The controller as defined in the data protection legislation, especially the EU General Data Protection Regulation (GDPR), is:

Katharina-von-Bora-Strasse 1
80333 Munich, Germany

Managing Directors:
Sarah-Joan Fuld, Michael Keller, Christoph Rohrer, Marc Ziegler
HRB 177167 Munich District Court

Legal basis for data processing

We process personal data on the following legal grounds to display our website properly and ensure that our users have fully functional access to all available services:

  • Consent (Art. 6 para. 1 lit. a) GDPR)
  • To fulfill contracts (Art. 6 para. 1 lit. b) GDPR
  • On the basis of a balance of interests (Art. 6 para. 1 lit. f) GDPR)
  • To fulfill a legal obligation (Art. 6 para. 1 lit. c) GDPR)


Your rights

You are authorized to exercise the following rights at any time by notifying our data protection officer (contact details above):

  • Get information about your saved personal data and its processing (Art. 15 GDPR),
  • Rectify incorrect personal data (Art. 16 GDPR),
  • Erase your saved personal data (Art. 17 GDPR),
  • Restrict data processing provided we are not yet authorized to erase your data due to legal obligations (Art. 18 GDPR),
  • Object to the processing of your personal data (Art. 21 GDPR) and
  • Data portability, provided you have consented to data processing or have signed a contract with us (Art. 20 GDPR).

Once you have provided your consent, you can revoke it at any time. This will only impact future data processing and will not negate the legality of any processing that occurred previously.

You have the right to complain to your responsible supervisory agency at any time (Art. 77 GDPR in connection with § 19 BDSG (German Federal Data Protection Act)). Your responsible supervisory authority is determined by the state in which you live or work, or the suspected infringement. A list of supervisory authorities (for the private sector) with addresses is available at:

General information collected during website use, type and purpose of data processing:

When you access our website general information is automatically collected. This information (server log files) includes the type of web browser, the operating system used, the domain name of your internet service provider, and other similar details.

This information is processed for the following purposes:

  • Ensure a trouble-free connection to the website,
  • Ensure trouble-free use of the website,
  • Evaluate system security and stability, and
  • for other administrative purposes.

We do not use your data to make any conclusions about your identity.

We may evaluate such anonymous information statistically to improve our website and technical functionalities.

Legal basis:

Data is processed in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.


The data is only sent to the responsible data controller and potentially technical service providers involved in the operation and maintenance of our website as processors.

Storage duration:

The data is erased once it is no longer required for the purpose for which it was originally collected. Data used only to deploy the website is always erased once the corresponding session has been completed.

Provision required or mandatory:

The provision of the aforementioned personal data is not legally or contractually required. If we do not have the IP address and the consent to the use of cookies, however, it is not possible to guarantee the full functionality of our website. Individual services may also be unavailable or limited in scope. For this reason, the user has no right to object to this data collection.

SSL encryption

We use up-to-date encryption technologies (e.g. SSL) via HTTPS to ensure the security of your data during transmission.


This site uses the security plugin WORDFENCE to protect the website from hacker attacks etc.. Provider is DEFIANT, 800 5th Ave Ste 4100, Seattle, WA 98104.

The DSGVO-compliant data processing agreement provided has been concluded.

WORDFENCE currently uses three cookies and the following explains what each cookie does, who set the cookie, and why the cookie helps protect the site.

What it does: This cookie is used by the Wordfence firewall to perform a capability check of the current user before WordPress has been loaded.
Who gets this cookie: This is only set for users that are able to log into WordPress.
How this cookie helps: This cookie allows the Wordfence firewall to detect logged in users and allow them increased access. It also allows Wordfence to detect non-logged in users and restrict their access to secure areas. The cookie also lets the firewall know what level of access a visitor has to help the firewall make smart decisions about who to allow and who to block.

What it does: This cookie is used to notify the Wordfence admin when an administrator logs in from a new device or location.
Who gets this cookie: This is only set for administrators.
How this cookie helps: This cookie helps site owners know whether there has been an admin login from a new device or location.

What it does: Wordfence offers a feature for a site visitor to bypass country blocking by accessing a hidden URL. This cookie helps track who should be allowed to bypass country blocking.
Who gets this cookie: When a hidden URL defined by the site admin is visited, this cookie is set to verify the user can access the site from a country restricted through country blocking. This will be set for anyone who knows the URL that allows bypass of standard country blocking. This cookie is not set for anyone who does not know the hidden URL to bypass country blocking.
How this cookie helps: This cookie gives site owners a way to allow certain users from blocked countries, even though their country has been blocked.


Changes in our data protection regulations

We reserve the right to adapt this Data Protection Policy to ensure that it always reflects the latest legal requirements, or to incorporate any changes to our services into this Data Protection Policy, e.g. when we introduce new services. In this case, the new Data Protection Policy would apply the next time you use the website.

Use of Matomo

The web analytics tool “Matomo” is used on this website. We operate and host this on our own server. We use this analytics tool to ensure the correct and optimized presentation of our website.

This analytics tool uses so-called cookies, or text files that are saved on the computer that allow us to evaluate how people use our website.
The information generated by the cookie about the website use is saved on our server.
The IP address is anonymized directly after processing and prior to being saved. As such, it is impossible to track it to you specifically.

For more information on the privacy settings available in Matomo software, please see:

You can prevent cookies from being installed by changing your browser settings. Or, you can prevent all types of user analysis on this website by setting a so-called block cookie or opt-out cookie – which will apply to future site visits provided it is not deleted.

External links

We use links to make reference to other websites and services rather than using plugins, some of which would result in the immediate transmission of data. We make every attempt to ensure that the linked pages comply with the necessary data protection and security standards. At the same time, please note that the operators of these linked pages are responsible for protecting your personal data. As such, such websites are outside of the scope of our own Data Protection Policy. The website operator will provide information about the type of data collection used in its own data protection policy.


We integrate external fonts from Typekit and Google APIs into our site.

Typekit is a service of the company Adobe. The integration of this web font is done by a server call at Adobe. Adobe saves the IP address of the user.You can find more information in the Typekit privacy policy, which you can download here :

We also use Google Fonts on our website. These are the “Google Fonts” of the company Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The files (CSS, fonts) are requested via the Google domains and According to Google, requests for fonts are completely separate from all other Google services

Through the external call, data such as the IP address is forwarded to Google. Further information can be found at

Questions for the data protection officer

If you have questions about data protection, please send us an e-mail or contact the person responsible for data protection in our organization:

nextwork GmbH, Marco Peters,