Data Protection Policy

We are pleased that you are visiting our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to inform you at this point which of your personal data we collect when you visit our website and for what purposes they are used.

This data protection declaration applies to the Internet offering of fme AG – migration-center, which can be accessed under the domain https://migration-center.com and the various sub-domains (“our website”).

Who is responsible and how do I reach you?

Responsible for the processing of personal data within the meaning of the EU data protection basic regulation (GDPR)

fme AG
Wolfenbütteler Straße 33
38102 Braunschweig
Germany
Email: info(at)migration-center.com

Managing Director: Dirk Bode
Supervisory Board: Stefan H. Tarach (Chairman), Dr. Axel Krieger (Deputy), Dr. Markus Böhme
Commercial register at Braunschweig Local Court: HRB 5422 (Commercial register number)
VAT ID No. (sales tax ID number): DE 178236072
(hereinafter referred to as “fme”)

Data protection officer (m/f)
Philipp Herold
Herold Unternehmensberatung GmbH
Phone: +49 451 4988023
Fax: +49 451 4988024
Email: philipp.herold(at)hub24.de
Internet: www.hub24.de

Thumbnail | Certificate | Mein-Datenschutzbeauftragter.de | Digital Privacy Protection

What’s this about?

This data protection declaration meets the legal requirements for transparency in the processing of personal data. This is all information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, e-mail, IP address or user behavior when visiting a website. Information where we cannot (or only with a disproportionate effort) establish a reference to your person, e.g. through anonymization, is not personal data. The processing of personal data (e.g. the collection, retrieval, use, storage or transmission) always requires a legal basis and a defined purpose.

Stored personal data shall be deleted as soon as the purpose of the processing has been achieved and there are no legitimate reasons for further storage of the data. We will inform you in the individual processing operations about the specific storage periods or criteria for storage. Independently of this, we will store your personal data in individual cases for the assertion, exercise or defense of legal claims and in the event of statutory storage obligations.

Who gets my data?

Your personal information will be shared as described below.

The website is hosted by an external service provider (Hetzner Online GmbH) in Germany. We ensure that the data processing takes place exclusively in Germany. This is necessary for the operation of the website as well as for the establishment, implementation and handling of the existing user contract with the web host and is also possible without your consent.

In addition, data is passed on if we are entitled or obliged to pass on data due to legal regulations and/or official or court orders. This may in particular involve the provision of information for criminal prosecution, security purposes or the enforcement of intellectual property rights.

If your data is passed on to service providers to the extent necessary, these service providers will only have access to your personal data to the extent that this is necessary for the fulfilment of their tasks. As far as no personal reference is required for the fulfilment of the pursued purposes, your data will be pseudonymized or anonymized for further data processing. The service companies commissioned by us are obliged to treat your personal data in accordance with the applicable data protection laws, in particular the GDPR.

Your personal data is currently transferred to the following categories of service providers/recipients depending on the use of our website.

  • Web analytics service provider to analyze the use of our website by visitors
  • Provider of marketing services
  • Service providers offering a comment system
  • Recruitment of service providers
  • Group companies of fme AG

Relevant agreements on order processing have been concluded with the respective service provider of fme.

Information on the service providers we use can be found at the appropriate places within this data protection declaration (e.g. Google Analytics, Newsletter etc.).

When using our service providers, we may transfer personal data to locations in a third country, i.e. to a country outside the EU or EEA. In these cases, EU standard contractual clauses between fme and the respective service provider of fme provide sufficient guarantees for the data transfer. Therefore, please refer to the corresponding notes at the appropriate places in this data protection declaration. We do not pass on any personal data to an international organization.

Apart from the above-mentioned circumstances, we will not pass on your data to third parties without your consent.

Which rights do I have?

Under the conditions of the statutory provisions of the Basic Data Protection Regulation (GDPR) and the Federal Data Protection Act (FEDERAL DATA PROTECTION ACT), you have the following rights as a data subject:

