Privacy policy

1. Data Protection at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data includes all data that can personally identify you. For detailed information on data protection, please refer to the privacy policy below

 

Data Collection on This Website

Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. Their contact details can be found in the section „Information on the Responsible Party“ in this privacy policy.

How do we collect your data?

  • Data you provide:
    Some data is collected when you provide it to us, for example, data you enter in a contact form.
  • Automatically collected data:
    Other data is automatically collected by our IT systems when you visit the website. This includes technical data such as your internet browser, operating system, or the time of your page visit. This data is collected automatically as soon as you access the website.

What do we use your data for?

  • Some of the data is collected to ensure the error-free provision of the website.
  • Other data may be used to analyze your user behavior.
  • If contracts are initiated or concluded via the website, the data provided may also be used for contract offers, orders, or other inquiries.

What rights do you have regarding your data?

  • Access:
    You have the right to request free information about the origin, recipients, and purpose of your stored personal data at any time.
  • Correction or Deletion:
    You have the right to request the correction or deletion of your data.
  • Revocation:
    If you have given consent to data processing, you can revoke this consent at any time with future effect.
  • Restriction:
    Under certain circumstances, you have the right to request the restriction of the processing of your personal data.
  • Complaint:
    You also have the right to lodge a complaint with the responsible supervisory authority.

For these rights and any other questions about data protection, you can contact us at any time.

2. Hosting

We host the content of our website with the following provider:

DomainFactory
The provider is DomainFactory GmbH, c/o WeWork, Neuturmstraße 5, 80331 Munich, Germany (hereinafter referred to as „DomainFactory“). When you visit our website, DomainFactory collects various log files, including your IP addresses.

Details can be found in the privacy policy of DomainFactory:
https://www.df.eu/de/datenschutz/

The use of DomainFactory is based on Article 6(1)(f) GDPR. We have a legitimate interest in a reliable presentation of our website. If corresponding consent is requested, the processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and § 25(1) TDDG, provided that the consent includes the storage of cookies or access to information on the user’s device (e.g., for device fingerprinting). Consent can be revoked at any time.

Data Processing Agreement (DPA)

We have concluded a Data Processing Agreement (DPA) with the above-mentioned provider. This is a legally required agreement that ensures the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

3. General Information and Mandatory Disclosures

Data Protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations and this privacy policy.

When you use this website, various personal data will be collected. Personal data includes all data that can personally identify you. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens.

Please note that data transmission on the Internet (e.g., communication via email) can have security vulnerabilities. Complete protection of data from access by third parties is not possible.

Information on the Responsible Party

The party responsible for data processing on this website is:

Entropy GmbH
Doreen Wernicke
Gmunder Str. 37a
81379 Munich, Germany
Phone: +49 89 7244 952 – 0
Email: info@entropy-gmbh.de

The responsible party is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Retention Period

Unless a specific retention period is stated in this privacy policy, your personal data will remain with us until the purpose for the data processing no longer applies. If you assert a legitimate deletion request or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial law retention periods). In the latter case, the data will be deleted after these reasons no longer apply.

Legal Basis for Data Processing

We process your personal data based on the following legal grounds:

  • Consent: If you have provided your consent (Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR for special categories of data).
  • Contract Fulfillment: If the data is necessary for the fulfillment of a contract or pre-contractual measures (Art. 6(1)(b) GDPR).
  • Legal Obligations: To fulfill legal obligations (Art. 6(1)(c) GDPR).
  • Legitimate Interest: For purposes such as improving our website or ensuring its security (Art. 6(1)(f) GDPR).

Specific details about the applicable legal basis are provided in the relevant sections of this privacy policy.

Data Transfers to Third Countries

We may use tools from companies based in countries that do not provide adequate data protection standards. This includes U.S. companies that are not certified under the EU-US Data Privacy Framework (DPF). When using such tools, personal data may be transferred to these countries and processed there.

We emphasize that adequate protection comparable to EU standards may not always be guaranteed in such countries. In the case of U.S. companies certified under the DPF, data transfers are permissible. Further details on data transfers to third countries, including recipients, are provided in this privacy policy.

Recipients of Personal Data

In the course of our business activities, we collaborate with external parties. Personal data is transferred to these external parties only if:

  • It is necessary for contract fulfillment.
  • We are legally obliged to do so (e.g., sharing data with tax authorities).
  • We have a legitimate interest (Art. 6(1)(f) GDPR).
  • Other legal grounds permit the data transfer.

When using processors, we ensure compliance with the GDPR through data processing agreements. For joint processing, appropriate agreements are also concluded.

Withdrawal of Consent

Many data processing activities are only possible with your explicit consent. You can revoke your consent at any time. The legality of data processing up until the withdrawal remains unaffected.

Right to Object (Art. 21 GDPR)

You have the right to object to the processing of your personal data at any time for reasons arising from your specific situation if the processing is based on Art. 6(1)(e) or (f) GDPR. This includes profiling based on these provisions.

If you object, we will stop processing your personal data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.

If your data is processed for direct advertising purposes, you have the right to object to this at any time. If you object, your personal data will no longer be used for such purposes.

Right to Lodge Complaints with Supervisory Authorities

In the event of violations of the GDPR, you have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your habitual residence, workplace, or where the alleged violation occurred.

Data Portability

You have the right to receive data that we process based on your consent or in the fulfillment of a contract in a commonly used, machine-readable format. If you request direct transfer to another controller, this will only be done where technically feasible.

Access, Rectification, and Deletion

Within the framework of legal provisions, you have the right to free information about your stored personal data, its origin, recipients, and purpose. You may also have the right to correct or delete this data.

