We will generally collect and use personal data of our users only if and to the extent necessary to make available a functional website and/or to provide our content and services. Personal data of our users generally will be collected and/or used only with the prior consent of the user. An exception applies in cases where obtaining prior consent is practically impossible and where data processing is permitted by applicable law. The types of data we process are as follows:
If we obtain the consent of a data subject for processing personal data, the legal basis for processing such personal data is Art. 6 para. 1 let. a) EU General Data Protection Regulation (hereinafter “GDPR”). If we process personal data that are necessary to perform a contract to which the data subject is a party, the legal basis for processing such personal data is Art. 6 para. 1 b) GDPR. The same applies if processing personal data is necessary to perform pre-contractual measures. If processing personal data is necessary to perform a legal obligation of our company, the legal basis for such data processing is Art. 6 para. 1 c) GDPR. If processing personal data is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and fundamental freedoms of the data subject do not outweigh that legitimate interest, the legal basis for such data processing is Art. 6 para. 1 let. f) GDPR.
Personal data of a data subject will be erased or blocked as soon as they are no longer needed for the purposes for which they are stored. Data may also be blocked if provided for by EU or national regulations, laws, or other provisions to which the controller is subject. Data will also be blocked or erased if recordkeeping obligations under the aforementioned norms expire, unless continued storage of such data is necessary to enter into or perform a contract.
When our Website is accessed, our system will automatically collect data and information from the computer system of the terminal device accessing the Website.
In this connection the following data will be collected for a limited time period:
Such data will be stored in log files of our system. Such data are needed only to analyze any malfunctions and will be erased at the latest within seven days. The legal basis for temporarily storing data in log files is Art. 6 para. 1 let. f) GDPR. Temporary storage of the IP address for the system is necessary for making the Website available to the terminal device of the user. For this purpose the IP address of the user must be stored for the duration of the session. Data are stored in log files to ensure the functionality of our Website. In addition, such data are used to optimize the Website and to ensure the security of our IT systems. Data will not be analyzed for marketing purposes in this connection, and we will draw no inferences as to your identity. The aforementioned purposes also provide the basis of our legitimate interest in data processing within the meaning of Art. 6 para. 1 let. f) GDPR. Collecting data to make available the Website and storing data in log files is necessary for operating the Website. Consequently, users have no right to object to the collection or use of such data for the aforementioned purposes.
We maintain an online presence on social networks and platforms to communicate with clients, interested parties, and users who are active on those networks, and to be able to inform clients, interested parties, and users of our services.
Our Website also links to the website of Twitter, operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, U.S.A. or, if you reside in the EU, Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland.
Our Website also links to the website of LinkedIn, operated by LinkedIn Inc., 1000 W Maude Ave, Sunnyvale, CA 94085, U.S.A., or, if you reside in the EU, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland.
Our Website also links to the website of Artstation, operated by Ballistiq Digital Inc., 33 Rue Prince, Suite 313, Montrale, QC H3C 2M7, Canada.
On the basis of our legitimate interests (interest in optimization and economic operation of our online-service in accordance with Art. 6 para. 1 let. f GDPR) we use web-analysis services from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
Google is certified under the Privacy-Shield framework and hereby provides a guarantee to conform with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google will use this information as a commissioner to analyze the usage of our online-services, to issue a report about the activities within our online-services and to perform other services for us which are connected with the usage of our online-services and the internet. The processed data can be used to create pseudonymized user profiles.
We only use Google Analytics with activated IP-anonymization. That means, the user’s IP-address will be shortened by Google in the area of EU-member states or other contracting states of the Agreement on the European Economic Area. Only in exceptional cases the full IP-address will be transmitted to a Google server in the U.S.A. and shortened there.
We use “Google Tag Manager” to implement and manage Google analysis and marketing services.
The IP-address collected from the user will not be linked with other data from Google. Users can prevent the collection of information by cookies via his browser settings; further, users can prevent the collection of the data collected by the cookie with regards to their usage of the online-services and Google’s processing of this data by installing a browser-plugin which is available here: http://tools.google.com/dlpage/gaoptout?hl=de.
Further information about Google’s usage of data, settings and the right to object can be found on Google’s websites:
https://www.google.com/intl/de/policies/privacy/partners (“how google uses information from sites or apps that use our services”),
http://www.google.com/policies/technologies/ads (“Data usage for advertising purposes”),
For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
For this purpose your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 para. 1 let. f GDPR.