  • Information in accordance with Art. 15 GDPR, § 34 FEDERAL DATA PROTECTION ACT about the data stored about you in the form of meaningful information on the details of the processing as well as a copy of your data;
  • Correction according to Art. 16 GDPR of incorrect or incomplete data stored by us;
  • Deletion according to Art. 17 GDPR of the data stored with us, as far as the processing is not necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • Restriction of processing in accordance with Art. 18 GDPR if the accuracy of the data is disputed, the processing is unlawful, we no longer require the data and you refuse to delete it because you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR.
  • Data transferability in accordance with Art. 20 GDPR, insofar as you have provided us with personal data within the scope of a consent in accordance with Art. 6 para. 1 lit. a GDPR or on the basis of a contract in accordance with Art. 6 para. 1 lit. b GDPR and these have been processed by us using automated procedures. You will receive your data in a structured, common and machine-readable format or we will transfer the data directly to another responsible party, as far as this is technically feasible.
  • Objection in accordance with Art. 21 GDPR to the processing of your personal data, insofar as this takes place on the basis of Art. 6 para. 1 lit. e, f GDPR and there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. The right of objection does not apply if overriding, compelling reasons for processing worthy of protection are demonstrated or if the processing is carried out for the purpose of asserting, exercising or defending legal claims. Where the right of objection does not apply to individual processing operations, this is indicated there.
  • Cancellation according to Art. 7 para. 3 GDPR of your given consent with effect for the future.
  • Complaint pursuant to Art. 77 GDPR to a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority at your usual place of residence, your place of work or our company headquarters.

How is my data processed in detail?

Personal data is only collected and processed by fme if you expressly agree to make your data available, e.g. by filling out forms or sending emails in connection with inquiries or orders for products or services.

In the context of the forms to be filled out, this data is as follows:

Request for a Free Evaluation Copy

  • Full name
  • Business email
  • Phone
  • Company
  • Country
  • Migration source
  • Migration target
  • Comments

Request for a PoC Package

  • Full name
  • Business email
  • Phone
  • Company
  • Country
  • Planned PoC start
  • Project budget approved?

Request for sales information

  • Full name
  • Business email
  • Phone
  • Company
  • Country
  • Message

Request for an online demo

  • Full name
  • Business email
  • Phone
  • Company
  • Country
  • Migration source
  • Migration target
  • Date proposal
  • Comments

(in the following referred to as “personal data”)

The personal data and content provided by you remain exclusively with fme, its affiliated companies and the provider. fme will only collect your data for the purposes mentioned in para. 6. Any use beyond the stated purpose requires your express consent. The same applies to the disclosure and transmission of your data to third parties.

Purpose of data collection

Personal data is processed by fme exclusively for the following purposes:

  • to get in contact with us;
  • to enable the services offered by fme;
  • for the associated correspondence with you;
  • to process your enquiry and to provide you with further advice if required;
  • Statistical evaluation of the use of our website.

For purposes other than those mentioned above, fme uses personal data only to the extent necessary to protect the legitimate interests of third parties or to avert dangers to state or public security or to prosecute criminal offences.

The personal data is stored and processed exclusively on servers in the European Union.

Provision of the website

Type and scope of processing

When you access and use our website, we collect personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which the access takes place (referrer URL)
  • Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider

Our website is not hosted by ourselves, but by a service provider who, for the purpose of providing the website, processes the aforementioned data on our behalf in accordance with Art. 28 GDPR.

Purpose and legal basis

The processing is carried out in order to safeguard our predominant legitimate interest in displaying our website and to guarantee security and stability on the basis of Art. 6 para. f GDPR. The collection of data and storage in log files is mandatory for the operation of the website. There is no right of objection to the processing due to the exception according to Art. 21 para. 1 GDPR. Insofar as the further storage of log files is required by law, processing is based on Art. 6 para. 1 lit. c GDPR. There is no legal or contractual obligation to provide the data, but it is technically impossible to call up our website without providing the data.

Storage duration

The aforementioned data will be stored for the duration of the display of the website and for technical reasons for a maximum of one month.

Contact sheet

You can contact us by e-mail or through our website. In this case, we store the personal data you provide in order to process your request and to contact you to process your request. If we request information via our contact form, we have marked the mandatory fields required to contact us accordingly (asterisks). The voluntary information is used by us to concretize your enquiry and to improve the processing of your request. The requested data will be transmitted to us by you on a purely voluntary basis.

Depending on the nature of the request, the legal basis for this processing is Art. 6 (1) (b) GDPR for enquiries that you make yourself as part of a pre-contractual measure or Art. 6 (1) sentence 1 (f) GDPR if your request is of a different nature. The legitimate interest follows from the purposes set out in this privacy policy. If personal data is requested that we do not need for the fulfilment of a contract or for the protection of legitimate interests, the data will be transmitted to us on the basis of your consent in accordance with Art. 6 (1) (a) GDPR. If you use the contact form on the basis of your consent, we store the data collected for each enquiry for a period of three years, starting with the completion of your enquiry or until your consent is recalled. With regard to the retention period, we delete personal data as soon as they are no longer required for the fulfilment of the original purpose and there are no longer any statutory retention periods. The legal retention periods are ultimately the criterion for the final duration of the storage of personal data. If retention periods exist, processing is restricted by blocking the data. After this period has expired, the corresponding data is routinely deleted.

