Privacy policy

Last updated: 27.11.2024

The 1xINTERNET website can generally be used anonymously. You can make the appropriate settings directly in the cookie banner when you access the site.

However, when you access our website and content, information of a general nature is automatically collected. This information includes, for example, the type of web browser you are using, the operating system you are using, the domain name of your internet service provider and similar information.

This information does not identify you personally. This data is also generated when you access any other website on the Internet. It is therefore not a specific function of the 1xINTERNET website. This type of information is only collected in anonymous form and statistically analysed by us.

Your IP address and the date and time of your visit are also logged for data security purposes.

We do not collect personal information from you unless you choose to provide it to us.

Legal basis for the processing of your data:

We will only process your data if one or more of the following conditions apply:

  • Consent (Article 6(1)(a) GDPR): You have given us your consent to process data for a specific purpose. An example of this would be to store the information you provide in a contact form.

  • Contract (Article 6(1)(b) GDPR): In order to fulfil a contract or pre-contractual obligations with you, we process your data. For example, if we enter into a sales contract with you, we will need personal information from you in advance.

  • Legal obligation (Article 6(1)(c) GDPR): If we are subject to a legal obligation, we will process your data. For example, we are required by law to keep invoices for accounting purposes. This will usually include personal data.

  • Legitimate interests (Article 6(1)(f) GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website securely and efficiently. This processing therefore constitutes a legitimate interest.

  • Other conditions, such as recording in the public interest and the exercise of official authority and the protection of vital interests, do not generally apply to us. Where such a legal basis is relevant, it will be indicated at the appropriate place.

Contact details of the responsible person:

If you have any questions about data protection or the processing of personal data, you will find the contact details of the person or organisation responsible below:

1xINTERNET GmbH,
represented by Dr. Christoph Breidert (General Manager)
Seelenberger Str. 2
60489 Frankfurt
Germany
Tel:  +49 69 97 67 11 50
E-mail: office@1xinternet.de
VAT No.: DE293824859

Further office addresses can be found in the imprint.

At the end of this document you will find the contact details of the (external) Data Protection Officer.

Location of the web server:

We host our website ourselves, which means that we do not use the software infrastructure of an existing provider, but manage the entire system platform ourselves. The servers we use are located in Frankfurt, Germany, within the EU. We ensure that the laws of the GDPR are fully complied with.

Links and link buttons:

You will find links to other websites on our pages. These are mainly to enable you to post on various social media sites. Please note that if you use these links or buttons, you will be submitting information to external providers (e.g. X/Twitter) and their privacy policies will apply accordingly.

Mailjet:

This website uses Mailjet, a product of Sinch eMail Group. We use the product to manage e-mail newsletters or to provide a link to our 'Drupal Demo' product to our potential customers. We use it to manage e-mail templates, contact lists, etc. Mailjet is a marketing tool based in Berlin (Alt Moabit 2, 10557, Berlin, Germany) and is therefore subject to the GDPR and obliged to comply with the relevant laws.

You can find Mailjet's privacy policy here

Google Analytics and cookies in general:

This website uses Google Analytics, a web analytics service provided by Google, Inc ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website is usually transmitted to and stored by Google on servers in the United States. However, if IP anonymisation is activated on this website, your IP address will first be truncated by Google within the member states of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA for truncation. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google will not associate the IP address transmitted by your browser with any other data held by Google. 

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You may refuse the use of cookies by selecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at https://tools.google.com/dlpage/gaoptout?hl=en-GB.

The terms of use and information on data protection can be found at https://marketingplatform.google.com/about/analytics/terms/us/.

This website has added the 'anonymizelp' code to Google Analytics to ensure anonymised collection of IP addresses. The postal address of Google (Germany) is Google Germany GmbH, ABC-Strasse 19, 20354, Hamburg, Germany.

Google Tag Manager:

This website uses Google Tag Manager, which makes it easier to implement web analytics tools such as Google Analytics. Google Tag Manager is a free tag management system. It allows us to integrate code snippets such as tracking codes or conversion pixels into the website without having to modify the source code. As the Tag Manager itself does not collect any data, but only connects to other tools, we do not necessarily need to list it here - but we are happy to do so for the sake of completeness. You can find Google's privacy policy and postal address under 'Google Analytics and cookies in general'.

Google Ads (Google AdWords) Conversion-Tracking:

We use Google Ads (formerly Google AdWords) as an online marketing tool to promote our products and services. Our aim is to make more people aware of the high quality of what we offer on the internet. As part of our advertising using Google Ads, we use Google Inc. conversion tracking on our website.

In Europe, however, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. This free tracking tool helps us better tailor our advertising to your interests and needs.

If you do not want us to use Google ads, you can opt out directly through our cookie banner that appears when you visit our website.

Personio:

We use Personio, an HR platform that allows us to centrally automate processes and workflows. Personio is ISO 27001 certified and meets all GDPR requirements. 

You can find Personio's privacy policy here

The postal address of Personio is: Personio SE & Co. KG, Seidlstraße 3, 80335, München, Germany. Telephone number Personio: +49 (89) 1250 1005.

