Privacy Data protection

The following is our company’s data protection notice, with which we comply with our information obligations in accordance with the Data Protection Regulation (GDPR) and the Federal Data Protection Act (FDPA):

1. General information

1.1. Name and address of the person responsible

The responsible person in terms of the basic data protection regulation and other national data protection laws of the member states and other data protection regulations is the:

atriga GmbH
represented by the managing directors Oliver Burgis and Christoph Ruoff
Pittlerstr. 47
63225 Langen
Deutschland
Phone: +49 (0)6103 3746-0
E-mail:
Website: www.atriga.com

1.2. Name and address of the data protection officer

The data protection officer of atriga GmbH is:
Kristin Pagnia
atriga GmbH
Pittlerstr. 47
63225 Langen
Phone: +49 (0) 6103 3746-220
E-mail (general):
Direct contact with the data protection officer:

1.3. Rights of the data subject

The applicable data protection law grants you comprehensive data protection rights (rights of information and intervention) vis-à-vis atriga as the person responsible for processing your personal data, about which we inform you below:

1.3.1. Right of access

You can request confirmation from the person responsible as to whether personal data concerning you is being processed by us.

If such processing has taken place, you can request information from the data controller about the following:

1. the purposes for which the personal data are processed;
2. the categories of personal data which are processed;
3. the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
4. the planned duration of storage of the personal data concerning you or, if it is not possible to give specific details, criteria for determining the duration of storage;
5. the existence of a right of rectification or erasure of personal data concerning you, a right to have the processing limited by the controller or a right to object to such processing;
6. the existence of a right of appeal to a supervisory authority;
7. any available information as to the source of the data where the personal data are not collected from the data subject;
8. the existence of automated decision-making, including profiling, in accordance with Art. 22 para 1 and para 4 of the DPO and, at least in these cases, meaningful information about the logic involved and the scope and intended impact of such processing on the data subject.

You have the right to request information as to whether the personal data concerning you are being transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 of the FDPA in connection with the transfer.

1.3.2. Right of rectification

You have the right to ask the data controller to correct and/or complete the data if the personal data processed concerning you is incorrect or incomplete. The data controller shall make the correction without delay.

1.3.3. Right to limit processing

Under the following conditions, you may request the restriction of the processing of personal data concerning you:

1. if you dispute the accuracy of the personal data concerning you for a period of time which enables the controller to verify the accuracy of the personal data;
2. the processing is unlawful and you object to the deletion of the personal data and instead request the restriction of the use of the personal data;
3. the controller no longer needs the personal data for the purposes of the processing, but you need the personal data in order to assert, exercise or defend legal claims; or
4. if you have lodged an objection to the processing in accordance with Art. 21 para 1 FDPA and it has not yet been established whether the legitimate reasons given by the controller outweigh your reasons.

If the processing of personal data relating to you has been restricted, such data may be processed – apart from storage – only with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or on grounds of an important public interest of the Union or of a Member State.

If the restriction on processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.

1.3.4. Right of cancellation

Duty to delete:

You may request the controller to delete personal data concerning you without delay and the controller is obliged to delete such data without delay if one of the following reasons applies:

1. the personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
2. You withdraw your consent on which the processing was based under Art. 6 para 1 lit. a or Art. 9 para 2 lit. a FDPA and there is no other legal basis for the processing.
3. You object to the processing pursuant to Art. 21 para 1 GDPR and there are no legitimate grounds for processing that take precedence, or you object to the processing pursuant to Art. 21 para 2 GDPR.
4. The personal data concerning you have been processed unlawfully.
5. The deletion of personal data concerning you is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject.
6. The personal data concerning you have been collected in relation to information society services offered, in accordance with Art. 8 para 1 GDPR.

Information to third parties:

If the data controller has made the personal data concerning you public and is obliged to delete it pursuant to Art. 17 para 1 GDPR, he shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform data controllers who process the personal data that you, as a data subject, have requested them to delete all links to this personal data or copies or replications of this personal data.

Exceptions:

The right of cancellation does not apply insofar as the processing is necessary

1. on the exercise of the right to freedom of expression and information;
2. to comply with a legal obligation to which the processing relates under Union or national law to which the controller is subject or to carry out a task carried out in the public interest or in the exercise of official authority vested in the controller;
3. for reasons of public interest relating to public health pursuant to Art. 9 para 2 lit. h and i and Art. 9 para 3 FDPA;
4. for archiving, scientific or historical research purposes in the public interest or for statistical purposes in accordance with Art. 89 para 1 GDPR, insofar as the law referred to in section a) is likely to render impossible or seriously prejudice the attainment of the objectives of such processing, or
5. to assert, exercise or defend legal claims.