Use of third party services

Google Analytics

Type and scope of processing

We use Google Analytics 4 from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an analysis service for the statistical evaluation of our online offering. This includes, for example, the number of visits to our website, the time spent on the website, subpages visited or the browser used. Google Analytics 4 uses cookies, scripts and pixels to evaluate user behavior, as well as algorithms based on machine learning, which automatically evaluate event data such as scrolling movements. This information is used, among other things, to compile reports on website activity.

Purpose and legal basis

The use of Google Analytics is based on your consent pursuant to Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG. We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

Storage duration

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Analytics: https://policies.google.com/privacy.

Google Fonts

Type and scope of processing

We use Google Fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as a service to provide fonts for our online offering. To obtain these fonts, you connect to servers of Google Ireland Limited, whereby your IP address is transmitted.

Purpose and legal basis

The use of Google Fonts is based on your consent pursuant to Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG. We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

Storage duration

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Fonts: https://policies.google.com/privacy.

Google Tag Manager

Type and scope of processing

We use the Google Tag Manager provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags through one interface and allows us to control the exact integration of services on our website

This allows us to flexibly integrate additional services to evaluate user access to our website.

Purpose and legal basis

The use of Google Tag Manager is based on your consent pursuant to Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG. We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

Storage duration

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Tag Manager: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/.

Google Recaptcha

Type and scope of processing

We have integrated Google reCAPTCHA components on our website. Google reCAPTCHA is a service of Google Ireland Limited and enables us to distinguish whether a contact request comes from a natural person or is automated by means of a program. When you access this content, you establish a connection to the servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. In addition, Google reCAPTCHA records the time spent on the website and the user’s mouse movements in order to distinguish between automated and human requests. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of Google reCAPTCHA.

Purpose and legal basis

The use of Google reCaptcha is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the secure design of our website and effective bot protection. We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

Storage duration

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google reCaptcha: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/.

Google Ads

Type and scope of processing

We have integrated Google Ads on our website. Google Ads is a service provided by Google Ireland Limited to display targeted advertising to users. Google Ads uses cookies and other browser technologies to evaluate user behaviour and recognize users. Google Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of advertising. Furthermore, Google Ads delivers targeted advertising based on behavioral profiles and geographical location. Your IP address and other identification features such as your user agent are transmitted to the provider. If you are registered with a Google Ireland Limited service, Google Ads can assign the visit to your account. Even if you are not registered with Google Ireland Limited or have not logged in, it is possible that the provider will find out and store your IP address and other identification features.

In this case, your data will be passed on to the operator of Google Ads, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Purpose and legal basis

The use of Google Ads is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

Storage duration

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Ads: https://policies.google.com/privacy.

LinkedIn Insight Tag

Type and scope of processing

We use LinkedIn Insight-Tag from LinkedIn Corporation, Sunnyvale, California, US, to create target groups, segment visitor groups of our online offer, determine conversion rates and subsequently optimize them. This happens when you interact with advertisements that we have placed with LinkedIn Corporation. To do this, LinkedIn Corporation provides retargeting for website visitors to display targeted ads outside of our website.

LinkedIn Insight tag collects data about visits to our website, including URL, referrer URL, IP address, device and browser characteristics (user agent), and timestamp. This data is used to present anonymized reports on website audience and ad performance.

Purpose and legal basis

We process your data using LinkedIn Insight-Tag for the purpose of optimizing our website and for marketing purposes based on your consent pursuant to Art. 6 para. 1 lit. a. GDPR. We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

Storage duration

The concrete storage period of the processed data cannot be influenced by us but is determined by LinkedIn Corporation. Further information can be found in the privacy policy for LinkedIn Insight-Tag: https://www.linkedin.com/legal/privacy-policy.

