Art. 6 para. 1 lit. b GDPR), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).

If we commission third parties with the processing of data on the basis of a so-called "order processing contract", this is done on the basis of Art. 28 GDPR.

Transfer of data to third countries

If we process data in a third country (outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of the use of third-party services or disclosure or transfer of data to third parties, this will only take place if it is done to fulfil our contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual authorisations, we only process or have the data processed in a third country if the special requirements of Art. 44 et seq. GDPR are met. This means, for example, that the processing takes place on the basis of special guarantees, such as the officially recognised determination of a level of data protection corresponding to the EU or compliance with officially recognised special contractual obligations (so-called "standard contractual clauses").

3. Rights of data subjects

The GDPR provides for a number of data subject rights, which we would like to inform and explain to you below.

Right to confirmation

You have the right to request a declaration as to whether personal data relating to you is being processed. To exercise this right, please get in touch with our contact person for data protection mentioned above.

Right to information

You also have the right to receive information free of charge about the personal data stored about you as well as further information and a copy of the data in accordance with Art. 15 GDPR. You also have the right to receive the following information:

- the purposes of processing

- the categories of personal data that are processed

- the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations

- where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period

- the existence of a right to rectification or erasure of personal data concerning you or to restriction of processing or a right to object to such processing

- the existence of a right to lodge a complaint with a supervisory authority

- if the personal data are not collected from you as the data subject: all available information about the origin of the data

- the existence of automated decision-making, including profiling, referred to in Art. 22 (1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject

Furthermore, you have a right to information as to whether personal data has been transferred to a third country or to an international organisation. If this is the case, you have the right to obtain information about the appropriate guarantees in connection with the transfer. If you wish to exercise this right to information, please get in touch with our contact person for data protection mentioned above.

Right to rectification

In accordance with Art. 16 GDPR, you have the right to request the completion or correction of data concerning you. You also have the right to request the completion of incomplete personal data, taking into account the purposes of the processing. If you would like to exercise this right to rectification, please contact our contact person for data protection mentioned above.

Right to erasure (right to be forgotten)

In accordance with Art. 17 GDPR, you also have the right to demand that data concerning you be deleted immediately or, alternatively, in accordance with Art. 18 GDPR, to demand that the processing of the data be restricted if one of the following reasons applies and insofar as the processing is not necessary:

- The personal data was collected or otherwise processed for purposes for which it is no longer necessary.

- The data subject withdraws consent on which the processing is based according to point (a) of Article 6(1) GDPR, or point (a) of Article 9(2) GDPR, and where there is no other legal ground for the processing.

- The data subject objects to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Art. 21 (2) GDPR.

- The personal data was processed unlawfully.

- The deletion of personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the controller is subject.

- The personal data was collected in relation to information society services offered in accordance with Art. 8 para. 1 GDPR.

If one of the above-mentioned reasons applies and you wish to have personal data stored by us deleted, please contact our contact person for data protection mentioned above.

**Right to restriction of processing**

Furthermore, you have the right to demand that we restrict processing if one of the following conditions is met:

- the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data

- the processing is unlawful, but you oppose the erasure of the personal data and request the restriction of their use instead

- we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims

- You have lodged an objection to the processing pursuant to Art. 21 para. 1 GDPR, but it is not yet clear whether our legitimate reasons outweigh yours

If one of the above conditions is met and you wish to request the restriction of personal data stored by us, please contact our contact person for data protection mentioned above.

Right to data portability

Furthermore, you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. You also have the right to request the transfer of this data by us to another controller, provided that the processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR and the processing is carried out using automated procedures, and provided that the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us and provided that this does not adversely affect the rights and freedoms of other persons. To assert the right to data portability, please get in touch with our contact person for data protection mentioned above.

Right to object

Finally, you have the right to object at any time to the processing of your personal data, which is based on Art. 6 para. 1 lit. e or f GDPR. This also applies to profiling based on these provisions.

If you object, we will no longer process your personal data unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims. If we process personal data for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising. This also applies to profiling insofar as it is associated with such direct advertising. You also have the right to object to the processing of your personal data by us for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 para. 1 GDPR, unless such processing is necessary for the fulfilment of a task in the public interest. To exercise your right to object, please contact our data protection officer directly.

Automated decisions in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, provided that the decision (1) is not necessary for entering into, or performance of, a contract between you and us, or (2) is authorised by Union or Member State law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or (3) is based on your explicit consent. To assert your rights regarding automated decisions, please contact our contact person for data protection mentioned above.

**Right to withdraw consent under data protection law**

You also have the right to withdraw your consent to the processing of personal data at any time. To exercise this right to withdraw consent, please get in touch with our contact person for data protection mentioned above.

