Privacy policy for our website

In the following we inform you about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses and user behavior. The processing of data is carried out in order to offer marketing and advertising services.

Who is responsible for data processing and who can you contact?

Responsible is:

.diff communications GmbH Bucher Str. 79a 90419 Nuremberg, Germany represented by the managing directors:

Markus Hupfer Florian Gruettner Phone: +49 (0) 911-21 79 72 0 info@diff.de

You can also reach us via our data protection officer: Christian Hammerbacher SPH IT + Consulting GmbH & Co. KG Phone: +49 (0) 911-21 77 480 datenschutz@sph-consulting.de

You can also reach him by post at our address with the addition "the data protection officer".

What sources and data do we use and where do they come from?

(1) When you contact us (e.g. by contact form, e-mail, telephone or via social media), we use your data for the processing of the contact request and in accordance with Art. 6 Para. 1 lit. a and b DSGVO. We will delete the enquiries if they are no longer necessary.

(2) Other data is automatically collected by our IT systems when you visit the website. This is mainly technical data (e.g. Internet browser, operating system or time of page visit). This data is collected automatically as soon as you visit our website. The data arising from this connection is deleted once storage is no longer necessary or the processing is restricted if there are legal storage obligations.

(3) Part of the data is collected in order to ensure that the website and the services offered are technically error-free. Other data may be used to evaluate your user behavior, in particular to ensure data security and to protect the website from attacks.

Your privacy

You have the following rights with regard to personal data concerning you:

  • Right of access (Art. 15 DS-GVO),

  • Right to rectification or deletion (Art. 16 and 17 DS-GVO),

  • Right to limitation of processing (Art. 18 DS-GVO),

  • Right to object to the processing (Art. 21 DS-GVO),

  • Right to data transferability (Art. 20 DS-GVO),

  • Right to revoke consents granted (Art. 7 para. 3 DS-GVO).

  • In regard to this, please contact us or our data protection officer under the contact details given. You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

What data do we collect when you visit our website?

(1) When using our website for purely informational purposes, we only collect the personal data that your browser transmits to our server. When you surf on our website, we collect the following data, as it is technically necessary for us to display our site to you and to guarantee stability and security (legal basis is Art. 6 Para. 1 S. 1 lit. f DSGVO):

  • Date and time of access

  • Names of visited websites

  • Names of downloaded files

  • Transferred amount of data

  • Status code of the access (successful/erroneous)

  • Browser type and version used

  • Operating system of the user

  • URL of the website from which our offer was accessed

  • IP address of the calling computer

  • Provider through which the access takes place

Which cookies are stored on your computer?

"Cookies" are small files that are stored on users' computers. Different data can be stored within the cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after the user's visit to an online service. Cookies do not execute any programs and do not transfer any viruses to your computer. They serve to make the website more user-friendly and effective.

Our website uses the following types of cookies, the scope and function of which are explained below:

  • Transient cookies (see a)

  • Persistent cookies (see b)

a) Transient cookies are automatically deleted when you close your browser. These include in particular session cookies. They store a so-called session ID, which can be used to assign various requests from your browser to the shared session. This enables your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close your browser.

b) Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in the security settings of your browser.

c) You can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies. We would like to point out that you may not be able to use all the functions of this website.

You can also prevent Google from collecting and processing the data generated by the cookie and related to your use of the website (including your IP address) by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout

Do we pass on your data to third parties?

If we disclose data to other persons and companies (contract processors or third parties) in the context of our processing, by transferring the data or otherwise granting access to it, it is done only with your consent (e.g. newsletter), or on the grounds of a legal obligation or for our legitimate interests (e.g. web hosting).

If we commission third parties with the processing of data, this is done on the basis of an "order processing contract" in accordance with Art. 28 DSGVO.

What web analytics services and tracking tools does our website use?

Google Analytics

On our website we use the so-called "Cookie Double Click", a service of Google Analytics. Google Analytics is a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). We may use this cookie to obtain information about your use of the website. This includes the abbreviated IP address. This data is usually transferred to a Google server in the USA and stored there.

This website uses Google Analytics exclusively with the extension "anonymize()", which ensures an anonymization of the IP address by abbreviation and excludes a direct personal reference. As a result, your IP address will be shortened by Google in advance within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. In these exceptional cases, this processing takes place in accordance with Art. 6 Para. 1 lit. f DSGVO on the basis of our justified interest in the statistical analysis of user behavior for optimization and marketing purposes. The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google.