LinkedIn Ads

Type and scope of processing

We have integrated LinkedIn Ads on our website. LinkedIn Ads is a service provided by LinkedIn Corporation that displays targeted advertising to users. LinkedIn Ads uses cookies and other browser technologies to evaluate user behavior and recognize users. LinkedIn Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of advertising. Furthermore, LinkedIn Ads delivers targeted advertising based on behavioral profiles and geographic location. Your IP address and other identification features such as your user agent are transmitted to the provider. In this case, your data will be passed on to the operator of LinkedIn Ads, LinkedIn Corporation, Sunnyvale, California, US.

Web tracking technologies are used to create pseudonymized user profiles. These profiles cannot be merged with you as a natural person, but are used, for example, for segmentation when displaying advertisements.

For more information, please see LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy.

Purpose and legal basis

The use of LinkedIn Ads serves to acquire new customers and to communicate with interested parties. The legal basis for the evaluation of the LinkedIn Ads is your consent given with the sending of the forms. (Art. 6 para. 1 lit. a GDPR). You can revoke your consent for the future at any time using the contact details provided on our website. We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

Storage duration

The concrete storage period of the processed data cannot be influenced by us but is determined by LinkedIn Corporation. Further information can be found in the privacy policy for LinkedIn Ads: https://www.linkedin.com/legal/privacy-policy.

LinkedIn Lead Gen Forms

Type and scope of processing

We use Lead Gen Forms to acquire new customers. If you contact us via LinkedIn forms for lead generation, personal data (e.g. name, e-mail address or your telephone number) is stored by LinkedIn and transmitted to us. We use the data to contact you and send you targeted information about services and products. If you are a member of the LinkedIn platform, LinkedIn can assign the above-mentioned content and functions to the profiles of the users there.

For more information, please see LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy.

Purpose and legal basis

The use of Lead Gen Forms serves to acquire new customers and to communicate with interested parties. The legal basis for the evaluation of the LinkedIn Lead Forms is your consent given with the sending of the forms. (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent for the future at any time using the contact details provided on our website. We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

Storage duration

We store your data that you submit to us via Lead Gen Forms for 2 years from the receipt of your personal data. After that, the personal data will be deleted, unless we are legally obliged to store it for a longer period of time or we still need your personal data to implement or process an existing contractual relationship or for verification purposes. In such cases, we will delete the relevant data after the statutory retention period has expired or as soon as we no longer need the data for the implementation or processing of an existing contractual relationship or for verification purposes.

LogMeIn GoToWebinar

Type and scope of processing

For the realization of our offered webinars we use the service GoToWebinar from LogMeIn, Inc. 333 Summer Street, Boston, MA, USA. You can register to participate. Among other things, personal data will be required from you. This information typically includes: first name, last name, email, state, country, company, job title. The service is carried out directly via the GoToWebinar service. GoToWebinar is responsible for data processing in the context of the webinar. The data protection regulations of the service can be viewed at: https://www.logmeininc.com/de/legal/privacy.

During and after the webinar, we receive statistical information about the use of our service from the service provider. In addition, personal data may be transmitted during the webinar if you actively participate during the webinar and, for example, ask a question or work together on various issues. We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

Purpose and legal basis

The processing of your personal data is necessary to fulfil our contractual obligations.

The legal basis for processing is therefore Art. 6 para. 1 lit. b GDPR as well as Art. 6 para. 1 lit. f GDPR about the personal data of the contact person who is not himself a party to the contract. The legitimate interest consists in the establishment and execution of the contractual relationship.

Storage duration

We store the data collected from you within the legal retention periods in accordance with Art. 6 para. 1 lit. c GDPR. If we have collected this data based on your consent, we will delete it upon your revocation.

YouTube

Type and scope of processing

We have integrated YouTube Video on our website. YouTube Video is a component of the video platform of YouTube, LLC, where users can upload content, share it over the Internet and receive detailed statistics. YouTube Video allows us to integrate content from the platform into our website. YouTube Video uses cookies and other browser technologies to analyze user behavior, recognize users and create user profiles. This information is used, among other things, to analyze the activity of the content listened to and to generate reports. If a user is registered with YouTube, LLC, YouTube Video may associate the videos played with the profile. When you access this content, you connect to servers at YouTube, LLC, and your IP address and, if applicable, browser information such as your user agent is transmitted.

Purpose and legal basis

The use of the service is based on your consent pursuant to Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG. We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

Storage duration

The actual storage period of the processed data cannot be influenced by us, but is determined by YouTube, LLC. For more information, please see the YouTube Video Privacy Policy: https://policies.google.com/privacy.

