Thank you for your interest in our company. Data privacy is very important to the management of BHS-Sonthofen GmbH. In principle, our website can be used without providing any personal data. However, if a data subject wants to use specific services offered by our company on our website, processing personal data may be necessary. If processing personal data is necessary and if there is no legal basis for such processing, we will generally obtain the consent of the data subject.
As the controller, BHS-Sonthofen GmbH has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, absolute protection cannot be guaranteed since Internet-based data transmission is generally subject to security vulnerabilities (for example, when communicating by e-mail). Any data subject is therefore free to transmit personal data to us by alternative means, for example, by telephone.
a) Personal data
Personal data refers to any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) Data subject
A data subject is any identified or identifiable natural person whose personal data is processed by the controller.
Processing refers to any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing refers to the marking of stored personal data with the aim of limiting their processing in the future.
Profiling refers to any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
Pseudonymization refers to the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
g) Controller or data controller
Controller or data controller refers to the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Processor refers to a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient refers to a natural or legal person, public authority, agency or another body to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the context of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
j) Third party
Third party refers to a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
Consent refers to any freely given indication of the data subject’s wishes for the specific case in an informed and unambiguous manner in the form of a statement or any other unambiguous affirmative act by which the data subject indicates that he or she consents to the processing of personal data relating to him or her.
The controller pursuant to the General Data Protection Regulation, other data privacy laws applicable in the Member States of the European Union and other data privacy law provisions is:
An der Eisenschmelze 47
87527 Sonthofen (Germany)
Management: Mr. Dennis Kemmann
Data Privacy Officer:
Ms. Jessica Waibel
In certain cases, cookies are used by BHS-Sonthofen GmbH’s website. Cookies are small text files that are placed and stored on your computer by an Internet browser. Cookies do not harm your computer and do not contain viruses.
in which the cookie was stored. This enables the visited websites and servers to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified by means of the unique cookie ID.
Most of the cookies we use are called “session cookies.” They are deleted automatically at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser the next time you visit.
Cookie consent with Consent Manager Provider
The purpose of integrating “Consentmanager” is to allow the users of our website to decide on the previously mentioned functions and to offer them the option to change previously made settings as part of the ongoing use of our website. When using “Consentmanager,” personal data as well as information about the used end devices and IP address are processed.
You may object to processing. Your right to object may be grounded on reasons arising from your particular situation. If you wish to object, please send an e-mail to datenschutz[@]bhs-sonthofen[.]com.
The BHS-Sonthofen GmbH website collects a series of general data and information each time a data subject or automated system calls up the website. This general data and information is stored in the server’s log files. The following data is collected:
When using this general data and information, BHS-Sonthofen GmbH does not draw any conclusions about the data subject. Rather, this information is needed to deliver the content of our website correctly, to safeguard the content of our website and the long-term functionality of our IT systems and the technology of our website, and to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.
This anonymously collected data and information is therefore evaluated by the BHS-Sonthofen GmbH on a statistical basis, and also with the aim of improving data privacy and data security in our company in order to ultimately ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files is stored separately from any personal data provided by a data subject.
When you submit inquiries to us via our website using a contact form or by e-mail, the data entered in the form, including the contact details you provide, is stored automatically for the purpose of processing or to contact the data subject. We do not share this data without your consent.
The data entered in the contact form is therefore processed exclusively on the basis of your consent (point (a) of Article 6(1) GDPR). You can withdraw this consent at any time. An informal e-mail to this effect is sufficient, addressed to datenschutz[@]bhs-sonthofen[.]com. The withdrawal of consent does not affect the lawfulness of data processing up to the time of withdrawal.
We will retain the information you enter in the contact form until you request its erasure, you revoke your consent to storage, or the purpose of data storage ceases to exist (for example, after your inquiry has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.
You have the option to register on the website by providing personal data. What personal data is transmitted in the process depends on the respective input screen used for registration. The personal data entered is collected and stored exclusively for internal use and for our own purposes.
By registering on our website, the IP address assigned by the data subject’s Internet service provider (ISP), the date and the time of registration are also stored. This data is stored because it is essential to prevent the misuse of our services and, if necessary, this data makes it possible to solve crimes that have been committed. In this respect, storing this data is necessary to safeguard us as the controller. As a matter of principle, this data is not shared with third parties unless there is a legal obligation to transfer it or transferring the data serves law enforcement purposes.