**Right to lodge a complaint with the competent supervisory authority**

You also have the right to lodge a complaint with the competent supervisory authority in accordance with Art. 77 GDPR. The competent authority is the State Data Protection Officer of the Federal State of Hesse. The contact details of the State Commissioner for Data Protection and Freedom of Information of Hesse can be found at the following link [www.bfdi.bund.de ](https://www.bfdi.bund.de/Share...)

4. Cookies

Our website uses cookies. Cookies are text files that are placed and stored on a computer system via an Internet browser. Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters that can be used to assign websites and servers to the specific internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognised and identified via the unique cookie ID. Through the use of cookies, we can provide users of this website with more user-friendly services that would not be possible without the setting of cookies.

Cookies that are required to carry out the electronic communication process or to provide certain functions you have requested are stored on the basis of Art. 6 para. 1 lit. f GDPR.

You can prevent the setting of cookies by our website at any time by means of the corresponding setting of the Internet browser you are using and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via the Internet browser or other software programmes. If you deactivate the setting of cookies in the Internet browser you are using, you may no longer be able to use all the functions of our website to their full extent.

5. Use of web analysis tool

We have integrated the Google Analytics component (with anonymisation function) on our website. Google Analytics is a web analytics service. Web analysis is the collection, collation and evaluation of data about the behaviour of visitors to websites. Among other things, a web analysis service collects data about the website from which a data subject came to a website (so-called referrer), which subpages of the website were accessed or how often and for how long a subpage was viewed. Web analysis is mainly used to optimise a website and to analyse the costs and benefits of internet advertising. The operating company of the Google Analytics component is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

We use the addition "_gat._anonymiseIp" for web analysis via Google Analytics. This addition is used by Google to shorten and anonymise the IP address of the data subject's Internet connection if our website is accessed from a member state of the European Union or from another state party to the Agreement on the European Economic Area.

The purpose of the Google Analytics component is to analyse the flow of visitors to our website. Among other things, Google uses the data and information obtained to analyse the use of our website, to compile online reports for us that show the activities on our website, and to provide other services in connection with the use of our website. Google Analytics places a cookie on the data subject's IT system. What cookies are has already been explained above. By setting the cookie, Google is enabled to analyse the use of our website. Each time one of the individual pages of this website is accessed, which is operated by the data controller and on which a Google Analytics component has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. During the course of this technical procedure, Google gains knowledge of personal information, such as the IP address of the data subject, which serves Google, inter alia, to understand the origin of visitors and clicks, and subsequently create commission settlements.

The cookie is used to store personal information, such as the access time, the location from which access was made and the frequency of visits to our website by the data subject. Each time our website is visited, this personal data, including the IP address of the internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on this personal data collected via the technical process to third parties. The user can prevent the setting of cookies by our website, as already described above, at any time by means of a corresponding setting of the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Google from placing a cookie on the user's IT system. In addition, a cookie already set by Google Analytics can be deleted at any time via the internet browser or other software programmes.

Furthermore, users have the option of objecting to the collection of data generated by Google Analytics relating to their use of this website and the processing of this data by Google, and of preventing such collection and processing. To do this, the user must download and install a browser add-on from the link [https://tools.google.com](https://tools.google.com/dlpag...). This browser add-on informs Google Analytics via JavaScript that no data and information relating to visits to websites may be transmitted to Google Analytics. The installation of the browser add-on is considered by Google as an objection. If the user's information technology system is deleted, formatted or reinstalled at a later date, the user must reinstall the browser add-on to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the user or another person within their sphere of control, it is possible to reinstall or reactivate the browser add-on. Further information and Google's applicable data protection provisions can be found at [www.google.de]( href=‘https://www.google.de/intl/de/...’ class=‘redactor-autoparser-object’>https://www.google.de/intl/de/... </a<>) and at [www.google.com]( href=‘http://www.google.com/analytic...’ class=‘redactor-autoparser-object’>http://www.google.com/analytic...;). Google Analytics is explained in more detail at this link [www.google.com]( href=‘https://www.google.com/intl/de...’ class=‘redactor-autoparser-object’>https://www.google.com/intl/de...;).

Our website also uses the "demographic characteristics" function of Google Analytics. This allows reports to be created that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google and from visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described above.

Google AdWords and Google Conversion-Tracking

Our website uses the marketing and remarketing services ("Google Marketing Services") of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States ("Google") to pursue our legitimate interests (Art. 6 para. 1 lit. f GDPR). As mentioned, Google is certified under the Privacy Shield Agreement and guarantees to comply with European data protection law.

With the help of Google Marketing Services, we can display adverts for and on our website in a more targeted manner in order to present users only with adverts that potentially correspond to their interests, as the user should only be shown adverts for products that they have already shown an interest in on other websites (so-called "remarketing").

