Data Privacy

Privacy Policy diffferent


This web­site is an offer of diff­fer­ent GmbH (“diff­fer­ent°” or “we”). With this Privacy Policy we inform you about the pro­cessing of per­son­al data in con­nec­tion with the use of our web­site. If you are redir­ec­ted to oth­er web­sites via a link, the pri­vacy policy of the respect­ive web­site oper­at­or applies. We recom­mend that you inform your­self about the hand­ling of per­son­al data on the respect­ive website.

  1. Who is respons­ible for the data pro­cessing and whom can I contact?

Controller of your per­son­al data with­in the mean­ing of Art. 4 (7) of the European General Data Protection Regulation (“GDPR”) is:

Sitz der Gesellschaft:
Falckensteinstraße 49
D‑10997 Berlin

Managing Directors: Alexander Kiock, Jan Pechmann, Dirk Jehmlich, Dr. Sascha Mahlke, Erwin Greiner

Tel.: +49 30 – 69 53 74 – 0

You may con­tact our data pro­tec­tion officer at:

diff­fer­ent GmbH
– Data Protection Officer –
Friedrichstr. 209
D — 10969 Berlin


  1. What sources and data do we use?

2.1 Visiting our Website

When you vis­it our web­site, your browser auto­mat­ic­ally sends inform­a­tion to the serv­er of our web­site. This inform­a­tion is tem­por­ar­ily stored in a so-called log file. The fol­low­ing inform­a­tion is col­lec­ted and stored until it is auto­mat­ic­ally deleted: IP address of the request­ing com­puter; date and time of access; name and URL of the accessed file; web­site from which access is made («refer­rer URL»); if applic­able, the search engine you used; the browser used; and, if applic­able, the oper­at­ing sys­tem of your com­puter as well as the name of your access provider.

This data will be pro­cessed by us for the fol­low­ing purposes:

ensur­ing a func­tion­ing con­nec­tion of the web­site,
ensur­ing com­fort­able use of our web­site,
eval­u­ation of sys­tem secur­ity and sta­bil­ity, and
for oth­er admin­is­trat­ive purposes.

Legal basis for the data pro­cessing is Art. 6 (1) (b) GDPR, inso­far as the pro­cessing is required to provide access to our web­site or for billing pur­poses. Apart from this, the pro­cessing is based on Art. 6 (1) (f) GDPR. Our legit­im­ate interests fol­low from the pur­poses for the data col­lec­tion lis­ted above. The log files are deleted after the end of the respect­ive browser ses­sion, at the latest after sev­en days, unless their fur­ther stor­age is required for the above-mentioned purposes.

In addi­tion, we use cook­ies and ana­lys­is ser­vices when you vis­it our web­site in accord­ance with point 4 below.

2.2 Using our ser­vices, con­tact­ing us

In addi­tion, we pro­cess per­son­al data that we receive from you in the course of our busi­ness rela­tion­ship. The leg­al basis for this is Art. 6 (1) (b) GDPR.

For example, we pro­cess per­son­al data if you provide it to us when con­tact­ing us by email or via our web­site, when sub­scrib­ing for our news­let­ter (see point 5.1 below), when apply­ing for a job (see point 6 below).

  1. For what pur­pose and on what leg­al basis do we pro­cess your data?

We pro­cess per­son­al data in accord­ance with the pro­vi­sions of the GDPR and the German Federal Data Protection Act (Bundesdatenschutzgesetz – “BDSG”):

3.1 For the per­form­ance of con­tracts and pre-contractual meas­ures (Art. 6 (1) (b) GDPR)

We pro­cess per­son­al data (Art. 4 (2) GDPR) to provide the ser­vices offered on our web­site, to per­form our con­tracts with you when you com­mis­sion us e.g. to under­take a UX or oth­er study for you, for billing pur­poses, pre-contractual meas­ures and for answer­ing your inquir­ies in con­nec­tion with our busi­ness relationship.

