1. First of all…
The following information provides a simple overview of what happens to your
personal data when you visit this website. Personal data is any data that can be used
to identify you personally.
Who is responsible for the data collection on this website?
Data processing on this website is carried out by the website operator. You can find
their contact details in the section „Note on the responsible body“ in this privacy
policy.
How do we collect your information?
On the one hand, your data is collected when you provide it to us. This can be, for
example, data that you enter into a contact form.
Other data is collected automatically or with your consent when you visit the website
by our IT systems. This is mainly technical data (e.g. Internet browser, operating
system, or time of page access). The collection of this data takes place automatically
as soon as you enter this website.
What do we use your data for?
Part of the data is collected to ensure that the website is provided without errors.
Other data may be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right to receive information about the origin, recipient and purpose of
your stored personal data at any time, free of charge. You also have the right to
request the correction or deletion of this data. If you have given consent to data
processing, you can revoke this consent at any time for the future. You also have the
right to request the restriction of the processing of your personal data in certain
circumstances. Furthermore, you have the right to lodge a complaint with the
competent supervisory authority.
You can contact us at any time for this and other questions on the subject of data
protection.
Analytics and third-party tools
When you visit this website, your surfing behaviour can be statistically evaluated.
This is mainly done with so-called analysis programs.
Detailed information about these analysis programs can be found in the following
privacy policy.
2. Hosting und Content Delivery Networks (CDN)
We host the content of our website with the following provider:
External Hosting
This website is hosted externally. The personal data collected on this website is
stored on the servers of the hoster/hosters. This can include, but is not limited to, IP
addresses, contact requests, meta and communication data, contract data, contact
data, names, website accesses and other data generated via a website.
External hosting is carried out for the purpose of fulfilling the contract with our
potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a
secure, fast and efficient provision of our online offering by a professional provider
(Art. 6 para. 1 lit. f GDPR). If a corresponding consent has been requested, the
processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR and § 25 (1)
TTDSG, insofar as the consent includes the storage of cookies or access to
information in the user’s end device (e.g. device fingerprinting) within the meaning of
the TTDSG. The consent can be revoked at any time.
Our hoster(s) will only process your data to the extent necessary to fulfil its
performance obligations and follow our instructions regarding this data.
We use the following host(s):
Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Germany
https://www.hetzner.com/
Order processing
We have concluded a contract processing agreement (DPA) for the use of the above-
mentioned service. This is a contract required by data protection law that ensures
that it processes the personal data of our website visitors only in accordance with our
instructions and in compliance with the GDPR.
3. General information and mandatory information
The operators of these pages take the protection of your personal data very
seriously. We treat your personal data confidentially and in accordance with the
statutory data protection regulations and this data protection declaration.
When you use this website, various personal data is collected. Personal data is data
that can be used to identify you personally. This privacy policy explains what data we
collect and what we use it for. It also explains how and for what purpose this is done.
We would like to point out that data transmission on the Internet (e.g. when
communicating by e-mail) may have security gaps. It is not possible to completely
protect the data from access by third parties. Note on the responsible body
The person responsible for data processing on this website is:
NXTGN GmbH
Lautenschlager Str. 16
70173 Stuttgart
https://join-nxtgn.com
E-Mail: hi[at]join-nxtgn.com
The controller is the natural or legal person who, alone or jointly with others, decides
on the purposes and means of the processing of personal data (e.g. names, e-mail
addresses, etc.).
Storage period
Unless a specific storage period has been specified in this privacy policy, your
personal data will remain with us until the purpose for which the data is processed no
longer applies. If you assert a justified request for erasure or revoke consent to data
processing, your data will be deleted, unless we have other legally permissible
grounds for storing your personal data (e.g. retention periods under tax or
commercial law); in the latter case, the deletion takes place after these reasons have
ceased to exist.
General information on the legal basis of data processing on this website
If you have consented to data processing, we process your personal data on the
basis of Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR, insofar as special categories of
data are processed in accordance with Art. 9 (1) GDPR. In the case of explicit
consent to the transfer of personal data to third countries, data processing is also
carried out on the basis of Art. 49 (1) (a) GDPR. If you have consented to the storage
of cookies or access to information in your device (e.g. via device fingerprinting), data
processing will also be carried out on the basis of Section 25 (1) TTDSG. The
consent can be revoked at any time. If your data is required for the performance of a
contract or for the implementation of pre-contractual measures, we process your data
on the basis of Art. 6 (1) (b) GDPR. Furthermore, we process your data if it is
necessary to comply with a legal obligation on the basis of Art. 6 (1) (c) GDPR. Data
processing may also be carried out on the basis of our legitimate interest in
accordance with Art. 6 (1) (f) GDPR. Information on the relevant legal bases in each
individual case is provided in the following paragraphs of this data protection
declaration.
