> > >  Jobs at netcup: Colleagues wanted! NETWORK ENGINEER (M/F/D) and TEAM LEAD DATA CENTER (M/F/D)  < < <

Data Privacy

Privacy policy

"Personal data" means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

"Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

"Controller" or "controller responsible" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by European Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

"Recipient" means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular enquiry in accordance with European Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

II. General information

When you use our websites, various personal data is collected. This privacy policy explains what data we collect and what we use and process it for.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

1. Reference to the responsible body

The controller responsible for data processing on our websites is

netcup GmbH
Daimlerstraße 25
76185 Karlsruhe
Telefon: +49 721 7540755-0
Telefax: +49 721 7540755-9
E-Mail: mail@netcup.de

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

2. Contact details of the data protection officer

ANEXIA Internetdienstleistungs GmbH
Feldkirchner Straße 140
9020 Klagenfurt
Austria

E-Mail: data-protection@anexia-it.com

You can also contact our data protection officer using the following form:


3. Information on processing operations

We point out the respective legal basis of individual processing operations. If we intend to transfer data to third countries outside the European Union (EU) or the European Economic Area (EEA), this will also be indicated.

4. Rights of data subjects

  • In accordance with Art. 15 GDPR, you can request information about your personal data processed by us; you can also request information about the processing purposes, the categories of personal data processed, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage period or the criteria for determining the storage period, the origin of your data, if it has not been collected from you, the existence of automated decision-making including profiling and,if applicable, meaningful information on its details such as logic, scope and effects, the existence of a right to rectification or erasure of personal data concerning you, the right to restriction of processing or to object to such processing, the existence of a right to data portability, the right to data portability, the right to object to such processing, the right to data portability and the right to data portability. the existence of automated decision-making, including profiling and, where applicable, meaningful information about its logic, scope and impact, the existence of the right to rectification or erasure of personal data concerning you, the right to restriction of processing or to object to such processing, the existence of the right to lodgea complaint with a supervisory authority and, finally, the right to obtain information as to whether personal data have been transferred to a third country or to an international organisation and, where that is the case, as to the appropriate safeguards relating to the transfer;
  • In accordance with Art. 16 GDPR, you can request the immediate correction of incorrect or the completion of your personal data stored by us;
  • In accordance with Art. 17 GDPR, you can request the deletion of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
  • In accordance with Art. 18 GDPR, you can request the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful but you refuse to delete it and we no longer need the data, you no longer need the data for the assertion, exercise or defence of legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR, but it has not yet been determined whether our legitimate reasons for processing the data outweigh your interests;
  • In accordance with Art. 20 GDPR, you may request the provision of your personal data that you have provided to us in a structured, commonly used and machine-readable format or the transfer to another controller;
  • In accordance with Art. 21 GDPR, you can object to the processing of your personal data if there are reasons for this arising from your particular situation or if the objection is directed against direct advertising and the legal basis for the processing of personal data is legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR;
  • In accordance with Art. 7 para. 3 GDPR, you can revoke your consent to us at any time. As a result, we may no longer continue the data processing that was based on this consent in the future;
  • In accordance with Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.

If you would like to assert the aforementioned data subject rights, you can contact us or our data protection officer at any time using the contact details given above.

5. Erasure and restriction of personal data

Unless otherwise stipulated in this privacy policy for individual cases, personal data that is no longer required for the purposes for which it was collected or otherwise processed and for which there are no longer any statutory retention obligations will be deleted.

We delete the personal data processed by us under the conditions of Art. 17 GDPR upon request. Personal data that is required for other and legally permissible purposes will not be deleted. This applies, for example, to personal data that is required to pursue any claims to which we are entitled and that must be retained by us for commercial or tax law reasons. Documents pursuant to Section 257 (1) Nos. 2 and 3 HGB and Section 147 (1) Nos. 2, 3, 5 AO are stored for 6 years, documents pursuant to Section 257 (1) Nos. 1 and 4 HGB and Section 147 (1) Nos. 1, 4, 4a AO for 10 years.

The processing of this data is restricted in accordance with Art. 18 GDPR and the data is not processed for other purposes.

6. SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

7. Cookies

We use cookies as part of our website. Cookies are small text files that your browser automatically creates and stores on your end device (laptop, tablet, smartphone, PC, etc.) when you visit our website. Cookies do not cause any damage to your end device and do not contain any viruses or other malware. Information is stored in a cookie that results in each case in connection with the specific end device used. However, this does not mean that we obtain direct knowledge of your identity. Cookies are used to enable the use of our website and to make our website more user-friendly, effective and secure.

Most browsers accept cookies automatically. However, if you do not want this, you can configure your browser so that no cookies are stored on your end device or a message always appears before a new cookie is created. You can object to the use of cookies for online marketing purposes for a variety of services, e.g. at http://www.youronlinechoices.com/ or via the deactivation page of the network advertising initiative http://optout.networkadvertising.org. If you deactivate cookies, you may not be able to use all the functions of our website.

For each individual cookie, the name of the cookie, the purpose that the cookie is intended to fulfil, any third-party access to the cookie and the duration of its function and the period after which a cookie is deleted are specified. Session cookies are deleted after the end of your use of our website or after the end of the browser session.

If third parties, for example service providers who process data on our behalf, can access a cookie, please refer to the relevant section of this privacy policy.

a) Required cookies

Some of the cookies that we use on our website are absolutely necessary. This means that you will not be able to use our website without these cookies on your device. Such cookies provide certain functionalities that we need in order to operate our website, in particular in order to be able to provide a service expressly requested by you as a user of our website.

