The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data means any information that can be used to identify you personally. Detailed information on data protection can be found in the full Privacy Policy set out below.
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. Their contact details can be found in the section “Note on the Controller” in this Privacy Policy.
How do we collect your data?
Some data is collected when you provide it to us. This may, for example, be data you enter in a contact form.
Other data is collected automatically or after your consent when you visit the website by our IT systems. This primarily includes technical data (e.g., browser type, operating system, time of page access). This data is collected automatically as soon as you enter this website.
What do we use your data for?
Part of the data is collected to ensure the website can be provided without errors. Other data may be used to analyze user behavior.
What rights do you have regarding your data?
You have the right, at any time and free of charge, to obtain information about the origin, recipient, and purpose of your stored personal data. You also have the right to request rectification or deletion of this data. If you have given consent to data processing, you may revoke this consent at any time with effect for the future. You also have the right, under certain circumstances, to request restriction of the processing of your personal data. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
You can contact us at any time regarding this and any other questions on the subject of data protection.
When visiting this website, your browsing behavior may be statistically evaluated, primarily with analytics programs. Detailed information about these programs is provided below in this Privacy Policy.
We host the content of our website with the following provider:
This website is hosted externally. Personal data collected on this website is stored on the servers of the hosting provider(s). This may include, in particular, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access records, and any other data generated via a website.
External hosting is carried out for the purpose of fulfilling contracts with our prospective and existing customers (Art. 6(1)(b) GDPR) and in the interest of the secure, fast, and efficient provision of our online offering by a professional provider (Art. 6(1)(f) GDPR). Where consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TTDSG (to the extent consent includes the storage of cookies or access to information on the user’s device—e.g., device fingerprinting—within the meaning of the TTDSG). Consent may be withdrawn at any time.
Our hosting provider(s) will only process your data to the extent necessary to fulfill their service obligations and will follow our instructions regarding this data.
We use the following host:
UD Media GmbH
Kölner Straße 28
D-41812 Erkelenz
We have concluded a Data Processing Agreement (DPA) with the provider named above. This legally required contract ensures that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this Privacy Policy.
When you use this website, various personal data will be collected. Personal data is information that can identify you personally. This Privacy Policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens.
Please note that data transmission over the internet (e.g., communication by email) may have security gaps. Complete protection of data against access by third parties is not possible.
The Controller for data processing on this website is:
Sparkfield GmbH
Böblinger Straße 29
71229 Leonberg
Phone: +49 152 2463 9260
Email: [email protected]
The Controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data (e.g., names, email addresses).
Unless a more specific storage period is stated in this Privacy Policy, your personal data will remain with us until the purpose for data processing ceases to apply. If you make a justified request for deletion or revoke your consent to processing, your data will be deleted unless we have other legally permissible grounds for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, deletion takes place after these reasons no longer apply.
If you have consented to processing, we process your personal data on the basis of Art. 6(1)(a) GDPR and, where special categories of data under Art. 9(1) GDPR are processed, on the basis of Art. 9(2)(a) GDPR. In the event of express consent to the transfer of personal data to third countries, processing is also based on Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or access to information on your device (e.g., via device fingerprinting), processing is additionally based on § 25(1) TTDSG. Consent may be withdrawn at any time.
If your data is required for the performance of a contract or for pre-contractual measures, we process your data on the basis of Art. 6(1)(b) GDPR. We also process your data if necessary to comply with a legal obligation (Art. 6(1)(c) GDPR). Processing may further be based on our legitimate interests under Art. 6(1)(f) GDPR. The specific legal bases applicable in individual cases are explained in the sections below.
We use tools offered by companies located in countries that, from a data-protection perspective, are not considered safe third countries, as well as U.S. tools whose providers are not certified under the EU-U.S. Data Privacy Framework (DPF). If these tools are active, your personal data may be transferred to and processed in such countries. Please note that in third countries lacking adequate data protection, an EU-equivalent level of data protection cannot be guaranteed.
