Data protection declaration (GDPR)

We, adrastea GmbH & Co. KG, take the protection of your personal data very seriously and strictly adhere to the regulations of data protection law. To protect your rights, we have taken technical and organizational measures and ensured that data protection regulations are observed by external service providers who contribute to our offering. Personal data is only collected on this website to the extent technically necessary and legally permissible.

If it is necessary to transmit your data to our carefully selected service partners, this will also be done within the framework of the legal regulations and will be limited to the technically necessary minimum.

Logging

When you access these websites, you transmit data to our web server via your Internet browser. The following data is recorded during the ongoing connection for communication between your web browser and our web server:

IP address (full)
Timestamp of access
Requested URL and Method (Request Line) Status code of the response
Size of the transferred data Page from which it was called (Referer) Line with which the browser reports (User Agent)

For reasons of technical security, in particular to prevent attempts to attack our web server, we store this data. The data is processed exclusively for this purpose and in an anonymous form for statistical purposes. A comparison with other data sets or a transfer to third parties, even in extracts, does not take place.

Electronic mail (e-mail)

Information that you send to us unencrypted by electronic mail (e-mail) may possibly be read by third parties during transmission. We generally cannot verify your identity and do not know who is behind an email address. Legally secure communication via simple email is therefore not guaranteed. We use filters to prevent unwanted advertising (SPAM filters), which in rare cases automatically classify normal emails as unwanted advertising and delete them. We will always automatically delete emails that contain harmful programs (viruses).

Rights of those affected Art. 12 ff

• Right to information (Article 15 GDPR)
• Right to authorize incorrect data (Article 16 GDPR)
• Right to deletion (Article 17 GDPR)
• Right to restriction of processing (Article 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object (Art. 21 GDPR)
• Right to lodge a complaint with a responsible data protection supervisory authority

Revocation of consent

Within the meaning of Article 6 Paragraph 1 Letter a or Article 9 Paragraph 2 Letter a, every person affected has the right to obtain individual or all consents, which were issued, for example, to fulfill the contract, at any time and without disadvantages for himself, without affecting the lawfulness of the processing carried out based on consent until its revocation.

Please send your revocation of consent in writing to: adrastea GmbH & Co. KG, Bielefelder Str. 5, 90425 Nuremberg

Right to lodge a complaint with a supervisory authority (Art. 13 II lit. d, 77 I GDPR)

According to Article 77 EU GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that that the processing of personal data concerning you violates the GDPR or the BDSG n.F.

Contact form

Due to legal regulations, our website contains information that enables quick electronic contact with our company and direct communication with us, which also includes a general address for so-called electronic mail (e-mail address). If a data subject contacts the person responsible for processing by email or via a contact form, the personal data transmitted by the data subject will be automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller will be stored for the purposes of processing or contacting the data subject. This personal data will not be passed on to third parties.

Google Analytics

After your consent (Art. 6 Para. 1 lit. a GDPR), we use Google Analytics, a web analysis service from Google LLC (“Google”). You give your consent via our consent banner and can revoke or adjust it there at any time with effect for the future.

Google is under that EU-US Data Privacy Framework (DPF) certified and thereby offers a guarantee of compliance with European data protection law.

We use Google Analytics in the current version GA4. GA4 does not log or store IP addresses. For EU users, requests are processed via EU domains/servers before measurement data is stored. Google uses, among other things, cookies and similar technologies to recognize repeat users and compile usage statistics.

Google processes the information on our behalf in order to evaluate the use of our online offering, compile reports on activities and provide other services related to the use of our online offering and internet usage. Pseudonymous usage profiles can be created from the processed data.

You can prevent the storage of cookies by setting your browser software accordingly; You can also prevent Google from collecting the data generated by the cookie and relating to your use of this online offering and from processing this data by Google Download and install the available browser plugin linked here.

Further information on data usage by Google can be found in the Google privacy policy as well as in the Settings for the display of advertising by Google.