1.3.5. Right to information

If you have asserted the right to rectify, erase or limit the processing vis-à-vis the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification, erasure or limitation of processing, unless this proves impossible or involves a disproportionate effort.

You have the right vis-à-vis the controller to be informed of these recipients.

1.3.6. Right to data transfer

You have the right to receive the personal data concerning you that you have provided to the data controller in a structured, common and machine-readable format. You also have the right to have this data communicated to another person in charge without interference from the person in charge to whom the personal data has been communicated, provided that

1. the processing is based on a consent pursuant to Art. 6 para. 1sentence 1 lit. a GDPR or Art. 9 para. 2 l lit. a GDPR or on a contract pursuant to Art. 6 para. sentence 1 lit.b GDPR and
2. the processing is carried out by means of automated procedures.

In exercising this right, you also have the right to obtain that the personal data concerning you be transferred directly from one controller to another controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.

The right to data transferability shall not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

1.3.7. Right of objection

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you which is carried out pursuant to Art. 6 para 1 sentence 1 lit. a or f GDPR, including profiling based on these provisions.

The controller will no longer process the personal data concerning you unless it can demonstrate compelling legitimate reasons for processing which outweigh your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.

If the personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing, including profiling, insofar as it is linked to such direct marketing.

If you object to processing for the purposes of direct marketing, the personal data concerning you will no longer be processed for those purposes.

You have the possibility to exercise your right of objection in relation to the use of information society services, without prejudice to Directive 2002/58/EC, by using automated procedures involving technical specifications.

1.3.8. Right to revoke the data protection declaration of consent

You have the right to revoke your data protection declaration of consent at any time. Revocation of your consent does not affect the legality of the processing that has taken place on the basis of your consent until revocation.

1.3.9. Automated decision in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, that has legal effect on you or significantly affects you in a similar manner. This shall not apply if the decision

1. is necessary for the conclusion or fulfilment of a contract between you and the person responsible,
2. is authorised by Union or national legislation to which the person responsible is subject and that legislation provides for appropriate measures to safeguard your rights and freedoms and your legitimate interests, or
3. with your express consent.

However, these decisions may not be based on special categories of personal data in accordance with Art. 9 para 1 GDPR, unless Art. 9 para 2 lit. a or g GDPR applies and appropriate measures have been taken to protect rights and freedoms and your legitimate interests.

With regard to the cases referred to in (1) and (3), the controller shall take appropriate measures to safeguard the rights and freedoms and your legitimate interests, which shall include at least the right to obtain the intervention of a person from the controller, to present his or her point of view and to challenge the decision.

1.3.10. Right to appeal to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which you are resident, your place of work or the place where the alleged infringement is committed, if you consider that the processing of personal data relating to you is in breach of the DS Block Exemption Regulation.

The supervisory authority to which the complaint has been submitted will inform the complainant of the status and the results of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.

Below are the contact details of the supervisory authority responsible for our company:

Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Phone: +49 (0) 611-1408 0
Fax: +49 (0) 611-1408 611

2. Special information

2.1. Data processing

2.1.1. Scope of the processing of personal data

As a matter of principle, we process personal data of our users only to the extent necessary to provide a functional website and our contents and services. The processing of personal data of our users regularly only takes place with the user’s consent. An exception is made in those cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law.

2.1.2. Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for processing personal data, Art. 6 para. 1 sentence 1 lit. a EU General Data Protection Regulation (GDPR) as the legal basis.

In the processing of personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 para.1 sentence 1 lit. b GDPR is the legal basis. This also applies to processing operations necessary to carry out precontractual measures.

Insofar as processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 sentence 1 lit. c GDPR is the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 sentence 1 lit. d DG-GVO is the legal basis.

If the processing is necessary to safeguard a legitimate interest of our company or third party and the interests, fundamental rights and freedoms of the person concerned do not outweigh the former interests, Art. 6 para. 1 sentence 1 lit. f GDPR is the legal basis for processing.

2.1.3. Data deletion and storage period

The personal data of the person concerned will be deleted or blocked as soon as the purpose of the storage no longer applies. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which the person responsible is subject. Data will also be blocked or deleted when a storage period prescribed by the above-mentioned standards expires, unless there is a need to continue storing the data for the purpose of concluding or fulfilling a contract.

2.2. Provision of the website and creation of log files

2.2.1. Server log files

You can visit our websites without providing any personal information.