Name of the cookie Purpose Function life Access by third parties
PHPSESSID This cookie retains the status of the session across page requests. 1 session No personal data is stored.
cookiesession1 This cookie retains the status of the session across page requests. 1 year No personal data is stored.
js-cookie-opt-in__consent This cookie preserves the status of cookie consents across page requests. 712 days No personal data is stored.
i18n_redirected This cookie preserves the status of the browser language / selected language across page requests 1 year No personal data is stored.

This data processed by cookies is required for the purposes mentioned in order to safeguard our legitimate interests and those of third parties in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

b) Marketing cookies

WEB ANALYSIS BY GOOGLE ANALYTICS (ANALYSIS COOKIES)

GOOGLE ANALYTICS SECTION

We use Google Analytics from Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on this website to statistically analyse visitor data. Google Analytics uses targeted cookies for this purpose. Further information on terms of use and data protection in this context can be found at http://www.google.com/analytics/terms/de.html or at https://support.google.com/analytics/answer/6004245?hl=de.

Pseudonymisation

Our concern in terms of the GDPR is the improvement of our offer and our website. As the privacy of our users is important to us, the user data is pseudonymised. Data processing is carried out on the basis of the legal provisions of § 96 para. 3 TKG and Art. 6 EU GDPR para. 1 lit a (consent) and/or f (legitimate interest) of the GDPR.

Deactivation of data collection by Google Analytics

Using the browser add-on to deactivate Google Analytics JavaScript (ga.js, analytics.js, dc.js), website visitors can prevent Google Analytics from using their data. You can prevent Google from collecting the data generated by the cookie and relating to your use of the website and from processing this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de

Google Analytics IP anonymisation

We have implemented IP address anonymisation from Google Analytics on this website. This function was developed by Google so that this website can comply with the applicable data protection regulations and recommendations of the local data protection authorities if they prohibit the storage of the full IP address. The anonymisation or masking of the IP takes place as soon as the IP addresses arrive in the Google Analytics data collection network and before any storage or processing of the data takes place.

You can find more information on IP anonymisation at https://support.google.com/analytics/answer/2763052?hl=de.

Google Analytics reports on demographic characteristics and interests

We have activated the functions for advertising reports in Google Analytics. The reports on demographic characteristics and interests contain information on age, gender and interests. This allows us to get a better picture of our users without being able to assign this data to individual persons. You can find out more about the advertising functions at https://support.google.com/analytics/answer/3450482?hl=de_AT&utm_id=ad.

You can stop the use of the activities and information of your Google account under "Settings for advertising" at https://adssettings.google.com/authenticated by ticking the checkbox.

Google Analytics deactivation link

If you click on the following deactivation link, you can prevent Google from recording further visits to this website. Please note: Deleting cookies, using the incognito/private mode of your browser or using a different browser will result in data being collected again.

Name of the cookie Purpose Function life Domain
HSID To prevent fraud. 2 years google.at
SIDCC Identification of trustworthy Internet traffic. 1 years google.com
SEARCH_SAMESITE To display customised ads on Google websites based on recent searches and previous interactions. 1 year google.com
SID To display customised ads on Google websites based on recent searches and previous interactions. 2 years google.com
SID To display customised ads on Google websites based on recent searches and previous interactions. 2 years google.at
APISID This cookie stores the user's preferences and other information.
This includes, in particular, the preferred language, the number of search results to be
displayed on the page and the decision whether or not to activate Google's SafeSearch filter.
2 years google.at
DV This cookie stores the user's preferences and other information.
This includes, in particular, the preferred language, the number of search results to be
displayed on the page and the decision whether or not to activate Google's SafeSearch filter.
7 minutes google.at
__Secure-1PAPISID Used for targeting purposes to create a profile of the website visitor's
interests so that relevant and personalised Google advertising can be displayed.
2 years google.at
__Secure-1PAPISID Used for targeting purposes to create a profile of the website visitor's
interests so that relevant and personalised Google advertising can be displayed.
2 years google.com
__Secure-1PSID Used for targeting purposes to create a profile of the website visitor's
interests so that relevant and personalised Google advertising can be displayed.
2 years google.at
__Secure-1PSID Used for targeting purposes to create a profile of the website visitor's
interests so that relevant and personalised Google advertising can be displayed.
2 years google.com
__Secure-3PSIDCC Used for targeting purposes to create a profile of the website visitor's
interests so that relevant and personalised Google advertising can be displayed.
2 years google.com
NID This cookie stores the user's preferences and other information.
This includes, in particular, the preferred language, the number of search results to be
displayed on the page and the decision whether or not to activate Google's SafeSearch filter.
182 days google.com
__Secure-3PAPISID Creates a profile of website visitors' interests in order to display relevant
and personalised advertising through retargeting.
2 years google.com
__Secure-3PSID Creates a profile of website visitors' interests in order to display relevant
and personalised advertising through retargeting.
2 years google.com
SAPISID This cookie stores the user's preferences and other information.
This includes, in particular, the preferred language, the number of search results
to be displayed on the page and the decision whether or not to activate Google's SafeSearch filter.
2 years google.com
SAPISID This cookie stores the user's preferences and other information.
This includes, in particular, the preferred language, the number of search results
to be displayed on the page and the decision whether or not to activate Google's SafeSearch filter.
2 years google.at
SSID This cookie stores the user's preferences and other information.
This includes, in particular, the preferred language, the number of search results
to be displayed on the page and the decision whether or not to activate Google's SafeSearch filter.
2 years google.com
SSID This cookie stores the user's preferences and other information.
This includes, in particular, the preferred language, the number of search results
to be displayed on the page and the decision whether or not to activate Google's SafeSearch filter.
2 years google.at
IDE AdWords Remarketing 2 years doubleclick.net
_ga This cookie stores and counts page views. 2 years Google Analytics
_ga_* This cookie stores and counts page views. 1 year Google Analytics