You can prevent the storage of cookies by setting your browser software accordingly. We would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting and processing the data generated by the cookie and related to your use of the website (including your IP address) by downloading and installing the browser plugin available under the following link: tools.google.com/dlpage/gaoptout

Google LLC, headquartered in the USA, is certified for the us European Privacy Shield Agreement, which ensures compliance with EU privacy standards: https://www.privacyshield.gov/participant

You can find more information about the handling of user data by Google Analytics in the privacy policy of Google Analytics: support.google.com/analytics/answer/6004245?hl=en

The personal data of the users will be deleted or anonymized after 14 months.

Google Maps

We integrate the maps of the service "Google Maps" of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Processed data may include, but is not limited to, IP addresses and location data of users without their consent (usually performed as part of the settings of their mobile devices). The data can be processed in the USA.

Privacy policy: google.com/policies/privacy Opt-Out: https://adssettings.google.com/authenticated?pli=1=1

Our Newsletter

By subscribing to our newsletter, you agree to the terms and conditions described. We send newsletters, e-mails and other electronic notifications containing advertising information (hereinafter referred to as "newsletters") only with your consent or on the basis of legal permission. To subscribe to the newsletter, it is sufficient to provide your name and e-mail address. The registration to our newsletter takes place in a so-called double opt-in procedure: After registration you will receive an e-mail from us in which you will be asked to confirm your registration. This confirmation is necessary so that nobody can register with external e-mail addresses. The registrations for the newsletter are logged in order to be able to prove the registration process according to the legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address. Likewise, the changes of your data stored with the shipping service provider are logged.

The newsletter is sent with the recipient's consent pursuant to Art. 6 Para. 1 lit. a, Art. 7 DSGVO. Our interest is directed towards the use of a user-friendly and secure newsletter system, that serves our business interests as well as the expectations of the users, and furthermore allows us to provide evidence of consent.

How can I unsubscribe from the newsletter?

You can cancel subscription to our newsletter at any time, i.e. revoke your consent. You will find a link to unsubscribe at the end of each newsletter. We may store the unsubscribed e-mail addresses for up to three years on the grounds of our legitimate interests before deleting them, this is in order to be able to prove that we have previously given our consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the existence of prior consent is confirmed at the same time.

Our newsletter service provider

The newsletter will be sent by the mail service "MailChimp", an offer of the Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can view the privacy policy of the service provider here: mailchimp.com/legal/privacy

This U.S. provider is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with the European level of data protection https://www.privacyshield.gov/participant

Our service provider is employed in accordance with our legitimate interests pursuant to Art. 6 para. 1 lit. f DSGVO and a contract processing agreement pursuant to Art. 28 para. 3 sentence 1 DSGVO. The service provider may use the recipient's data in pseudonymous form, i.e. without allocation to a user, to optimize or improve its own services, e.g. for technical optimization of the dispatch and presentation of the newsletter or for statistical purposes. However, they are not permitted to use the data of our newsletter recipients to contact them directly or to pass the data on to third parties.

.diff in Social Media

We're also on:

  • Xing.com,

  • LinkedIn.com,

  • Facebook.com,

  • Instagram.com,

  • Vimeo.com/en/

We use these platforms to communicate with active customers, interested parties and users and to inform them about our services. We would like to point out that user data may be processed outside the European Union. This can result in risks for users, as it could, for example, make it more difficult to enforce the rights of users. However, regarding US providers that are certified under the Privacy Shield, we would like to note that they have undertaken to comply with EU data protection standards.

In addition, user data is usually processed for market research and advertising purposes. For example, user profiles can be created on the basis of user behavior and the resulting interests of users. The user profiles can in turn be used, for example, to place advertisements inside and outside the platforms which are presumed to correspond to the interests of the users. For these purposes, cookies which contain data on the user's usage behavior and interests, are usually stored on the user's computer.

Furthermore, data can also be stored in the user profiles independently of the devices used by the users (in particular if the users are members of the respective platforms and are logged in to them). The processing of users' personal data is based on our legitimate interests in effective information and communication with users (Art. 6 para. 1 lit. f. DSGVO). When you are asked by the respective providers for your consent to data processing (e.g. by ticking a checkbox or clicking a confirmation button), the legal basis is Art. 6 para. 1 lit. a., Art. 7 DSGVO.

Also in the case of requests for information and the assertion of user rights, we point out that these can be asserted most effectively with the providers. Only the providers have access to the data of the users and can directly take appropriate measures and provide information. Should you nevertheless need help, you can contact us.

For a detailed representation of the respective processing and the possibilities of objection (Opt-Out), we refer to the following linked information of the providers.

  • Xing: XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany Privacy policy/ Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung.

