Privacy policy

We are pleased that you are visiting our website. The protection of your privacy and the protection of your personal data, so-called personal data, when using our website is an important concern for us.

According to Art. 4 No. 1 GDPR, personal data is any information relating to an identified or identifiable natural person. This includes, for example, information such as your first and last name, your address, your telephone number, your e-mail address, but also your IP address.

Data that cannot be linked to your person, for example through anonymisation, is not personal data. Processing (e.g. collection, storage, retrieval, consultation, use, transmission, erasure or destruction) in accordance with Art. 4 No. 2 GDPR always requires a legal basis or your consent. Processed personal data must be deleted as soon as the purpose of the processing has been achieved and there are no longer any statutory retention obligations to be complied with.

Here you will find information on how we handle your personal data when you visit our website. In order to provide the functions and services of our website, it is necessary for us to collect personal data about you.

We also explain to you the type and scope of the respective data processing, the purpose and the corresponding legal basis and the respective storage period.

This privacy policy only applies to this website. It does not apply to other websites to which we merely refer via a hyperlink. We cannot accept any responsibility for the confidential handling of your personal data on these third-party websites, as we have no influence on whether these companies comply with data protection regulations. Please refer directly to these websites for information on how these companies handle your personal data.

Responsible for the processing of personal data on this website is (cf. Impressum): bachmaier GmbH, Am Pfaffenkogel 4, 83483 Bischofswiesen

a) Type and scope of data processing

If you use this website without transmitting data to us in any other way (e.g. by registering or using the contact form), we collect technically necessary data via server log files, which are automatically transmitted to our server, including

• IP address

• Date and time of the enquiry

• Name and URL of the retrieved file

• Website from which the access was made (referrer URL)

• Access status/HTTP status code

• Browser type

• Language and version of the browser software

• Operating system

b) Purpose and legal basis

This processing is technically necessary in order to display our website to you. We also use the data to ensure the security and stability of our website.

The legal basis for this processing is Art. 6 para. 1 lit. f) GDPR. The processing of the aforementioned data is necessary for the provision of a website and thus serves to safeguard a legitimate interest of our company.

c) Storage period

As soon as the aforementioned personal data is no longer required to display the website, it will be deleted. The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object to this aspect. Further storage may take place in individual cases if this is required by law.

Translated with www.DeepL.com/Translator (free version)

a) Type, scope and purpose of data processing

We use cookies. Cookies are small files that are sent by us to the browser of your end device and stored there when you visit our website.

Some functions of our website cannot be offered without the use of technically necessary cookies. Other cookies, on the other hand, enable us to perform various analyses. For example, some cookies can recognise the browser you are using when you visit our website again and transmit various information to us. We use cookies to facilitate and improve the use of our website. Among other things, cookies enable us to make our website more user-friendly and effective for you, for example by tracking your use of our website and determining your preferred settings (e.g. country and language settings). If third parties process information via cookies, they collect the information directly via your browser. However, cookies do not cause any damage to your end device. They cannot execute programmes or contain viruses. Various types of cookies are used on our website, the type and function of which are explained below.

Temporary cookies/session cookies

Our website uses so-called temporary cookies or session cookies, which are automatically deleted as soon as you close your browser. This type of cookie makes it possible to record your session ID. As a result, various requests from your browser can be assigned to a common session and it is possible to recognise your end device on subsequent website visits.

Permanent cookies

So-called permanent cookies are used on our website. Persistent cookies are cookies that are stored in your browser for a longer period of time and can transmit information. The respective storage period differs depending on the cookie. You can delete permanent cookies yourself via your browser settings.

Third-party cookies

We use analytical cookies to monitor anonymised user behaviour on our website.

We also use advertising cookies. These cookies can be used to track user behaviour for advertising and targeted marketing purposes.

Social media cookies make it possible to establish a connection to your social networks and share content from our website within your networks.

Configuration of the browser settings

Most web browsers are preset to accept cookies automatically. However, you can configure your browser so that it only accepts certain cookies or no cookies at all. However, we would like to point out that you may then no longer be able to use all the functions of our website.

You can also use your browser settings to delete cookies already stored in your browser. It is also possible to set your browser to notify you before cookies are stored. As the various browsers may differ in their respective functionalities, we ask you to use the respective help menu of your browser for the corresponding configuration options.

