Privacy Policy

We take the protection of your personal data very seriously and handle your personal data confidentially and in accordance with applicable data protection laws and regulations as well as this Privacy Policy.

In general, it is possible to use our website without providing any personal data.

Scope of this privacy policy

In cases in which personal data is collected when visiting our website, we process it exclusively in accordance with the General Data Protection Regulation (Regulation (EU) 2016/679 “GDPR”) and the Federal Data Protection Act of 30 July 2017 (BDSG - 2017 Revision), as well as the Telemedia Act (“TMG”). Personal data is processed exclusively in accordance with the terms of this Privacy Policy.

This Privacy Policy applies to the use of the web pages located at the following addresses:

The respective privacy policy found websites containing content to which have provided links is applicable in such cases.

Please note that security holes may be encountered when transmitting data via the Internet that may not be prevented regardless of the technical design of our website. It is not possible to completely protect personal data when using the Internet.

Responsible Authority

The following entity and persons are responsible for processing personal data when using this website:

Guntermann & Drunck GmbH
Mr. Thorsten Lipp
Mr. Nils Strauch
Mr. Uwe Milde
Obere Leimbach 9
57074 Siegen
Germany

Phone: +49 271 23872-0
E-mail: datenschutz@gdsys.com

Data Protection Officer
As data protection officer, we have been appointed:

Mr Dipl.-Inform. Olaf Tenti
GDI Gesellschaft für Datenschutz und Informationssicherheit mbH
Körnerstraße 45
58095 Hagen (NRW)

Phone: +49 2331 356832-0
Web: www.gdi-mbh.eu

Hosting

Our website is operated on servers provided by

levigo systems gmbh
Bebelsbergstraße 31
71088 Holzgerlingen
Germany
https://www.levigo.de/

 

Microsoft Ireland Operations Limited
Irland, Nr. 256796
70 Sir John Rogerson's Quay
Dublin 2
Ireland
https://www.microsoft.com/

Server log files

The website provider automatically collects and stores information that your browser transmits to us in so-called server log files. This includes:

  • Date & time
  • Type of request (GET/POST/...) and requested path/file/page
  • Status
  • The quantity of data transmitted
  • Referrer (if set)
  • Browser & version or what the client claims to be (if set)
  • IP addresses [in anonymized form]

The provider uses data in this manner to operate the website and to ensure IT security. The log data may be analyzed at a later point in time if this appears necessary. Data stored by the provider is automatically deleted after 14 days.
 

This data cannot be assigned to identified or identifiable persons. This data will not be merged with other data sources. We reserve the right to subsequently check this data if we become aware of specific indications of unlawful use.

Data processing

Personal data is transmitted to third parties in the course of using our website.

Legal basis for data processing

Potential bases for collecting data pursuant to Art. 6(1) GDPR are: your consent (a); processing information for the performance of a contract or the initiation of a contract (b); the fulfillment of a legal obligation (b).

In cases in which data is collected based on our company’s legitimate interest (f), you will be provided separate notice as part of the respective process.

Contact options (contact form / support / e-mail)

On our website, you have the ability to contact us via e-mail and by using our contact form. If you use these options, your personal data will be retained and processed for communications purposes. Data collected for this purpose ([name, address, telephone number, e-mail address, IP address]) will not be shared with third parties. Data collected for this purpose will not be aggregated with other data collected on the website.
 

This data may be retained as part of the customer relations management (CRM) process if you are already a customer of our company.
 

Potential bases for collecting data pursuant to Art. 6(1) GDPR are: your consent (a); processing information for the performance of a contract or the initiation of a contract (b); the fulfillment of a legal obligation (b); as well as our company’s legitimate interest in communications you have initiated (f). 
 

The contact form is sent encrypted using TLS technology. Encryption is used to prevent unauthorized access to your personal data by third parties.
 

This data is processed on the basis of Art. 6(1)(b) GDPR if your request is related to the performance of a contract or is necessary to carry out pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6(1)(f) GDPR) or your consent provided we have requested it (Art. 6(1)(a) GDPR).
 

We will retain the data you provide on the contact form until such time as you request its erasure, withdraw your consent for its storage, or the purpose for its storage is no longer applicable (e.g., after completely processing your inquiry). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected.

SSL or TLS encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential information, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection in your browser’s address bar when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties (end-to-end encryption). The protocols authenticate the communication partner and ensure the integrity of transmitted data.

