Communication via Messenger 

We use messenger services for communication purposes and therefore ask you to observe the following information regarding the functionality of the messenger services, encryption, use of the metadata of the communication and your objection options.

You can also contact us by alternative means, e.g. telephone or e-mail. Please use the contact options provided to you or use the contact options provided within our online services.

In the case of encryption of content (i.e. the content of your message and attachments), we point out that the communication content (i.e. the content of the message and attachments) is encrypted end-to-end. This means that the content of the messages is not visible, not even by the messenger service providers themselves. You should always use a current version of the messenger service with activated encryption, so that the encryption of the message contents is guaranteed.

However, we would like to point out to our communication partners that although messenger service providers do not see the content, they can find out that and when communication partners communicate with us and process technical information on the communication partner's device used and, depending on the settings of their device, also location information (so-called metadata).

Information on Legal basis: If we ask communication partners for permission before communicating with them via messenger services, the legal basis of our processing of their data is their consent. Otherwise, if we do not request consent and you contact us, for example, voluntarily, we use messenger services in our dealings with our contractual partners and as part of the contract initiation process as a contractual measure and in the case of other interested parties and communication partners on the basis of our legitimate interests in fast and efficient communication and meeting the needs of our communication partners for communication via messenger services. We would also like to point out that we do not transmit the contact data provided to us to the messenger service providers for the first time without your consent.

Withdrawal, objection and deletion: You can withdraw your consent or object to communication with us via messenger services at any time. In the case of communication via messenger services, we delete the messages in accordance with our general data retention policy (i.e. as described above after the end of contractual relationships, archiving requirements, etc.) and otherwise as soon as we can assume that we have answered any information provided by the communication partners, if no reference to a previous conversation is to be expected and there are no legal obligations to store the messages to prevent their deletion.

Reservation of reference to other means of communication: For your security, we kindly ask for your understanding that we may not respond to enquiries via messenger for specific reasons. This applies in situations where contract details require heightened confidentiality or a response via messenger does not meet formal requirements. In such cases, we recommend using more appropriate communication channels.

• Processed data types: Contact data (e.g. postal and email addresses or phone numbers); Content data (e.g. textual or pictorial messages and contributions, as well as information pertaining to them, such as details of authorship or the time of creation.); Usage data (e.g. page views and duration of visit, click paths, intensity and frequency of use, types of devices and operating systems used, interactions with content and features). Meta, communication and process data (e.g. IP addresses, timestamps, identification numbers, involved parties).
• Data subjects: Communication partner (Recipients of e-mails, letters, etc.).
• Purposes of processing and legitimate interests: Communication. Direct marketing (e.g. by e-mail or postal).
• Retention and deletion: Deletion in accordance with the information provided in the section "General Information on Data Retention and Deletion".
• Legal Basis: Consent (Article 6 (1) (a) GDPR); Performance of a contract and prior requests (Article 6 (1) (b) GDPR). Legitimate Interests (Article 6 (1) (f) GDPR).

Further information on processing methods, procedures and services used:

• Apple iMessage: Send and receive text messages, voice messages, and video calls. Conduct group conversations. Share files, photos, videos, and locations. Secure communication through end-to-end encryption. Synchronise messages across multiple devices; Service provider: Apple Inc., Infinite Loop, Cupertino, CA 95014, USA; Legal Basis: Legitimate Interests (Article 6 (1) (f) GDPR); Website: https://www.apple.com/. Privacy Policy: https://www.apple.com/privacy/privacy-policy/.
• Instagram: Messaging via the social network Instagram; Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland; Legal Basis: Legitimate Interests (Article 6 (1) (f) GDPR); Website: https://www.instagram.com. Privacy Policy: https://privacycenter.instagram.com/policy/.
• Facebook-Messenger: Sending and receiving text messages, making voice and video calls, creating group chats, sharing files and media, transmitting location information, synchronising contacts, encrypting messages; Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland; Legal Basis: Legitimate Interests (Article 6 (1) (f) GDPR); Website: https://www.facebook.com; Privacy Policy: https://www.facebook.com/privacy/policy/; Data Processing Agreement: https://www.facebook.com/legal/terms/dataprocessing. Basis for third-country transfers: Data Privacy Framework (DPF), Standard Contractual Clauses (https://www.facebook.com/legal/EU_data_transfer_addendum).
• Microsoft Teams: Utilisation for conducting online events, conferences, and communication with internal and external participants. Voice transmission, direct messaging, group communication, and collaboration functions are used; name, business contact details, work profile, participation as well as content (audio/video, speech, chat, files, speech transcription) are processed for purposes and interests in efficiency and productivity improvements, cost efficiency, flexibility, mobility, enhanced communication, IT security, use of a central platform as well as business operations by Microsoft. Audio signals are generally not stored unless recording is enabled. Meeting and conference recordings are stored by default for 90 days unless a different duration is specified. Chat and file contents are stored according to the policies determined by the administrator or user; there is no preset automatic deletion. Channels must be renewed every 180 days; otherwise contents are deleted. Additionally processed are system-generated logs, diagnostic and metadata as well as diagnostic data collected for product stability, security and improvement; Service provider: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland; Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA; Legal Basis: Legitimate Interests (Article 6 (1) (f) GDPR); Website: https://www.microsoft.com/de-de/microsoft-365; Privacy Policy: https://privacy.microsoft.com/en-GB/privacystatement, Security information: https://www.microsoft.com/en-GB/trust-center. Basis for third-country transfers: Data Privacy Framework (DPF), Standard Contractual Clauses (https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA).
• Slack: Team communication and collaboration, real-time messaging, file and document sharing, integration with third-party tools, video and voice calls, channels for topic-specific discussions, search function for messages and files; Service provider: Slack Technologies, Inc., 500 Howard Street, San Francisco, CA 94105, USA; Legal Basis: Legitimate Interests (Article 6 (1) (f) GDPR); Website: https://slack.com/; Privacy Policy: https://slack.com/legal; Data Processing Agreement: https://slack.com/intl/de-de/terms-of-service/data-processing; Basis for third-country transfers: Data Privacy Framework (DPF), Standard Contractual Clauses (https://slack.com/intl/de-de/terms-of-service/data-processing). Further Information: Security measures: https://slack.com/intl/en-gb/security-practices.
• WhatsApp: A communication service that enables the sending and receiving of text messages, voice messages, images, videos, documents, as well as voice and video calls over the internet. Communication is conducted through end-to-end encryption, ensuring that content is accessible only to the involved communication partners. To provide the service, the platform processes metadata (e.g., phone numbers, timestamps, device information) and may use this data for functionality enhancement, security, and service optimisation; Service provider: WhatsApp Ireland Limited, Merrion Road 4, D04 X2K5 Dublin, Ireland; Legal Basis: Legitimate Interests (Article 6 (1) (f) GDPR); Website: https://www.whatsapp.com/; Privacy Policy: https://www.whatsapp.com/legal/privacy-policy-eea. Basis for third-country transfers: Data Privacy Framework (DPF).