1. Objective and responsible body
• This data protection declaration clarifies the type, scope and purpose of the processing (including the collection, processing and use) of personal data within our online offer and the websites, functions and contents connected with it (hereinafter jointly referred to as "online offer" or "website"). This privacy policy applies regardless of the domains, systems, platforms and devices (e.g. desktop or mobile) on which the online offer is executed.
• The person responsible in accordance with Article 4 paragraph 7 of the Basic Data Protection Regulation (DS-GVO) is Achim Kautz, Kautz⁵ gUG, Hauptstraße 335, 51143 Cologne, post@kautzhoch5.de, https://www.kautzhoch5.de (hereinafter referred to as "provider", "we" or "us"). For further contact details, please refer to our imprint.
• The term "user" includes all customers and visitors of our online offer. The terms used, e.g. "user", are to be understood in a gender-neutral way.
  
  
2. Basic information on data processing
• We process personal data of users only in compliance with the relevant data protection regulations. This means that user data will only be processed if legal permission has been granted. This means, in particular, if the data is required for the provision of our contractual services and online services, or is required by law, or if the consent of the users is present, as well as on the basis of our legitimate interests, in particular in the measurement of reach, the collection of access data and the use of third-party services.
• We take organisational, contractual and technical security measures in accordance with the state of the art in order to ensure that the provisions of the data protection laws are observed and thus to protect the data processed by us against accidental or intentional manipulation, loss, destruction or access by unauthorised persons.
• If, within the scope of this data protection declaration, content, tools or other means are used by other providers (hereinafter jointly referred to as "third party providers") and their registered office is abroad, it is to be assumed that a data transfer to the countries where the third party providers are based is taking place. The transfer of data to third countries is either based on a legal permission, a consent of the users or special contractual clauses which guarantee the legally required security of the data.
  
  
3. Processing of personal data
• Personal data will be processed, in addition to the use expressly indicated in this Privacy Policy, for the following purposes on the basis of legal permissions or consents given by users:
  - The provision, execution, maintenance, optimisation and safeguarding of our services and user benefits;
  - The provision of effective customer service and technical support.
• We only transfer user data to third parties if this is necessary for billing purposes (e.g. to a payment service provider) or for other purposes if this is necessary to fulfil our contractual obligations to the users (e.g. address notification to suppliers).
  
  
4. Contact form and email contact
• When you contact us by e-mail or via a contact form, the data you provide (name, e-mail address, message content and, if available, the subject of the message and information on how you heard about us) will be stored by us in order to answer your questions. We delete the data arising in this connection after storage is no longer necessary or restrict processing if there are legal storage obligations.
• CentralStationCRM
  This website uses the CRM software CentralStationCRM to store and process your contact. The provider is 42he GmbH, Marktstraße 10 - Building E8, 50968 Cologne, Germany. CentralStationCRM is a service that, among other things, can be used to organize and support customers. The data you enter for the purpose of contacting us will be stored on CentralStationCRM's servers in Germany. If you do not want any further processing by CentralStationCRM, you must inform the operator of this website after contacting us.
• Data analysis through CentralStationCRM
  With the help of CentralStationCRM, we are able to better organize inquiries via our website and respond more quickly. CentralStationCRM also allows us to better group our customers and contacts. This allows us to work more targetedly in sales and marketing.
• Legal basis
  Data processing is based on your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke this consent at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
• Storage period
  The data you provide to us for the purpose of contacting us will be stored by us until we delete it. For more information, please see CentralStationCRM's privacy policy at: https://centralstationcrm.net/www/privacy
• Conclusion of a contract for order data processing
  We have concluded a contract with CentralStationCRM in which we oblige CentralStationCRM to protect our customers' data and not to pass it on to third parties. This contract can be viewed at the following link: https://centralstationcrm.de/avv
• Analysis tools and advertising
  Google reCAPTCHA We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). reCAPTCHA is intended to check whether data is entered on our websites (e.g. in a contact form) by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For analysis, reCAPTCHA evaluates various information (e.g. IP address, length of time the website visitor stays on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyzes run completely in the background. Website visitors are not informed that an analysis is taking place. Data processing is carried out on the basis of Article 6 Paragraph 1 Letter f of the GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated spying and SPAM. Further information about Google reCAPTCHA and Google's privacy policy can be found at the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android. html.
5. Collection of access data
• We collect data about every access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the website previously visited), IP address and the requesting provider.
• We use the protocol data without allocation to the person of the user or other profile creation in accordance with the legal regulations only for statistical evaluations for the purpose of the operation, security and optimisation of our online offer. However, we reserve the right to check the log data subsequently if there is a justified suspicion of illegal use based on concrete evidence.
  
  
6. Cookies & Range measurement
• Cookies are information that is transferred from our web server or web servers of third parties to the web browsers of users and stored there for later retrieval. Cookies can be small files or other types of information storage. We use session cookies to check the login status, for example, or to enable the shopping basket function and thus the use of our online service in general. A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. A cookie also contains information about its origin and the storage period. These cookies cannot store any other data. Session cookies are deleted when users have finished using our online services and log out, for example. Users will be informed about the use of cookies in the context of pseudonymous range measurement within the scope of this data protection declaration.
• If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.
• It is possible to manage many online ad cookies from companies via the US websitehttp://www.aboutads.info/choices or the European website http://www.youronlinechoices.com/uk/your-ad-choices/.
  
  
7. Integration of third-party services and content
   
   • External fonts from Google, Inc., https://www.google.com/fonts ("Google Fonts"). Google Fonts are integrated by a server call at Google (usually in the USA). Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
   • Buttons and options for embedding content from the social platform Twitter, Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA, Privacy Policy: http://twitter.com/privacy, Opt-Out: https://support.twitter.com/articles/20172847.
   • Videos from the "YouTube" platform of the third party provider Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, opt-out: https://www.google.com/settings/ads/.
     
     
• It can happen that within our online offer contents or services of third party providers, such as city maps or fonts from other websites are integrated. The integration of content from third party providers always requires that the third party providers are aware of the IP address of the users, as without the IP address they would not be able to send the content to the users' browser. The IP address is therefore necessary for the display of this content. Furthermore, the providers of the third-party content may set their own cookies and process the users' data for their own purposes. In doing so, user profiles of the users can be created from the processed data. We will use this content as sparingly and as far as possible to avoid data loss and will select reliable third party providers with regard to data security.
• The following presentation offers an overview of third-party providers and their contents, together with links to their data protection declarations, which contain further information on the processing of data and, in some cases already mentioned here, options for objection (so-called opt-out):
8. User rights and deletion of data
• Users have the right to request information free of charge about the personal data we have stored about them.
  In addition, users have the right to correct inaccurate data, block and delete their personal data, where applicable, to exercise their rights to data portability and, in the event of suspected unlawful processing, to lodge a complaint with the competent supervisory authority. You can also revoke your consent, in principle with consequences for the future.
• The data stored with us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any legal storage obligations.
  
  
9. Changes to the privacy policy
• We reserve the right to amend the data protection declaration in order to adapt it to changed legal situations or in the event of changes to the service and data processing. However, this only applies with regard to declarations on data processing. Insofar as the consent of the users is required or components of the data protection declaration contain regulations of the contractual relationship with the users, the changes will only be made with the consent of the users.
• Users are asked to inform themselves regularly about the content of the privacy policy.

Stand: 02.06.2021