We note that the U.S. is generally considered a safe third country with an EU-comparable level of data protection. A transfer to the U.S. is permissible if the recipient is certified under the DPF or provides appropriate additional safeguards. Information on third-country transfers, including recipients, can be found in this Privacy Policy.
In the course of our business activities, we work with various external parties. This may require the transfer of personal data. We transfer personal data to external recipients only if necessary for contract performance, if we are legally obliged to do so (e.g., to tax authorities), if we have a legitimate interest under Art. 6(1)(f) GDPR, or if another legal basis permits the transfer. Where processors are used, we transfer personal data only on the basis of a valid Data Processing Agreement. In the case of joint processing, a joint controllership agreement is concluded.
Many processing operations are only possible with your explicit consent. You may withdraw consent at any time. The lawfulness of processing carried out prior to the withdrawal remains unaffected.
IF PROCESSING IS BASED ON ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT, AT ANY TIME, TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS FOR PROCESSING IS SET OUT IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA CONCERNED UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENSE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21(1) GDPR).
WHERE YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).
In the event of breaches of the GDPR, data subjects are entitled to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work, or the place of the alleged infringement. The right to lodge a complaint exists without prejudice to other administrative or judicial remedies.
You have the right to receive data that we process automatically on the basis of your consent or for the performance of a contract, in a commonly used, machine-readable format, and to transmit it to yourself or a third party. Where you request the direct transfer of data to another controller, this will only be done to the extent technically feasible.
Within the scope of applicable law, you have the right at any time to obtain free information about your stored personal data, its origin, recipients, and the purpose of processing, and, where applicable, a right to rectification or deletion of this data. You can contact us at any time regarding this and other questions about personal data.
You have the right to request the restriction of processing of your personal data. You can contact us at any time for this purpose. The right to restriction applies in the following cases:
If you contest the accuracy of your personal data stored by us, we generally need time to verify this. For the duration of the verification, you have the right to request restriction of processing.
If processing is unlawful, you may request restriction of processing instead of deletion.
If we no longer need your personal data, but you require it for the exercise, defense, or establishment of legal claims, you have the right to request restriction instead of deletion.
If you have objected pursuant to Art. 21(1) GDPR, a balance must be struck between your interests and ours. Until it is determined whose interests prevail, you have the right to request restriction of processing.
Where processing has been restricted, such data—apart from storage—may only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or a Member State.
For security reasons and to protect the transmission of confidential content (e.g., orders or inquiries sent to us as the site operator), this site uses SSL/TLS encryption. You can recognize an encrypted connection by the browser address line changing from “http://” to “https://” and the lock icon in your browser bar.
When SSL/TLS encryption is active, data you transmit to us cannot be read by third parties.
We hereby object to the use of contact details published as part of our legal notice obligations for sending unsolicited advertising and information materials. The site operators expressly reserve the right to take legal action in the event of unsolicited promotional information, such as spam emails.
Our web pages use “cookies.” Cookies are small data packets that do not harm your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are deleted automatically after your visit. Persistent cookies remain stored until you delete them or your web browser deletes them automatically.
Cookies may come from us (first-party cookies) or from third-party companies (third-party cookies). Third-party cookies enable the integration of certain third-party services within websites (e.g., payment services).
Cookies serve different functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g., shopping cart, displaying videos). Other cookies can be used to analyze user behavior or for advertising purposes.
Cookies that are necessary to carry out electronic communication, to provide certain functions you request (e.g., shopping cart), or to optimize the website (e.g., audience measurement cookies) are stored on the basis of Art. 6(1)(f) GDPR unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of their services. Where consent to store cookies and similar recognition technologies has been requested, processing is based exclusively on this consent (Art. 6(1)(a) GDPR and § 25(1) TTDSG). Consent may be withdrawn at any time.
You can configure your browser to inform you about the setting of cookies, to allow cookies only in individual cases, to exclude the acceptance of cookies for certain cases or in general, and to activate the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
Which cookies and services are used on this website can be found in this Privacy Policy.