Retargeting

Third-party services are integrated on our website. When you visit our website, data may be collected using cookies or similar technologies and transmitted to third parties who provide their services on their own responsibility. netcup uses this data to display customised product and service offers to you outside of our website. In addition, the data can be read and evaluated by the third-party providers in order to display personalised content to you. The responsibility for the use of your data beyond our processing lies with the third-party providers. To what extent, for what purposes and on what legal basis further processing for the third-party provider's own purposes takes place can be found in the third-party provider's data protection information.

Facebook, Instagram

Name of the service: Meta Retargeting
Provider with country: Facebook Provider with country: Meta Platforms Ireland Ltd. 4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland
Purpose description/ mode of operation: The Facebook or Meta pixel records website visitors and makes it possible to reach precisely these visitors again with retargeting ads at a later point in time on Facebook, Instagram or Audience Network.
Individual forms of standard tracking: how often users have clicked on a certain link, accessed a certain landing page or filled out and sent a certain form.
There are risks in accordance with Art. 44 GDPR due to the transfer of data to the USA. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Meta or Facebook or Meta.
Further information can be found in the privacy policy of Facebook or Meta (https://www.facebook.com/privacy/policy/?entry\_point=data\_policy\_redirect&entry=0).
If data collection is not desired, it can be deactivated here: https://www.facebook.com/adpreferences/ad_settings/?entry_product=account_settings_menu.

Name of the cookie Purpose Functional life Domain
_fbp Contains a randomly generated user ID and the time of your first visit.
Facebook can use this ID to recognise returning users on this website
and merge the data from previous visits.
90 days facebook.com
c_user Saves the user ID 30 days facebook.com
datr For fraud prevention. 2 years facebook.com
presence Saves the chat status. 30 days facebook.com
sb Saves the browser details. 2 years facebook.com
xs Saves the session ID. 90 days facebook.com
wd Saves the screen resolution. 1 week facebook.com

Twitter

Name of the service: Twitter Retargeting
Provider with country information: Twitter, Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103 USA
Description of purpose/ mode of operation: The Twitter pixel records website visitors and makes it possible to reach precisely these visitors again with retargeting ads at a later point in time on Twitter.
Individual forms of standard tracking: how often users have clicked on a certain link, called up a certain landing page or filled out and sent a certain form.
here are risks in accordance with Art. 44 GDPRdue to the transfer of data to the USA. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter.
Further information on this can be found in Twitter's privacy policy (https://twitter.com/de/privacy).
If data collection is not desired, it can be deactivated here: https://help.twitter.com/de/safety-and-security/privacy-controls-for-tailored-ads.

Name of the cookie Purpose Functional life Domain
twtr_pixel_opt_in Twitter uses these cookies in conjunction with
social plug-ins to allow users to easily follow Twitter accounts,
share content and view recent tweets.
13 months twitter.com
personalisation_id This cookie tracks activity on and off
Twitter for a personalised experience
13 months twitter.com
guest_id_marketing This cookie is for advertising when you are logged out 13 months twitter.com
twid This cookie is for authentication 1 year twitter.com
ct0 This cookie is for authentication 13 months twitter.com
ctd This cookie is for the authentication of a known device 13 months twitter.com
d_prefs This cookie is for your cookie preferences 6 months twitter.com
guest_id This cookie is for authentication 13 months twitter.com
guest_id_ads This cookie is for advertising when you are logged out 13 months twitter.com
auth_token This cookie is used for logging into the account and authentication. 13 months twitter.com

YouTube

Name of the service: YouTube Retargeting
Provider with country: YouTube, LLC 901 Cherry Ave. San Bruno, CA 94066 USA
Description of purpose/ mode of operation: The YouTube remarketing tag records website visitors and makes it possible to reach precisely these visitors again with retargeting ads at a later point in time on YouTube.
Individual forms of standard tracking: how often users have clicked on a certain link, called up a certain landing page or filled out and sent a certain form.
There are risks in accordance with Art. 44 GDPR due to the transfer of data to the USA. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by YouTube.
Further information on this can be found in YouTube's privacy policy (https://www.youtube.com/intl/ALL_de/howyoutubeworks/user-settings/privacy/).
If data collection is not desired, it can be deactivated here: https://www.youtube.com/intl/ALL_de/howyoutubeworks/user-settings/ad-settings/.

Google Ads

Name of the service: Google Remarketing
Provider with country: Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
Description of purpose/ mode of operation: The Google Remarketing Tag records website visitors and makes it possible to reach precisely these visitors again with retargeting ads at a later point in time on Google.
Individual forms of standard tracking: how often users have clicked on a certain link, called up a certain landing page or filled out and sent a certain form.
There are risks in accordance with Art. 44 GDPR due to the transfer of data to the USA. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Google.
Further information on this can be found in Google's privacy policy (https://policies.google.com/privacy?hl=de&gl=de).
If data collection is not desired, it can be deactivated here: https://myadcenter.google.com/?hl=de.