Google Tag Manager

We use "Google Tag Manager" on our websites. This service is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or if you have your registered office or place of residence in the EU, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
 

Google Tag Manager provides a functionality that allows us to integrate additional services on our website easily, efficiently, and dynamically. In addition, we can quickly configure and customize services integrated via Google Tag Manager without having to make technical changes to our website. Services the use of which you have already objected to will not be delivered to your browser by the Google Tag Manager.
 

Google does not collect any personal data through the use of Google Tag Manager. Google collects technical data without personally identifying information for the general use and implementation of Google Tag Manager.
 

Data processing in this context is performed on the basis of Art. 6(1)(f) GDPR.

Our legitimate interest comprises the efficient provision of our website including any embedded services and functions.
 

As there is no EU Commission adequacy decision for the transfer of personal data to the USA, we have concluded standard data protection clauses with Google within the meaning of Art. 46(2)(c) GDPR.
 

Please refer to the following link for Google's privacy policy: https://policies.google.com/privacy?hl=en.

The Google Tag Manager Terms of Service can be found at the following link: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/
 

Google Dynamic Remarketing

We use "Google Dynamic Remarketing" on our website. This is a service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as "Google").
 

Google Dynamic Remarketing enables us to display our advertisements to you as you continue to use the Internet after visiting our website. This is done by means of cookies stored in your browser. They are used by Google to record and evaluate your usage behavior when visiting various websites. In this way, Google can determine your previous visit to our website. According to its own statements, Google does not merge data collected in the course of remarketing with any of your personal data that may be stored by Google. In particular, Google claims to apply pseudonymization for remarketing.
 

We use Google Dynamic Remarketing for marketing and optimization purposes, specifically to place ads that are relevant and interesting to you and to improve campaign performance reporting.
 

The legal basis for the use of Google DoubleClick is your consent pursuant to Art. 6(1)(a) GDPR, provided that you have provided your consent the first time you accessed our website.
 

As there is no EU Commission adequacy decision for the transfer of personal data to the USA, we have concluded standard data protection clauses with Google within the meaning of Art. 46(2)(c) GDPR.
 

You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in your browser settings. Please note, however, that in this case you may not be able to use all features of this website to their full extent.
 

It is also possible to prevent the storage of cookies by setting your web browser to block cookies from the domain "www.googleadservices.com" (https://adssettings.google.de/settings/ads). Please note that this setting will be deleted when you delete your cookies.
 

In addition, you can disable interest-based ads by clicking on the link https://optout.aboutads.info/?c=2&lang=EN. Please note that this setting will also be deleted when you delete your cookies.
 

Further information on the use of data by Google, setting and objection possibilities along with data protection can be found on Google's websites:

Privacy Policy: https://policies.google.com/privacy?hl=en&gl=de

Google Website statistics: https://services.google.com/sitestats/en.html
 

Google DoubleClick

This website continues to use Google’s online marketing tool Campaign Manager. Campaign Manager uses cookies to display ads relevant to users, to improve campaign performance reports, or to prevent a user from seeing the same ads more than once. Google uses a cookie ID to record which ads are displayed in which browser and can thus prevent them from being displayed more than once. In addition, Campaign Manager may use cookie IDs to collect conversions related to ad requests. This is the case, for example, when a user sees a Campaign Manager ad and later uses the same browser to access the advertiser’s website and buy something there. According to Google, Campaign Manager cookies do not contain personally identifiable information.
 

Your browser automatically establishes a direct connection to the Google server on the basis of the marketing tools employed. We have no influence on the extent and further use of the data collected by Google through the use of this tool and may thus only inform you on the basis of our knowledge: Through the integration of Campaign Manager, Google is notified that you have accessed the relevant part of our website or clicked on an advertisement from us. If you are logged-in to a Google service, Google can associate the visit with your account. Even if you are not registered with Google, or have not logged in, it is possible for the provider to obtain and store your IP address.
 

In addition, Campaign Manager (DoubleClick Floodlight) cookies we use enable us to understand whether you are performing any actions on our website after you have viewed or clicked (conversion tracking) on one of our display/video ads on Google or another platform via Campaign Manager. Campaign Manager uses this cookie to understand the content you have interacted with on our website in order to send you targeted advertisements at a later point in time.


You can prevent participation in this tracking process in various ways:  

  • By setting your browser software accordingly, in particular by suppressing third-party cookies so that you will not receive ads from third-party providers; 
  • By deactivating cookies for conversion tracking by setting your browser to block cookies from the domain www.googleadservices.com, https://www.google.de/settings/ads, whereby this setting is deleted when you delete your cookies; 
  • By deactivating the interest-based ads from providers that are part of the “About Ads” self-regulation campaign via the link http://www.aboutads.info/choices, whereby this setting is deleted when you delete your cookies; 
  • By permanent deactivation in your Firefox, Internet Explorer or Google Chrome browsers under http://www.google.com/settings/ads/plugin
  • Using the appropriate settings on your browser. Please note that in this case you may not be able to use all functions of this website to their full extent.
     