Data protection supervisor
We have appointed a data protection officer. He can be reached by e-mail at
hi[at]join-nxtgn.com.
Note on data transfer to the USA and other third countries
Among other things, we use tools from companies based in the USA or other third
countries that are not secure under data protection law. When these tools are active,
your personal data may be transferred to and processed in these third countries. We
would like to point out that in these countries no level of data protection comparable
to that of the EU can be guaranteed. For example, US companies are obliged to
hand over personal data to security authorities without you, as the data subject,
being able to take legal action against it. It cannot therefore be ruled out that US
authorities (e.g. intelligence services) process, evaluate and permanently store your
data on US servers for surveillance purposes. We have no control over these
processing activities.
Withdrawal of your consent to data processing
Many data processing operations are only possible with your explicit consent. You
can revoke any consent you have already given at any time. The lawfulness of the
data processing carried out up to the time of revocation remains unaffected by the
revocation.
Right to object to data collection in special cases as well as to direct marketing (Art.
21 GDPR)
IF THE DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6 PARA. 1
LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING
OF YOUR PERSONAL DATA AT ANY TIME ON GROUNDS RELATING TO YOUR
PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON
THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH
PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU
OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS
WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE
PROCESSING THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS,
OR THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL
CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSE OF DIRECT
MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE
PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE
OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING, INSOFAR AS IT IS
RELATED TO SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL
DATA WILL THEN NO LONGER BE USED FOR THE PURPOSE OF DIRECT
MARKETING (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR).
Right to lodge a complaint with the competent supervisory authority
In the event of violations of the GDPR, the data subjects have the right to lodge a
complaint with a supervisory authority, in particular in the Member State of their habitual
residence, their place of work or the place of the alleged infringement. The
right of appeal exists without prejudice to other administrative or judicial remedies.
Right to data portability
You have the right to have data that we process automatically on the basis of your
consent or in fulfilment of a contract handed over to you or to a third party in a
common, machine-readable format. If you request the direct transfer of the data to
another controller, this will only be done to the extent that it is technically feasible.
Information, correction and deletion
Within the framework of the applicable legal provisions, you have the right to free
information about your stored personal data, its origin and recipients and the purpose
of the data processing at any time and, if necessary, a right to rectification or deletion
of this data. You can contact us at any time for this and other questions on the
subject of personal data.
Right to restriction of processing
You have the right to request the restriction of the processing of your personal data.
You can contact us at any time for this. The right to restriction of processing exists in
the following cases:
If you contest the accuracy of your personal data held by us, we will usually need
time to verify this. For the duration of the audit, you have the right to request the
restriction of the processing of your personal data.
If the processing of your personal data was/is unlawful, you can request the
restriction of data processing instead of deletion.
If we no longer need your personal data, but you need it to exercise, defend or assert
legal claims, you have the right to request the restriction of the processing of your
personal data instead of erasure.
If you have filed an objection in accordance with Art. 21 (1) GDPR, a balancing of
your interests and ours must be carried out. As long as it has not yet been
determined whose interests prevail, you have the right to request the restriction of the
processing of your personal data.
If you have restricted the processing of your personal data, this data may only be
processed with your consent or for the establishment, exercise or defence of legal
claims, or for the protection of the rights of another natural or legal person, or for
reasons of important public interest of the European Union or of a Member State.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the
transmission of confidential content, such as orders or inquiries that you send to us
as the site operator. You can recognize an encrypted connection by the fact that the
address bar of the browser changes from „http://“ to „https://“ and by the lock symbol
in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by
third parties.
4. Data collection on this website
Typeform
We have integrated Typeform into this website. The provider is TYPEFORM S.L.,
Carrer Bac de Roda, 163, 08018 Barcelona, Spain (hereinafter referred to as
Typeform).
Typeform allows us to create online forms and embed them on our website. The data
you enter into our Typeform forms will be stored on Typeform’s servers until you ask
us to delete it, revoke any consent you have given to it or the purpose for which it
was stored no longer applies (e.g. after your request has been processed).
Mandatory statutory provisions – in particular retention periods – remain unaffected.