Deactivating the use of cookies may require the storage of a permanent cookie on your computer. If you subsequently delete this cookie, you will have to deactivate it again.

b) Legal basis

Due to the purposes of use described, the legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f) GDPR. If you have given us your consent to the use of cookies on the basis of a notice (‘cookie banner’) provided by us on the website, the legal basis is additionally Art. 6 para. 1 lit. a) GDPR.

c) Storage duration

As soon as the data transmitted to us via the cookies is no longer required for the purposes described above, this information will be deleted. Further storage may take place in individual cases if this is required by law.

a) Type and scope of data processing

We collect personal data about you in the pre-contractual area and upon conclusion of the contract. This concerns, for example, your first and last name, address, e-mail address, telephone number or bank details.

b) Purpose and legal basis of data processing

We collect and process this data exclusively for the purpose of executing the contract or fulfilling pre-contractual obligations.

The legal basis for this is Art. 6 para. 1 lit b) GDPR. If you have also given your consent, the additional legal basis is Art. 6 para. 1 lit. a) GDPR.

c) Storage period

The data will be deleted as soon as they are no longer required for the purpose of their processing.

In addition, there may be statutory retention obligations, for example commercial or tax retention obligations under the German Commercial Code (HGB) or the German Fiscal Code (AO). If such retention obligations exist, we will block or delete your data at the end of these retention obligations.

On our website, we offer you the opportunity to contact us via an AI chatbot (Botpress). When using the AI chatbot, please refer to this privacy policy to obtain your consent.

a) Type and scope of data processing

When you use the AI chatbot, the following personal data about you will be processed:

Communication content: All information you enter in the chat with the AI chatbot.

Metadata: Time and date of communication, IP address, device type and operating system.

b) Purpose and legal basis

The legal basis for the processing is consent in accordance with Art. 6 para. 1 lit. a) GDPR, which you give voluntarily when using the AI chatbot and which you can revoke at any time for the future.

c) Storage duration

The data you enter in the AI chatbot will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your enquiry has been processed). Mandatory statutory provisions - in particular retention periods under the German Commercial Code (HGB) or the German Fiscal Code (AO) - remain unaffected by this.

Further information on the processing of your personal data can be found in Chatbot's privacy policy at https://botpress.com/legal/privacy-statement’

a) Type and scope of data processing

You can register on our website. When you register, we collect and store the data you enter in the input mask (e.g. surname, first name, e-mail address). This data is not passed on to third parties.

b) Purpose and legal basis of data processing

Your registration is required for the use of certain content and services on our website or for the fulfilment of a contract or for the implementation of pre-contractual measures. After registration, you are free to change the personal data provided during registration at any time or to have it completely deleted from the controller's database.

In the case of consent, the legal basis for processing is Art. 6 para. 1 lit. a)

GDPR. If your registration serves to prepare the conclusion of a contract, Art. 6 para. 1 lit. b) GDPR is an additional legal basis.

c) Storage period

The data collected during registration will be stored by us for as long as you are registered on our website and will then be deleted. Statutory retention periods remain unaffected.

We only pass on your personal data to third parties if:

a) you have given your express consent to this in accordance with Art. 6 para. 1 lit. a) GDPR.

b) this is permitted by law and is necessary for the fulfilment of a contractual relationship with you or the implementation of pre-contractual measures in accordance with Art. 6 para. 1 lit. b) GDPR

c) there is a legal obligation for the transfer in accordance with Art. 6 para. 1 lit. c) GDPR.

We are legally obliged to transfer data to state authorities, e.g. tax authorities, social insurance institutions, health insurance funds, supervisory authorities and law enforcement authorities.

d) the disclosure pursuant to Art. 6 para. 1 lit. f) GDPR is necessary to safeguard legitimate company interests and for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data.

e) in accordance with Art. 28 GDPR, we use external service providers, so-called processors, who have been obliged to handle your data with care.