In addition, you can prevent Google from collecting the information generated by the cookies about your use of the website, and the processing of this information by Google, by downloading and installing the browser plug-in available at https://support.google.com/adsense/answer/142293?hl=de under “Display settings”, “Campaign Manager deactivation extension”.


More information about Campaign Manager can be found at https://www.google.de/doubleclick as well as Google’s privacy policy in general: https://www.google.de/intl/de/policies/privacy
 

Data is transmitted to the USA on the basis of your consent under Art. 6(1)(a) in conjunction with Art. 49(1)(a) GDPR.

As there is no EU Commission adequacy decision for the transfer of personal data to the USA, we have concluded standard data protection clauses with Google within the meaning of Art. 46(2)(c) GDPR.

Alternatively, you can visit the Network Advertising Initiative (NAI) website at https://www.networkadvertising.org.
 

Ajax Google Apis

We use the Javascript jQuery library provided by Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View (hereinafter “Google”) on our webpages.
 

We use Google's CDN (content delivery network) to load this library in order to increase the loading speed of our website and thus provide you with a better user experience. Chances are very high that you have already used jQuery on another Google CDN website. If this is the case, your browser can access the cached copy and it does not have to be downloaded again.
 

 If your browser does not have a cached copy or is downloading the file from Google CDN for any other reason, data will again be transferred from your browser to Google Inc. ("Google").
 

The legal basis for the use of Ajax-GoogleApis jQuery is your consent pursuant to Art. 6(1)(a) GDPR, provided that you have provided your consent the first time you accessed our website.
 

As there is no EU Commission adequacy decision for the transfer of personal data to the USA, we have concluded standard data protection clauses with Google within the meaning of Art. 46(2)(c) GDPR.
 

Further information about data processing by Google can be found in Google's Privacy Policy, which is currently available at:  https://www.google.de/intl/de/policies/privacy/ 

You can prevent Google-Apis from collecting and processing your data by disabling script code execution in your browser or by installing a script blocker in your browser (which can be found at www.noscript.net or www.ghostery.com).
 

Google Analytics 4

This website uses the web analytics service Google Analytics 4, operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or if you have your registered office or place of residence in the EU, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

Google Analytics uses "cookies", which are small text files placed on your computer, to help the website analyse how users use the site, if you have consented to the use of cookies for marketing purposes.

The information generated by the cookie about how you use the website will be transmitted to and processed by Google on servers in the United States and other countries. This may include transmission to Google LLC, which is based in the USA.
 

Demographic characteristics

Google Analytics 4 uses the special function "demographic characteristics". Google Analytics 4 can use this function to create statistics that make statements about the language, interests, location, age and gender of website users in order to identify target groups for marketing activities. This is done by analysing advertising and information from third-party providers. The collected data cannot be assigned to a specific person and is deleted after being stored for a period of two months.
 

Google Signals

As an extension to Google Analytics 4, we use Google Signals on our website to generate cross-device reports. If you have activated personalised ads and your devices are linked to your Google account, Google will, subject to your consent to use Google Analytics, analyse your usage behaviour across devices and create database models, including on cross-device conversions.

We do not receive any personal data from Google, only statistics. If you would like to prevent cross-device analysis, you can deactivate the "Personalised advertising" function in the settings of your Google account.

You can find instructions on this page: https://support.google.com/ads/answer/2662922?hl=de

For more information on Google Signals, please see the following link: https://support.google.com/analytics/answer/7532985?hl=de
 

UserIDs

As an extension to Google Analytics 4, the "UserIDs" function is used on our website. If you have consented to the use of Google Analytics 4, set up an account on this website and log in with this account on different devices, your activities, including conversions, can be analysed across devices.

The terms of use and notes on data protection can be found at http://www.google.com/analytics/terms/de.html , https://policies.google.com/privacy?hl=de&gl=de and at https://www.google.de/intl/de/policies/.

Google processes your personal data on our behalf. We have therefore concluded an order processing agreement with Google in accordance with Art. 28 (3) DSGVO, in which Google undertakes to protect your personal data and not to pass it on to third parties for purposes other than those mentioned above.