Further details for the pur­pose of the data pro­cessing can be found in the respect­ive con­trac­tu­al doc­u­ments and terms and conditions.

3.2 For the pur­poses of legit­im­ate interests (Art. 6 (1) (f) GDPR)

If neces­sary, we pro­cess your data bey­ond the actu­al ful­fil­ment of the con­tract where neces­sary for the pur­poses of the legit­im­ate interests pur­sued by us or third parties, for example in the fol­low­ing cases:

Answering your ques­tions out­side of a con­tract or pre-contractual meas­ures;
advert­ising or mar­ket and opin­ion research, unless you have objec­ted to the use of your data;
oper­a­tion and optim­iz­a­tion of the web­site;
use of cook­ies in accord­ance with point 4 below;
enforce­ment of leg­al claims and defence in leg­al dis­putes;
ensur­ing our IT secur­ity and IT oper­a­tions;
pre­ven­tion and invest­ig­a­tion of crim­in­al offences.

3.3 On the basis of your con­sent (Art. 6 (1) (a) GDPR)

Where you have giv­en us your con­sent to pro­cess per­son­al data for spe­cif­ic pur­poses, this pro­cessing is law­ful on the basis of your con­sent. You can with­draw your con­sent at any time. Please note that the with­draw­al will only take effect for the future. The law­ful­ness of our pro­cessing based on your con­sent which took place before the with­draw­al is not affected.

3.4 Due to leg­al oblig­a­tions (Art. 6 (1) © GDPR)

In addi­tion, we are sub­ject to vari­ous leg­al oblig­a­tions to pro­cess per­son­al data. The pur­poses of the pro­cessing include, inter alia, the ful­fil­ment of reten­tion peri­ods and doc­u­ment­a­tion oblig­a­tions under com­mer­cial and tax law.

  1. Cookies

We use cook­ies on our web­site that col­lect your data using pseud­onyms. Cookies are small text files that a web­site gen­er­ates and which your Internet browser stores on your hard drive when you vis­it the web­site. You can pre­vent the use of cook­ies at any time by set­ting your Internet browser so that it does not accept new cook­ies (espe­cially third party cook­ies) or noti­fies you of new cook­ies. You can also delete cook­ies that have already been saved in your Internet browser set­tings. You can get help on how to change your cook­ie set­tings in the help func­tion of your Internet browser, for example. Further inform­a­tion on this and on cook­ies in gen­er­al can be found, e.g., at and Please note that you might not be able to use some fea­tures of our web­site if you do not accept cookies.

On our web­site we may use tech­nic­ally neces­sary cook­ies (4.1), web ana­lys­is cook­ies (4.2), and track­ing cook­ies for advert­ising pur­poses (4.2):

4.1 Technically neces­sary cookies

Most of the cook­ies we may use are tech­nic­ally neces­sary to enable you to use our web­site and the ser­vices offered on it (e.g. secure login, adding products to the shop­ping cart in the order pro­cess) (“ses­sion cook­ies”). Our legit­im­ate interest in the data pro­cessing lies in these pur­poses; the leg­al basis is Art. 6 (1) (f) GDPR. We will not com­bine the data with oth­er per­son­al data and we will use it for advert­ising pur­poses. Session cook­ies are deleted after the end of the respect­ive browser ses­sion, at the latest after sev­en days.

4.2 Web ana­lys­is cook­ies (Google Analytics)

If you have giv­en your con­sent on our web­site, we also use cook­ies to cre­ate pseud­onym­ous user pro­files for the pur­pose of web ana­lys­is (“web ana­lys­is cook­ies”). These cook­ies enable us to identi­fy return­ing users (device own­ers), ana­lyze their beha­vi­or on our web­site, optim­ize our web­site and meas­ure its reach. The leg­al basis for such data pro­cessing is Art. 6 (1) (a) GDPR. You give your con­sent to this track­ing on our web­site by click­ing on “OK” in our cook­ie ban­ner; no web ana­lys­is cook­ies are set before this hap­pens. We do not com­bine the data with oth­er per­son­al data and we do not use it for the tar­geted address­ing of indi­vidu­al users for advert­ising pur­poses. Web ana­lys­is cook­ies are deleted after 14 months at the latest or if you with­draw your con­sent beforehand.