We use such service providers in the areas of

• IT

• logistics

• Telecommunications

When transferring data to external bodies in third countries, i.e. outside the EU or the EEA, we ensure that these bodies treat your personal data with the same care as within the EU or the EEA. We only transfer personal data to third countries where the EU Commission has confirmed an adequate level of protection or where we ensure the careful handling of personal data through contractual agreements or other suitable guarantees.

a) Type and scope of data processing

You can apply for a job on our website or by e-mail. When you apply, we collect and store the data that you enter in the input mask or that you send us by e-mail.

b) Purpose and legal basis

We only process your data for the purpose of processing your application.

Your data will not be passed on to third parties. The legal basis for the processing is Art. 88 Para. 1 GDPR in conjunction with. § Section 26 BDSG and additionally Art. 6 para. 1 lit. b) GDPR.

If you give us your consent to include you in our applicant pool, the legal basis is Art. 6 para. 1 lit. a) GDPR.

c) Storage period

If we are unable to offer you a position, we will store your data for a maximum of six months after the end of the application process, taking into account Section 61b (1) ArbGG i.V.m. § 15 AGG. The start of the period is the receipt of the rejection letter.

If you have given us your consent to include you in our applicant pool, we will store your data for a maximum of two years.

d) Data transfer

Your data will only be disclosed to those bodies involved in the decision (responsible HR or specialist departments, management, works council).

We are also obliged to transfer your data to public bodies and institutions (e.g. public prosecutor's office, police, supervisory authorities, tax office, social insurance organisations, etc.).

Other data recipients may be those bodies for which you have given us your consent to transfer data.

a) Type and scope of data processing

On our website, we offer you the opportunity to contact us using a form provided. As part of the process of sending your enquiry via the contact form, reference is made to this privacy policy to obtain your consent.

If you make use of the contact form, the following personal data will be processed:

• Salutation

• First name

• Surname

• title

• Company name

• Branch

• Position

• Street number

• Street number

• Postcode

• Town

• Country

• e-mail address

• Telephone number

• Subject

• Content of the message

b) Purpose and legal basis

The purpose of providing your e-mail address is to send you an answer to your enquiry by e-mail. When using the contact form, your personal data will not be passed on to third parties.

The legal basis for the processing is consent in accordance with Art. 6 para. 1 lit. a) GDPR on the declaration of consent voluntarily given by you below and revocable at any time for the future:

c) Storage period

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request).

Mandatory statutory provisions - in particular retention periods in accordance with the German Commercial Code (HGB) or the German Fiscal Code (AO) - remain unaffected by this.

You can contact us by e-mail on our website.

a) Type and scope of data processing

You can contact us by e-mail. Our data collection is limited to the e-mail address of the e-mail account you use to contact us and any personal data you provide when contacting us.

b) Purpose and legal basis

The purpose of data processing is to enable us to respond to your enquiry appropriately. The legal basis for this is Art. 6 para. 1 lit. f) GDPR. There is a legitimate interest in the processing of the above-mentioned personal data in order to be able to process your request properly.

c) Storage period

The duration of the storage of the above-mentioned data depends on the background of your contact. Your personal data will be deleted regularly if the purpose of the communication no longer applies and storage is no longer necessary. This may result, for example, from the processing of your request.

Eine exakte Übersicht zu den von uns verwendeten Web Analyse- und Social Media Tools finden Sie hier:

Use of Facebook services

Use of Facebook Pixel

We use the Facebook Pixel as part of the technologies of Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Irland („Facebook (by Meta)“ or. “Meta Platforms Ireland“). Facebook Pixel automatically collects and stores data (IP address, time of visit, device and browser information as well as information about your use of our website based on events specified by us, such as visiting a website or subscribing to a newsletter), from which usage profiles are created using pseudonyms. As part of the so-called extended data matching, information is also collected and stored in hashed form for matching purposes, which can be used to identify individuals (e.g. names, email addresses and telephone numbers). For this purpose, a cookie is automatically set by the Facebook pixel when you visit our website, which automatically enables your browser to be recognized by means of a pseudonymous cookie ID when you visit other websites. Facebook (by Meta) will merge this information with other data from your Facebook account and use it to compile reports on website activity and to provide other services related to website activity, in particular personalized and group-based advertising.
The information automatically collected by Facebook (by Meta) technologies about your use of our website is usually transferred to a server of Meta Platforms, Inc, 1 Hacker Way, Menlo Park, California 94025, USA and stored there. There is no adequacy decision by the European Commission for the USA. If we are responsible for the transfer of data to the USA, our cooperation is based on standard data protection clauses of the European Commission. Further information about data processing by Facebook can be found in Facebook's (by Meta) privacy policy.