 

The legal basis for the use of Google Analytics is your consent pursuant to Section 25 (1) TTDSG as well as Article 6 (1) sentence 1 lit. a DSGVO, insofar as you give us your consent to this when you first access the page.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision of the European Commission.

You can revoke your consent to data processing and transfer at any time without giving reasons by deleting the cookies in your browser or by clicking on the Cookiebot button at the bottom left.

The legality of data processing that has already taken place is not affected by the revocation of consent.

 

Google reCAPTCHA

In order to protect input forms on our website, we use the "reCAPTCHA" service of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter "Google". By using this service, it is possible to distinguish whether a form entry is of human origin or misused by automated machine processing.

The legal basis for the use of reCAPTCHA is your consent pursuant to art. 6 para. 1. p. 1 lit. a GDPR, insofar as you have agreed when you first accessed the site.

To achieve the functionality, your referrer URL, IP address, website visitor behavior, information about operating system, browser and duration of visit, cookies, display instructions, scripts, information about the user's input behavior and mouse movements in the reCAPTCHA checkbox are transmitted to Google.
 

Google uses the information obtained in this way, among other things, to digitize and optimize its own various services.

The IP address transmitted as part of reCAPTCHA is not merged with other data from Google, unless you are logged into your Google account at the time of using the reCAPTCHA plug-in, i.e., at the time of visiting our website. If you wish to prevent this transmission and storage of data about you and your activity on our website by Google, you must log out of Google before accessing our site.
 

Google also processes data from you in the USA, among other places. We point out that according to the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may be associated with various risks to the legality and security of data processing. As a basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e., in particular in the USA) or a data transfer there, Google uses so-called standard contractual clauses pursuant to art. 46. para. 2 and 3 GDPR.
 

Standard contractual terms are model templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA).

By agreeing to these terms, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the US. These clauses are based on an implementing decision of the EU Commission. Among other sources, you can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32021D0914
 

The Google Ads Data Processing Terms, which reference the standard contractual clauses, can be found at:

https://business.safety.google/intl/en/adsprocessorterms/  

The terms of use of the reCAPTCHA service can be viewed at: https://policies.google.com/privacy?hl=en
 

GA Audience

Our website uses GA Audience, a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: GA Audience).
 

Among other things, GA Audience uses cookies, which are stored on your computer and other mobile devices (e.g., smartphones, tablets, etc.) and which enable an analysis of the use of the respective devices. In some cases, the data is analyzed across devices.

Google Audience thereby obtains access to the cookies generated within the use of Google AdWords and Google Analytics. In the process of the use, data, such as in particular the IP address and activities of the users, may be transmitted to a server of the company Google Inc. and stored there.
 

The legal basis for the application of GA Audience is your agreement in accordance with art. 6 para. 1 p. 1 lit. a GDPR (EU General Data Protection Regulation), insofar you have given consent when you first accessed the site.

Since there is no EU Commission adequacy decision for the transfer of personal data to the USA, we have concluded with Google standard data protection terms within the meaning of Art. 46 (2) lit. c GDPR.
.

Google Inc. may transfer this information to third parties, insofar as this is required by law or insofar as processing of this data by third parties takes place.
 

You can also prevent the collection and forwarding of personal data (especially your IP address) as well as the processing of this data by deactivating the execution of Java Script in your browser or installing a tool such as 'NoScript'. Further, you can avoid the collection of data generated by the Google cookie and related to your use of the website (including your IP address) to Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link (https://tools.google.com/dlpage/gaoptout?hl=en)
 

The data is deleted as soon as the purpose of its collection has been fulfilled.

For more information on the handling of transferred data, please refer to GA Audience's privacy policy: https://policies.google.com/privacy?hl=en.
 

Microsoft Dynamics 365 Cloud for Marketing

We use the marketing automation system Microsoft Dynamics 365 Cloud for Marketing of the provider Microsoft Corporation (Microsoft Deutschland GmbH, Walter-Gropius-Straße 5, 80807 Munich, Germany) - hereinafter referred to as "Microsoft" - to carry out marketing campaigns, for analysis purposes and to address customers and potential customers in a target group-specific manner. The data processing takes place within the European Union.

We use the system particularly for sending e-mail communications (e.g., in connection with the provision of downloads), for event management (e.g., management of event participants) and for the provision of landing pages and contact forms.
 

The use of the provider Microsoft and the system, the performance of statistical surveys and analyses, as well as the logging of the registration process for communication by e-mail, are carried out on the basis of your consent to e-mail communication via Microsoft Dynamics 365 Cloud for marketing pursuant to art. 6 para. 1 p. 1 lit. a GDPR.