Storage period: In GA4, retention for event/user data varies depending on the setting 2 or 14 months. Please refer to the information in our consent banner for the specifically configured duration.

YouTube

Our site uses the provider YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, to integrate videos.

We embed YouTube videos in extended data protection mode (Privacy-Enhanced Mode) (domain `youtube-nocookie.com`). This reduces personalization. At the latest when playing of the video, however technically necessary cookies or similar technologies and data (e.g. device/usage data) is transmitted to YouTube/Google. If you are logged in to YouTube/Google, the playback can be assigned to your account (you can prevent this by logging out before viewing).

Further information can be found at Google privacy policy remove. We also refer you to our general information in this data protection declaration for the general handling and deactivation of cookies. Note: “DoubleClick” is part of the Google Marketing Platform.

Data protection regulations on the application and use of ChatGPT

Our website uses the ChatGPT programming interface (API) to generate automated responses to inquiries sent to the website operator via contact forms or emails. The service provider is OpenAI OpCo, LLC, 3180 18th St, San Francisco, CA 94110, USA.

When using the contact forms or sending emails to the website operator, the data you enter (e.g. name, email address, message including inquiry/project description and other information transmitted) is processed on the server side. This information is then sent to the ChatGPT API in the form of a server-side request to receive an automated response to your request. This automated response will be provided to you as initial feedback to your request.

Because the request to the ChatGPT API is made through our web server, the ChatGPT service does not have direct access to your IP address or browser information. The transmitted content is processed exclusively to generate the automated response and to fulfill legal or security-related purposes (e.g. misuse/fraud detection).

According to OpenAI Business/API data not for training by default of the models used. Further information on how OpenAI processes your data (including processing purposes, storage periods and data subject rights) can be found at: https://openai.com/enterprise-privacy/.

If you have any questions or concerns about the ChatGPT API's use of your data, or would like to request deletion of your data, you can contact OpenAI at privacy@openai.com or use the contact information provided in the OpenAI Privacy Policy.

Data protection regulations on the application and use of Xing

The person responsible for processing has integrated components from Xing on this website. Xing is an internet-based social network that enables users to connect with existing business contacts and make new business contacts. Individual users can create a personal profile on Xing. Companies can, for example, create company profiles or publish job offers on Xing.

The operating company of Xing is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.

Each time you access one of the individual pages of this website, which is operated by the controller and on which a Xing component (Xing plug-in) has been integrated, the Internet browser on the data subject's information technology system is automatically prompted to download a display of the corresponding Xing component from Xing. Further information about the Xing plug-ins can under https://dev.xing.com/plugins can be accessed. As part of this technical process, Xing receives information about which specific subpage of our website is visited.

If the data subject is logged in to Xing at the same time, Xing recognizes which specific subpage of our website the data subject visits each time the data subject visits our website and for the entire duration of the respective stay. This information is collected by the Xing component and assigned by Xing to the respective Xing account of the data subject. If the data subject clicks on one of the Xing buttons integrated on our website, for example the “Share” button, Xing assigns this information to the personal Xing user account and stores this personal data.

Xing always receives information via the Xing component that the data subject has visited our website if the data subject is logged in to Xing at the same time at the time of the visit; This takes place regardless of whether the data subject clicks on the Xing component or not. If such a transmission of this information to Xing is not desired, it can be prevented by the data subject logging out of their Xing account before accessing our website.

The data protection regulations published by Xing, which are available at https://privacy.xing.com/ are available, provide information about the collection, processing and use of personal data by Xing. Furthermore, Xing has under https://dev.xing.com/plugins/share_button/privacy_policy Data protection information published for the XING share button.

Data protection regulations on the application and use of LinkedIn

The operator of the website has a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.

If you would like to deactivate LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.

Details on how they handle your personal data can be found in our privacy policy LinkedIn: https://www.linkedin.com/legal/privacy-policy.