However, the provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

1. Browser type and browser version
2. Operating system used
3. Referrer URL
4. Host name of the accessing computer
5. Time of the server request
6. IP address

This data is not merged with other data sources.

2.2.2. Legal basis for data processing

The processing is carried out in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR on the basis of our justified interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files subsequently if there are concrete indications of illegal use.

2.2.3. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

The storage in log files is done to ensure the functionality of the website. In addition, the data serves us to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

2.2.4. Duration of storage

The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session is ended.

In the case of storage of the data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated so that an assignment of the calling client is no longer possible.

2.2.5. Possibility of objection and removal

The collection of data for the provision of the website and the storage of the data in log files is mandatory for the operation of the website. There is therefore no possibility of objection on the part of the user.

2.3. Use of cookies and other services (plugins and tools)

2.3.1. Description and scope of data processing

Our website uses cookies or similar technologies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user calls up a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.

We use cookies and similar technologies to make our website functional. Some elements of our website require that the calling browser can be identified even after a page change.

The following data is stored and transmitted in the cookies:

1. language setting
2. Log-in information (cookie box)

We also use other cookies on our website that are not technically necessary cookies.

In this way, the following data can be transmitted:

1. Utilization of website functions.
2. marketing
3. optimization of our website

When calling up our website, the user is informed about the use of cookies for marketing purposes, optimization of our website as well as about the utilization of website functions and his consent to the processing of personal data used in this context is obtained. In this context, a reference to this privacy policy is also made.

2.3.2. Legal basis for data processing

The legal basis for the processing of personal data using cookies for marketing purposes, optimization of our website as well as about the use of website functions is, if the user has given his consent in this regard, Art. 6 para. 1 sentence 1 lit. a GDPR.

Otherwise, the legal basis for the processing of personal data using technically necessary cookies is Art. para 1 sentence 1 lit. f GDPR.

2.3.3. Purpose of the data processing

The purpose of using technically necessary cookies is to enable the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.

We require cookies for the following applications:

1. adoption of language settings
2. map service
3. pop-ups

The user data collected through technically necessary cookies are not used to create user profiles. The use of non-technically necessary cookies is for the purpose of improving the quality of our website and its content.

In these purposes also lies our legitimate interest in the subsequent processing of personal data according to Art. 6 para. 1 sentence 1 lit. f GDPR.

Duration of storage, possibility of objection and elimination

Cookies are stored on the user’s computer and transmitted from it to our site. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the storage of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website in full.

You can find a detailed overview of the cookies and other technologies and service providers used by us, their purposes and storage periods for cookie use, as well as further information, under Change cookie settings.

Using this tool, you can accept or reject individual or all cookies separately (with the exception of essential cookies) when you visit our website for the first time and at any time thereafter by checking or unchecking the box next to the respective cookie and saving the settings or pressing the off and on button. These settings are stored on your computer or mobile device. Therefore, they must be made and saved again if the device setting is deleted or another device or browser is used. Please note that you may have to manually delete cookies that have already been set if you revoke your consent. If you do not accept cookies, the functionality of our website may be limited. Under Change cookie settings, we also indicate which cookies are set in which categories on our website.

Insofar as you have given your consent to the use of cookies in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, you can revoke your consent at any time by sending a message to the contact option described in the privacy notices, in addition to deselecting it in the cookie settings.

You have the option to revoke the processing of necessary cookies at any time if you provide valid reasons against these cookies. The revocation can be made informally by mail to or postal.

Insofar as cookies are used by third-party companies or for analysis purposes, we will inform you separately about this within the scope of this data protection notice and, if necessary, request your consent.

We use cookies within our online offer on the basis of our legitimate interests (i.e. interest in the optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR) or consent granted by you (within the meaning of Art. 6 para. 1 sentence 1 lit. a GDPR) via plugins or tools content or service offers of third party providers to integrate their content and services, such as fonts or languages.

This always requires that the third-party providers of this content, perceive the IP address of users, because without the IP address they could not send the content to their browser. The IP address is thus required for the display of this content. We strive to use only such content whose respective providers use the IP address only for the delivery of the content.

We also use cookies or other services from service providers that are based outside the EU. Please note the information in the section Third Country Transfer regarding the associated risks.

2.3.4. Cookie Consent with Borlabs Cookie

Our website uses Borlabs Cookie Content technology to obtain your consent to store certain cookies in your browser and to document this consent in a manner consistent with data protection. The provider of this technology is Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg, Germany (hereinafter Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser, which stores the consent you have given or the revocation of this consent. This data is not passed on to the provider of Borlabs Cookie.