This website uses Borlabs Cookie, which sets a technically necessary cookie (“borlabs-cookie”) to store your cookie consents. Borlabs Cookie does not process any personal data. The “borlabs-cookie” stores the consents you gave when entering the website. If you wish to revoke these consents, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked again for your cookie consent.
The provider of these pages automatically collects and stores information in so-called server log files, which your browser transmits to us automatically. These are:
Browser type and version
Operating system used
Referrer URL
Hostname of the accessing device
Time of the server request
IP address
This data is not merged with other data sources.
Collection is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of the website; for this purpose, server log files must be collected.
If you send inquiries to us via the contact form, the data you enter, including the contact details provided, will be stored for the purpose of processing the request and for follow-up questions. We do not pass this data on without your consent.
Processing is based on Art. 6(1)(b) GDPR if your request is related to the performance of a contract or necessary for pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), where obtained; consent may be withdrawn at any time.
Data you enter in the contact form remains with us until you request deletion, revoke your consent to storage, or the purpose for storage no longer applies (e.g., after your inquiry has been fully processed). Mandatory statutory provisions—particularly retention periods—remain unaffected.
If you contact us by email, phone, or fax, your inquiry, including the personal data contained therein (name, inquiry), will be stored and processed for the purpose of handling your request. We do not pass this data on without your consent.
Processing is based on Art. 6(1)(b) GDPR if your request is related to a contract or necessary for pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling inquiries (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), where obtained; consent may be withdrawn at any time.
Data transmitted to us through contact requests remains with us until you request deletion, revoke your consent, or the purpose for storage no longer applies. Statutory provisions—especially legal retention periods—remain unaffected.
We use HubSpot CRM on this website. Provider: HubSpot Inc., 25 Street, Cambridge, MA 02141, USA (hereinafter “HubSpot CRM”).
HubSpot CRM enables us to manage existing and potential customers and contacts. With HubSpot CRM, we can record, categorize, and analyze customer interactions via email, social media, or phone across various channels. The personal data collected in this way can be evaluated and used for communication with prospective customers or for marketing activities (e.g., newsletter mailings). HubSpot CRM also allows us to track and analyze the behavior of our contacts on our website.
Use of HubSpot CRM is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in efficient customer management and communication. Where consent is requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TTDSG (where consent covers the storage of cookies or access to information on the user’s device within the meaning of the TTDSG). Consent may be withdrawn at any time.
Details can be found in HubSpot’s Privacy Policy: https://legal.hubspot.com/privacy-policy.
Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details: https://www.hubspot.de/data-privacy/privacy-shield.
The company is certified under the EU-U.S. Data Privacy Framework (DPF). More information: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000TN8pAAG&status=Active
Data Processing Agreement
We have concluded a DPA with HubSpot for the service mentioned above. This legally required contract ensures that the provider processes personal data of our website visitors only according to our instructions and in compliance with the GDPR.
We use Google Analytics 4 to analyze website usage and optimize our services. The service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google processes the collected data on our behalf and is contractually committed to measures ensuring security and confidentiality of the processed data.
Data collected during your website visit includes:
Pages viewed
Achievement of “website goals” (e.g., contact requests, newsletter signups)
On-page behavior (time on page, clicks, scroll depth)
Approximate location (country and city)
Anonymized IP address
Technical information (browser, ISP, device, screen resolution)
Source of your visit (e.g., referring website or campaign)
Randomly generated user ID
No personal data such as name, postal address, or contact details is transmitted to Google Analytics.
Data transfer and storage:
Data may be transferred to Google servers in the USA. Please note the U.S. may not guarantee the same level of data protection as the EU. Google Analytics stores cookies in your browser for up to two years from your last visit. These cookies contain a randomly generated user ID allowing recognition on future visits. Recorded data is stored together with the user ID, enabling evaluation of pseudonymous user profiles. User-level data is automatically deleted after 14 months. Aggregated data may be stored indefinitely. For more, see Google’s official documentation.
Legal basis:
Processing is based on our legitimate interests (Art. 6(1)(f) GDPR) to optimize our website, or on your consent (Art. 6(1)(a) GDPR) where required.