Plausible:

Plausible (Plausible.io) is an analytics tool that helps us measure the use and performance of our website. It is an open source product that does not use cookies (Plausible creates a pseudonymised hash value to differentiate between page viewers), is based in Estonia (EU) and complies with data protection regulations. The postal address is Plausible Insights OÜ, Västriku tn 2, 50403, Tartu, Estonia. The e-mail address is hello@plausible.io

You can find Plausible`s privacy policy here

YouTube:

YouTube has the same privacy policy as Google (see above) because YouTube is operated by Google (on the same server farms). Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland is also responsible. The contact details are Telephone: +353 1 543 1000, Fax: +353 1 686 5660, E-mail: support-deutschland@google.com

X / formerly Twitter:

The marketing tool X (formerly Twitter) is used on the website of 1xINTERNET GmbH. The mailing address of 'X Corp.' is 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. There is also another business address within the EU: Twitter int. unlimited, One Cumberland Place, Fenian Street, Dublin 2, D02AX07, Ireland.

Where possible, we try not to transfer data to X/Twitter, as the level of protection cannot be guaranteed when data is transferred to the USA. However, the use of this service is often unavoidable or, in some cases, explicitly requested by the customer.

You can find Twitter's privacy policy here

Instagram:

We have integrated Instagram features into our website. Instagram is a social media platform owned by Instagram LLC, 1601 Willow Rd, Menlo Park, CA 94025, USA. Instagram became a subsidiary of Meta Platforms Inc. in 2012 and is a Facebook product. By embedding Instagram content on our website, we can show you content such as buttons, photos or videos from Instagram directly on our website. When you access web pages on our site that include an Instagram feature, data is transferred to, stored and processed by Instagram. Instagram uses the same systems and technology as Facebook. Your information is therefore processed across all Facebook businesses.

You can find Instagram's privacy policy here

Linkedin:

We use social plugins on our website from the social media network LinkedIn, LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. The social plugins may be feeds, content sharing or links to our LinkedIn page. The social plug-ins are clearly marked with the familiar LinkedIn logo and allow, for example, interesting content to be shared directly from our website. For the European Economic Area and Switzerland, the data processor is LinkedIn Ireland Unlimited Company Wilton Place in Dublin. LinkedIn also processes your data in, among other places, the United States. LinkedIn is an active participant in the EU-US Privacy Framework, which governs the correct and safe transfer of personal data from EU citizens to the US. You can find out more at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en or on the LinkedIn privacy policy page itself: https://www.linkedin.com/legal/privacy-policy?tid=331732617631.

Facebook:

The 1xINTERNET website uses social plugins ('plugins') from the Facebook.com network, which is operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA ('Facebook'). The plugins are identified by a Facebook logo or the words 'Facebook Social Plugin'.

When you visit a website that contains such a plugin, your browser establishes a direct connection with the Facebook servers. Facebook sends the content of the plugin directly to your browser, which integrates it into the website.

By integrating the plugin, Facebook receives the information that you have accessed the corresponding page of our website. If you are logged into Facebook, Facebook can associate the visit with your Facebook account. If you interact with the plugins, e.g. by clicking the 'Like' button or leaving a comment, the corresponding information is transmitted directly from your browser to Facebook and stored there.

If you do not want Facebook to collect data about you via the 1xINTERNET website, you must log out of your Facebook account before visiting the 1xINTERNET website.

Sharing on social networks:

Social sharing' refers to the sharing of content on the Internet with contacts on social networks such as Facebook, Twitter or Google.

When you visit a 1xINTERNET website that contains such a button ('widget'), you have the option of sending a self-determined text and a short URL of the page you have visited to your social networking contacts on Facebook, Twitter or Google.

When you interact with the widget, for example by clicking the 'Share' button or leaving a comment, the information is sent directly from your browser to the selected social network and stored there.

If you do not want social networks to collect information about you through the 1xINTERNET website, you must log out of your social media accounts before visiting the 1xINTERNET website.

Your rights as a data subject:

If your personal data is processed when you visit our website, you have the following rights as a ‘data subject’ within the meaning of the GDPR:

Right of Access / Information (Art. 15 GDPR):

You may request access to information from us as to whether we are processing your personal data. There is no right to information if the provision of the requested information would violate the duty of confidentiality pursuant to Section 57 (1) German Tax Consultation Act (StBerG) or if the information must be kept secret for other reasons, in particular due to an overriding legitimate interest of a third party. Notwithstanding this, there may be an obligation to provide information if your interests outweigh the interest in confidentiality, in particular taking into account the risk of damage. The right to information is also excluded if the data is only stored because it may not be deleted due to legal or statutory retention periods or exclusively serves the purpose of data security or data protection control, provided that the provision of information would require a disproportionately high effort and processing for other purposes is excluded by appropriate technical and organisational measures. If the right of access is not excluded in your case and your personal data is processed by us, you may request the following information from us:

  • Purposes of data processing,

  • Categories of personal data that will be processed,

  • Identification of the recipients or categories of recipients to whom your personal data will be disclosed, in particular recipients in third countries,

  • where possible, the intended retention period of your personal data or, where this is not possible, the criteria for determining the retention period,

  • the existence of a right to rectification, erasure or restriction of the processing of personal data concerning you or a right to object to such processing,

  • the existence of a right to lodge a complaint with a supervisory authority for the protection of personal data,

  • if the personal data have not been collected from you as the data subject, the information available on the origin of the data,

  • where applicable, the existence of automated decision-making, including profiling and meaningful information about the logic involved, as well as the significance and intended consequences of automated decision-making,

  • if applicable, in the case of transfer to recipients in third countries, provided that no decision of the EU Commission on the adequacy of the level of protection pursuant to Art. 45 para. 3 GDPR, information on the appropriate security measures pursuant to Art. 46 (2) GDPR for the protection of personal data.