The registration of the data subject by voluntarily providing personal data serves to offer the data subject content or services that can only be offered to registered users. Registered persons are free to change the personal data provided during registration at any time or to have it erased entirely from the controller’s data set.
You have the right to receive information about which personal data pertaining to you as a data subject is stored at any time upon request. Furthermore, we will correct or erase personal data at your request or notice, provided this does not conflict with any statutory retention obligations. All employees of BHS-Sonthofen GmbH are available as contact persons for you as the data subject in this context.
The controller processes and stores personal data of the data subject only for the period necessary to achieve the purpose of storage or where provided for by European directives and regulations or by another legislator in laws or regulations to which the controller is subject.
If the purpose of storage ceases to apply or if a storage period prescribed by European directives and regulations or another competent legislator expires, the personal data will be routinely blocked or erased in accordance with the statutory provisions.
We collect and process the personal data of applicants for the purpose of the application process. Processing may also be carried out electronically. This is the case in particular when an applicant submits corresponding application documents electronically to BHS-Sonthofen GmbH via a form on the website. If an employment contract is concluded with an applicant, the transmitted data will be stored for the purpose of the employment relationship in compliance with the applicable legal regulations. If the controller does not conclude an employment contract with the applicant, the application documents shall be erased six months after notification of the rejection decision, provided that no other legitimate interests of the controller prevent this erasure. Other legitimate interests in this sense include, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).
If we do not make you a job offer, there may be the option of being accepted into our applicant pool. In the event of acceptance into our pool, all documents and information from your application will be transferred to the applicant pool in order to contact you in the event that suitable vacancies arise. Acceptance into the applicant pool is carried out exclusively on the basis of your express consent (point (a) of Article 6(1) GDPR). Granting consent is voluntary and in no way relates to the ongoing application procedure. The data subject can withdraw their declaration of consent at any time. In this case, the data from the applicant pool is irrevocably erased, provided that no legal obligations for its further retention exist. The data from the applicant pool is irrevocably erased two years after consent is granted at the latest.
BHS-Sonthofen GmbH has no influence on the type and scope of data processed by Google, the way in which it is processed and used, or the transfer of this data to third parties. BHS-Sonthofen GmbH also does not have any effective means of control in this respect. If you use Google, your personal data will be collected, transferred, stored, disclosed and used by Google and, in doing so, will be transferred to and stored and used in the United States, Ireland and any other country in which Google does business, regardless of your country of residence. Data is transferred to companies affiliated with Google and other trusted companies or persons who process it on behalf of Google.
On the one hand, Google processes data you provide voluntarily, such as your name and username, e-mail address and phone number. Google also processes the content that you create, upload or receive from others when using the services. This includes, for example, photos and videos you save, documents and spreadsheets you create and comments you post on YouTube videos. Google furthermore also evaluates the content you share to determine what topics you are interested in, stores and processes confidential messages you send directly to other users, and may determine your location using GPS data, wireless network information or your IP address to deliver advertisements or other content to you.
Google may use analytics tools such as Google Analytics for evaluation purposes. BHS-Sonthofen GmbH has no influence on the use of such tools by Google and was not informed about such potential uses. If tools of this type are used by Google for the YouTube channel of BHS-Sonthofen GmbH, BHS-Sonthofen GmbH has neither commissioned nor otherwise supported this in any way. Also note that the data obtained from the analysis is not made available to us. Only the profiles of the subscribers can be viewed by BHS-Sonthofen GmbH via its account.
Furthermore, BHS-Sonthofen GmbH has no means to prevent or turn off the use of such tools on its YouTube channel. Finally, Google also receives information when you view content, for example, even if you have not created an account. Such “log data” may include your IP address, browser type, operating system, information about the website you previously visited and the pages you viewed, your location, your mobile carrier, the device you are using (including device ID and application ID), the search terms you used and cookie information. There are options in the general settings of your Google account you can use to restrict the processing of your data. In addition to these tools, Google also offers privacy settings specific to YouTube. See the Google Product Privacy Guide for more information: https://policies.google.com/technologies/product-privacy?hl=de&gl=de.
You can also request information using the Google data privacy form: https://support.google.com/policies/answer/9581826?visit_id=637054532384299914-2421490167&hl=de&rd=3.
BHS-Sonthofen GmbH itself does not collect any data through its YouTube channel. The IP addresses of website visitors are not transmitted to Google via the integration of YouTube videos of BHS-Sonthofen GmbH on its website (https://www.firma.de).