Data Tables CDN

Type and scope of processing

We use DataTables CDN to properly provide the content of our website. DataTables CDN is a service of SpryMedia, Ltd. which acts as a content delivery network (CDN) on our website. A CDN helps to make the content of our online offering, in particular files such as graphics or scripts, available more quickly with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to SpryMedia, Ltd. servers, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of DataTables CDN.

Purpose and legal basis

The Content Delivery Network is used on the basis of our legitimate interests, i.e. interest in the secure and efficient provision and optimization of our online offer in accordance with Art. 6 para. 1 lit. f. GDPR. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by SpryMedia, Ltd. Further information can be found in the privacy policy for DataTables CDN: https://cdn.datatables.net/privacy.html.

Bootstrap CDN

Type and scope of processing

We use Bootstrap CDN to properly provide the content of our website. Bootstrap CDN is a service provided by Bootstrap, which acts as a content delivery network (CDN) on our website. A CDN helps to make the content of our online offering, in particular files such as graphics or scripts, available more quickly with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to Bootstrap servers, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of Bootstrap CDN.

Purpose and legal basis

The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in the secure and efficient provision and optimization of our online offer in accordance with Art. 6 para. 1 lit. f. GDPR. GDPR. We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Bootstrap. Further information can be found in the privacy policy for Bootstrap CDN: https://www.bootstrapcdn.com/privacy-policy/.

Consent Manager Provider

Type and scope of processing

Our website uses the cookie consent technology of Consent Manager Provider to obtain your consent to store certain cookies on your terminal device and to document this consent in accordance with data protection law. The provider of this technology is Jaohawi AB, Håltegelvägen 1b, 72348 Västerås, Sweden, website: https://www.consentmanager.de (hereinafter “Consent Manager Provider”).

When you enter our website, a connection is made to Consent Manager Provider’s servers to obtain your consents and other statements regarding cookie use. Subsequently, Consent Manager Provider stores a cookie in your browser in order to be able to assign the consents granted to you or their revocation.

Purpose and legal basis

Consent Manager Provider is used to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c GDPR.

Storage period

The data collected in this way is stored until you request us to delete it, delete the Consent Manager Provider cookie yourself or the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected.

Contract on order processing

We have concluded an order processing contract with Consent Manager Provider. This is a contract required by data protection law, which ensures that Consent Manager Provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

Presence in social media

In order to be able to present our company in the best possible way and to communicate with you as a user, customer or interested party and to inform you about the services we offer, we make use of our presence in social networks. The use of social networks involves the processing of data outside the European Union (EU) and the European Economic Area (EEA). An equivalent level of data protection to that which exists in the EU cannot be guaranteed in all countries outside the EU.

In this context, it may lead to risks for you as a user if the transferred data is processed in so-called third countries with a non-adequate level of data protection.

This makes it more difficult to enforce known user rights. In addition, your data may not be processed in your interest by the provider in the third country. We only transfer personal data to third countries for which an adequate level of protection has been confirmed or if the transfer of personal data can be ensured by contractual agreements or other suitable guarantees.

In addition to the respective provider of a social network, we also collect and process personal user data on so-called “profile pages”. With this notice, we inform you about which data we collect from you on our social media sites, how we use it and how you can object to the use of the data. For the respective data processing purposes and data categories, please refer to the respective offer listed in more detail below.

The social media activities operated by us and detailed below are carried out on the basis of a balance of interests pursuant to Art. 6 (1) f) GDPR.

To realize this, cookies are used, which record user behavior and enable profiling of the user.

A concrete list of the processing purposes of the user data can be found in the data protection notices of the respective providers. By making the appropriate settings in your user account, you can restrict the profiling, at least to a certain extent. For the exact procedure, please read the relevant privacy notices of the respective provider.

The relevant platforms are:

PlatformResponsible bodyPrivacy policy of the platform operator
XTwitter Inc
1355 Market Street, Suite 900, San Francisco, CA 94103, USA
https://twitter.com/de/privacy
LinkedIn LinkedIn Ireland Unlimited Company
Wilton Place, Dublin 2, Ireland
https://de.linkedin.com/legal/privacy-policy?
YouTubeGoogle Ireland Limited
Gordon House, Barrow Street, Dublin 4, Ireland
https://policies.google.com/privacy

fme AG operates profiles on the listed platforms to draw attention to products and service offerings and to interact with customers, interested parties and other users of the platform.