Typeform is used on the basis of Art. 6 (1) (f) GDPR. The website operator has a
legitimate interest in functioning online forms. If a corresponding consent has been
requested, the processing is carried out exclusively on the basis of Art. 6 (1) (a)
GDPR and § 25 (1) TTDSG, insofar as the consent includes the storage of cookies or
access to information in the user’s end device (e.g. device fingerprinting) within the
meaning of the TTDSG. The consent can be revoked at any time.
Order processing
We have concluded a contract processing agreement (DPA) for the use of the above-
mentioned service. This is a contract required by data protection law that ensures
that it processes the personal data of our website visitors only in accordance with our
instructions and in compliance with the GDPR.
5. Social media
Our social media presences
This privacy policy applies to the following social media presences
https://www.facebook.com/join.nxtgn
https://www.instagram.com/hackxplore/
https://www.linkedin.com/company/join-nxtgn/mycompany/
Data processing through social networks
We maintain publicly accessible profiles on social networks. The social networks we
use in detail can be found below.
Social networks such as Facebook, Twitter, etc. can usually analyze your user
behavior comprehensively when you visit their website or a website with integrated
social media content (e.g. like buttons or advertising banners). Visiting our social
media presences triggers numerous data protection-relevant processing operations.
In detail:
If you are logged into your social media account and visit our social media presence,
the operator of the social media portal can assign this visit to your user account.
However, your personal data may also be collected if you are not logged in or do not
have an account with the respective social media portal. In this case, this data
collection is carried out, for example, via cookies that are stored on your device or by
recording your IP address.
With the help of the data collected in this way, the operators of the social media
portals can create user profiles in which your preferences and interests are stored. In
this way, interest-based advertising can be shown to you inside and outside of the
respective social media presence. If you have an account with the respective social
network, interest-based advertising can be displayed on all devices on which you are
logged in or were logged in.
Please also note that we cannot track all processing processes on the social media
portals. Depending on the provider, further processing operations may therefore be
carried out by the operators of the social media portals. For details, please refer to
the terms of use and privacy policy of the respective social media portals.
Legal basis
Our social media presences are intended to ensure the widest possible presence on
the Internet. This is a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.
The analysis processes initiated by the social networks may be based on different
legal bases, which must be indicated by the operators of the social networks (e.g.
consent within the meaning of Art. 6 para. 1 lit. a GDPR).
Controller and exercise of rights
If you visit one of our social media presences (e.g. Facebook), we are jointly
responsible with the operator of the social media platform for the data processing
operations triggered during this visit. In principle, you can assert your rights
(information, correction, deletion, restriction of processing, data portability and
complaint) both against us and against the operator of the respective social media
portal (e.g. against Facebook).
Please note that despite the joint responsibility with the social media portal operators,
we do not have full influence on the data processing processes of the social media
portals. Our options are largely based on the corporate policy of the respective
provider.
Storage period
The data collected directly by us via the social media presence will be deleted from
our systems as soon as you ask us to delete it, revoke your consent to its storage or
the purpose for which the data is stored no longer applies. Stored cookies remain on
your device until you delete them. Mandatory legal provisions – esp. retention periods
– remain unaffected.
We have no influence on the storage period of your data, which is stored by the
operators of the social networks for their own purposes. For details, please contact
the operators of the social networks directly (e.g. in their privacy policy, see below).
Your rights
You have the right to receive information about the origin, recipient and purpose of
your stored personal data at any time, free of charge. You also have the right to
object, data portability and a right to lodge a complaint with the competent
supervisory authority. You can also request the rectification, blocking, deletion and, in
certain circumstances, the restriction of the processing of your personal data.
Social networks in detail
FACEBOOK
We have a profile on Facebook. The provider of this service is Meta Platforms Ireland
Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter
referred to as Meta). According to Meta, the data collected will also be transferred to
the USA and other third countries.
We have concluded a joint processing agreement (Controller Addendum) with Meta.
This Agreement sets out which data processing operations we or Meta are
responsible for when you visit our Facebook page. You can view this agreement at
the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
You can adjust your advertising settings independently in your user account. To do
this, click on the following link and log in:
https://www.facebook.com/settings?tab=ads.
The data transfer to the USA is based on the standard contractual clauses of the EU
Commission. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-
de.facebook.com/help/566994660333381.
Details can be found in Facebook’s privacy policy:
https://www.facebook.com/about/privacy/.
INSTAGRAM
We have a profile on Instagram. The provider of this service is Meta Platforms Ireland
Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
The data transfer to the USA is based on the standard contractual clauses of the EU
Commission. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://help.instagram.com/519522125107875 and https://de-
de.facebook.com/help/566994660333381.