The data freely published and distributed by you on YouTube will be included unchanged in our YouTube channel and made available to our followers. We use YouTube in the interest of making our online presence more appealing. This constitutes a legitimate interest in accordance with point (f) of Article 6(1) GDPR.
Google also processes your data in the USA, among other places. Please note that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may be accompanied by various risks to the lawfulness and security of data processing.
As a basis for data processing with recipients located in third countries (outside the EU, Iceland, Liechtenstein and Norway) or a data transfer there, Google uses provided templates, which are intended to ensure that your data complies with European data privacy standards even when it is transferred to third countries and stored there. These clauses are based on an implementation decision of the EU Commission. The decision and corresponding standard contractual clauses are found here, for example: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc/standard-contractual-clauses-international-transfers_de.
The Google Ads Data Processing Terms, which correspond to the standard contractual clauses, are available here: https://www.google.com/analytics/terms/dpa/dataprocessingamendment_20200816.html.
We use Google Fonts from Google Inc. on our website. Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services in the European region. We have embedded the Google fonts locally, so they are being hosted on our web server rather than on Google’s servers. This means there is no connection to Google servers and thus no data transfer or storage takes place.
In the past, Google Fonts was also called Google Web Fonts. This is an interactive directory of over 800 fonts that Google provides for free. With Google Fonts, you could use fonts without uploading them to your own server. However, in order to prevent any information transfer to Google servers in this regard, we have downloaded the fonts to our server. As a result, our actions are data privacy compliant and we do not send any data to Google Fonts.
etracker Analytics is an analysis tool that can measure the performance of our website and online campaigns and analyze them accordingly. For example, the software collects data about how long you are on our website, how many users visit our website, and from where you came to our website. We also receive accurate evaluations of visitor behavior on our website. For example, we can find out which buttons you like to click or which subpages you like and which you tend to avoid. All this information is anonymous. This means that we do not identify you personally through this data, but only receive general user information and statistics.
We use the software tool to improve the quality of our website and what we offer. Our goal is to provide you with the best possible service. The data also helps us perform our online marketing and advertising activities more individually and effectively.
The following data is stored and processed when you access a page:
Website data from the web server is used here along with information the web browser transmits to the web server to access websites. This information is transmitted with each individual page view. Unlike other technologies, etracker does not read any information from your device memory and does not store any data on your device. The data is not used by etracker for any other purpose or passed on to third parties.
The cookies that are used do not contain any information that can identify you personally. Data such as the IP address, device and domain data are encrypted or shortened during storage. Personally identifying individuals is therefore impossible for us and for etracker.
Purpose: This cookie is used for cookie recognition and is only stored when cookies are activated.
Expiry: after 3 years.
Purpose: This cookie is used for cookie recognition and is only stored when cookies are activated.
Expiry: after 3 years
Purpose: This cookie is used to save the language setting.
Expiry: after one year
Notice: Please note that the list provided here only includes a selection of cookies that are used, and is not exhaustive. Which cookies are stored in a specific case depends on the evaluation mechanisms used in each case. You can view all cookies in a list under the following link: https://www.etracker.com/docs/integration-setup/einstellungen-accounts-etracker-cookies/verwendete-cookies-zaehlung/.
The etracker data center (servers) is located in Hamburg. System administration takes place entirely in Hamburg as well. All data is therefore stored exclusively on servers in Germany. The data is stored by etracker until the contract with us as a customer expires. Shortly after the contract ends, all data will be permanently erased.
You have the right to information, correction or deletion, or restriction of the processing of your personal data at any time. You can also revoke your consent to the processing of data at any time.
The use of etracker requires your consent, which we have obtained with our cookie popup. According to point (a) of Article 6(1) GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as may occur during data collection by web analytics tools.
Aside from consent, we have a legitimate interest in analyzing the behavior of website visitors in order to improve our website, both in terms of its technology and economic effectiveness. With the help of etracker, we can detect website errors, identify attacks and improve profitability. The legal basis for this is point (f) of Article 6(1) GDPR (legitimate interests). Nevertheless, we only use etracker if you have given your consent.
Social networks such as Facebook, Twitter, etc. can generally analyze your user behavior extensively when you visit their website or a website with integrated social media content (for example, “Like” buttons or advertising banners). Visiting our social media profiles triggers numerous processing operations relevant to data privacy. Details:
If you are logged in to your social media account and visit our social media profile, the operator of the social media site can match this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media site. In this case, data collection takes place, for example, via cookies that are stored on your device or by recording your IP address.