The collected data is stored for one year and then deleted. Details on the data processing of Borlabs cookie can be found under
https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

Borlabs cookie content technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 sentence 1 lit. c GDPR.

2.3.5. WPML

This website uses the WPML voice plugin from OnTheGoSystems Limited, 22/F 3 Lockhart Road, Wanchai, Hong Kong to offer a German and English language version of the website. WPML uses cookies to determine the current language of the visitor, the last visited language and the language of the users who have logged in. Information on the cookies used can be found at
https://wpml.org/documentation/support/browser-cookies-stored-wpml.

2.3.6. Convert Plus

This website uses Convert plus from Brainstorm Force, Vasant Utsav, Opposite Shell Petrol, Rajiv Gandhi Infotech Park, Hinjewadi Phase I, Pune, Maharashtra for marketing purposes. India. PIN – 411057.

Convert Plus is a plugin that helps you to create opt-in forms for websites. You can design opt-in forms and insert them in different places like popups, slide in, info bar, widget area, footer, web page or post content etc. We use Convert Plus for pop ups and exit banners.

Details about Convert plus can be found at
https://www.convertplug.com/plus/docs/ and
https://store.brainstormforce.com/privacy-policy/?_ga=2.47455456.657337084.1646642486-2081023781.1643203244.

2.3.7. Google Maps

This site uses the map service Google Maps.

Google Maps is a web service for displaying interactive (land) maps to visually represent geographical information.

The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

By using Google Maps, information about the use of this website, including your IP address and the (start) address entered as part of the route planner function and possibly other personal data may be transmitted to the USA.

Through a two-click solution via “Borlabs cookie”, we ensure that no data is transferred from our website to Google Maps when you merely call up our page. However, as soon as you call up the map via the “Load map” function, you leave our site and use Google Maps.

We have no influence on the scope, further processing and use of the data collected by Google in this way and therefore cannot accept any responsibility for this.

When activating Google Maps on our site, you have the option to permanently unblock Google Maps by setting a check mark, if you have not already done so via the cookie banner. However, you can also decide individually each time you call up the map via the “Load map” function whether you want to give consent to the use of Google Maps for this.

If you give your consent to the use of Google Maps, the processing is based exclusively on Art. 6 para. 1 sentence 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device as defined by the TTDSG. You give us your consent, which you can revoke at any time with future effect by deselecting “external media” in the cookie settings on our site. You can also change your consent at any time by clicking on the “Privacy” button in the footer of our page/”Cookie settings” and thus revoke it for the future.

The purpose of the processing is to provide a comprehensive and professional online offer with smooth integration of the map function on an appealing website.

We store and delete cookie consent setting data only to the extent set forth in Section 2.3.1. Beyond that, we do not store any data from you when loading the map(s).

More information on the handling of user data can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=en.

2.3.8. Rights of the data subject

Information in this regard can be found under “General information” at point 1.3.

2.4. Google Web Fonts

This site uses so-called web fonts provided by Google to uniformly display fonts. The Google Fonts are installed locally. There is no connection to Google servers. No personal data is collected.

Further information on Google Web Fonts can be found at
https://developers.google.com/fonts/faq and
in Google´s privacy policy
https://policies.google.com/privacy?l=en.

2.5. Contact form and e-mail contact

2.5.1. Description and scope of data processing

On our website there is a contact form which can be used for electronic contact. If a user takes advantage of this possibility, the data entered in the input mask is transmitted to us and stored. These data are:

1. First name
2. Last name
3. File number/customer number (if available)
4. Phone number
5. your message
6. Availability times (day oft he week/ time of day)

Mandatory fields are marked as such, because in these cases we absolutely need the data to process your contact and you cannot send the message without providing it.

At the time the message is sent, the following data is also stored:

Date and time

For the processing of the data, reference is made to this data protection declaration in the context of the sending process.

Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user’s personal data transmitted with the e-mail will be stored.

In this context, the data will not be passed on to third parties. The data will be used exclusively for processing the conversation.

The same applies to inquiries by telephone or fax.

2.5.2. Legal basis for data processing

The legal basis for the processing of the data is Art. 6 para. 1 sentence 1 lit. a GDPR if the user has given his consent.

The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 sentence 1 lit. f GDPR. If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 sentence 1. 1 lit. b GDPR.

2.5.3. Purpose of data processing

These data are stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration.

2.5.4. Duration of storage

Your data will be deleted after the final processing of your inquiry; this is the case if it can be concluded from the circumstances that the matter in question has been conclusively clarified and provided that there are no legal obligations to keep records that conflict with this.