For this web ana­lys­is we use the ser­vice Google Analytics, which is oper­ated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

Google Analytics uses cook­ies which are stored on your com­puter and which enable an ana­lys­is of your use of the web­site. The inform­a­tion gen­er­ated by the cook­ie about your use of the web­site (browser type/version, oper­at­ing sys­tem used, refer­rer URL, host name of the access­ing com­puter (IP address), date and time of the serv­er request) are gen­er­ally trans­ferred to a Google serv­er in the USA and stored there. On our web­site, we have exten­ded Google Analytics with the code “anonymizeIp()” to guar­an­tee an anonym­ous col­lec­tion of IP addresses (so-called IP mask­ing). Google will there­fore reduce your IP address by the last oct­et with­in mem­ber states of the European Union or in oth­er sig­nat­ory states to the Agreement on the European Economic Area. Only in excep­tion­al cases will the full IP address be trans­mit­ted to a Google serv­er in the USA and shortened there. The trans­fer of your inform­a­tion to a third coun­try out­side the EU is covered by an adequacy decision of the Commission (C/2016/4176 of July 12, 2016 – with­in the mean­ing of Art. 45 GDPR, as Google has self-certified its adher­ence to the prin­ciples of the EU-US Privacy Shield (

On our behalf, Google uses this inform­a­tion as a pro­cessor with­in the mean­ing of Art. 28 GDPR to eval­u­ate your use of the web­site, to com­pile reports on web­site activ­it­ies and to provide the web­site oper­at­or with fur­ther ser­vices asso­ci­ated with web­site use and Internet use. The IP address trans­mit­ted by your browser in the con­text of Google Analytics is not merged with oth­er Google data.

You can pre­vent the use of cook­ies by select­ing the appro­pri­ate set­tings on your browser (see above); how­ever, please note that if you do this you may not be able to use the full func­tion­al­ity of this website.

You can also pre­vent Google from col­lect­ing the data gen­er­ated by the cook­ie and relat­ing to your use of the web­site (includ­ing your IP address) and from pro­cessing this data by Google for all web­sites by down­load­ing and installing the browser plug-in avail­able at

You can also – espe­cially with browsers on mobile devices – pre­vent Google Analytics from col­lect­ing and pro­cessing your data by click­ing here. An opt-out cook­ie will be set to pre­vent future col­lec­tion of your data by Google Analytics when you vis­it this web­site. Please note that this opt-out cook­ie only applies to this browser and this web­site and will be deleted if you delete all cook­ies in your browser.

For more inform­a­tion on Google Analytics» Terms of Use and Privacy Policy, please vis­it and

4.3 Tracking cook­ies for advert­ising purposes

If you have giv­en your con­sent on our web­site, we also use track­ing cook­ies for the pur­pose of tar­geted and interest-based online advert­ising (“advert­ising cook­ies”). These cook­ies col­lect and store inform­a­tion about your use of our web­site in pseud­onym­ous form. The leg­al basis for data pro­cessing is Art. 6 (1) (a) GDPR. You give your con­sent to this track­ing on our web­site by click­ing on “I Agree” in our cook­ie ban­ner; no advert­ising cook­ies are set or oth­er track­ing tech­no­lo­gies (e.g. track­ing pixels) are activ­ated before this hap­pens. You may with­draw your con­sent at any time by click­ing here. The law­ful­ness of the pro­cessing on the basis of your con­sent car­ried out before your with­draw­al remains unaf­fected. We do not com­bine the inform­a­tion with oth­er per­son­al data that you vol­un­tar­ily provide to us when you use our web­site or our ser­vices. We use the inform­a­tion to place advert­ise­ments on our web­site and on the web­sites of third parties (inso­far as these are part of our advert­ising net­work) that cor­res­pond to your interests. You also bene­fit from this because you will be con­fron­ted with less advert­ising that is not tailored to your interests. We also use the inform­a­tion to meas­ure and optim­ize the suc­cess of our advert­ising campaigns.