Right to Rectification and completion (Art. 16 GDPR):

If you discover that we are holding inaccurate personal data about you, you can request that we correct the inaccurate data immediately. If your personal information is incomplete, you may request that it be completed.

Right to Erasure (Art. 17 GDPR):

You have the right to erasure ('the right to be forgotten'), unless the processing is necessary for the exercise of the right of freedom of expression or the right to information or for compliance with a legal obligation or for the performance of a task carried out in the public interest and one of the following reasons applies:

  • The personal data is no longer necessary for the purposes for which it was processed.

  • The only justification for the processing was your consent, which you have withdrawn.

  • You have objected to the processing of your personal data that we have made public.

  • You have objected to the processing of personal data that we have not made public and there are no overriding legitimate grounds for the processing.

  • Your personal data has been processed in an unlawful manner.

  • The deletion of personal data may be necessary for the purposes of compliance with a legal obligation to which we are subject.

There is no right to erasure if, in the case of lawful non-automated data processing, erasure is not possible or possible only with a disproportionate effort due to the special nature of the storage and your interest in erasure is low. In this case, erasure is replaced by restriction of processing.

Right to restriction of processing (Art. 18 GDPR):

You can ask us to restrict processing if any of the following reasons apply:

  • You contest the accuracy of the personal data. In this case, the restriction may be requested for the period of time necessary for us to verify the accuracy of the data.

  • The processing is unlawful and you request that the use of your personal data be restricted rather than erased.

  • We no longer need your personal data for the purposes of processing, but you may need it for the establishment, exercise or defence of legal claims.

  • You have lodged an objection pursuant to Art. 21 (1) GDPR. The restriction of processing may be requested as long as it has not yet been determined whether our legitimate reasons outweigh your reasons.

Limitation of processing means that the personal data will  be processed only with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. We are obliged to inform you before we lift the restriction.

Right to Data portability (Art. 20 GDPR):

You have a right to data portability if the processing is based on your consent (Art. 6(1)(1)(a) or Art. 9(2)(a) GDPR) or on a contract to which you are a party and the processing is carried out using automated procedures. In this case, the right to data portability includes the following rights, provided that this does not adversely affect the rights and freedoms of others: You may request to receive the personal data you have provided to us in a structured, commonly used and machine-readable format. You have the right to transfer that information to another responsible party without hindrance from us. Where technically feasible, you may request that we transfer your personal data directly to another responsible party.

Right to Object (Art. 21 GDPR):

If the processing is based on Art. 6 para. 1 sentence 1 letter e) GDPR (performance of a task carried out in the public interest or in the exercise of official authority) or on Art. 6 para. 1 sentence 1 letter f) GDPR (legitimate interest of the controller or a third party), you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation. This also applies to profiling based on Art. 6 para. 1 sentence 1 letter e) or letter f) GDPR. Once you have exercised your right to object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

You may at any time object to the processing of your personal data for direct marketing purposes. This also applies to profiling in connection with such direct marketing. Once you have exercised your right to object, we will no longer use the personal data concerned for direct marketing purposes.

You may inform us of your objection informally by telephone, e-mail, fax or by writing to us at the postal address set out at the beginning of this privacy policy.

Revocation of consent:

You have the right to withdraw your consent at any time with effect for the future. Withdrawal of consent may be made informally by telephone, e-mail, fax or by writing to our postal address. The revocation does not affect the lawfulness of the data processing that has been carried out on the basis of the consent until the revocation is received. After receipt of the revocation, the data processing that was based exclusively on your consent will be discontinued.

Complaint Art. 77:

If you believe that the processing of personal data concerning you is unlawful, you may lodge a complaint with the data protection authority for your place of residence or work or for the place where the alleged infringement occurred. 

Data protection officer (external):

Patrick Itzel
Vogelsbergstraße 8
63505 Langenselbold (Germany)
E-mail address: dsb@pic-systeme.de

Responsible supervisory authority (for the Frankfurt location):

Hessen Datenschutzbehörde (Data Protection Authority)
Landesbeauftragter für Datenschutz (Commissioner for Data Protection): Prof. Dr. Alexander Roßnagel 
Address: P.O. Box 31 63, 65021 Wiesbaden, Germany
Telephone number: +49/6 11/140 80
E-mail address: poststelle@datenschutz.hessen.de
Website: https://datenschutz.hessen.de/

Original version of the privacy policy in German: https://www.1xinternet.de/de/datenschutz