Name of the cookie Purpose Functional life Domain
_gcl_au Contains a randomly generated user ID. 90 days google.com
_gcl_aw This cookie is set when a user accesses the website by clicking on a Google advert.
It contains information about which advert was clicked so that successes achieved,
such as orders or contact enquiries, can be assigned to the advert.
90 days google.com
_gcl_dc This cookie is set when a user accesses the website by clicking on a Google advert.
It contains information about which advert was clicked so that successes achieved,
such as orders or contact enquiries, can be assigned to the advert.
90 days google.com

LinkedIn

Service Name: LinkedIn Retargeting
Provider with country: LinkedIn Corporation -Building 1000(LSNS) 1000 W Maude Ave, Sunnyvale, CA 94085
Description of purpose/ mode of operation: The LinkedIn Insight tag records website visitors and makes it possible to reach precisely these visitors again with retargeting ads at a later point in time on LinkedIn.
Individual forms of standard tracking: how often users have clicked on a certain link, accessed a certain landing page or filled out and submitted a certain form.
There are risks in accordance with Art. 44 GDPR due to the transfer of data to the USA. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by LinkedIn.
Further information on this can be found in LinkedIn's privacy policy (https://www.linkedin.com/legal/privacy-policy?src=li-other&veh=www.linkedin.com%7Cli-other).
If data collection is not desired, it can be deactivated here: https://www.linkedin.com/mypreferences/d/categories/ads

Name of the cookie Purpose Functional life Domain
bcookie Tracking cookie used by LinkedIn,
which is used by us for targeted advertising.
2 years linkedin.com
bscookie Tracking cookie used by LinkedIn,
which is used by us for targeted advertising.
2 years linkedin.com
long Tracking cookie used by LinkedIn,
which is used by us for targeted advertising.
Session linkedin.com
lidc Tracking cookie used by LinkedIn,
which is used by us for targeted advertising.
1 day linkedin.com
UserMatchHistory Tracking cookie used by LinkedIn,
which is used by us for targeted advertising.
31 days linkedin.com

Mautic

Name of the service: Mautic
Supplier with country: ANEXIA Deutschland GmbH, Daimlerstraße 25, 76185 Karlsruhe, Germany
Purpose description/ mode of operation: The Mautic tag records website visitors and makes it possible to reach precisely these visitors again with retargeting ads at a later date with newsletters.
Individual forms of standard tracking: how often users have clicked on a certain link, called up a certain landing page or filled out and sent a certain form.
Further information on this can be found in the privacy policy of Mautic https://www.mautic.org/privacy-policy

Name of the cookie Purpose Functional life Domain
mautic_device_id Used by Mautic to track the contact either through the tracking pixel or
if the same key is not found in the browser's local storage for the monitored site.
1 year mautic.org
mtc_id Saves the Mautic ID of the tracked contact.
It was used for tracking before Mautic 2.13, but is no longer used and stored for BC reads.
session mautic.org
mautic_referer_id Stores a reference to the contact's last tracked page and
is used by Mautic to determine when a contact exists on a page they visited.
session mautic.org

Microsoft Bing

Name of the service: Microsoft Corporation
Provider with country: Microsoft Corporation -One Microsoft Way, Redmond, WA 98052-6399, USA
Purpose description/ mode of operation: The Microsoft Bing tag records website visitors and makes it possible to reach precisely these visitors again with retargeting ads at a later point in time.
Individual forms of standard tracking: how often users have clicked on a certain link, called up a certain landing page or filled out and sent a certain form.
There are risks in accordance with Art. 44 GDPR due to the transfer of data to the USA. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Microsoft Bing.
Further information on this can be found in the privacy policy of Microsoft Bing https://privacy.microsoft.com/de-de/privacystatement
If data collection is not desired, it can be deactivated here: https://optout.networkadvertising.org/?c=1#!%2F

Name of the cookie Purpose Functional life Domain
MUID Often used by Microsoft as a unique user ID.
This bing.com cookie enables tracking by synchronising the ID across many Microsoft domains.
1 year bing.com
SRCHD This cookie is an analytics service that links data from the Bing advertising network with actions performed on the website. 2 years bing.com
SRCHUID This cookie is an analytics service that links data from the Bing advertising network with actions performed on the website. 2 years bing.com
SRCHHPGUSR This cookie is an analytics service that links data from the Bing advertising network with actions performed on the website. 2 years bing.com
SRCHUSR This cookie is an analytics service that links data from the Bing advertising network with actions performed on the website. 2 years bing.com

8. Use of session storage as part of internal search functions

For the purpose of providing the search function, so-called "session storage technology" (also known as "session storage") is used on our websites. The search terms you enter are stored locally in your browser and read out from there.

With regard to the functionality of the search function, this is technically absolutely necessary in order to be able to display the search results list again after a search result has been called up when the "Back to search" button is pressed. The search terms are automatically removed from your browser immediately after closing the browser ("session"), unless you delete them manually beforehand.

When you enter search terms in the search field, netcup GmbH expressly does not request any personal data from you and we would like to point out that, for data protection reasons, you should avoid entering personal data in the search field.