Advertising cook­ies are deleted after expiry of the stor­age peri­od spe­cified by the third party provider.

If you have giv­en your con­sent on our web­site, we use the fol­low­ing track­ing cook­ies (and track­ing pixels) for advert­ising purposes:

4.3.1 Google AdWords with con­ver­sion tracking

This web­site uses the online advert­ising ser­vice Google Adwords with con­ver­sion track­ing oper­ated by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).

We use the ser­vice to place ads on the res­ults page of a Google search or a Google advert­ising net­work web­site using Google (so-called AdWords). Our pur­pose is to draw your atten­tion to our offers. Conversion track­ing enables us to meas­ure how suc­cess­ful our indi­vidu­al advert­ising meas­ures are by means of cer­tain para­met­ers (e.g. inser­tion of advert­ise­ments or clicks by the user).

When you click on an ad placed by Google, Google stores a con­ver­sion track­ing cook­ie on your com­puter. These cook­ies usu­ally expire after 30 days and are not inten­ded to identi­fy you per­son­ally. For this cook­ie, the unique cook­ie ID, num­ber of ad impres­sions per place­ment (fre­quency), last impres­sion (rel­ev­ant for post-view con­ver­sions) and opt-out inform­a­tion (mark that the user no longer wishes to be addressed) are usu­ally stored as ana­lys­is values.

These cook­ies help Google recog­nize your browser. If you vis­it cer­tain web­sites on an AdWords cus­tom­er­’s web­site and the cook­ie has not yet expired, Google and the cus­tom­er may recog­nize that you clicked on the ad and were redir­ec­ted to the web­site. A dif­fer­ent cook­ie is assigned to each AdWords cus­tom­er. Cookies there­fore can­not be traced through the web­sites of AdWords cus­tom­ers. We do not col­lect and pro­cess any per­son­al data when using Google AdWords. We only receive stat­ist­ic­al eval­u­ations from Google with the total num­ber of users who clicked on an ad and were redir­ec­ted to a web­site with a con­ver­sion track­ing tag. On the basis of these eval­u­ations we can recog­nize which of the used advert­ising meas­ures are par­tic­u­larly effect­ive. We do not receive any fur­ther data from the use of advert­ising mater­i­al; in par­tic­u­lar, we can­not identi­fy users on the basis of this information.

Due to the tech­no­lo­gies used, your browser auto­mat­ic­ally estab­lishes a dir­ect con­nec­tion to a Google serv­er in the USA. The trans­fer of your inform­a­tion to a third coun­try out­side the EU is covered by an adequacy decision of the Commission with­in the mean­ing of Art. 45 GDPR, as Google has self-certified its adher­ence to the EU-US Privacy Shield ( By integ­rat­ing AdWords with con­ver­sion track­ing, Google receives the inform­a­tion that you have called up the cor­res­pond­ing web­site of our web pres­ence or clicked on an advert­ise­ment from us. If you are registered with a Google ser­vice, Google may asso­ci­ate the data with your account. Even if you are not registered or logged in to Google, it is pos­sible that Google may obtain and store your IP address.

You can pre­vent par­ti­cip­a­tion in this track­ing pro­ced­ure by choos­ing the appro­pri­ate cook­ie set­tings in your browser (see above) or by set­ting your browser so that cook­ies are blocked by the domain ( This set­ting is deleted if you delete your cook­ies. You can also deac­tiv­ate per­son­al­ized ads from pro­viders that are part of the “About Ads” self-regulation cam­paign (, which will also be deleted if you delete your cook­ies. You can also per­man­ently deac­tiv­ate per­son­al­ized advert­ising in your browsers (Firefox, Internet Explorer, Google Chrome) at Please note that in this case you may not be able to use all func­tions of our website.