Our interest is focused on providing a user-friendly and secure system that serves our business interests and meets the expectations of our users.

The components (e.g., forms) of the system integrated in our online service use "cookies", which are stored on the user's computer, and which enable an analysis of the use of the website by us.
 

In particular, the following information is collected:

•              Client id

•              The geographical location

•              Type of browser

•              Duration of the visit and pages viewed
 

Pseudonymized e-mail tracking:

The statistical surveys also include the identification of whether the newsletters were opened, when they were opened, and which links were clicked. Although this information can technically be assigned to individual newsletter recipients, an analysis of personal data is disabled and information about newsletter recipients is only evaluated pseudonymously and cannot be decoded and assigned to individual persons.
 

Double opt-in and logging:

The subscription to our newsletter uses a so-called double opt-in procedure. This means that after registration, the user receives an e-mail in which he or she is asked to confirm the registration. This confirmation is necessary so that no one can register with other email addresses. The registrations for the newsletter are logged to be able to prove the registration process according to the legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address. Likewise, the changes to the user data stored with the shipping service provider are logged.
 

Cancellation/Revocation:

The user can cancel the subscription to our newsletter at any time, i.e., revoke his or her consent. The user will find a link to unsubscribe from the newsletter at the end of each newsletter. If the users have cancelled the newsletter subscription, the personal data of the users processed for its sending will be deleted.
 

For more information about privacy, users should refer to Microsoft's privacy policy at: Microsoft Privacy Statement – Microsoft privacy.

For more information on the use of cookies in connection with the system, users can visit: https://learn.microsoft.com/en-us/dynamics365/marketing/cookies
 

Microsoft Dynamics 365 Cloud

We use the CRM system "Microsoft Dynamics 365 Cloud" of the provider Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399, USA) - hereinafter referred to as "Microsoft" - as a cloud service; data processing takes place within the European Union.
 

Microsoft uses the data of the users exclusively for the technical processing of the inquiries and does not pass them on to third parties.

We use the system especially for the management of customers and interested parties (leads) in order to be able to process user inquiries more quickly and efficiently. The use of this system is based on our legitimate interest pursuant to article 6 para. 1 p. 1 lit. f. GDPR.
 

Users can find further information on data protection in Microsoft's privacy policy at https://privacy.microsoft.com/en-us/privacystatement.
 

LeadLab from wiredminds GmbH

We use the Leadlab service provided by wiredminds GmbH, and their counting pixel technology, on our website to analyze user behavior and to optimize our site based on what we learn. In particular, the service allows us to identify which companies have visited our site. As part of this service, we do not receive any information that directly identifies you.
 

Cookies and tracking pixels are used in connection with the use of Leadlab to enable the statistical analysis how you use this website during your visits. Information - including personal information - about your visitor behavior is stored in this cookie and transmitted to wiredminds or collected directly by wiredminds. Information is processed by wiredminds using a pseudonym in a usage profile for purpose of analysis and is anonymized as far as possible.
 

The data obtained in this way will not be used to personally identify you without a separately given consent and will not be combined with personal data about you as the bearer of the pseudonym.
 

If IP addresses are collected, they will be made anonymous immediately after collection by deleting the last number block.

Information about data protection at wiredminds can be found on their website at https://wiredminds.de/en/privacy/.

Data processing is carried out on the basis of our legitimate interest in optimizing our online offerings, and our website, in accordance with Art. 6(1)(f) GDPR. wiredminds processes data on our behalf, and we have concluded a contract data processing agreement with wiredminds. This ensures that the data processing on our behalf is carried out in accordance with the General Data Protection Regulation and guarantees the protection of the rights of the data subjects.
 

If you do not wish your user behavior to be collected and analyzed, you can object to this by means of an opt-out cookie. This sets an opt-out cookie which prevents any future collection of your data when visiting this website. This opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must save the opt-out cookie again.
 

Your visit to this website is currently being collected using wiredminds web analysis. Click here to stop data from your visit from being collected:  http://test.wiredminds.de/track/cookie_mgr.php?mode=dont_track_ask&websitesel=ac36ac88c50cac82&lang=de.
 

Userlike

Guntermann & Drunck GmbH uses chat software provided by Userlike UG (haftungsbeschränkt), Probsteigasse 44-46, 50670 Cologne, Germany. You can use the chat function like a contact form to chat with our employees in near real time.
 

The chat window will not be loaded until you have given your consent pursuant to Art. 6(1)(a) GDPR.