In this context, the platform operators also use certain data that they have collected from users of the platform (e.g., whether a photo on a profile was marked with “Like” or commented on) to create aggregated usage statistics and make them available to the respective operators of the profile (so-called “Insights” or “Analytics”). We as profile operators also receive such usage statistics. The information that we receive as profile operators does not allow any conclusions to be drawn about individual users. The profile operator itself has no access to personal data that the platform operators process for the creation of usage statistics. The respective platform operator alone determines which data is processed for these purposes, and in what manner. As a profile operator, fme AG can neither legally nor influence the processing by the platform operators.

For the processing in connection with the compilation of usage statistics, fme AG and the respective platform operator shall be deemed to be joint controllers within the meaning of Art. 26 GDPR.

Where possible, joint responsibility agreements exist with the respective platform operators.

Beyond that, data processing by fme AG as profile operator only takes place to a very limited extent:

Processing of usernames and comments that are deleted due to violation of netiquette. These are kept on file for possible proof in the event of legal disputes within the statute of limitations.

  • Processing of usernames and individual messages when you contact us via messenger services.
  • Processing of usernames when participating in competitions. The relevant conditions of participation apply.
  • Processing of usernames and postings in the context of inquiries and, if necessary, obtaining consent for the re-posting of images.

For these purposes, we generally only process your name, message content, comment content, and the profile information you provide “publicly”.

Data subject rights

Below you will find a detailed description of the respective data processing by the providers and their objection options (so-called opt-out) via the corresponding links to the providers’ websites:

Who gets my data?

Your personal data will be shared as described below.

The website is hosted by the external service provider in the USA. This is necessary for the operation of the website as well as for the establishment, implementation and processing of the existing user contract with the web host and is also possible without your consent. In this context, we ensure that sufficient guarantees for the data transfer are agreed upon by means of EU standard contractual clauses between fme and the respective service provider of fme.

In addition, data will be passed on if we are entitled or obliged to pass on data due to legal regulations and/or official or court orders. This may relate in particular to the provision of information for criminal prosecution, for security purposes or for the enforcement of intellectual property rights.

If your data is passed on to service providers to the extent required, they will only be given access to your personal data to the extent necessary to fulfill their tasks. Insofar as no personal reference is required for the fulfillment of the purposes pursued, your data will be pseudonymized or anonymized for further data processing. The service companies commissioned by us are obliged to treat your personal data in accordance with the applicable data protection laws, in particular the GDPR.

Your personal data is currently passed on to the following categories of service providers/recipients depending on the use of our website.

  • Web analytics service providers to analyze how visitors use our website.
  • Providers of marketing services
  • Service providers offering a commenting system
  • Recruitment of service providers
  • Group companies of fme AG
  • Corresponding agreements for order processing have been concluded with the respective service provider of fme.

Information on the service providers we use can be found at the appropriate places within this privacy policy (e.g. Google Analytics, newsletter, etc.).

When using our service providers, we may transfer personal data to locations in a third country, i.e. a country outside the EU or EEA. In these cases, EU standard contractual clauses between fme and the respective service provider of fme provide sufficient guarantees for the data transfer. Therefore, please refer to the corresponding notes at the appropriate places in this privacy policy. We do not transfer any personal data to an international organization.

Except in the cases mentioned above, we do not share your data with third parties without your consent.

Which rights do I have?

Under the conditions of the statutory provisions of the Basic Data Protection Regulation (GDPR) and the Federal Data Protection Act (FEDERAL DATA PROTECTION ACT), you have the following rights as a data subject:

  • Information in accordance with Art. 15 GDPR, § 34 FEDERAL DATA PROTECTION ACT about the data stored about you in the form of meaningful information on the details of the processing as well as a copy of your data;
  • Correction according to Art. 16 GDPR of incorrect or incomplete data stored by us;
  • Deletion according to Art. 17 GDPR of the data stored with us, as far as the processing is not necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • Restriction of processing in accordance with Art. 18 GDPR if the accuracy of the data is disputed, the processing is unlawful, we no longer require the data and you refuse to delete it because you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR.
  • Data transferability in accordance with Art. 20 GDPR, insofar as you have provided us with personal data within the scope of a consent in accordance with Art. 6 para. 1 lit. a GDPR or on the basis of a contract in accordance with Art. 6 para. 1 lit. b GDPR and these have been processed by us using automated procedures. You will receive your data in a structured, common and machine-readable format or we will transfer the data directly to another responsible party, as far as this is technically feasible.
  • Objection in accordance with Art. 21 GDPR to the processing of your personal data, insofar as this takes place on the basis of Art. 6 para. 1 lit. e, f GDPR and there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. The right of objection does not apply if overriding, compelling reasons for processing worthy of protection are demonstrated or if the processing is carried out for the purpose of asserting, exercising or defending legal claims. Where the right of objection does not apply to individual processing operations, this is indicated there.
  • Cancellation according to Art. 7 para. 3 GDPR of your given consent with effect for the future.
  • Complaint pursuant to Art. 77 GDPR to a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority at your usual place of residence, your place of work or our company headquarters.