2.5.5. Possibility of objection and removal

The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case the conversation cannot be continued.

Please contact us in case of revocation of the consent and objection of the storage by mail or by e-mail to .

All personal data stored in the course of the contact will be deleted in this case.

2.6. Rights of the person concerned

Information on this can be found under “General information” in section 1.3.

2.7. Special information for the “Career” area

2.7.1. Scope of the processing of personal data” area

After visiting the “Career” section of the website, it is possible to contact us via the e-mail address provided, by fax, letter post or telephone. The user’s personal data transmitted will be stored in the process.

2.7.2. Legal basis for the processing of personal data” area

The legal basis for the processing of personal data is Art. 6 para 1 sentence 1 lit. b and f GDPR. We process personal data that you provide to us as part of your application. These are personal and communication data, application documents and, if applicable, notes in the course of conducting job interviews.

2.7.2.1. Purpose of data processing

The data is processed for the purpose of initiating an employment relationship.

We process the data you have sent us in connection with your application for filling positions within our company. Your data will only be forwarded to the persons and specialist departments responsible for the application process. Any further use or disclosure of your application data to third parties does not take place.

The application data may be processed for statistical purposes (e. g. Reporting). It is not possible to draw conclusions about individual persons.

2.7.2.2. Purpose of data processing and Place of data processing

Your application data will be deleted four months after completion of the application process. This does not apply if legal provisions prevent deletion, if further storage is necessary for the purpose of providing evidence, or if you have consented to longer storage.

The processing of your data takes place in the Federal Republic of Germany and in a member state of the European Union (EU).

2.7.2.3. Possibility of objection and elimination

Pursuant to Art. 21 para 1 GDPR, data processing may be objected to for reasons arising from the particular situation of the data subject. The objection can be made form-free and is to be addressed to: atriga GmbH, Pittlerstr. 47, 63225 Langen or by email to .

2.7.3. Rights of the data subject

You can find information on this under “General information” in section 1.3.

3. E-mail newsletter

3.1. Description and scope of data processing

If you would like to receive the free newsletter offered on our website, we require an e-mail address from you, as well as information that allows us to verify that you are the owner of the specified e-mail address and agree to receive the newsletter.

Further data will not be collected or only on a voluntary basis. This data is entered by you in the input mask when registering for the newsletter and then transmitted to us. We use this data exclusively for sending the requested information and do not pass it on to third parties — except for the purpose stated below.

For the processing of the data, your consent is obtained during the registration process and reference is made to this privacy policy.

The newsletter is sent as part of an order processing by our service provider Brevo, before “Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin”, to whom we pass on your e-mail address, name and first name, exclusively for this purpose.

The data collected within the scope of the newsletter may be processed for statistical purposes. It is not possible to draw conclusions about individual persons.

As part of the verification of your newsletter order, we perform a so-called double opt-in process via the WordPress premium plugin Contact Form 7 Double-Opt-In. In this process, no cookies are set and no data is transmitted to third parties.

We store the following data as part of the double opt-in process:

1. Registration date and time
2. Registration IP
3. Confirmation date and time
4. Confirmation IP
5. E-mail address

Our newsletter is usually sent out on a monthly basis. In addition, we send special newsletters at irregular intervals, insofar as we would like to inform you about special topics in deviation from our regular newsletter.

3.2. Legal basis for data processing

The processing of the data entered in the newsletter registration form is based exclusively on your consent Art. 6 para. 1 sentence 1 lit. a GDPR).

3.3. Purpose of the data processing

The collection of the user’s e-mail address serves to deliver the newsletter.

The collection of other personal data during the registration process serves to prevent misuse of the services or the e-mail address used.

3.4. Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected.

The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list immediately after you unsubscribe.
Data that has been stored by us for other purposes remains unaffected by this.

After you have unsubscribed from the newsletter distribution list, your e-mail address will be stored in a blacklist to prevent future mailings. We proceed in the same way with e-mail addresses to which the newsletter cannot be delivered (so-called hard bounces).

The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements for sending newsletters (legitimate interest within the meaning of Art.6 para 1 sentence 1 lit. f GDPR). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

3.5. Possibility of objection and removal

The subscription to the newsletter can be cancelled by the affected user at any time.

You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter or by sending an e-mail to . The legality of the data processing operations already carried out remains unaffected by the revocation.

3.6. Rights of the data subject

You can find information in this regard under “General information” at section 1.3.