Further inform­a­tion on data pro­cessing in the con­text of Google AdWords can be found at

4.3.2 LinkedIn Insight Tag

This web­site uses con­ver­sion track­ing and retar­get­ing tech­no­lo­gies oper­ated by social media pro­vider LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (“LinkedIn”) to meas­ure the res­ults of our advert­ising cam­paigns on LinkedIn, optim­ize them, and re-target vis­it­ors of our web­site with per­son­al­ized ads on LinkedIn or oth­er websites.

When you vis­it our web­site, your browser uses a track­ing pixel (LinkedIn Insight Tag) to estab­lish a dir­ect con­nec­tion to the LinkedIn serv­ers. LinkedIn stores a third party cook­ie in your browser and col­lects and stores your IP address and usage pat­terns on our web­site (and oth­er web­sites that con­tain a LinkedIn track­ing pixel) – even if you are not a mem­ber or not logged in. If you are (or become) a mem­ber of LinkedIn, LinkedIn may com­bine and ana­lyze this track­ing data with your account and use it for tar­geted advert­ising – on behalf of us or oth­er advert­isers – on LinkedIn or oth­er web­sites (unless you have objec­ted to such tar­geted and interest-based advert­ising in your LinkedIn accoun­t’s pri­vacy settings).

The inform­a­tion may also be trans­ferred to LinkedIn’s serv­ers in the United States (LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA). This trans­fer to a third coun­try is based on an adequacy decision of the European Commission with­in the mean­ing of Art. 45 DSGVO, as LinkedIn Corporation has self-certified its adher­ence to the prin­ciples of the EU-US Privacy Shield (

We do not receive access to this track­ing data (except in aggreg­ated form) and you remain anonym­ous to us.

You can dis­able tar­geted and interest-based advert­ising with LinkedIn ( and – if you do not have an account – For more inform­a­tion about LinkedIn’s use of per­son­al data for advert­ising pur­poses, please see LinkedIn’s pri­vacy policy (

  1. Email marketing

5.1 Newsletter

If you have giv­en us your con­sent (Art. 6 (1) (a) GDPR), we use your email address to send you our email news­let­ter with inform­a­tion about our com­pany, and, in par­tic­u­lar, our offers, case stud­ies, and new devel­op­ments regard­ing UX studies.

To sign up for our news­let­ter, it is suf­fi­cient to provide your email address.

You can unsub­scribe at any time, for example by using the link at the end of each mar­ket­ing email. Alternatively, you may unsub­scribe by email to In this case your email address will be deleted from our email dis­tri­bu­tion list and added to our black­list. The with­draw­al of your con­sent will only take effect for the future. The law­ful­ness of any pro­cessing based on your con­sent car­ried out before your with­draw­al is not affected.

5.2 Existing customers

If you have already used our fee-based ser­vices (e.g. com­mis­sioned us to con­duct a UX or oth­er study for you), we may inform you from time to time by email or let­ter about sim­il­ar ser­vices from USEEDS! if you have not objec­ted to this.

The leg­al basis for such data pro­cessing is Art. 6 (1) (f) GDPR. Our legit­im­ate interest lies in dir­ect advert­ising (Recital 47 GDPR).

You can object to the use of your email and postal address for advert­ising pur­poses at any time without addi­tion­al costs, for example via the link at the end of each mar­ket­ing email or by email to

You can refuse the use of Google Analytics by click­ing on the fol­low­ing link. An opt-out cook­ie will be set on the com­puter, which pre­vents the future col­lec­tion of your data when vis­it­ing this web­site:
Disable Google Analytics

Further inform­a­tion con­cern­ing the terms and con­di­tions of use and data pri­vacy can be found at or at Please note that on this web­site, Google Analytics code is sup­ple­men­ted by “anonymizeIp” to ensure an anonym­ized col­lec­tion of IP addresses (so called IP-masking).