Provision of the website

Type and scope of processing

When you access and use our website, we collect personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which the access takes place (referrer URL)
  • Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider

Our website is not hosted by ourselves, but by a service provider who, for the purpose of providing the website, processes the aforementioned data on our behalf in accordance with Art. 28 GDPR.

Purpose and legal basis

The processing is carried out in order to safeguard our predominant legitimate interest in displaying our website and to guarantee security and stability on the basis of Art. 6 para. f GDPR. The collection of data and storage in log files is mandatory for the operation of the website. There is no right of objection to the processing due to the exception according to Art. 21 para. 1 GDPR. Insofar as the further storage of log files is required by law, processing is based on Art. 6 para. 1 lit. c GDPR. There is no legal or contractual obligation to provide the data, but it is technically impossible to call up our website without providing the data.

Storage duration

The aforementioned data will be stored for the duration of the display of the website and for technical reasons for a maximum of one month.

Use of third party services

GitBook

Type and scope of processing

We use the GitBook service provided by the Gitbook, Inc., 440 N Barranca Ave #7171, Covina, CA 91723, USA. This service allows us to provide you with documentation describing the use of the migration-center software.

Purpose and legal basis

The use of GitBook is based on our legitimate interests, i.e. interest in a secure and efficient provision as well as the optimization of our online offer according to Art. 6 para. 1 lit. f. DSGVO. In cases where there is no adequacy decision by the European Commission (including US companies that are not certified under the EU-U.S. DPF), we have agreed other appropriate safeguards with the recipients of the data within the meaning of Art. 44 et seq. GDPR have been agreed. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of June 4, 2021. You can view a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE.

Storage duration

The concrete storage period of the processed data cannot be influenced by us but is determined by GitBook. For more information on the use of data by GitBook, please see the privacy policy: https://policies.gitbook.com/privacy.

Fontawesome

Type and scope of processing

We use Font Awesome to properly provide the content of our website. Font Awesome is a service of Fonticons, Inc. which is used on our website to provide various fonts. When you access this content, you establish a connection to the servers of Fonticons, Inc, Fonticons, Inc, 6 Porter Road Apartment 3R, Cambridge, MA 02140, USA, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of our website.

Purpose and legal basis

The use of Font Awesome is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. In cases where there is no adequacy decision by the European Commission (including US companies that are not certified under the EU-U.S. DPF), we have agreed other appropriate safeguards with the recipients of the data within the meaning of Art. 44 et seq. GDPR have been agreed. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of June 4, 2021. You can view a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE.

Storage duration

The specific storage period of the processed data cannot be influenced by us, but is determined by Fonticons, Inc. Further information can be found in the privacy policy for Font Awesome: https://cdn.fontawesome.com/privacy

Who gets my data?

Your personal information will be shared as described below.

The website is hosted by an external service provider in Germany. We ensure that the data processing takes place exclusively in Germany. This is necessary for the operation of the website as well as for the establishment, implementation and handling of the existing user contract with the web host and is also possible without your consent.

In addition, data is passed on if we are entitled or obliged to pass on data due to legal regulations and/or official or court orders. This may in particular involve the provision of information for criminal prosecution, security purposes or the enforcement of intellectual property rights.

If your data is passed on to service providers to the extent necessary, these service providers will only have access to your personal data to the extent that this is necessary for the fulfilment of their tasks. As far as no personal reference is required for the fulfilment of the pursued purposes, your data will be pseudonymized or anonymized for further data processing. The service companies commissioned by us are obliged to treat your personal data in accordance with the applicable data protection laws, in particular the GDPR.

Your personal data is currently transferred to the following categories of service providers/recipients depending on the use of our website.

  • Web analytics service provider to analyze the use of our website by visitors
  • Provider of marketing services
  • Service providers offering a comment system
  • Recruitment of service providers
  • Group companies of fme AG

Relevant agreements on order processing have been concluded with the respective service provider of fme.