Restriction of Processing

You have the right to request restriction of the processing of your personal data in the following cases:

  • You dispute the accuracy of the data.
  • Processing is unlawful, but you oppose deletion.
  • We no longer need the data, but you require it for legal claims.
  • You have objected under Art. 21(1) GDPR, pending verification of whose interests prevail.

If processing is restricted, the data may only be processed with your consent or for legal claims, protecting another person’s rights, or for important public interest reasons.

SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the browser’s address bar changing from „http://“ to „https://“ and a lock icon appearing.

Objection to Advertising Emails

The use of contact data published under the legal notice obligation for sending unsolicited advertising and informational material is hereby prohibited. The website operators expressly reserve the right to take legal action in the event of unsolicited promotional materials, such as spam emails.

4. Data Collection on This Website

Cookies

Our websites use „cookies.“ Cookies are small data files that do not harm your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit. Persistent cookies remain stored on your device until you delete them or they are automatically removed by your browser.

Cookies can originate from us (first-party cookies) or third-party providers (third-party cookies). Third-party cookies enable the integration of services from external companies (e.g., payment processing services).

Cookies serve various functions:

  • Some are technically necessary for the website to function properly (e.g., shopping cart or video display).
  • Others analyze user behavior or are used for advertising purposes.

Cookies required for electronic communication, certain desired functionalities (e.g., shopping cart), or website optimization (e.g., measuring audience reach) are stored based on Article 6(1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies to provide their services without technical errors and in an optimized manner.

If consent for cookies or comparable recognition technologies (e.g., device fingerprinting) has been requested, processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and § 25(1) TTDPA. Consent can be revoked at any time.

You can configure your browser to:

  • Notify you when cookies are being set.
  • Allow cookies only on a case-by-case basis.
  • Block cookies for specific cases or in general.
  • Automatically delete cookies when the browser is closed.

Disabling cookies may limit the functionality of this website. Details about the cookies and services used on this website can be found in this privacy policy.

Server Log Files

The provider of these pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This includes:

  • Browser type and version.
  • Operating system.
  • Referrer URL.
  • Hostname of the accessing computer.
  • Time of the server request.
  • IP address.

These data are not combined with other data sources. The collection of this data is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free and optimized presentation of their website, which requires the collection of server log files.

Contact Form

When you send inquiries to us via the contact form, the data you provide, including your contact details, are stored for the purpose of processing the inquiry and for follow-up questions. These data are not shared without your consent.

The processing of this data is based on Article 6(1)(b) GDPR, provided your request is related to the fulfillment of a contract or is required for pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling inquiries (Art. 6(1)(f) GDPR) or your consent (Art. 6(1)(a) GDPR), if requested. Consent can be revoked at any time.

The data you enter in the contact form will remain with us until:

  • You request its deletion.
  • You revoke your consent to storage.
  • The purpose for data storage no longer applies (e.g., after your request has been processed).

Mandatory legal provisions—particularly retention periods—remain unaffected.

Inquiry via Email, Phone, or Fax

If you contact us by email, phone, or fax, your inquiry, including any resulting personal data (e.g., name, request), will be stored and processed for the purpose of handling your request. These data are not shared without your consent.

The processing of these data is based on Article 6(1)(b) GDPR, provided your request is related to the fulfillment of a contract or is required for pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of inquiries (Art. 6(1)(f) GDPR) or your consent (Art. 6(1)(a) GDPR), if requested. Consent can be revoked at any time.

The data you send to us via inquiries will remain with us until:

  • You request its deletion.
  • You revoke your consent to storage.
  • The purpose for data storage no longer applies (e.g., after your request has been processed).

Mandatory legal provisions—particularly statutory retention periods—remain unaffected.

5. Plugins and Tools

Google Fonts (Local Hosting)

This site uses Google Fonts for consistent font rendering. The Google Fonts are installed locally, so no connection to Google’s servers is made.

For more information about Google Fonts, visit:

OpenStreetMap

We use the OpenStreetMap (OSM) mapping service.

The map material is provided by OpenStreetMap Foundation, St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom. The UK is considered a data-secure third country, meaning it provides a level of data protection equivalent to that of the European Union.

When using OpenStreetMap, a connection to OpenStreetMap Foundation servers is established. This may result in the transmission of your IP address and other data about your behavior on this website to the OSM Foundation. OpenStreetMap may store cookies in your browser or use similar recognition technologies.

The use of OpenStreetMap is in the interest of providing an appealing presentation of our online offerings and making it easy to locate places mentioned on our website. This constitutes a legitimate interest as per Art. 6(1)(f) GDPR.

If consent is requested, data processing is based solely on Art. 6(1)(a) GDPR and § 25(1) TTDPA for storing cookies or accessing user device information (e.g., device fingerprinting). Consent can be revoked at any time.

Wordfence

We have integrated Wordfence on this website. The provider is Defiant Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter referred to as „Wordfence“).

Wordfence protects our website against unauthorized access or malicious cyberattacks. To do this, our website establishes a continuous connection to Wordfence servers, allowing Wordfence to compare its databases with access attempts on our website and block any suspicious activity.

The use of Wordfence is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in protecting the site from cyberattacks as effectively as possible.

If consent is requested, data processing is based solely on Art. 6(1)(a) GDPR and § 25(1) TTDPA for storing cookies or accessing user device information. Consent can be revoked at any time.

Data transfer to the USA is based on the EU Commission’s standard contractual clauses. Details can be found here:
Wordfence GDPR Information.

Data Processing Agreement (DPA)

We have concluded a Data Processing Agreement (DPA) with the above-mentioned provider. This legally required agreement ensures that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Source (German):
https://www.e-recht24.de