(Source of Google Analytics Privacy:

If you have any ques­tions or com­ments con­cern­ing our pri­vacy policy, please con­tact us via e‑mail:

  1. Job applications

When you send us a job applic­a­tion, we pro­cess this applic­a­tion data exclus­ively for the pur­pose of the recruit­ing pro­cess. The leg­al basis for data pro­cessing is Sec. 26 (1) sen­tence 1 BDSG, inso­far as data pro­cessing is neces­sary for the decision on the estab­lish­ment of an employ­ment rela­tion­ship. If you also provide us with data that is not neces­sary for the applic­a­tion, the pro­cessing of this vol­un­tary data is based on your con­sent; the leg­al basis is Sec. 26 (2) BDSG or Sec. 26 (3) BDSG (if, in the indi­vidu­al case, spe­cial cat­egor­ies of per­son­al data with­in the mean­ing of Art. 9 (1) GDPR are concerned).

In our organ­iz­a­tion, those per­sons and bod­ies who pre­pare the hir­ing decision for us (per­son­nel depart­ment, rel­ev­ant decision-makers in the indi­vidu­al case) have access to your data. We treat your data strictly con­fid­en­tial and only share it with third parties if this is required by law (Art. 6 (1) © GDPR) or if you have giv­en your sep­ar­ate con­sent (Art. 6 (1) (a) DSGVO).

We will delete the data as soon as it is no longer required for the recruit­ing pro­cess. Accordingly, we delete your applic­a­tion data six months after com­ple­tion of the recruit­ing pro­cess (i.e. after the pos­i­tion has been filled or the applic­a­tion pro­cess has been ter­min­ated in anoth­er way). There are the fol­low­ing excep­tions to this:

We will not delete your applic­a­tion data if you have sep­ar­ately con­sen­ted to the fur­ther stor­age of your data for future job offers by us. You can with­draw your con­sent to the fur­ther stor­age of your data at any time; we will then delete your data accordingly.

If we con­clude an employ­ment rela­tion­ship with you after com­plet­ing the recruit­ing pro­cess, your applic­a­tion data will be trans­ferred to your per­son­nel file in our per­son­nel admin­is­tra­tion sys­tem and pro­cessed there for the pur­pose of car­ry­ing out the employ­ment relationship.

Apart from this, the gen­er­al prin­ciples for stor­ing your data (see point 9 below) apply.

  1. Who gets access to my data?

Within our organ­iz­a­tion, those depart­ments or indi­vidu­als get access to your data that need it in order to ful­fil our con­trac­tu­al and leg­al obligations.

Processors (Art. 28 GDPR) may also receive data for the afore­men­tioned pur­poses. These are com­pan­ies in the cat­egor­ies IT ser­vices, logist­ics, print­ing ser­vices, tele­com­mu­nic­a­tions, con­sult­ing and sales and marketing.

We share your per­son­al data with third parties where neces­sary for the per­form­ance of a con­tract between us or pre-contractual meas­ures (Art. 6 (1) (b) GDPR) or for the pur­poses of legit­im­ate interests (Art. 6 (1) (f) GDPR). We only share such inform­a­tion that is required by the respect­ive ser­vice pro­vider to per­form the task assigned to him.

In addi­tion, we dis­close or trans­mit your per­son­al data where required by law (Art. 6 (1) © GDPR) or with your con­sent (Art. 6 (1) (a) GDPR).

Under these con­di­tions, recip­i­ents of per­son­al data may be, for example:

Subcontractors used by us to provide our ser­vices (e.g. Freelancers, Market Research Institutes, elec­tron­ic sig­na­tures ser­vice pro­viders)
Banks for the col­lec­tion of pay­ments
Public author­it­ies and insti­tu­tions in the event of a leg­al oblig­a­tion or offi­cial order

  1. How long will my data be stored?

If neces­sary, we pro­cess and store your per­son­al data for the dur­a­tion of our busi­ness rela­tion­ship, which also includes, for example, the ini­ti­ation and pro­cessing of a contract.