III. Server log files

When you access our website or the individual pages, the browser on your device automatically sends information to the server of our website. The following information is stored in log files:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which the access is made (referrer URL)
  • The browser used and, if applicable, the operating system of your computer
  • Status codes and transferred data volume

This data is processed for the following purposes:

  • Provision of the website including all functions and content
  • Ensuring a smooth connection to the websites
  • To ensure a comfortable use of websites
  • Ensuring system security and stability
  • Anonymised statistical evaluation of access
  • Optimisation of the website
  • Disclosure to law enforcement authorities if an unlawful intrusion/attack on our systems has taken place
  • Other administrative purposes

This data will be deleted after fourteen days if it is no longer required for other purposes (e.g. defence or assertion of claims).

The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes described above.

IV. Contract data

In connection with and for the purpose of fulfilling pre-contractual measures and contractual obligations for our offer, which are carried out at your request, we process the data necessary for the fulfilment of the contract. This includes

  • Name, address, e-mail address, and telephone number, different billing e-mail address if applicable, company if applicable
  • Customer number
  • Contract data, e.g., subject matter of the contract (services booked), term, customer category
  • Payment data, e.g., bank details, credit card details, payment history

Optionally, the following data can also be processed:

  • Further contact details, for example a fax number
  • For more secure access, a second factor for logging into our user interface

The legal basis for data processing is Art. 6 para. 1 lit. b GDPR. Your data will be used for the purposes of our offer and to contact you for information relevant to the offer and registration. We create a customer account for you for this purpose. Due to the nature of our services, you need the customer account so that you can view, monitor and configure the services you have ordered from us. You can view and change your data via your personal user account. Your data will be stored until you cancel your contracts with us and delete the customer account or instruct us to delete your data. If we have to store your personal data due to legal obligations, in particular under tax and commercial law, the processing of your personal data will be restricted accordingly until the retention periods expire. This data will then be deleted.

If you conclude a contract with us by placing an order or use the user account in any other way, for example to configure your contractual services, we store the IP address and the time of the respective usage action. The storage takes place on the basis of our and your legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR for the provision of our offer and pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR for protection against misuse and other unauthorised use. The user account and the data stored in this context are also used in particular to make it easier for you to place further orders with us and to access your order history. This data will not be passed on to third parties unless it is necessary for the fulfilment of contractual obligations pursuant to Art. 6 para. 1 lit. b GDPR or to safeguard our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, for example to pursue any claims to which we are entitled or to defend ourselves against claims directed against us, or unless there is a legal obligation to do so pursuant to Art. 6 para. 1 lit. c GDPR.

The data will only be passed on to third parties for the fulfilment of contractual obligations in accordance with Art. 6 para. 1 lit. b GDPR insofar as this is necessary for the fulfilment of pre-contractual measures and contractual obligations, e.g. to banks, payment service providers, credit card companies for the processing of payments, to shipping service providers for the dispatch of goods and, when registering domains via us, to registrars of top-level domains.

V. netcup customer forum

When you create a user account for the netcup customer forum, you must agree to the terms of use for the netcup customer forum. In doing so, you conclude a licence agreement with us. You can view the terms of use for the netcup customer forum at https://forum.netcup.de/system/disclaimer/

In connection with and for the purpose of fulfilling pre-contractual measures and contractual obligations for your membership of the netcup customer forum, which are carried out at your request, we process the data required for the fulfilment of the user contract concluded with you. This includes your name, your e-mail address and a user name selected by you to create your user account.
Once you have created your user account, you can voluntarily save additional data in your user account (e.g. an avatar, photos or your address) and exchange messages with other users. Depending on your activities for the netcup customer forum, further details can be added to your user account (for example, likes received from other users and awards for special achievements).
If you use your user account for activities in the netcup customer forum, for example to create posts, we store this data in order to make the netcup customer forum available to users and the public. You can find more information on this in the terms of use for the netcup customer forum at https://forum.netcup.de/system/disclaimer/

The legal basis for the processing of this data is Article 6 (1)(b) GDPR. The personal data collected is processed by us in order to provide the netcup customer forum and to contact you for information relevant to offers and registration. You can view yourpersonal data and make changes to this data via a personal user account.

Your data will not be passed on to third parties beyond the use and publication in the netcup customer forum, unless it is necessary for the fulfilment of contractual obligations pursuant to Art. 6 para. 1 lit. b GDPR or for the pursuit of any claims to which we are entitled or defence against claims asserted against us or there is a legal obligation to do so pursuant to Art. 6 para. 1 lit. c GDPR. Your data will be stored until you delete your user account or instruct us to delete your data. If we are obliged to store your personal data due to statutory retention periods, in particular under tax and commercial law, the processing of your personal data will be restricted accordingly until the retention periods expire and then this data will be deleted.

If you contribute content to the netcup customer forum, you grant us the right to use this content. We will therefore continue to store and process the relevant content in order to make the netcup customer forum available to users and the public after youruser account has been deleted. However, we will anonymise your user name if you have deleted your user account for the netcup customer forum. You can find more information on this in the terms of use for the netcup customer forum at https://forum.netcup.de/system/disclaimer/

If you create a user account for the netcup customer forum on our website or use the user account for the netcup customer forum, we store the IP address and the time of the respective usage action. The storage takes place on the basis of our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR for the provision of our offer. Storage is also in your interest in order to protect you from misuse and other unauthorised use. The IP addresses are anonymised or deleted after 7 days at the latest.

