1. Data protection notice

General information
The protection of your personal data is very important to us. We are fully GDPR compliant. The following statement provides an overview of what happens to your personal information when you visit our website. Personal data is all data with which you can be personally identified.

Contact details
The data controller is:
xbAV AG
Martin-Greif-Strasse 1
80336 Munich

As required under art. 37 GDPR, we have appointed a data protection officer. He and his team can be contacted at:

datenschutz@xbav.de

Purpose and legal basis
In order to ensure the operation of our website and to provide you with optimum information, we use technical methods to monitor the use of our website. These data collection and analysis services are explained separately in this document.
Under no circumstances do we use the collected data for the purpose of drawing conclusions about you personally.
The legal basis for this processing is our legitimate interest (Article 6 (1) GDPR) in operating this website professionally and securely.
In addition, there are situations in which you may wish to provide us with personal information, such as contact forms and registrations.
In this case we will ask you for your consent to the processing (Article 6 (1) GDPR).

What do we use your data for?Some of the data is collected to ensure that the website is error-free. Other data may be used to analyse your user behavior.

Right of appeal to the supervisory authorities
In the event of breaches of data protection law, the data subject has the right to lodge a complaint with the supervisory authorities. The authority for data protection issues is:
Bavarian State Office for Data Protection Supervision
Promenade 27 (Schloss)
91522 Ansbach, Germany

https://www.lda.bayern.de

Right to data transferability
You have the right to have the data that we process automatically on the basis of your consent or in fulfilment of a contract made available to you or to a third party in a standard, machine-readable format.

Information, blocking, deletion
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipients and the purpose of the data processing. You also have where applicable the right to correction, blocking or deletion of this data. For this purpose, or if you have any other queries about your personal data, you can contact us at any time at the address provided under contact details.

Third-party analysis tools and tools
When you visit our website, your surfing behaviour can be statistically evaluated. This is done primarily with cookies and analysis programs. The analysis of your surfing behaviour is usually anonymous: it cannot be traced back to you. You may object to this analysis or prevent it by not using certain tools. You will find detailed information on this in the information below.

Revocation of your consent to data processing
Many data processing operations are possible only with your express consent. You can revoke your consent at any time. For this purpose, an informal notification by email to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

2. Data capture on our website

Cookies
Our website uses cookies. Cookies do not damage your computer and serve to make the website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognise your browser on your next visit.
You can set your browser so that you are informed when cookies are set and only allow cookies in individual cases, so that you can accept cookies for specific cases or generally exclude them, and so that you can activate automatic deletion of cookies when you close your browser. If cookies are deactivated, the functionality of this website may be restricted.
Cookies required for the execution of electronic communication processes or for the provision of certain functions requested by you (e.g. shopping basket function) are stored on the basis of Art. 6 (1) GDPR. The website operator has a justified interest in the storage of cookies for the technically error-free and optimised provision of its services. As far as other cookies (e.g. cookies for the analysis of your surfing behaviour) are stored, these are dealt with separately in this data protection declaration.

Server log files
The operator of this website automatically collects and stores information that your browser automatically transmits to us in the form of server log files. This data is:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

This data will not be merged with other data sources.
The legal basis for this processing is our legitimate interest (Article 6 (1) GDPR) in operating this website professionally and securely.

3. Plugins and tools

Website tracking – Matomo
In order to optimise our website, we use the Matomo webtracking tool (formerly Piwik), which is operated on our own server. Matomo is used in compliance with data protection regulations and the recommendations of the Independent Centre for Data Protection Schleswig-Holstein (ULD). The IP addresses are immediately anonymised by Matomo so that visitors cannot be identified. The anonymous statistical data is stored separately from any personal data you may have provided and does not allow any conclusions to be drawn about you personally.


In addition, the "Do not track" function can be activated during Matomo set-up. If your browser supports this function and you have activated the function in your browser settings, Matomo will not collect any data, even if you do not use the above deactivation cookie.