The following personal data is collected at the start of the chat:

  •     Date and time of access;
  •     Browser type/version,
  •     IP address,
  •     Operating system in use;
  •     URL of the previously visited website;
  •     Amount of data sent;
  •     And, if provided: First name, last name, and email address.
     

Depending on the conversation, additional personal data that you have entered may be collected during the chat. The nature of this data depends heavily on your inquiry or the problem you are describing. The purpose of processing all of this data is to provide you with a fast and efficient means of contacting us and to improve our customer service as a result.

All our employees have been and will be trained on the subject of data protection and instructed how to handle customer data safely and confidentially. All our employees are obliged to maintain confidentiality and have accordingly signed an addendum to their employment contracts requiring them to maintain confidentiality and to adhere to data protection rules.
 

When you access the www.gdsys.de website, the chat widget is loaded by AWS Cloudfront in the form of a JavaScript file. From a technical standpoint, the chat widget represents the source code executed on your computer that allows the chat function to operate.

In addition, Guntermann & Drunck GmbH retains chat histories for a period of 18 months. The purpose of this is to save you from potentially having to provide lengthy explanations of your inquiry and to constantly monitor the quality of our chat service. Such processing is therefore permitted under Art. 6(1)(f) GDPR. If you do not wish chats to be retained for this purpose, please inform us using the contact details set out below. We will then delete any chats we have stored without undue delay.
 

Retaining chat data also aids in ensuring the security of our information technology systems. This is also a legitimate interest of ours, meaning that processing is lawful under Art. 6(1)(f) GDPR.

For more information, please see the privacy policy of Userlike UG (haftungsbeschränkt).
 

HubSpot

We are using HubSpot for our online marketing activities.

HubSpot is a software company from the USA with a subsidiary in Ireland and Germany.

We use the service of HubSpot Germany GmbH (Am Postbahnhof 17, 10243 Berlin) and its sub-processors Hubspot Inc. (25 First Street, 2nd Floor, Cambridge, MA 02141, USA) and Hubspot Ireland ltd. (One Dockland Central, Dublin 1, Ireland)

This is an integrated software solution that we use to cover various aspects of our online marketing.
 

These include:

-   Content management (website and blog)

-   E-Mail marketing (newsletter as well as automated mailings, e.g., for the provision of downloads)

-   Social media publishing & reporting

-   Reporting (e.g., traffic sources, accesses, etc. ...)

-   Contact management (e.g., user segmentation & CRM)

-   Landing pages and contact forms
 

Our sign-up service allows visitors to our website to learn more about our company, download content, and provide their contact information and other demographic information.

This information as well as the content of our website is stored on servers of our software partner "HubSpot". It can be used by us to contact visitors to our website and to determine which of our company's services are of interest to them. All information we collect is subject to this privacy policy. We use all of the collected information exclusively to optimize our marketing measures.

Furthermore, to improve the user experience on our website for sending and receiving messages on some subpages, we use the live chat service "Messages" from HubSpot (round chat icon at the bottom right of the screen). Upon consent and use of this function, the following data is transmitted to HubSpot's servers:
 

Content of all chat messages sent and received.

Context information (e.g., page on which the chat was used)

Optional: e-mail address of the user (if provided by the user via chat function)

The data processing is based on your consent according to art. 6 para. 1 p. 1 lit. a GDPR.
 

We have contracted a data processing agreement with Hubspot Germany and additionally so-called standard contractual clauses, in which HubSpot Inc. undertakes to process user data only according to our instructions and to comply with the EU data protection level. Read more about HubSpot's privacy policy here:

https://legal.hubspot.com/dpa

More information about HubSpot's privacy policy »

More information from HubSpot regarding EU data protection regulations »
 

For more information about the cookies used by HubSpot, please click here »
 

cookiebot.com

Our website uses the cookie consent technology of Cybot - Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter: cookiebot.com) to obtain your consent to the storage of certain cookies in your browser and to be able to document this in accordance with data protection law.
 

We use this data to ensure the proper functionality of our website.

If the user agrees to the use of cookies, the following data is automatically logged at Cybot:

- The anonymized IP number of the user;

- Date and time of consent;

- User agent of the end user's browser;

- The URL of the provider;

- An anonymous, random and encrypted key.

- The user's allowed cookies (cookie status), which serves as proof of consent.
 

The encrypted key and the cookie status are stored in a cookie on the user's terminal device in order to establish the corresponding cookie status in the event of future page visits. This cookie is automatically deleted after 12 months. 

Mandatory legal retention periods remain unaffected.

This data processing is carried out in accordance with art. 6 (1) p. 1 lit. f GDPR based on our legitimate interest in providing a cookie consent management service for website visitors.
 