The data will only be passed on to third parties to the extent that this is necessary to fulfil pre-contractual measures and contractual obligations, to provide the netcup customer forum, if we are legally obliged to pass on the data (e.g. by official order) and to assert, exercise or defend against claims.

Captcha questions are used to ensure that the customer forum is not overrun with spam bots. Captcha questions are an internal service of our forum software and are currently requested during registration and for the "Forgot password" and "Send e-mail to user" functions. The search function is currently used without a Captcha query, as this can only be accessed when a user is already logged in.

VI. Friendlycaptcha

This website uses Friendlycaptcha. Friendlycaptcha is used to ensure that the forms provided are used by a natural person and not misused by machine or automated processes.

Friendlycaptcha records your IP address and sends a cryptogaphic task to the device you use to access our website. This cryptogaphic task is solved by your end device without any input from you. If the task is solved correctly, Friendlycaptcha confirms to the server on which our website is operated that a human and not a machine is visiting our website.

When a form that uses Friendlycaptcha is called up on our website, the following data is processed and stored by Friendlycaptcha:

  • IP address of the requesting computer in anonymised form
  • The browser used and, if applicable, the operating system of your end device
  • The website from which Friendlycaptcha is accessed
  • The cryptographic task that contains information about our use
  • The Friendlycapthca software version we use
  • Date and time of access
  • Website from which access is made (referrer URL)

Friendlycaptcha stores an anonymised counter for each IP address in order to control the complexity of the cryptographic tasks and to prevent authorised users from being blocked. This data is recorded separately from the other data and cannot be assigned to specific websites. For this purpose, the IP addresses are anonymised with a hash value so that users can no longer be identified.

Friendlycaptcha is offered by Friendly Captcha GmbH, Am Anger 3-5, 82237 Woerthsee, which operates on our behalf. Personal data is processed by this service provider on our behalf. We use this service in our legitimate interest in the security of our website and the detection of bot activity in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

VII. Communication and advertising

1. Contact form ("Make an enquiry") / Other forms of contact

If you use the contact form, you must provide your name and e-mail address as well as the category of your enquiry so that we can contact you personally. If you use other means of communication to send us an enquiry, we also need your name and contact details where we can reach you (e.g. e-mail address, address, telephone number or fax number). If you do not provide this data, we will not be able to process your enquiry or contact you. In addition, you can voluntarily provide your telephone number and other data.

When you contact us, we process your personal data to process your request on the basis of Art. 6 para. 1 sentence 1 lit. b GDPR, provided that your request is necessary for the fulfilment of a contract or for the implementation of pre-contractual measureswith you personally. In all other cases, the processing is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR and/or in our legitimate interest in the effective processing of enquiries addressed to us in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

All personal data collected in connection with contacting us will be deleted once your enquiry has been dealt with, unless it is necessary to continue storing the data for other reasons (e.g. subsequent conclusion of a contract or defence against claims asserted against us).

2. rate.netcup.de

a) Categories of personal data processed, sources of personal data, purposes and legal bases of processing

aa) Contacting by e-mail

(1) Categories of personal data processed and sources of personal data

Data categories Sources
Name and e-mail address Collected from yourself.
Ticket ID of the ticket under which your request or enquiry was processed.
(The ticket ID enables an assignment to your person).
Generated by the ticket system.

(2) Purposes and legal basis of processing

Insofar as contacting us by e-mail serves to process your request, see section VII. 1. of this privacy policy.

In addition, we also contact you by e-mail to ask you for your feedback regarding our customer service and, in the event that we are unable to find a suitable solution to your request, to give you the opportunity to comment on your feedback so that we can identify potential for improvement in terms of the quality of our customer service on the basis of this information and statistical analyses.

The legal basis in this respect is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the collection of data to determine and improve service quality.

bb) Feedback

(1) Categories of personal data processed and sources of personal data

Data categories Sources
Ticket IDs of the ticket under which your request or enquiry was processed and
of a ticket that is created for the feedback you submitted.
(The ticket IDs enable an assignment to your person.)
Generated by the ticket system.
Feedback (GREAT/OK/BAD) Collected from yourself.
Comment on the feedback Collected from yourself.
Time of sending the feedback (including any comments) Automatic storage.
If necessary, mark the feedback as SPAM Carried out manually.

(2) Purpose and legal basis of processing

The data categories mentioned under (1) are processed or stored together and can be assigned to you personally via the ticket ID.

The purpose is to determine the potential for improvement with regard to the quality of our customer service on the basis of this data and the statistical analyses created on this basis.

The legal basis is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

Your consent is always voluntary and you can revoke it at any time, e.g. by sending an informal message to the data protection officer (for contact details, see section II. 2. above).

b) Recipients or categories of recipients of the personal data

  • ANEXIA Internetdienstleistungs GmbH, Feldkirchner Straße 140, 9020 Klagenfurt, Austria
  • ANX Holding GmbH, Feldkirchner Straße 140, 9020 Klagenfurt, Austria
  • ANEXIA Deutschland GmbH, Daimlerstraße 25, 76185 Karlsruhe, Germany

c) Third country transfer

There is no transfer to third countries and no such transfer is planned.

d) Automated decision-making

netcup GmbH does not use automated decision-making within the meaning of Art. 22 GDPR in connection with rate.netcup.de.

3. Postal advertising

If you are a customer of ours and we have received your data in connection with the sale of a product or the use of a service, we may use your data (first and last name, address and, if you work for a company, your company affiliation) for direct mail advertising for goods or services offered by us or by third parties. In addition to this data, we may also store other data that we have lawfully collected about you for the aforementioned advertising purposes. This may include, for example, your order history or the type of goods you have purchased from us.