With the help of data collected in this way, the operators of social media sites can create user profiles that capture and store your preferences and interests. Interest-based advertising can thus be displayed to you inside and outside the respective social media site. If you have an account with the respective social network, interest-based advertising may be displayed on all devices on which you are logged in or have been logged in.
Our social media profiles are intended to maximize our Internet presence. This is a legitimate interest according to point (f) of Article 6(1) GDPR. The analysis processes initiated by social networks may be founded on different legal bases, which must be stated by the social network operators (for example, consent according to point (a) of Article 6(1) GDPR.)
When you visit one of our social media profiles (on Facebook, for example), we and the operator of the social media platform are jointly responsible for the data processing operations initiated during your visit. You can exercise your rights (information, correction, erasure, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media site (for example, against Facebook).
Please note that despite our joint responsibility with social media site operators, we do not have full control over the data processing operations of social media sites. Our options are largely determined by the respective provider’s company policies.
Data collected by us directly through the social media profile is erased from our systems when the purpose of storage ceases to exist, you request erasure, you revoke your consent to storage, or when the purpose of data storage no longer applies. Stored cookies remain on your device until you erase them. Mandatory legal provisions – retention periods in particular – remain unaffected.
As the controller, we may have integrated components of the company Facebook in various places on our website. Facebook is operated by Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA (hereinafter “Facebook”). For Facebook, the controller for any Facebook users outside the USA and Canada is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
If users and thus data subjects access a page of our website that contains a Facebook component, known as a Facebook plugin, or on which this has been integrated, the Internet browser on the data subject’s IT system is prompted by the Facebook component to download this Facebook component. Through the procedure just explained, Facebook receives information about which of our websites and sub-pages are visited by you as a data subject. Further information on the various individual Facebook plugins is available directly from the provider Facebook at https://developers.facebook.com/docs/plugins/?locale=de_DE.
Should you as a data subject be logged in to your Facebook account during your visit to our website, Facebook records every call to each of our individual sub-pages and the duration of the respective stay, as well as the total time spent on our website. This data is collected by the previously mentioned Facebook component(s) assigned to the individual Facebook account of the respective data subject and thus to the respective usage account of the data subject, which is thereby linked to the data collected when visiting our website.
If the data subject registered with Facebook clicks on a Facebook component on our website and thereby, for example, shares or creates a post, marks our fan page on Facebook with “like” or leaves a comment, this action is automatically assigned to the respective Facebook user account of the data subject on the social network Facebook, and this personal data is processed and stored.
Facebook provides us with statistical data called “Insights.” As the site operator, we have no influence on this generation and display of data and cannot deactivate it. The following information is provided over specific time periods: Total page views, “likes,” page activity, post interactions, reach, video views, post reach, comments, shared content, replies, proportion of men and women, origin based on country and city, language, clicks on route planners, clicks on phone numbers. Data on Facebook groups linked to our Facebook page is also provided. The legal basis for the use of Facebook Insights is our legitimate interest in operating an information and communication channel according to point (f) of Article 6(1) GDPR. Since Facebook changes the way this data is provided from time to time, please see Facebook’s data privacy statement for the current status: https://www.facebook.com/policy.php.
We do not transfer your data to third parties, third countries or international organizations. We do not know how Facebook handles the transfer of data. We would like to point out, however, that public posts, comments or “likes” can generally be viewed by anyone. Via the respective integrated Facebook component, the platform always receives individual information when you visit our website if you are logged in to Facebook at the same time. This is independent of a direct interaction such as clicking on the respective Facebook component.
If this collection of your online activity and interaction with our website is not desired, you as a data subject must log out from your Facebook account and thus from their own online service before calling up our website. If you need information about your personal user data or rights, or if you have questions about data processing by Facebook, please contact the company directly. You will find Facebook’s data privacy notice under the following link: https://de-de.facebook.com/about/privacy. The objection options (“opt-out”) can be set under the following link: https://www.facebook.com/settings?tab=ads. For direct contact with the data privacy officer of Facebook, click here.
Components of the Internet service Instagram have been integrated on the controller’s website. Instagram is a social network designed to focus on audiovisual media. Users generally post pictures and videos on their own profiles on the Instagram platform, which can then be viewed by other users. If they have their own account, users can also interact with these posts, for example, by commenting on them. The Instagram service also offers companies the opportunity to create a profile and make images, text and video available to users.