Details on their handling of your personal data can be found in Instagram’s privacy
policy: https://help.instagram.com/519522125107875.
LINKEDIN
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company,
Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you would like to disable LinkedIn advertising cookies, please use the following link:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
The data transfer to the USA is based on the standard contractual clauses of the EU
Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and
https://www.linkedin.com/legal/l/eu-sccs.
Details on their handling of your personal data can be found in LinkedIn’s privacy
policy: https://www.linkedin.com/legal/privacy-policy.
Social Media-Plugins
Instagram
Functions of the Instagram service are integrated into this website. These features
are provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal
Harbour, Dublin 2, Ireland.
When the social media element is active, a direct connection is established between
your device and the Instagram server. Instagram will receive information about your
visit to this website.
If you are logged in to your Instagram account, you can link the content of this
website to your Instagram profile by clicking on the Instagram button. This allows
Instagram to associate the visit to this website with your user account. We would like
to point out that we, as the provider of the pages, have no knowledge of the content
of the transmitted data or its use by Instagram.
If consent has been obtained, the above-mentioned service is used on the basis of
Art. 6 (1) (a) GDPR and § 25 TTDSG. The consent can be revoked at any time. If no
consent has been obtained, the use of the service is based on our legitimate interest
in the widest possible visibility in social media.
Insofar as personal data is collected on our website with the help of the tool
described here and forwarded to Facebook or Instagram, we and Meta Platforms
Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are
jointly responsible for this data processing (Art. 26 GDPR). Joint responsibility is
limited exclusively to the collection of the data and its disclosure to Facebook or
Instagram. The processing by Facebook or Instagram after the transfer is not part of
the joint responsibility. Our joint obligations have been set out in a joint processing agreement. The wording of the agreement can be found at:
https://www.facebook.com/legal/controller_addendum. According to this agreement,
we are responsible for the provision of data protection information when using the
Facebook or Instagram tool and for the implementation of the tool on our website in a
manner that is secure under data protection law. Facebook is responsible for the data
security of the Facebook and Instagram products. You can assert the rights of data
subjects (e.g. requests for information) regarding the data processed by Facebook or
Instagram directly with Facebook. If you assert your rights as a data subject with us,
we are obliged to forward them to Facebook.
The data transfer to the USA is based on the standard contractual clauses of the EU
Commission. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://help.instagram.com/519522125107875 and https://de-
de.facebook.com/help/566994660333381.
For more information, please see Instagram’s privacy policy:
https://instagram.com/about/legal/privacy/.
6. Plugins and Tools
Google Fonts (lokales Hosting)
This site uses so-called Google Fonts, which are provided by Google, for the uniform
display of fonts. The Google Fonts are installed locally. There is no connection to
Google servers.
For more information about Google Fonts, see
https://developers.google.com/fonts/faq and Google’s privacy policy:
https://policies.google.com/privacy?hl=de.
Font Awesome (lokales Hosting)
This page uses Font Awesome for the uniform display of fonts. Font Awesome is
installed locally. A connection to servers of Fonticons, Inc. does not take place.
For more information about Font Awesome, please see the Font Awesome Privacy
Policy at: https://fontawesome.com/privacy.
7. Audio and video conferences
Data processing
For communication with our customers, we use online conference tools, among other
things. The specific tools we use are listed below. If you communicate with us via
video or audio conference via the Internet, your personal data will be collected and
processed by us and the provider of the respective conference tool.
The conference tools collect all data that you provide/use to use the tools (e-mail
address and/or your telephone number). In addition, the conference tools process the
duration of the conference, the start and end (time) of participation in the conference,
the number of participants and other „contextual information“ related to the
communication process (metadata).
Furthermore, the provider of the tool processes all technical data required to handle
online communication. This includes, but is not limited to, IP addresses, MAC
addresses, device IDs, device type, operating system type and version, client
version, camera type, microphone or speakers, and the type of connection.
If content is exchanged, uploaded or otherwise made available within the tool, this is
also stored on the servers of the tool providers. Such content includes, but is not
limited to, cloud recordings, chat/instant messages, voicemails, photos and videos
uploaded to voicemails, files, whiteboards, and other information shared while using
the Service.
Please note that we do not fully influence the data processing processes of the tools
used. Our options are largely based on the corporate policy of the respective
provider. Further information on data processing by the conference tools can be
found in the privacy policies of the respective tools used, which we have listed below
this text.