4. atrigaprotekt

4.1. Scope of the processing of personal data

By filling out the application for atrigaprotekt, you can submit an offer for the conclusion of a contract for collection services or for creditworthiness or business information as a complete receivables management solution via our website.

For this, however, you will have to switch to our German-language site, as we do not provide this offer on our English-language site.

As part of the application process, personal data about you will be collected and then used by us for the conclusion of the contract and for registration as a customer in the atriga DebitManager (www.debitmanager.com). When entering your data, we draw your attention to the processing of your data and this data protection declaration.

The following of your data will be used:

Customer data:

1. Customer name with correct legal form information (GbR, e. K., GmbH, etc.)
2. Street, house number
3. Postal code, city (district)
4. Internet address
5. Entitlement to deduct input tax

Personal data:

1. Salutation
2. Title
3. First name, last name
4. Telephone
5. Fax
6. Mobile
7. E-mail address

Bank details, if applicable:

1. Bank or credit institution
2. Account holder, if different from customer name
3. IBAN
4. BIC

The following data is also stored when the application is sent:

Date and time of the request

4.2. Legal basis for the processing of personal data

The legal basis for the processing of personal data in the context of service contracts is Art. 6 para. 1 sentence. 1 lit. b and f GDPR.

4.3. Purpose of data processing

Due to the sensitivity of the services offered, the collection of all mentioned personal data of the principal/client is mandatory (collection services: § 11 a para. 1 no. 1 Legal Services Act (RDG); information services: Art. 6 para. 1 sentence 1 lit. b, f GDPR ). Milder means are not apparent, as it must be ensured that the interests of the debtor or the inquired party are always guaranteed. This is only guaranteed if the client/principal can be clearly identified and reached.

4.4. Duration of storage

The deletion of the data takes place when the data is no longer required for the execution of the contract. Even after the conclusion of the contract, it may be necessary to store personal data of the contractual partner in order to comply with contractual or legal obligations.

4.5. Possibility of objection and elimination

Every data subject has the right to information from atriga according to Art. 15 GDPR, the right to correction according to Art. 16 GDPR, the right to deletion according to Art. 17 GDPR and the right to restriction of processing according to Art. 18 GDPR. In addition, there is the possibility of contacting the supervisory authority responsible for atriga, the Hessischen Beauftragten für Datenschutz und Informationsfreiheit.

Consents can be revoked at any time vis-à-vis the contractual partner concerned.

Pursuant to Art. 21 para 1 GDPR, data processing may be objected to for reasons arising from the particular situation of the data subject. The objection can be made without any formalities and should be addressed to: atriga GmbH, Pittlerstr. 47, 63225 Langen.

4.6. Rights of the data subject

Information in this regard can be found under “General information” at point 1.3.

5. Social media appearances

5.1. Description and scope of data processing

We maintain publicly accessible profiles on social networks. Your personal data is processed by us when you communicate with us via the above-mentioned social media platforms. The social networks used by us in detail can be found below.

When you visit our website, the buttons of these social plug-ins are deactivated by default, i.e. we do not send any data to the respective social networks without your intervention. Before you can use the buttons, you must activate them with your click.

Social networks. can generally analyze your user behavior extensively when you visit their website or a website with integrated social media content (e.g. Like buttons or advertising banners). Visiting our social media presences triggers numerous processing operations relevant to data protection. In detail:

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your terminal device or by recording your IP address.

With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, you can be shown interest-based advertising inside and outside the respective social media presence. Provided you have an account with the respective social network, the interest-based advertising may be displayed on all devices on which you are or were logged in. Please also note that we cannot track all processing on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals.

We have only limited influence on the processing of your personal data carried out by the platform operators. At the points where we can exert influence, we work towards data protection-compliant handling by the social media platform operator within the scope of the options available to us. In many places, however, we cannot influence the data processing by the operator of the social media platform and detailed information about what data it processes and to what extent is generally not available to us. This also applies to functionalities such as the “Like” button (or comparable designation) as well as functions that share content as well as other functionalities of the respective social media provider, which the latter makes available for use in connection with texts/offers of atriga. Information on the processing carried out by the operators can be found at any time in the data protection notices of the respective platform operators.

5.2. Legal basis for data processing and purpose of data processing

Our social media presences are intended to ensure the most comprehensive presence possible on the Internet. The legal basis is our legitimate interest in carrying out public relations work and communicating our company with you in accordance with Art. 6 para 1 sentence 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on deviating legal bases to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 para 1 sentence 1 lit. a GDPR).

5.3. Responsible party and assertion of rights

If you visit one of our social media sites, we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both vis-à-vis us and vis-à-vis the operator of the respective social media portal.

Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely determined by the corporate policy of the respective provider.

5.4. Data deletion and storage period

The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their data protection notices, see below).

5.5. Recipients and place of processing

We do not pass on your personal data collected as part of the use of the social media sites to third parties and no processing is carried out by us outside Germany. However, please note that data may be passed on by the operators of the social media platforms – including to unsafe third countries.

5.6. Social networks in detail

5.6.1. XING

We have a profile on XING. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. For details on how they handle your personal data, please refer to XING’s privacy policy:

https://privacy.xing.com/de/datenschutzerklaerung.

5.6.2. LinkedIn

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn has certification in accordance with the EU-US Privacy Shield. LinkedIn uses advertising cookies.

If you wish to disable LinkedIn advertising cookies, please use the following link:

https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

For details on their handling of your personal data, please refer to LinkedIn’s privacy policy:

https://www.linkedin.com/legal/privacy-policy.

6. Special information for atriga InfoCenter

The atriga Info-Center is a separate area for the party concerned (our client’s contractual partner) in debt collection proceedings. In addition to general information on debt collection proceedings, the data subject receives information on the debt collection proceedings conducted against him/her after logging in.

6.1 Data processing

6.1.1 Scope of the processing of personal data and purpose of data processing

We only process our users’ personal data to the extent necessary to provide a functional website and our content and services. The processing of our users’ personal data only takes place regularly with the user’s consent. An exception applies in cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law.

The purpose of the data processing is to provide the data subject with a medium in the form of the Info Center which enables him/her to obtain comprehensive information about the debt collection proceedings being conducted against him/her and to call up the current status of the proceedings, the claim and, for example, the reminder texts sent to him/her at any time. In addition, the purpose is to provide the person concerned with an additional contact option and payment options. The purpose of the Info Center is therefore receivables management in addition to contract processing and legal prosecution.

The general area of the Info Center can be accessed via a link attached to the reminder.

To access the protected area of the Info Center, enter the file number of the debt collection procedure, the zip code and, if applicable, the character string from the image.

In the protected area, the person concerned receives information on their data stored with us (profile data) and data on the claim.

The following data is displayed in the profile (if available):

1. Address
2. First name Last name
3. Addition (c/o)
4. Street House number
5. Zip code City
6. Country
7. Date of birth
8. E-mail address
9. Telephone number
10. Mobile phone number
11. Fax number

The data subject has the option of adding further data to the collection procedure or correcting data. This newly entered data will be stored and processed by us. After verification, they are added to the respective debt collection procedure.

The person concerned can conclude an installment payment agreement with us via the Info Center. The monthly installment amount and the payment date of the first installment can be specified. The Info Center displays a minimum amount and a latest date for the first installment. We enter an e-mail address to which the installment plan should be sent.

The person concerned can also send us a message. The subject of the request and the content of the message to atriga are saved and processed further.

It is also possible to request a callback. In doing so, we record the telephone number provided, the date on which the data subject would like to be called and the time period.

In addition, information can be requested in accordance with Art. 15 GDPR. When requesting information, it is possible to provide the e-mail address and verify the address for queries from atriga. We store the data provided.

Mandatory fields are marked as such, as in these cases we absolutely need the data to process your contact and you cannot send the contact without providing it.

At the time the message is sent, the following data is also stored:
Date and time

To contact us, please also refer to point 2.5 of this declaration.

In addition to the data mentioned in point 2.5, the salutation, title, first name and e-mail address are also requested and stored in the Info Center contact form.

All other data displayed to the data subject in the Info Center is data that has already been transmitted to us before the Info Center is used – usually by our client.

6.1.2 Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis.

The user has the option to withdraw their consent to the processing of personal data at any time with effect for the future.

If the processing is necessary to safeguard a legitimate interest of our company or a third party – after the conclusion of the contract between the data subject and our client – and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 lit. b and f GDPR serves as the legal basis for the processing.

6.1.3 Data deletion and storage duration

The personal data of the data subject will be erased or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.

6.2 Description and disclosure of personal data to third parties

In the atriga InfoCenter, the data subject has the opportunity to obtain further information on the debt collection procedure concerning him/her.

Personal data is not passed on to third parties when using the InfoCenter.

6.3 Payment methods

Payment data is collected when the outstanding debt collection claim is settled from the Info Center page. You have the option of choosing between various payment methods for settling the collection claim on our site.

6.3.1 Instant bank transfer (Sofortüberweisung)

We offer payments by instant bank transfer. In this case, the data is collected by Sofort GmbH, Theresienhöhe 12, 80339 Munich, Germany. atriga does not collect or store the data itself.