Facebook analytics

As part of the Facebook Business Tools, statistics on visitor activity on our website are created from the data collected with the Facebook Pixel about your use of our website. Data processing is carried out on the basis of an agreement on order processing by Facebook (by Meta). Their analysis serves to optimize the presentation and marketing of our website.

Facebook Ads (Ads Manager)

We use Facebook Ads to advertise this website on Facebook (by Meta) and on other platforms. We determine the parameters of the respective advertising campaign. Facebook (by Meta) is responsible for the exact implementation, in particular the decision on the placement of the ads with individual users. Unless otherwise specified for the individual technologies, data processing is carried out on the basis of an agreement between joint controllers in accordance with Art. 26 GDPR. The joint controllership is limited to the collection of data and its transmission to Meta Platforms Ireland. Subsequent data processing by Meta Platforms Ireland is not covered by this.

Based on the statistics generated via Facebook Pixel about visitor activities on our website, we operate group-based advertising on Facebook (by Meta) via Facebook Custom Audience by determining the characteristics of the respective target group. Facebook (by Meta) acts as our processor in the context of the extended data comparison (see above) that takes place to determine the respective target group.

Based on the pseudonymous cookie ID set by Facebook Pixel and the data collected about your usage behavior on our website, we operate personalized advertising via Facebook Pixel Remarketing.

We use Facebook Pixel Conversions to measure your subsequent usage behavior for web analysis and event tracking if you have reached our website via a Facebook Ads ad. Data processing is carried out on the basis of an agreement on order processing by Facebook (by Meta).

Other providers of web analytics and online marketing services

Use of Matomo as a cloud solution for web analysis

For the purpose of website analysis, the Matomo software from InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand automatically collects and stores data (IP address, time of visit, device and browser information as well as information on your use of our website), from which user profiles are created using pseudonyms. Cookies may be used for this purpose. The pseudonymized user profiles are not merged with personal data about the bearer of the pseudonym without separate, express consent. Matomo works on our behalf. The European Commission has determined an adequate level of data protection for New Zealand by way of a decision.

Social Media

Our online presence on Facebook (by Meta), Instagram (by Meta), YouTube, LinkedIn.
If you have given your consent to the respective social media operator in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, your data will be automatically collected and stored for market research and advertising purposes when you visit our online presences on the above-mentioned social media, from which user profiles are created using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. Cookies are generally used for this purpose. For detailed information on the processing and use of data by the respective social media operator as well as a contact option and your rights and settings options for protecting your privacy, please refer to the providers' data protection notices linked below. If you still need help in this regard, you can contact us.

Facebook (by Meta) is an offer of Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland ("Meta Platforms Ireland"). The information automatically collected by Meta Platforms Ireland about your use of our online presence on Facebook (by Meta) is usually transferred to a server of Meta Platforms, Inc, 1 Hacker Way, Menlo Park, California 94025, USA and stored there. There is no adequacy decision by the European Commission for the USA. Our cooperation with them is based on standard data protection clauses of the European Commission.  Data processing in the context of a visit to a Facebook (by Meta) fan page is based on an agreement between jointly responsible parties in accordance with Art. 26 GDPR. Further information (information on Insights data) can be found here.

Instagram (by Meta) is an offer of Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland ("Meta Platforms Ireland") The information automatically collected by Meta Platforms Ireland about your use of our online presence on Instagram is usually transferred to a server of Meta Platforms, Inc, 1 Hacker Way, Menlo Park, California 94025, USA and stored there. There is no adequacy decision by the European Commission for the USA. Our cooperation with them is based on standard data protection clauses of the European Commission.  Data processing in the context of visiting an Instagram (by Meta) fan page is based on an agreement between jointly responsible parties in accordance with Art. 26 GDPR. Further information (information on Insights data) can be found here.

YouTube is a service provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The information automatically collected by Google about your use of our online presence on YouTube is usually transmitted to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA and stored there. There is no adequacy decision by the European Commission for the USA. Our cooperation with them is based on standard data protection clauses of the European Commission.