For these purposes, when a website on which Google marketing services are active is called up, Google executes a code directly from Google and so-called (re)marketing tags (invisible graphics or code, also known as "web beacons") are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user's device (comparable technologies can also be used instead of cookies). This file records which websites the user has visited, which content they are interested in and which offers they have clicked on. In addition, information on the browser and operating system, referring websites, visiting time and other details on the use of the online offer are recorded and the user's IP address, which is usually shortened, is recorded. The IP address is not merged with user data from other Google services. The aforementioned information may be combined by Google with information from other sources. If the user subsequently visits other websites, they can be shown adverts tailored to their interests.

User data is processed pseudonymously as part of Google marketing services; Google stores and processes the relevant data cookie-related within pseudonymous user profiles. From Google's perspective, the adverts are not managed and displayed for a specifically identified person, but for the cookie owner, regardless of who this cookie owner is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymisation. The information collected by Google marketing services about users is transmitted to Google and stored on Google's servers in the USA.

The Google marketing services we use include the online advertising programme "Google AdWords". Each AdWords customer receives a different "conversion cookie". Cookies can therefore not be tracked via the websites of AdWords customers. The information collected with the help of the cookie is only used to create conversion statistics for AdWords customers. They receive information on the total number of users who clicked on their advert and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. You can object to tracking and prevent it by deactivating the Google Conversion Tracking cookie via your Internet browser under user settings.

You can find more information on the use of data for marketing purposes by Google on the following overview page: "<a href="" :www.google.com": href="https://www.google.com/policies/technologies/ads" class="redactor-autoparser-object">https://www.google.com/policie...</a<>, die Datenschutzerklärung von Google ist abrufbar unter [www.google.com/policies/privac... href="" class="redactor-autoparser-object">https://www.google.com/policie...).

If you wish to object to interest-based advertising by Google marketing services, you can use Google's setting and opt-out options: [www.google.com/ads/preferences... href="" class="redactor-autoparser-object">http://www.google.com/ads/pref...).

LinkedIn Insight Tag

Our website uses the Insight tag from "LinkedIn". The provider of this service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Data processing by LinkedIn Insight Tag

With the help of the LinkedIn Insight Tag, we receive information about the visitors to our website. If a website visitor is registered with LinkedIn, we can, among other things, analyse the key professional data (e.g. career level, company size, country, location, industry and job title) of our website visitors and thus better tailor our site to the respective target groups. We can also use LinkedIn Insight Tags to measure whether visitors to our websites make a purchase or take another action (conversion measurement). Conversion measurement can also be carried out across devices (e.g. from PC to tablet). LinkedIn Insight Tag also offers a retargeting function that we can use to display targeted advertising to visitors to our website outside the website, whereby, according to LinkedIn, no identification of the advertising addressee takes place.

LinkedIn itself also collects log files (URL, referrer URL, IP address, device and browser properties and time of access). The IP addresses are shortened or (if they are used to reach LinkedIn members across devices) hashed (pseudonymised). The direct identifiers of LinkedIn members are deleted by LinkedIn after seven days. The remaining pseudonymised data is then deleted within 90 days.

The data collected by LinkedIn cannot be assigned to specific individuals by us as the website operator. LinkedIn will store the personal data collected from website visitors on its servers in the USA and use it for its own advertising purposes. Details can be found in LinkedIn's privacy policy at [www.linkedin.com/legal/privacy... href="" class="redactor-autoparser-object">https://www.linkedin.com/legal...).

Legal basis

The use of LinkedIn Insight is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in effective advertising measures including social media. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: [www.linkedin.com/legal/l/dpa](... href="" class="redactor-autoparser-object">https://www.linkedin.com/legal...) und [www.linkedin.com/legal/l/eu-sc... href="" class="redactor-autoparser-object">https://www.linkedin.com/legal...).

Objection to the use of LinkedIn Insight Tag

Object to the analysis of user behaviour and targeted advertising by LinkedIn under the following link: [www.linkedin.com/psettings/gue... href="" class="redactor-autoparser-object">https://www.linkedin.com/psett...).

Furthermore, LinkedIn members can control the use of their personal data for advertising purposes in the account settings. To prevent LinkedIn from linking data collected on our website to your LinkedIn account, you must log out of your LinkedIn account before visiting our website.

6. Linking

As part of the pursuit of our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR, we link to content and service offers from third-party providers on our website in order to integrate their content and services. However, this requires that the providers of this content and services recognise the IP addresses of the users, as they would not be able to send the content to their browsers without the IP address. The IP address is therefore required to display this content. Nevertheless, we endeavour to only use content whose respective providers only use the IP address to deliver the content; third-party providers may also use so-called pixel tags (invisible graphics, so-called web beacons) for statistical or marketing purposes. Pixel tags can be used to analyse information such as visitor traffic on the subpages of this website. The pseudonymised information may also be stored in cookies on the user's device and may contain technical information about the browser and operating system, referrer URL, visit time and other details about the use of our online offering, as well as being linked to this information from other sources.