In some circumstances, various Instagram components called Insta buttons are integrated into the controller’s website. Depending on activation, users are either redirected to our own profile on Instagram and have the opportunity to follow our company and view our previously published media, or they are prompted by the link click to share our homepage or a specific medium, such as an image, from our homepage on Instagram. For each individual sub-page of the controller’s website, the integration of an Instagram component means that this component requests the Internet browser used by the data subject to download this component in order to display it graphically. This informs Instagram about which subpages the data subject has clicked on the controller’s website.
If the Instagram component is placed in a location on our homepage that is fundamentally functional and visible on every subpage, such as the menu, header or footer, all subpages of our entire homepage are captured by Instagram. If the data subject is logged in to Instagram when calling up our site, Instagram recognizes any call to our website during the entire duration of the respective user’s stay, which sub-pages are visited at what time, and how long the user stays on these sub-pages and our website as a whole.
The Instagram component integrated by the controller collects this personal data and automatically assigns it to the Instagram account where the user is currently logged in. As soon as a component on our website is clicked, i.e., one of the Insta buttons on our website, this data is transmitted to Instagram and stored and processed by the social network. Through the Instagram component(s) located on the controller’s website, Instagram receives information at any time as soon as the respective data subject visits our website, provided that the data subject is logged in to an Instagram account at that time. This takes place regardless of whether an Instagram component was clicked or not.
We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany.
Whenever a data subject accesses one of the individual pages of this website operated by the controller and on which a Xing component (Xing plug-in) has been integrated, the Internet browser on the data subject’s IT system is automatically prompted by the respective Xing component to download a representation of the corresponding Xing component from Xing. Further information on the Xing plug-ins can be found at https://dev.xing.com/plugins. As part of this technical procedure, Xing receives information about which specific subpage of our website is visited by the data subject.
If the data subject is logged in to Xing at the same time, Xing recognizes which specific subpage of our website the data subject is visiting with each call to our website by the data subject and for the entire duration of the respective stay on our website. This information is collected by the Xing component and associated by Xing with the respective Xing account of the data subject. If the data subject activates one of the Xing buttons integrated on our website, such as the “Share” button, Xing associates this information with the data subject’s personal Xing user account and stores this personal data.
Xing always receives information via the Xing component that the data subject has visited our website if the data subject is logged in to Xing while calling up our website; this takes place regardless of whether the data subject clicks on the Xing component or not. If the data subject does not want this information to be transmitted to Xing, they can prevent transmission by logging out of their Xing account before accessing our website.
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you want to deactivate LinkedIn advertising cookies, please follow this link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
The transfer of data to the USA is based on the EU Commission’s standard contractual clauses. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.
Point (a) of Article 6(I) GDPR serves as our company’s legal basis for processing operations in which we obtain consent for a specific purpose of processing. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, with processing operations necessary for the provision of services or consideration, processing is based on point (b) of Article 6(I) GDPR.
The same applies to processing operations that are necessary for the implementation of pre-contractual measures, for example, in case of inquiries about our products or services. If our company is subject to a legal obligation by which the processing of personal data becomes necessary, such as for compliance with tax obligations, processing is based on point (c) of Article 6(I) GDPR.
Finally, processing operations may be based on point (f) of Article 6(I) GDPR. Processing operations not covered by any of the aforementioned legal bases are based on this legal basis if processing is necessary to protect a legitimate interest of our company or a third party, unless the interests, fundamental rights and freedoms of the data subject outweigh this interest. Such processing operations are permitted to us in particular because they have been specifically mentioned by the European legislator. In this respect, the legislator considered that a legitimate interest could be assumed if the data subject is a customer of the controller (recital 47 sentence 2 GDPR).
When the processing of personal data is based on point (f) of Article 6(I) GDPR, our legitimate interest is the performance of our business activities.
The criterion for the storage duration of personal data is the respective statutory retention period. After the retention period ends, the corresponding data is routinely erased, provided that it is no longer needed for contract fulfillment or initiation.
We hereby inform you that providing personal data is in part prescribed by law (tax regulations, for example) or may also result from contractual provisions (information about the contractual partner, for example). In order to conclude a contract, it may at times be necessary for a data subject to provide us with personal data that subsequently has to be processed by us. For example, the data subject is obligated to provide us with personal data if our company concludes a contract with the data subject. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before providing personal data, the data subject must contact one of our employees. Our employee will inform the data subject on a case-by-case basis whether providing the personal data is required by law or contract or is necessary for the conclusion of a contract, whether there is an obligation to provide the personal data, and what the consequences of not providing the personal data would be.
As a responsible company, we do not use automated decision-making or profiling.