To prevent the collection as well as the processing of your data by cookiebot.com, you can disable the execution of script code in your browser or install a script blocker in your browser.

For more details on the data agreement, please refer to the privacy policy of cookiebot.com: https://www.cookiebot.com/en/privacy-policy/.
 

Use of YouTube components with extended data protection mode

The video platform YouTube is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or, if you have your registered office or place of residence in the EU, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").
 

The following notes do not concern any direct integration of YouTube videos on our website.

When visiting our channel on YouTube, your data may be automatically collected and stored for market research and advertising purposes. So-called usage profiles are created from this data using pseudonyms. These can be used, for example, to place advertisements within and outside the video platform that presumably correspond to your interests. Cookies are generally used on your terminal device for this purpose. The function of cookies is explained in the context of the data protection instruction there, so please see the corresponding notes there. In these cookies, the visitor behavior and the interests of the users are stored.
 

When visiting our channel on YouTube, your data may be automatically collected and stored for market research and advertising purposes. So-called usage profiles are created from this data using pseudonyms. These can be used, for example, to place advertisements within and outside the video platform that presumably correspond to your interests. Cookies are generally used on your terminal device for this purpose. The function of cookies is explained in the context of the data protection instruction provided there, so please see the corresponding notes. In these cookies, the visitor behavior and the interests of the users are stored.

The legal basis for the collection and processing of data is your consent within the meaning of article 6 (1) sentence 1 lit. a GDPR, which you may have given or give to Google when calling up these website(s). You may revoke your consent to data processing at any time with effect for the future; for this purpose, please contact Google directly. The revocation of consent does not affect the legality of the data processing carried out until the revocation.
 

For detailed information on the processing and use of data by Google on YouTube, as well as a contact option and your rights and settings options in this regard to protect your privacy, please refer to Google's privacy policy, which you can find under the following link: https://policies.google.com/privacy?hl=en&gl=en

As there is no EU Commission adequacy decision for the transfer of personal data to the USA, we have concluded standard data protection clauses with Google within the sense of Art. 46 (2) lit. c GDPR.
 

Facebook fan page/Facebook profile

The Facebook social network is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you have your registered office or place of residence in the EU, Facebook Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland ("Facebook").

When visiting our online social media profiles, your data may be automatically collected and stored for market research and advertising purposes. So-called “usage profiles” under a pseudonym can be created from such data. They can in turn be used, for example, to display advertisements that presumably correspond your interests both within and outside the platforms. As a rule, cookies are placed on your device for such purposes.
 

The function of cookies is explained as part of our privacy notices; please refer to the relevant sections. These cookies store visitor behavior and interests. This serves to protect our legitimate interests in the optimum presentation of our services and offerings as well as effective communication with customers and prospective customers. These interests prevail as part of the balancing of interests’ process. The legal basis for data processing in this context is accordingly Art. 6(1)(f) GDPR.

The legal basis for the collection and processing of data is your consent within the meaning of Art. 6(1)(a) GDPR, which you may have given, or give, to Facebook when you access a webpage there. You may withdraw your consent to data processing at any time with prospective effect; to do so, please contact Facebook directly. The withdrawal of the consent does not affect the lawfulness of personal data processing performed prior to such withdrawal.
 

Please refer to the Facebook privacy policy: https://www.facebook.com/about/privacy/ 

for detailed information about the processing and use of data by providers on their respective pages, as well as a contact option and your rights and settings options in this regard to protect your privacy, in particular the ability to object (so-called opt-out).

You can find the objection option (opt-out) using the following link: https://www.facebook.com/settings?tab=ads
 

Data processing is carried out on the basis of an agreement between joint controllers in accordance with Art. 26 GDPR. You may access this agreement using the following link: https://www.facebook.com/legal/terms/page_controller_addendum

As there is no EU Commission adequacy decision for the transfer of personal data to the USA, we have concluded standard data protection clauses with Facebook within the meaning of Art. 46(2)(c) GDPR.
 

LinkedIn (corporate profile)

For recruitment, we use the professional and career network "LinkedIn" and maintain a company profile. LinkedIn is operated by LinkedIn Corporation, 1000 W. Maude Ave, Sunnyvale, California 94085 USA, or if you have your registered office or place of residence in the EU, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn").

When visiting our business page on LinkedIn, your data may be automatically collected and stored by LinkedIn for market research and advertising purposes, as well as for the placement of job offers that are presumably of interest to you. So-called usage and interest profiles are created from this data using pseudonyms. Cookies are generally used on your terminal device for this purpose.
 