If your browser does not support web fonts, a standard font is used by your computer.
If we process your personal data, you will be a data subject within the meaning of the GDPR and you will have the following rights against the controller:
You may demand that the controller confirm whether or not personal data about you are processed by us.
If we do process such data, you may demand the following information from the controller:
You have a right against the controller to have incorrect personal data rectified and/or to have incomplete personal data completed if the personal data we process are incorrect or incomplete. The controller must rectify data without undue delay.
Under the following conditions you may demand restricted processing of your personal data:
If processing of your personal data is restricted, such data may – except for their storage – be processed only with your consent, or to assert, exercise, or defend legal rights or claims, to protect the rights of another natural person or legal entity, or for reasons related to an important public interest of the European Union or any member state.
If processing of your personal data has been restricted under the aforementioned conditions, you will be notified by the controller before the restriction is lifted.
a) Erasure obligation
You may demand that the controller erase your personal data without undue delay and the controller has an obligation to do so if one of the following reasons applies:
b) Information to third parties
Where the controller has made personal data public and has an obligation under Art. 17, para. 1 to erase such personal data, the controller, taking into account available technology and the cost of implementation, must take reasonable steps, including technical measures, to inform controllers which are processing such personal data that the data subject has requested the erasure by such controllers of any links to, or copies or duplicates of, such personal data.
There is no right to erasure if processing personal data is necessary
If you have exercised your right to rectification, erasure, or restricted processing against the controller, the controller has an obligation to notify all recipients to whom your personal data have been disclosed of such rectification, erasure, or restricted processing, unless this proves impossible or would be associated with unreasonable expense.
You have a right to be informed of all such recipients by the controller.
You have a right to receive personal data you have made available to the controller in a structured, standard, and machine-legible format. You also have the right to transfer your personal data to another controller without any interference by the controller to whom the personal data were made available, if
In exercising the right to data portability you further have the right to have your personal data transferred directly from one controller to another controller, if and to the extent that this is technically feasible. No rights or freedoms of any other persons may be infringed thereby.
The right to data portability does not apply to processing of personal data that is necessary to perform a task that is in the public interest or to processing of personal data in the exercise of official authority vested in the controller.
You have the right for reasons related to your particular situation to object to processing of your personal data at any time based on Art. 6 para. 1 let. e) or f) GDPR; the same applies to any profiling based on the aforementioned provisions.
If you object, the controller will no longer process your personal data, unless the controller can show that there are compelling protected reasons for processing your personal data that override your interests, rights and freedoms, or if your data are processed to assert, exercise, or defend legal rights or claims.
If your personal data are processed for direct advertising purposes, you have a right to object to processing of your personal data for purposes of such advertising at any time; the same applies to any profiling associated with such direct advertising.
If you object to processing of your personal data for purposes of direct advertising, your personal data will no longer be processed for such purposes.
In connection with use of information society services you may exercise your right of objection – regardless of Directive 2002/58/EC – by using automated processes for which technical specifications are used. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
You have a right to revoke your consent to data processing at any time. If you exercise your right of revocation, the lawfulness of data processing that occurs before revocation based on your consent will remain unaffected.
You have a right not to be subjected to a decision that is made exclusively by means of automated processing – including profiling – if such a decision has legal consequences for you or otherwise substantially impairs your interests. This does not apply if the decision
However, such decisions may not be made with respect to special categories of personal data within the meaning of Art. 9 para. 1 GDPR, unless Art. 9 para. 2 let. a) or g) GDPR applies and appropriate safeguards have been implemented to protect your rights, freedoms, and legitimate interests.
In cases 1) and 3) above the controller must implement appropriate safeguards to protect your rights, freedoms, and legitimate interests, which must include, at a minimum, a right to have a person acting on behalf of the controller take action, a right to present your own point of view, and a right to contest the decision.
Without prejudice to any other available administrative or judicial remedies, you have a right to lodge a complaint with a supervisory authority, in particular a supervisory authority located in the member state of your habitual residence, at your workplace, or at the place of the purported infringement, if in your opinion the processing of your personal data violates the GDPR.
The supervisory authority where the complaint is lodged will then notify the complainant of the progress and outcome of the complaint, including judicial remedies available under Art. 78 GDPR.
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.