Information on the service providers we use can be found at the appropriate places within this data protection declaration (e.g. Google Analytics, Newsletter etc.).

When using our service providers, we may transfer personal data to locations in a third country, i.e. to a country outside the EU or EEA. In these cases, EU standard contractual clauses between fme and the respective service provider of fme provide sufficient guarantees for the data transfer. Therefore, please refer to the corresponding notes at the appropriate places in this data protection declaration. We do not pass on any personal data to an international organization.

Apart from the above-mentioned circumstances, we will not pass on your data to third parties without your consent.

Which rights do I have?

Under the conditions of the statutory provisions of the Basic Data Protection Regulation (GDPR) and the Federal Data Protection Act (FEDERAL DATA PROTECTION ACT), you have the following rights as a data subject:

  • Information in accordance with Art. 15 GDPR, § 34 FEDERAL DATA PROTECTION ACT about the data stored about you in the form of meaningful information on the details of the processing as well as a copy of your data;
  • Correction according to Art. 16 GDPR of incorrect or incomplete data stored by us;
  • Deletion according to Art. 17 GDPR of the data stored with us, as far as the processing is not necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • Restriction of processing in accordance with Art. 18 GDPR if the accuracy of the data is disputed, the processing is unlawful, we no longer require the data and you refuse to delete it because you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR.
  • Data transferability in accordance with Art. 20 GDPR, insofar as you have provided us with personal data within the scope of a consent in accordance with Art. 6 para. 1 lit. a GDPR or on the basis of a contract in accordance with Art. 6 para. 1 lit. b GDPR and these have been processed by us using automated procedures. You will receive your data in a structured, common and machine-readable format or we will transfer the data directly to another responsible party, as far as this is technically feasible.
  • Objection in accordance with Art. 21 GDPR to the processing of your personal data, insofar as this takes place on the basis of Art. 6 para. 1 lit. e, f GDPR and there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. The right of objection does not apply if overriding, compelling reasons for processing worthy of protection are demonstrated or if the processing is carried out for the purpose of asserting, exercising or defending legal claims. Where the right of objection does not apply to individual processing operations, this is indicated there.
  • Cancellation according to Art. 7 para. 3 GDPR of your given consent with effect for the future.
  • Complaint pursuant to Art. 77 GDPR to a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority at your usual place of residence, your place of work or our company headquarters.

Provision of the website

Type and scope of processing

When you access and use our website, we collect personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which the access takes place (referrer URL)
  • Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider

Our website is not hosted by ourselves, but by a service provider who, for the purpose of providing the website, processes the aforementioned data on our behalf in accordance with Art. 28 GDPR.

Purpose and legal basis

The processing is carried out in order to safeguard our predominant legitimate interest in displaying our website and to guarantee security and stability on the basis of Art. 6 para. f GDPR. The collection of data and storage in log files is mandatory for the operation of the website. There is no right of objection to the processing due to the exception according to Art. 21 para. 1 GDPR. Insofar as the further storage of log files is required by law, processing is based on Art. 6 para. 1 lit. c GDPR. There is no legal or contractual obligation to provide the data, but it is technically impossible to call up our website without providing the data.

Storage duration

The aforementioned data will be stored for the duration of the display of the website and for technical reasons for a maximum of one month.

Use of third party services

Zendesk CDN

Type and scope of processing

We use Zendesk CDN to properly deliver content on our website. Zendesk CDN is a service provided by Zendesk, Inc. which acts as a content delivery network (CDN) on our website to provide functionality to other Zendesk, Inc. services. For said services, you will find a separate section in this Privacy Policy. This section is only about the use of the CDN.

A CDN helps to provide content from our online offering, especially files such as graphics or scripts, more quickly using regionally or internationally distributed servers. When you access this content, you connect to servers of Zendesk, Inc, 989 Market Street #300, San Francisco, CA 94102, where your IP address and possibly browser data such as your user agent are transmitted. This data is processed solely for the purposes stated above and to maintain the security and functionality of Zendesk CDN.

Purpose and legal basis

The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in a secure and efficient provision as well as the optimization of our online offer according to Art. 6 para. 1 lit. f. DSGVO. We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

Storage duration

The concrete storage period of the processed data cannot be influenced by us, but is determined by Zendesk, Inc. Further information can be found in the privacy policy for Zendesk CDN: https://zendesk.com/company/customers-partners/privacy-policy/.