Opt-out options:
If you do not agree to data collection, you can prevent it by installing the Google Analytics opt-out browser add-on once, or by rejecting cookies via our cookie settings dialog. Further information on Google’s processing can be found in the Google Privacy Policy and the Google Analytics Privacy Policy. For information on Google’s use of data, see the Google Partner Policy.
You can manage your cookie preferences at any time via our on-site cookie settings.
Data Processing Agreement
We have concluded a DPA for the service mentioned above. This ensures the provider processes personal data only in accordance with our instructions and the GDPR.
Functions of the Instagram service are integrated into this website. Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
When the social media element is active, a direct connection between your device and Instagram’s servers is established. Instagram thereby receives information that you have visited this website.
If you are logged into your Instagram account, by clicking the Instagram button you can link the content of this website to your Instagram profile. Instagram can then associate your visit to this website with your user account. Please note we, as the provider, have no knowledge of the content of the transmitted data or its use by Instagram.
Use of this service is based on your consent under Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent may be withdrawn at any time.
Where personal data is captured on our website with the tool described here and transferred to Facebook/Instagram, we and Meta Platforms Ireland Limited are joint controllers for this processing (Art. 26 GDPR). Joint responsibility is limited to data collection on our website and its transfer to Facebook/Instagram. Any subsequent processing by Facebook/Instagram is not part of joint controllership. Our respective obligations are set out in a joint controllership agreement available at: https://www.facebook.com/legal/controller_addendum. Under this agreement, we are responsible for providing data protection information and for the secure implementation of the tool on our website. Facebook is responsible for the security of Facebook/Instagram products. Data subject rights relating to data processed by Facebook/Instagram can be asserted directly with Facebook. If you assert your rights with us, we are obliged to forward them to Facebook.
Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://privacycenter.instagram.com/policy/ and
https://de-de.facebook.com/help/566994660333381.
Further information: Instagram Privacy Policy: https://privacycenter.instagram.com/policy/.
The company is certified under the EU-U.S. Data Privacy Framework (DPF). Details:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active
This website uses elements of the LinkedIn network. Provider: LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
Whenever a page with LinkedIn elements is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited this website with your IP address. If you click the LinkedIn “Recommend” button and are logged into your LinkedIn account, LinkedIn can associate your visit to this website with your user account. Please note we, as the provider, have no knowledge of the content of the transmitted data or its use by LinkedIn.
Use of this service is based on your consent under Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent may be withdrawn at any time.
Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details:
https://www.linkedin.com/help/linkedin/answer/62538/datenubertragung-aus-der-eu-dem-ewr-und-der-schweiz?lang=de
Further information: LinkedIn Privacy Policy: https://www.linkedin.com/legal/privacy-policy.
If you would like to receive the newsletter offered on the website, we require your email address and information allowing us to verify that you are the owner of the email address and that you agree to receive the newsletter. No further data is collected, or only on a voluntary basis. We use this data exclusively to send the requested information and do not pass it on to third parties.
Processing of data entered into the newsletter signup form is based solely on your consent (Art. 6(1)(a) GDPR). You may revoke your consent to the storage of your data, email address, and its use for sending the newsletter at any time—for example via the “unsubscribe” link in the newsletter. The lawfulness of data processing already carried out remains unaffected by the revocation.
Data you provide for the purpose of receiving the newsletter will be stored by us (and/or the newsletter service provider) until you unsubscribe and will be deleted from the newsletter distribution list after unsubscribing or once the purpose no longer applies. We reserve the right to delete or block email addresses from our distribution list at our discretion within the scope of our legitimate interest under Art. 6(1)(f) GDPR.
Data stored by us for other purposes remains unaffected.
After you unsubscribe, your email address may be stored in a blacklist, if necessary, to prevent future mailings. The data in the blacklist is used only for this purpose and is not merged with other data. This serves your interest and our interest in complying with the legal requirements for newsletter distribution (legitimate interest under Art. 6(1)(f) GDPR). Storage in the blacklist is not time-limited. You may object to storage if your interests outweigh our legitimate interest.