In addi­tion, we are sub­ject to vari­ous stor­age and doc­u­ment­a­tion oblig­a­tions arising, inter alia, from the German Commercial Code (Handelsgesetzbuch – “HGB”) and the German Fiscal Code (Abgabenordung – “AO”). The reten­tion and doc­u­ment­a­tion peri­ods spe­cified there are, e.g., 6 years for cor­res­pond­ence in con­nec­tion with the con­clu­sion of a con­tract and 10 years for account­ing doc­u­ments (Sec. 238, 257 (1) and (4) HGB, Sec. 147 (1) and (3) AO). Such stor­age and doc­u­ment­a­tion oblig­a­tions apply in par­tic­u­lar if you con­clude a con­tract with us (e.g. regard­ing a UX or oth­er study).

Moreover, the stor­age peri­od also depends on the stat­utory lim­it­a­tion peri­ods, which, for example, accord­ing to Sec. 195 et seq. of the German Civil Code (“BGB”), are gen­er­ally three years long, but can, in cer­tain cases, also be up to thirty years.

After expiry of the stor­age and doc­u­ment­a­tion oblig­a­tions and the rel­ev­ant lim­it­a­tion peri­ods, we delete the data.

Log files and cook­ies are deleted after the above-mentioned stor­age periods.

  1. Is data trans­ferred to a third coun­try or to an inter­na­tion­al organization?

Data is trans­ferred to third coun­tries (coun­tries out­side the European Economic Area (EEA)) where this is neces­sary or leg­ally required for the exe­cu­tion of con­tracts or if you have giv­en us your con­sent. We will sep­ar­ately inform you about details, if required by law. In addi­tion, the data pro­cessors in third coun­tries men­tioned in this Privacy Policy (e.g. Google) have access to your data.

  1. What data pro­tec­tion rights do I have?

You have the right of access (Art. 15 GDPR), the right to rec­ti­fic­a­tion (Art. 16 GDPR), the right to eras­ure (Art. 17 GDPR), the right to lim­it­a­tion of pro­cessing (Art. 18 GDPR) and the right to data port­ab­il­ity (Art. 20 GDPR). The restric­tions accord­ing to Sec. 34 and 35 BDSG apply to the right of access and the right of can­cel­la­tion. You also have the right to object to data pro­cessing by us (Art. 21 GDPR). If our pro­cessing of your per­son­al data is based on con­sent (Art. 6 (1) (a) GDPR), you can with­draw this at any time; the leg­al­ity of data pro­cessing based on the con­sent until with­draw­al remains unaf­fected by this.

To assert these rights and for fur­ther ques­tions on our pro­cessing of per­son­al data, you may con­tact our data pro­tec­tion officer at or use our gen­er­al con­tact data (see point 1 above) at any time.

Regardless of this, you have the right to file a com­plaint with a super­vis­ory author­ity – in par­tic­u­lar in the EU Member State where you are stay­ing, work­ing or allegedly infringed – if you believe that the pro­cessing of per­son­al data con­cern­ing you viol­ates the GDPR or oth­er applic­able data pro­tec­tion laws (Art. 77 GDPR, Sec. 19 BDSG).

  1. Is there an oblig­a­tion to provide data?

In the con­text of our busi­ness rela­tion­ship you only have to provide the per­son­al data which is neces­sary for the estab­lish­ment, exe­cu­tion and ter­min­a­tion of a busi­ness rela­tion­ship or which we are leg­ally obliged to col­lect. Without this data we will usu­ally have to refuse the con­clu­sion of the con­tract or the exe­cu­tion of the order or we will no longer be able to execute an exist­ing con­tract and may have to ter­min­ate it.

Mandatory inform­a­tion is marked as such on our website.

  1. To what extent is there auto­mated decision mak­ing in indi­vidu­al cases?

We do not use fully auto­mated decision mak­ing accord­ing to Art. 22 GDPR for the estab­lish­ment and imple­ment­a­tion of a busi­ness rela­tion­ship. Should we use these pro­ced­ures in indi­vidu­al cases, we will inform you sep­ar­ately, where required by law.


Last updated: May 25, 2018