The purpose of this data processing is to target you as precisely as possible with advertising that matches your interests and to avoid advertising that does not appeal to you. The legal basis for the processing is our legitimate interest in direct marketing in accordance with Art. 6 para. 1 lit. f GDPR. Your data will be processed and stored for this purpose until you object to further use for postal advertising.

Postal advertising requires a certain lead time before dispatch in order to print the items and make them ready for dispatch. If you object to postal advertising, you may exceptionally still receive advertising from us by post. This may happen if the production process for the relevant mailing had already started when you objected. This does not mean that we will not take your objection into account.

4. Newsletter

If you would like to receive our newsletter, we need your e-mail address. You can provide your name voluntarily. Data processing for the purpose of sending the newsletter is carried out in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of the consent you have voluntarily given by means of the so-called double opt-in procedure. The email address will be used for this purpose and stored until you withdraw your consent or unsubscribe from the newsletter. You cannot subscribe to our newsletter without this consent. You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you can also send your cancellation/unsubscribe request at any time to the email address stated under Section II.

We send our newsletters with a so-called tracking pixel. A tracking pixel is a miniature graphic that is embedded in the HTML format of the newsletter sent to enable an analysis of reader behaviour. In this context, we store whether and at what time a newsletter was opened by you and which of the links contained in the newsletter were called up by you. We use this data to create statistical evaluations of the success or failure of a marketing campaign in order to optimise the newsletter mailing and better tailor the content of future newsletters to your interests. The data collected will not be passed on to third parties and will be deleted after the statistical analysis.

5. Direct e-mail advertising to customers

If you are a customer of ours, we may use your e-mail address for direct advertising for our own similar goods or services. This only applies if you have not objected and we clearly inform you of the possibility of objection when collecting the e-mail address and each time it is used. You can object to the use of your e-mail address without incurring any costs other than the transmission costs according to the basic rates. For direct advertising by e-mail, we process your e-mail address, your name, if you have used our offers as an employee of a company, your company affiliation, the data we have collected about your use of our offers and the type of goods or services you have purchased from us in order to be able to customise our offers to you. The legal basis for processing is Section 7 (3) UWG and our legitimate interest in direct marketing in accordance with Art. 6 (1) (f) GDPR.

Your data will be processed and stored for this purpose until you object to further use for direct e-mail advertising or unsubscribe from receiving direct e-mail advertising. You can unsubscribe at any time, for example via a link at the end of each e-mail. Alternatively, you can also send your objection or unsubscribe request at any time to mail@netcup.de.

VIII. Applications

If you apply to us via our application form or other means of communication, you must provide your name and contact details and send us your application documents so that we can review your application and contact you. The application process is managed and administered on our behalf by Anexia Internetdienstleistungen GmbH, Feldkirchner Straße 140, 9020 Klagenfurt, Austria. In the application process, your data will be processed in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your voluntary consent. The purpose of the processing is to participate in an application procedure advertised by us or, in the case of an unsolicited application, to check whether we can offer you a position. Without this consent, you will not be able to participate in the application process.

We use a personnel administration system that is hosted and managed for us by Anexia Internetdienstleistungen GmbH and with which our application processes are handled. Personal data is processed by Anexia Internetdienstleistungen GmbH on our behalf. The legal basis for data processing is our legitimate interest in the efficient management and control of our application processes in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

Typically, the following data is processed in our application process:

  • Your cover letter for the application;
  • Your personal data:
    • Name, address, e-mail address, telephone number, mobile number, date of birth;
  • The position you are applying for or whether it is an unsolicited application;
  • Your CV:
    • Current job, previous jobs, employer, professional training, professional experience in years, previous further training, special skills, hobbies
  • Documents such as certificates from educational institutions and/or previous jobs, certificates of completed further training courses

All personal data collected in connection with the application process will also remain stored on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f GDPR so that we can defend ourselves against claims asserted against us. If you withdraw your application of your own accord, we will delete your application documents. Your name and contact details as well as the dates on which you applied and/or withdrew from the application process and the corresponding correspondence will remain stored.

If this data is no longer required for other purposes (e.g. subsequent recruitment or legal disputes), the data will be automatically deleted six months after the end of the application process.

IX. Payment processing

If you do not agree to the processing of your data and do not wish to use either of the following payment options, you can also pay for our services in advance by bank transfer. In this case, we will only provide you with our bank details, the invoice amount and the purpose of the transfer.

1. PayPal

This website uses PayPal as a payment service provider. The provider is PayPal (Europe) S.Ã r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). PayPal acts as an online payment service provider and trustee and offers buyerand seller protection services. When paying via PayPal, credit card via PayPal, direct debit via PayPal or -if offered -purchase on account via PayPal, your name, e-mail address, purchased products, invoice amount, invoice and delivery address will be passed on to PayPal as part of the payment process. When using the payment methods credit card via PayPal, direct debit via PayPal or -if offered -purchase on account via PayPal, PayPal may carry out a credit check to check your creditworthiness and minimise payment defaults in order to decide whether to approve the payment transaction. Probability values are used in the credit check (so-called score values), the calculation of which includes address data. The calculation of these scoring values is based on a scientifically recognised mathematical-statistical procedure. In the event of insufficient creditworthiness, PayPal may reject the selected payment method. After a successful payment transaction, PayPal informs us that your payment has been made.