This website integrates videos from YouTube. Provider: Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
When you visit a page on which YouTube is integrated, a connection to YouTube’s servers is established. The YouTube server is informed which of our pages you visited. If you are logged in to your YouTube account, YouTube can associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
We use YouTube in enhanced privacy mode. According to YouTube, videos played in enhanced privacy mode are not used for personalized browsing on YouTube. Ads served in this mode are also not personalized. No cookies are set in enhanced privacy mode. However, so-called local storage elements are stored in the user’s browser which, similar to cookies, can contain personal data and be used for recognition. Details: https://support.google.com/youtube/answer/171780.
After activating a YouTube video, additional data processing operations may be triggered over which we have no control.
Use of YouTube is in the interest of an attractive presentation of our online offers (legitimate interest under Art. 6(1)(f) GDPR). Where consent is requested, processing is based exclusively on Art. 6(1)(a) GDPR and § 25(1) TTDSG (where consent covers cookie storage or device access as defined by the TTDSG). Consent may be withdrawn at any time.
Further information on data protection at YouTube: https://policies.google.com/privacy?hl=de.
The company is certified under the EU-U.S. Data Privacy Framework (DPF). Details:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
We use Wordfence on this website. Provider: Defiant Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA (“Wordfence”).
Wordfence protects our website against unwanted access or malicious cyberattacks. For this purpose, our website maintains a permanent connection to Wordfence servers so Wordfence can compare its databases with access attempts on our website and block them if necessary.
Use of Wordfence is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the most effective protection possible against cyberattacks. Where consent is requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TTDSG (where consent covers cookie storage or device access). Consent may be withdrawn at any time.
Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details: https://www.wordfence.com/help/general-data-protection-regulation/.
Data Processing Agreement
We have concluded a DPA for use of the service mentioned above. This ensures that the provider processes personal data of our website visitors only in accordance with our instructions and the GDPR.
We collect, process, and use personal customer and contract data to establish, define the content of, and amend our contractual relationships. We collect, process, and use personal data about the use of this website (usage data) only to the extent necessary to enable the user to use the service or to bill for it. Legal basis: Art. 6(1)(b) GDPR.
Customer data collected will be deleted after completion of the order or termination of the business relationship and after the expiry of any statutory retention periods. Statutory retention periods remain unaffected.
We offer you the opportunity to apply to us (e.g., by email, post, or via an online application form). Below we inform you about the scope, purpose, and use of your personal data collected during the application process. We assure you that collection, processing, and use of your data comply with applicable data protection laws and all other legal requirements and that your data is treated as strictly confidential.
Scope and purpose of data collection
If you send us an application, we process your related personal data (e.g., contact and communication details, application documents, notes from interviews) to the extent necessary to decide whether to establish an employment relationship. The legal basis is § 26 BDSG (initiation of an employment relationship), Art. 6(1)(b) GDPR (general pre-contractual initiation), and—if you have given consent—Art. 6(1)(a) GDPR. Consent may be withdrawn at any time. Your personal data will be shared within our company only with persons involved in processing your application.
If the application is successful, the data you submitted will be stored in our data processing systems for the purpose of implementing the employment relationship on the basis of § 26 BDSG and Art. 6(1)(b) GDPR.
Retention period
If we are unable to offer you a position, you reject an offer, or you withdraw your application, we reserve the right to retain the data you have provided on the basis of our legitimate interests (Art. 6(1)(f) GDPR) for up to 6 months after the end of the application process (rejection or withdrawal). The data will then be deleted and physical application documents destroyed. Retention serves particularly as evidence in the event of legal disputes. If it is apparent that the data will be required after the 6-month period (e.g., due to a pending legal dispute), deletion will only take place when the purpose for further retention no longer exists.
Longer retention may also occur if you have given corresponding consent (Art. 6(1)(a) GDPR) or if statutory retention obligations prevent deletion.
Contact
More Information
Legal Notice
Contact
More information
Legal Notice