Sofort GmbH requires the IBAN as well as the PIN and TAN of your online banking account. As part of the ordering process, you will be automatically redirected to the secure payment form of Sofort GmbH. Immediately afterwards, you will receive confirmation of the transaction. We will then immediately receive the transfer credit.

Anyone who has an activated online banking account with a PIN/TAN procedure can use Sofortüberweisung as a payment method. Please note that a few banks do not yet support payment by instant bank transfer. You can find more information on this via the following link https://www.klarna.com/sofort/kundenservice/csc/uberweisen-mit-sofort/. Further information on the stored data can be found at https://www.klarna.com/sofort/#cq-0.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. b) GDPR, as the processing of the data is necessary for payment by Sofortüberweisung and thus for the execution of the contract.

6.3.2 PayPal

In some cases we offer the possibility of processing the payment transaction via the payment service provider PayPal (PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg). This corresponds to our legitimate interest in offering an efficient and secure payment method (Art. 6 para. 1 lit. f GDPR). In this context, we pass on the following data to PayPal insofar as it is necessary for the fulfillment of the contract (Art. 6 para. 1 lit. b. GDPR).

1. amount
2. reference number

The processing of the data provided in this section is neither legally nor contractually required. Without the transmission of your personal data, we cannot process a payment via PayPal. [You have the option of choosing a different payment method.]

PayPal carries out a credit check for various services such as payment by direct debit to ensure your willingness and ability to pay. This corresponds to PayPal’s legitimate interest (pursuant to Art. 6 para. 1 lit. f GDPR) and serves the execution of the contract (pursuant to Art. 6 para. 1 lit. b GDPR). For this purpose, your data (name, address and date of birth, bank account details) will be passed on to credit agencies. We have no influence on this process and only receive the result as to whether the payment has been made or rejected or whether a review is pending.

Further information on objection and removal options vis-à-vis PayPal can be found at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

Your data will be stored until the payment process has been completed. This also includes the period required for processing refunds, claims management and fraud prevention.

7. Hosting

We host our website at Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen (hereinafter referred to as Hetzner). For details, please refer to Hetzner’s privacy policy:

https://www.hetzner.com/de/rechtliches/datenschutz.

The use of Hetzner is based on Art. 6 para. 1 sentence 1 lit. f GDPR. We have a legitimate interest in ensuring that our website is presented as reliably as possible. Insofar as a corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 sentence 1 lit. a GDPR and Section 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.

Order processing: We have concluded an order processing agreement with the above-mentioned provider. This is a contract required by data protection law, which ensures that this provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

8. meetergo

We have integrated meetergo on this website. The provider is meetergo GmbH, Hansaring 61, 50670 Cologne (hereinafter referred to as meetergo). meetergo provides an online appointment booking tool. If you make an appointment with us online, the data you enter for this purpose will be stored on meetergo’s servers in Germany. Furthermore, meetergo temporarily records your IP address, your referrer URL, the time of access and can determine that you have made an enquiry with us; this data is used exclusively for the technical provision of the service and is then automatically deleted again. The use of meetergo is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in making it as easy as possible to make appointments. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR or Art. 9 para. 1 lit. a; the consent can be revoked at any time.

9. Third country transfer

At this point, we inform you about the processing of personal data concerning you in third countries without an adequacy decision.

atriga uses service providers. Some of them use servers in third countries, i.e. outside the EU or the EEA.

The associated transfer of personal data must be permitted according to Art. 44 et seq. GDPR must be permissible.

atriga agrees with service providers that process personal data in an insecure third country on the standard data protection clauses issued by the EU Commission and still valid. Where possible, we also agree on additional guarantees to ensure that sufficient data protection is guaranteed in the USA or other third countries.

Nevertheless, it may happen that, despite all contractual and technical measures, the level of data protection in the third country does not correspond to that in the EU. For these cases, we ask you, if necessary, in the context of cookie consent, in (contact) forms or other registrations and logins, for your consent in accordance with Art. 49 para 1 lit. a GDPR to the transfer of your personal data to a third country.

In this statement you will find information about all service providers from third countries that we use.

10. Amendment of this data protection notice

The atriga GmbH reserves the right to update this privacy policy at any time if necessary to adapt to technical developments or in connection with the offer of new services or products.

Contact

If you have any further questions regarding data protection, you can contact us at any time by e-mail:

For better readability, the generic masculine is used in this data protection notice. Unless otherwise indicated, the personal designations used in this privacy policy refer to all genders.