Our website uses Google Maps API to visualise geographical information. When Google Maps is used, Google also collects, processes and utilises data about the use of the map functions by visitors. You can find more information about data processing by Google in the Google data protection information. You can also change your personal data protection settings there in the data protection centre. Detailed instructions on managing your own data in connection with Google products can be found here:
[support.google.com/accounts](https://support.google.com/acc...)

7. Presence in social media

You can also find us on various social networks and platforms. We communicate there with interested parties, customers and users and provide information about our services. When accessing the respective network or platform, the terms and conditions and data protection guidelines of the respective operator apply. We only process the data of social network users if the users contact us within the networks.

8. Newsletter

Newsletter data

On our website, you can register to receive our newsletter, which we use to inform you about CO-Improve news, our products and services and interesting specialist topics approximately once a month. By subscribing to our newsletter, you agree to receive it and to the procedures described below.

We only send newsletters, emails and other electronic notifications with advertising information (hereinafter "newsletter") with the consent of the recipient or with legal authorisation. If the contents of the newsletter are specifically described when registering for the newsletter, they are decisive for the user's consent. Otherwise, our newsletters contain information about our services and us.

To subscribe to the newsletter, all you need to do is provide us with your e-mail address. Optionally, we ask you to enter a name so that we can address you personally in the newsletter.

Logging

Registrations for the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes storing the time of registration and confirmation as well as the IP address.

The processing of the registration data entered takes place exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the cancellation. The newsletter and the associated performance measurement are carried out in accordance with Art. 6 para. 1 lit. a, Art. 7 GDPR in conjunction with Section 7 para. 2 no. 3 UWG on the basis of your consent or on the basis of the legal authorisation in accordance with Section 7 para. 3 UWG.

Your data stored with us as a newsletter recipient will be stored by us until you unsubscribe from the newsletter and will only be deleted when you unsubscribe from the newsletter. Data stored by us for other purposes remains unaffected by this.

The logging of the registration process is based on our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR. We are interested in using a user-friendly and secure newsletter system that serves both our business interests and the expectations of users and also allows us to provide proof of consent.

You can unsubscribe from our newsletter at any time, i.e. revoke your consent. You will find a link to unsubscribe from the newsletter at the end of each newsletter. We may store the unsubscribed email addresses for up to three years on the basis of our legitimate interests before we delete them for the purpose of sending the newsletter in order to be able to prove that consent was previously given. The processing of this data is limited to the purpose of a possible defence against claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time.

Use of the mailing service provider Inxmail

Our website uses "Inxmail" for sending newsletters, a newsletter dispatch platform of Inxmail GmbH, Wentzingerstr. 17, 79106 Freiburg.

We use this service provider to send our newsletter because it ensures that the emails are sent reliably and are highly unlikely to end up in your spam filter. Our mailing service provider is used on the basis of an order processing contract in accordance with Art. 28 para. 3 sentence 1 GDPR.

Your personal data is stored on Inxmail's servers. Inxmail uses this information to send and analyse the newsletter on our behalf. Furthermore, according to its own information, Inxmail may use this data to optimise or improve its own services, e.g. to technically optimise the sending and presentation of the newsletter or for economic purposes in order to determine which countries the recipients come from. However, Inxmail does not use the data of our newsletter recipients to write to them itself or to pass it on to third parties.

There are also cases in which we direct newsletter recipients to the Inxmail website. For example, our newsletters contain a link with which our newsletter recipients can access the newsletter online (e.g. in the event of display problems in the email programme). Newsletter recipients can also correct their data, such as their e-mail address, at a later date.

In this context, we would like to point out that cookies may be used on Inxmail websites and thus personal data may be processed by Inxmail, its partners and service providers (e.g. Google Analytics). We have no influence on this data collection.

Further information can be found in Inxmail's privacy policy: [www.inxmail.de/datenschutz]( href="https://www.inxmail.de/datenschutz" class="redactor-autoparser-object">https://www.inxmail.de/datensc...</a<>)

Cancellation/revocation

You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. Your consent and the statistical analyses will then expire at the same time. Unfortunately, it is not possible to cancel the mailing or the statistical analyses separately. You will find a link to unsubscribe from the newsletter at the end of each newsletter.

9. Your consent

Please tell us what you think

It is our aim to respect your privacy. You can help us to improve our data protection policy by letting us know what you think. We are always open to your suggestions.