LinkedIn is an offer of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn"). The information automatically collected by LinkedIn about your use of our online presence on LinkedIn is usually transferred to a server of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA and stored there. There is no adequacy decision by the European Commission for the USA. Our cooperation with them is based on standard data protection clauses of the European Commission.

Use of Sentry

1. scope of the processing of personal data

We use a system for capturing and recording errors (Sentry) from Functional Software Inc, 45 Fremont Street, 8th Floor, San Francisco, CA 94105, California. We use the self-hosted version of Sentry. In this case, Sentry is hosted by our service provider ‘WEBiDEA, Köpenickerstraße 325 // Haus 40, 12555 Berlin. The Sentry plugin offers a code-based system in the frontend and backend for capturing and recording errors with visualisation options.

• Cookies are stored on your end device.

• The following personal data is/can be processed through the use of Sentry

• Name and contact information

• Payment information

• Customer data

• Device and browser information

• IP address

Data may be transmitted to our service provider WEBiDEA. The servers of our service provider are geographically located in Germany.

We have concluded a contract with our service provider for order processing within the meaning of Art. 28 para. 3 GDPR.

2. Purpose of data processing

We use Sentry for visualisation and as a direct system for capturing and recording in the event of a fault.

3. Legal basis for the processing of personal data

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in the purposes of data processing mentioned under 2.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfil the purposes described in this privacy policy or as required by law, e.g. for tax and accounting purposes.

5. Possibility of objection and removal

You can prevent the collection and processing of your personal data by preventing the storage of third-party cookies on your computer, by using the ‘Do Not Track’ function of a supporting browser, by deactivating the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

Further information on objection and removal options vis-à-vis WEBiDEA can be found at: https://www.webidea24.de/datenschutzerklaerung/

We are committed to protecting your privacy and treating your personal data confidentially. To this end, we take extensive technical and organisational security precautions, which are regularly reviewed and adapted to technological progress.

These include the use of recognised encryption methods (SSL or TLS). However, data disclosed without encryption, for example by unencrypted e-mail, may be read by third parties. We have no influence over this. It is the responsibility of the respective user to protect the data provided by them against misuse through encryption or in any other way.

We reserve the right to update this declaration at any time if necessary.

Here you will find your rights in relation to your personal data. Details can be found in Articles 7, 15-22 and 77 GDPR. You can contact the controller in this regard (Section 2).

Right to withdraw your consent under data protection law in accordance with Art. 7 para. 3 sentence 1 GDPR

You can withdraw your consent to the processing of your personal data at any time with effect for the future. However, this does not affect the lawfulness of the processing carried out up to the point of withdrawal.

a) Right to information in accordance with Art. 15 GDPR

You have the right to request confirmation as to whether we are processing personal data concerning you. If this is the case, you have the right to information about this personal data and to further information, e.g. the purposes of processing, the categories of personal data processed, the recipients and the planned duration of storage or the criteria for determining the duration.

b) Right to rectification and completion in accordance with Art. 16 GDPR

You have the right to request the rectification of inaccurate data without undue delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete data.

c) Right to erasure (‘right to be forgotten’) pursuant to Art. 17 GDPR

You have the right to erasure if the processing is not necessary.

This is the case, for example, if your data is no longer necessary for the original purposes, if you have withdrawn your declaration of consent under data protection law or if the data has been processed unlawfully.

d) Right to restriction of processing in accordance with Art. 18 GDPR

You have the right to restrict processing, e.g. if you believe that the personal data is incorrect.

e) Right to data portability in accordance with Art. 20 GDPR

You have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format.

f) Right to object pursuant to Art. 21 GDPR

You have the right to object at any time, on grounds relating to your particular situation, to the processing of certain personal data concerning you.

In the case of direct advertising, you as the data subject have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.

g) Automated decision in individual cases including profiling in accordance with Art. 22 GDPR

You have the right not to be subject to a decision based solely on automated processing - including profiling - except in the exceptional circumstances mentioned in Art. 22 GDPR.

A decision based solely on automated processing - including profiling - does not take place.

h) Complaint to a data protection supervisory authority pursuant to Art. 77 GDPR

You can also lodge a complaint with a data protection supervisory authority at any time, for example if you are of the opinion that the data processing does not comply with data protection regulations.