  • LinkedIn: LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland Privacy policy: linkedin.com/legal/privacy-policy Opt-Out: linkedin.com/psettings/guest-controls/retargeting-opt-out Privacy Shield: privacyshield.gov/participant

  • Facebook: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland Privacy policy: facebook.com/about/privacy Opt-Out: facebook.com/login Privacy Shield: privacyshield.gov/participant

  • Instagram: Instagram is a product of Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland Privacy Policy/ Opt-Out: instagram.com/about/legal/privacy Privacy Settings: help.instagram.com

  • Vimeo: Vimeo, LLC, 555 West 18th Street, New York, New York 10011. Privacy Policy: vimeo.com/privacy Opt-Out: vimeo.com/opt_out

Would you like to share our website in your social media?

In order to make our company better known we place interactional elements on our website, so-called plugins, to the following social networks:

  • Facebook (small "f")

  • Pinterest (italic "p")

  • Twitter (symbol little bird)

  • Xing (symbol modified small "x")

  • LinkedIn (small "in")

  • WhatsApp (symbol telephone receiver in a speech bubble)

The underlying advertising purpose is our legitimate interest (Art. 6 para. 1 lit. f DSGVO). The integration of these plug-ins takes place by means of the so-called two-click method in order to protect visitors to our website in the best possible way.

If you navigate to a page of our homepage that contains one of the above-mentioned plug-ins, your browser establishes a direct connection to the respective server of these web pages. The content of the respective plug-in is transmitted directly to your browser and integrated into the page. Through this integration, the above-mentioned providers receive the information that your browser has accessed our website, even if you do not have a profile or are not logged in there. This information (including your IP address) is transmitted by your browser directly to the server of the above pages and stored there.

If you are already logged in to the relevant social network, it can assign the visit to our website directly to your profile. If you interact with the plug-ins, for example by clicking on the "Like" button or making a comment, this information is also transmitted directly to the respective server and stored there. The information is also published on your profile and displayed to your friends, contacts and followers.

The data processing operations described are carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the grounds of the legitimate interests of the operators of these websites, in order to be able to offer personalized advertising, to inform other users of the social network about your activities on our website and to tailor the service to suit your needs.

If you do not wish the respective operator of the above-mentioned networks to assign the data collected via our website directly to your profile, you must log out before visiting our website.

The responsibility for data protection-compliant operation is to be guaranteed by their respective providers:

  • Facebook: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland Overview of the Facebook plugins: developers.facebook.com/docs/plugins Privacy policy Facebook: facebook.com/about/privacy Privacy Shield: privacyshield.gov/participant You can also object to the loading of Facebook plugins and thus the data processing operations described above with add-ons for your browser in the future, e.g. with the script blocker noscript.

  • Pinterest: Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland Privacy policy of Pinterest: https://policy.pinterest.com/de/privacy-policy

  • Twitter: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA Privacy policy of Twitter: http://twitter.com/privacy Opt-Out: http://twitter.com/account/settings twitter.com/en/rules-and-policies/twitter-cookies Privacy Shield: privacyshield.gov/participant

  • Xing: XING SE, Dammtorstrasse 30, 20354 Hamburg, Germany Privacy policy of Xing: https://privacy.xing.com/de/datenschutzerklaerung

  • LinkedIn: LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland Privacy policy: linkedin.com/legal/privacy-policy Opt-Out: linkedin.com/psettings/guest-controls/retargeting-opt-out Privacy Shield: privacyshield.gov/participant

  • WhatsApp: WhatsApp Inc., 1601 Willow Road Menlo Park, California 94025, USA WhatsApp Privacy Policy: https://www.whatsapp.com/legal/#privacy-policy

How can you object to or revoke the processing of your data?

You have the right to revoke your consent in accordance with Art. 7 para. 3 DSGVO with effect for the future. The revocation affects the permissibility of the processing of your personal data after you have given it to us.

You may object at any time to the future processing of your personal data in accordance with Art. 21 DSGVO. In particular, you may object to the processing of your data for the purposes of direct marketing and data analysis. If the processing of your personal data is based on a weighing of interests, you may object to the processing. This is the case if the processing is in particular not necessary for the fulfilment of a contract with you, which is explained by us in each case with the description of the functions. In the event of such an objection, we ask you to explain the reasons why you wish us to discontinue processing your personal data.

Please use the following contact data for revocation and objection:

.diff communications GmbH Bucher Str. 79a 90419 Nuremberg, Germany Phone: +49 (0) 911-21 79 72 0 E-mail: info@diff.de

Concluding remarks

Our business operations require that data be collected and processed. Where data collection and processing take place, data protection and data security must be guaranteed. For us, this is not only a legal requirement, but also an inherent concern.

Should you have any further questions or suggestions regarding data protection in connection with our services, please do not hesitate to contact us using the above-mentioned contact details.