Contact form
If you send us enquiries via the contact form, your details from the form, including your contact details, will be stored by us for the purpose of processing your enquiry and in the event of follow-up questions. We do not pass on this data without your consent.
The processing of the data from the contact form is therefore carried out exclusively on the basis of your consent (Art. 6 (1) GDPR). You can revoke this consent at any time. For this purpose, an informal notification by email to us is sufficient. The legality of any data processing carried out prior to the revocation remains unaffected by the revocation.
The data entered by you in the contact form will remain with us until you ask us to delete it or revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.

Newsletter (Newsletter2go)
To send newsletters, this website uses Newsletter2Go. The provider is Newsletter2Go GmbH, Nürnberger Strasse 8, 10787 Berlin, Germany.
Newsletter2Go is a service with which the dispatch of newsletters can be organised and analysed. The data entered by you for the purpose of newsletter subscription will be stored on the servers of Newsletter2Go in Germany.
If you don't want Newsletter2Go to analyse your data, you need to unsubscribe. For this purpose we provide an unsubscribe link in every newsletter message. You can also unsubscribe from the newsletter directly on our website.
Data analysis by Newsletter2Go
With the help of Newsletter2Go we are able to analyse our newsletter campaigns. For example, we can see whether a newsletter message has been opened and which links have been clicked. In this way, we can determine which links have proved popular.
We can also see whether certain previously defined actions were performed after opening/clicking (conversion rate).
Newsletter2Go also allows us to cluster newsletter recipients into different categories such as age, gender or place of residence. In this way, the newsletters can be better adapted to their target groups.
Detailed information about the features of Newsletter2Go can be found at:
https://www.newsletter2go.de/features/newsletter-software/

  • Legal basis
    Data processing is based on your consent (Art. 6 (1) GDPR). You can revoke this consent at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation
     
  • Storage period
    The data stored by us for the purpose of newsletter subscription will be held by us until you unsubscribe, at which point it  will be deleted both from our servers and from Newsletter2Go's servers. This does not affect data stored by us for other purposes (e.g. email addresses for the member area).

    You can find more details in the privacy policy of Newsletter2Go under:
    https://www.newsletter2go.de/features/datenschutz-2/

  • Conclusion of a contract for contract data processing

    We have concluded a contract with Newsletter2Go in which we oblige Newsletter2Go to protect the data of our customers and not to pass it on to third parties. This contract can be viewed at the following link:

    https://www.newsletter2go.de/docs/datenschutz/ADV_Muster_Newsletter2Go_GmbH_latest_Form.pdf?x48278.

Social Media Buttons (Facebook, XING and Twitter)
On our website we use Shariff buttons with data protection protection. Shariff was developed by specialists of the computer magazine c't to provide more privacy on the Internet and to replace the usual share buttons of social networks. More information about the Shariff project can be found here.

Vimeo
For the integration of videos etc. we use Vimeo. Vimeo is operated by Vimeo, LLC headquartered at 555 West 18th Street, New York, New York 10011.
On our website we use Vimeo plugins. If you access the pages of our website that are fitted with this plugin, a connection to Vimeo's servers is created and the plugin is displayed. This will inform the Vimeo server which website you have visited. If you are logged in as a member of Vimeo, Vimeo will assign this information to your personal user account. When you use the plugin, e.g. clicking the start button of a video, this information is also assigned to your user account. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the relevant Vimeo cookies.
Further information on Vimeo's data processing and data protection can be found at:
https://vimeo.com/privacy

YouTube
Our website uses plugins from the Google-owned YouTube website. YouTube is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.
When you visit one of our pages that is equipped with a YouTube plug-in, a connection is established to the YouTube servers. This will tell the YouTube server which of our pages you have visited.
If you are logged in to your YouTube account, you will enable YouTube to directly associate your surfing behaviour with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used in the interest of making our website more appealing. This constitutes a legitimate interest within the meaning of Art. 6 (1) GDPR.
You can find more information about the handling of user data in YouTube's privacy policy at YouTube:
https://www.google.de/intl/de/policies/privacy.

4. Data recipients

Mittwald CM Service GmbH & Co. KG    (hosting company)
Königsberger Strasse 4-6              
32339 Espelkamp, Germany           

Tel.: 05772 293-100       
Fax: 05772 293-333
Email: support@mittwald.de

Registergericht Bad Oeynhausen, HRA 6640 // Sales tax ID no.: DE 814773217