Purpose and legal basis
The conference tools are used to communicate with prospective or existing
contractual partners or to offer certain services to our customers (Art. 6 para. 1 lit. b
GDPR). Furthermore, the use of the tools serves to generally simplify and accelerate
communication with us or our company (legitimate interest within the meaning of Art.
6 para. 1 lit. f GDPR). If consent has been requested, the use of the tools in question
is based on this consent; consent can be revoked at any time with effect for the
future.
Storage period
The data collected directly by us via the video and conference tools will be deleted
from our systems as soon as you ask us to delete it, revoke your consent to its
storage or the purpose for which it was stored no longer applies. Stored cookies
remain on your device until you delete them. Mandatory statutory retention periods
remain unaffected.
We have no influence on the storage period of your data, which is stored by the
operators of the conference tools for their own purposes. For details, please contact
the operators of the conference tools directly.
Conference tools
We use the following conference tools:
Zoom
We use Zoom. The provider of this service is Zoom Communications Inc., San Jose,
55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. Details on data
processing can be found in Zoom’s privacy policy: https://zoom.us/de-de/privacy.html.
The data transfer to the USA is based on the standard contractual clauses of the EU
Commission. Details can be found here: https://zoom.us/de-de/privacy.html.
Order processing
We have concluded a contract processing agreement (DPA) for the use of the above-
mentioned service. This is a contract required by data protection law that ensures
that it processes the personal data of our website visitors only in accordance with our
instructions and in compliance with the GDPR.
Microsoft Teams
We use Microsoft Teams. The provider is Microsoft Ireland Operations Limited, One
Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.
Details on data processing can be found in the Microsoft Teams privacy policy:
https://privacy.microsoft.com/de-de/privacystatement.
Order processing
We have concluded a contract processing agreement (DPA) for the use of the above-
mentioned service. This is a contract required by data protection law that ensures
that it processes the personal data of our website visitors only in accordance with our
instructions and in compliance with the GDPR.
8. Own Services
Handling of applicant data
We offer you the opportunity to apply to us (e.g. by e-mail, post or via the online
application form). In the following, we inform you about the scope, purpose and use
of your personal data collected as part of the application process. We assure you that
the collection, processing and use of your data will be carried out in accordance with
applicable data protection law and all other legal provisions and that your data will be
treated in the strictest confidence.
Scope and purpose of data collection
If you send us an application, we will process your associated personal data (e.g.
contact and communication data, application documents, notes in the context of job
interviews, etc.) insofar as this is necessary to decide on the establishment of an
employment relationship. The legal basis for this is § 26 BDSG under German law
(initiation of an employment relationship), Art. 6 (1) (b) GDPR (general contract
initiation) and – if you have given consent – Art. 6 (1) (a) GDPR. The consent can be
revoked at any time. Your personal data will only be passed on within our company to
persons who are involved in processing your application.
If the application is successful, the data you submit will be stored in our data
processing systems on the basis of Section 26 of the Federal Data Protection Act
(BDSG) and Article 6 (1) (b) of the GDPR for the purpose of carrying out the
employment relationship.
Data retention period
If we are unable to make you a job offer, you reject a job offer or withdraw your
application, we reserve the right to store the data you provide on the basis of our
legitimate interests (Art. 6 para. 1 lit. f GDPR) for up to 6 months from the end of the
application process (rejection or withdrawal of the application). The data will then be
deleted and the physical application documents destroyed. The storage serves in
particular for the purpose of providing evidence in the event of a legal dispute. If it is
evident that the data will be required after the expiry of the 6-month period (e.g. due
to an imminent or pending legal dispute), deletion will only take place when the
purpose for further storage no longer applies.
Longer storage may also take place if you have given your consent (Art. 6 para. 1 lit.
a GDPR) or if statutory retention obligations preclude deletion.
Google Drive
We have integrated Google Drive on this website. The provider is Google Ireland
Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Drive allows us to include an upload area on our website where you can
upload content. When you upload content, it is stored on Google Drive’s servers.
When you enter our website, it also connects to Google Drive so that Google Drive
can determine that you have visited our website.
The use of Google Drive is based on Art. 6 para. 1 lit. f GDPR. The website operator
has a legitimate interest in a reliable upload area on its website. If a corresponding
consent has been requested, the processing is carried out exclusively on the basis of
Art. 6 (1) (a) GDPR; consent can be revoked at any time.
Order processing
We have concluded a contract processing agreement (DPA) for the use of the above-
mentioned service. This is a contract required by data protection law that ensures
that it processes the personal data of our website visitors only in accordance with our
instructions and in compliance with the GDPR.