Beyond payment processing, we have no influence on how PayPal processes your data already stored with PayPal and the data transmitted by us. Your data is processed by PayPal on the basis of PayPal's privacy policy, which you agreed to when you opened your PayPal account.

If you do not agree to the transfer of data, or if you believe that your creditworthiness is not suitable for the selected payment method, please use another payment method. Further information on how PayPal handles your personal data can be found in the relevant privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE.

Your data is transmitted to PayPal on the basis of Art. 6 para. 1 lit. a GDPR (consent) and on the basis of Art. 6 para. 1 lit. b GDPR (processing for the fulfilment of a contract), insofar as you use PayPal for a payment in your own name and on your account.

2. SEPA direct debit

We offer the SEPA direct debit procedure as a payment option. When paying by direct debit, your name, the invoice amount, the purpose of the payment and your account details are transmitted to our payment service provider or our house bank in order to process the payment. The legal basis for processing is Art. 6 para. 1 lit. b GDPR.

We offer the SEPA Direct Debit Scheme as a payment option. When paying by direct debit, the account holder issues a SEPA direct debit mandate for us to approve the payment transaction (authorisation). The following data is stored and processed:

  • Name and address of the account holder
  • Invoice amount and intended use
  • Creditor identification number (CI)
  • Mandate reference
  • Name of the payer
  • Bank of the payer
  • IBAN
  • One-off or recurring payment

Your data will be transmitted to our payment service provider or our house bank as part of payment processing in order to execute the direct debit. Your data will be processed for the direct debit procedure on the basis of Art. 6 para. 1 lit. a GDPR (consent) and on the basis of Art. 6 para. 1 lit. b GDPR (processing to fulfil a contract), insofar as you use the direct debit procedure for a payment in your own name and on your account.

If you do not agree to the transfer of data or if you are of the opinion that your creditworthiness is not suitable for the selected payment method, please use a different payment method.

3. Stripe

This website uses Stripe as a payment service provider. The provider is Stripe Payments Europe, Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter referred to as "Stripe"). Stripe assumes the function of an online payment initiation service provider. When paying via Stripe, your customer number and e-mail address are passed on to Stripe. After a successful payment transaction, Stripe informs us that your payment has been made.

If you do not agree to the transfer of data, or if you believe that your creditworthiness is not suitable for the selected payment method, please use another payment method. Further information on how Stripe handles your personal data can be found in the relevant privacy policy: https://stripe.com/de/privacy

Your data is transmitted to Stripe on the basis of Art. 6 para. 1 lit. a GDPR (consent) and on the basis of Art. 6 para. 1 lit. b GDPR (processing for the fulfilment of a contract), insofar as you use Stripe for a payment in your own name and on your account.

X. Video identification procedure

With this supplementary privacy information, we inform you which personal data we collect, process, and use when you use the video identification procedure.

1. What data is processed?

a. Identification data:
  • First name and surname
  • Address
  • City
  • Zip code
  • Country
b. Contact details:
  • E-mail address
c. Identification data:
  • Photos/screenshots of the pages of your identification document
  • Identification data (e.g. type and number of your identification document, issuing authority of your identification document and its location, date of issue and expiry of your identification document, your nationality)
  • an identification number generated by Stripe (Stripe ID)

2. For what purposes will your data be processed and how long will your data be stored?

The identification data collected as part of the video identification procedure is processed exclusively to identify you in accordance with the applicable legal requirements. The processing serves to prevent unlawful activities (such as fraud or identity theft).

Your data will be stored for as long as is necessary for the respective purpose for which your data was collected. This means that data is regularly stored for the duration of the business relationship.

Regardless of the purpose for which your data was collected, your data will be stored to the extent necessary to fulfill the retention and documentation obligations.

The personal data transmitted by Stripe to netcup will be automatically redacted after the identity check has been completed. Subsequently, we only store the note that the identity check has been carried out.

3. On what legal basis is your data processed?

The legal basis for the processing of identification, legitimation and contact data is the initiation and execution of the contract within the meaning of Art. 6 para. 1 lit. b GDPR as well as legitimate interests within the meaning of Art. 6 para. 1 lit. f GDPR and your consent within the meaning of Art. 6 para. 1 lit. a GDPR.

4. Who receives your data?

We use Stripe Payments Europe, Limited, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland (hereinafter "Stripe") as a processor to carry out the video identification procedure.

The data protection information of the processor can be found at the following link: https://stripe.com/at/privacy

Stripe receives the above-mentioned data to provide the video identification procedure. Stripe uses sub-processors to provide the service. These are located in third countries, among others, which do not have an adequate level of data protection within the meaning of Art. 44 et seq. GDPR. Information regarding the legal transfer instruments pursuant to Art. 44 et seq. GDPR can be found at https://stripe.com/privacy

A corresponding list of Stripe's sub-processors can be found at https://stripe.com/at/legal/service-providers

In addition, we only pass on your data to external recipients if this is necessary for the processing or handling of your request or for the execution of the contract or if there is another legal permission (e.g. an overriding legitimate interest) or if we have your effective consent for this.

5. Is there an obligation to provide the data?

The provision of the required data is voluntary. If you do not provide the necessary information and documents, please use another method of identification.

6. Profiling and automated decision-making

We do not use automated decision-making within the meaning of Art. 22 GDPR in connection with the video identification procedure.