You are informed about the function of cookies within the privacy policy and the cookie policy of LinkedIn, therefore please see the corresponding notes there. The visitor behavior and the interests of the users are stored in these cookies.

Furthermore, we obtain a statistical evaluation from the data collected as to which groups of individuals are interested in our company website. The data is processed anonymously in such a way that it cannot be traced back to individual persons and may contain information on the approximate geographical location or age group and other summary characteristics.

If you are requested by LinkedIn to consent (agree) to data processing, e.g., by means of a checkbox, the legal basis for data processing is art. 6 (1) p. 1 lit. a GDPR.
 

You can withdraw your consent at any time with effect for the future, in which case you have to contact LinkedIn. Data processing carried out up to the time of the revocation remains lawful.

For detailed information on the processing and use of data by LinkedIn, as well as a contact option and your rights and settings options in this regard to protect your privacy, please refer to LinkedIn's privacy policy, which you can find via the following link: https://www.linkedin.com/legal/privacy-policy?src=li-other&veh=de.linkedin.com%7Cli-other

LinkedIn's cookie policy can be found at the following link: https://www.linkedin.com/legal/cookie-policy
 

The data processing is carried out on the basis of an agreement between jointly responsible parties pursuant to Art. 26 GDPR, which you can view here: https://legal.linkedin.com/pages-joint-controller-addendum

Regardless of the internal responsibilities agreed by us and LinkedIn, you can contact us and/or our data protection officer as well as LinkedIn with all data protection-related inquiries.

Since there is no EU Commission adequacy decision for the transfer of personal data to the USA, we have concluded standard data protection clauses with LinkedIn within the meaning of Art. 46 (2) lit. c GDPR.
 

Data protection rights

Your rights and how to assert your rights
You are entitled to the rights set out below. You may assert these rights in your dealings with us. To assert your rights, please use the contact details set out above or send an e-mail to: datenschutz@gdsys.com.

Information:
Pursuant to Art. 15 GDPR, you have the right to request information about your personal data processed by us. In particular, you may obtain information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned retention period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it has not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved;

Rectification:
Pursuant to Art. 16 GDPR, you have the right to request the rectification of incorrect or incomplete personal data we have stored about you without undue delay;

Erasure:
Pursuant to Art. 17 GDPR, you have the right to request the erasure of your personal data stored by us, unless processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to establish, exercise or defend legal claims;

Restriction of processing:
Pursuant to Art. 18 GDPR, you have the right to request the restriction of processing of your personal data, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject its erasure and we no longer need the data, but you need this to establish, exercise or defend legal claims or you have objected to processing in accordance with Art. 21 GDPR;

Data portability:
Pursuant to Art. 20 GDPR, you have the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request its transfer to another controller;

Withdrawing your consent:

Pursuant to Art. 7(3) GDPR, you have the right to withdraw any consent you have provided to us at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future.

If you wish to withdraw your consent, please use the contact details set out above or send an email to: datenschutz@gdsys.com.
 

Right to object

You have the right to object at any time to the processing of personal data concerning you on the basis of Article 6(1)(e) or (f) GDPR for reasons arising from your particular situation; this also applies to profiling based on these provisions.

The controller will no longer process this personal data unless the controller demonstrates compelling legitimate grounds for such processing that override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims.

Where personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling, to the extent that it is related to such direct marketing.

If you object to the processing of your personal data for direct marketing purposes, we will no longer process your personal data for these purposes.

In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.
 

Automated individual decision-making, including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply in cases where the decision is necessary for entering into, or performing, a contract between you and the controller; is authorized by Union or Member State law to which the controller is subject, and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or is based on your express consent.
 

However, such decisions cannot be based on special categories of personal data referred to in Art. 9(1) GDPR, unless Art. 9(2)(a) or (g) GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.
 

Right to lodge a complaint with the supervisory authority:

Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority at your usual place of residence or workplace or our headquarters.
 

Privacy Policy last updated

Rapid changes to the Internet make adjustments to our Privacy Policy necessary from time to time. We reserve the right to make appropriate changes at any time.
 

Last revised: 31 August 23

G&D Contact

The best way to talk about complex topics is in person. Via chat, e-mail, phone or in a personal demo

 

remote or on-site.

Guntermann & Drunck GmbH

Obere Leimbach 9
57074 Siegen
Germany

E-Mail

G&D North America Inc.

4540 Kendrick Plaza Drive
Suite 100
Houston, Texas 77032

E-Mail

Your G&D Support We are
here for you - personally
and competently

Support overview
Top