MigrationCheck logo

Privacy Policy

General
  1. Your personal data within the meaning of Art. 4 No. 1 GDPR (e.g. IP address, name, e-mail address and telephone number) will only be processed by us in accordance with the provisions of German data protection law and taking into account the European General Data Protection Regulation (GDPR). The following regulations inform you about the type, scope and purpose of the collection, processing and use of personal data.

  2. The processing of personal data within the meaning of Art. 4 No. 2 GDPR is lawful in accordance with Art. 6 GDPR if one of the following conditions is met:

    a) The data subject has given their consent to the processing of their personal data for one or more specific purposes;


    b) the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;


    c) processing is necessary for compliance with a legal obligation to which the controller is subject;


    d) processing is necessary to protect vital interests of the data subject or another natural person;


    e) the processing is necessary for the performance of a task that is in the public interest or in the exercise of official authority that has been delegated to the controller;


    f) processing is necessary to safeguard the legitimate interests of the person responsible or a third party, unless the interests or fundamental rights and freedoms of the data subject that require the protection of personal data prevail, in particular if the data subject is a child acts.


  3. The processing of special personal data (e.g. health data) within the meaning of Art. 9 Para. 1 GDPR is lawful in accordance with Art. 9 Para. 2 GDPR if one of the following conditions is met:

    – there is an explicit consent of the person;

    – the processing is necessary for the establishment, exercise or defense of legal claims or in the case of actions by the courts in the context of their judicial work.


  4. There is no automatic decision-making or profiling of personal data within the meaning of Art. 22 GDPR.

  5. The operator ensures the security of the data in accordance with Art. 32 GDPR, taking into account the principle of proportionality, by means of suitable technical measures.

  6. If, contrary to expectations, there is a breach of data protection, the competent supervisory authority in accordance with Art. 33 GDPR and the data subject in accordance with Art. 34 GDPR will be notified.

Scope
This data protection declaration only applies to our websites. If you are redirected to other sites via links on our site, please inform yourself there about the respective handling of your data.

Duration of data storage
The duration of the storage of the data transmitted by you depends on the legal storage obligations. In accordance with commercial and tax laws, invoices must be retained for a period of 10 years.

Disclosure of data to third parties
Data transmitted as part of the contractual relationship will only be passed on to third parties (Art. 4 No. 10 GDPR) if you have expressly given your consent (Art. 4 No. 11 GDPR) or if the transfer is necessary to fulfill the contract. Consent can be revoked informally at any time. Data collected by visiting the website is only collected by third parties who are expressly named below.

Responsible in the sense of the GDPR
The person responsible within the meaning of the General Data Protection Regulation (GDPR), as well as other data protection laws applicable in the European Union and other provisions of a data protection nature is:

Steinert MigrationGuide GmbH
Hoferstr. 9 B
71636 Ludwigsburg
Germany

Email: wecare@migration-check.com

Cookies

We use cookies on our site. These are small files that your browser creates automatically and that are stored on your end device (PC, laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not damage your end device and do not contain viruses, Trojans or other malware. Information is stored in the cookie that arises in connection with the specific end device used. However, this does not mean that we are immediately informed of your identity.

On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. We use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically deleted after leaving our site.

In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a specific period of time. If you visit our site again to make use of our services, it will automatically be recognized that you have already been with us and what inputs and settings you have made so that you do not have to enter them again.

These cookies enable us to automatically recognize when you visit our site again that you have already been with us. These cookies are automatically deleted after a defined period of time. The data processed by cookies are required for the stated purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR required. Most browsers accept cookies automatically. However, you can configure your browser so that no Cookies are stored on your computer or a notice always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.

Cookie Consent with ccm19

We use the ccm19 service to manage and display cookie consent notices on our website. ccm19 is a cookie consent management solution provided by Papoo Software & Media GmbH, a company registered in the Germany.

ccm19 helps us comply with legal requirements by informing you about the use of cookies on our website and obtaining your consent for non-essential cookies.

When you visit our website, ccm19 may collect certain information to facilitate the cookie consent process. This may include your IP address, browser information, and your interactions with the cookie consent banner.

We use ccm19 to request and record your consent for the use of non-essential cookies, in compliance with applicable data protection laws. The legal basis for processing your data when using ccm19 for cookie consent is based on your consent, as required by Article 6(1)(a) of the General Data Protection Regulation (GDPR).

For more details on how ccm19 processes your data, please review ccm19's privacy policy:

https://www.ccm19.de/datenschutzerklaerung.html


Storage of access data in log files

You can visit our website without providing any personal information.

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:


  • Browser type/ browser version
  • operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of server request

This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to subsequently check this data if we become aware of specific indications of illegal use.

The purpose of the processing results from our legitimate interest within the meaning of Art. 6 Para. 1 S. 1 lit. f) GDPR.

A contract for order processing was concluded with our hoster.

Registration / Login
To use some features, registration is required. The login data is stored encrypted on the server. A passing on to third does not take place, if this is not necessary for the execution of the contractual relationship. The data can be changed or deleted at any time. After deleting the data, the service can no longer be offered to you, unless you register again.
In addition to the data entered by you, the IP address as well as the date and time information of the login will be saved. The storage of IP data serves the prevention of misuse and the investigation of criminal offenses.

Google Analytics (Version 4)
This website uses Google Analytics (Version 4), a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland. Google Analytics allows us to analyze user behavior on our website and create statistical evaluations.
The processing of your data by Google Analytics is based on our legitimate interest according to Art. 6(1)(f) of the GDPR to analyze and improve our website. Your data is anonymized, and the maximum storage duration is 14 months.
We use Google Analytics, a web analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland ("Google"). Google Analytics uses cookies, which are text files stored on your computer that enable an analysis of website usage. The information generated by the cookie about your use of this website is usually transmitted to a Google server and stored there.
By activating IP anonymization on this website, your IP address is truncated by Google within member states of the European Union or other parties to the Agreement on the European Economic Area before transmission. Only in exceptional cases will the full IP address be sent to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activities, and provide other services related to website usage and internet usage to the website operator.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by adjusting your browser software settings; however, please note that if you do this, you may not be able to use the full functionality of this website. Additionally, you can prevent Google's collection of data generated by the cookie and related to your use of the website (including your IP address) as well as Google's processing of this data by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en
To protect your privacy, we have configured Google Analytics to anonymize your IP address, which truncates and anonymizes it before transmission to Google. The complete IP address is not transmitted to Google. Furthermore, we have set a maximum retention period of 14 months for the data. Further information on data protection and data processing by Google Analytics can be found in Google's Privacy Policy: https://policies.google.com/privacy

FastSpring
FastSpring serves as our Merchant of Record for payment processing and subscription management. They provide the payment processing infrastructure for transactions made on our website. When you make a purchase or subscribe to our services, FastSpring may collect and process your payment information. Please review FastSpring's Privacy Policy for details on their data handling practices. The legal basis for processing your data when making a purchase is the performance of a contract, in accordance with Article 6(1)(b) of the GDPR.

Brevo
Brevo is our email service provider, used for sign-in purposes on the platform app.migrationcheck.de and for communication related to the "Personal Guide" feature. Brevo processes your email address and other necessary information for these functions. For information about Brevo's data processing practices, please consult their Privacy Policy. The legal basis for processing your data when using Brevo is the performance of a contract or the implementation of pre-contractual measures at your request, in accordance with Article 6(1)(b) of the GDPR.

Rapidmail
We utilize Rapidmail for email newsletter delivery. Rapidmail may process personal data such as email addresses for newsletter subscription purposes. For details on Rapidmail's data processing practices, please refer to their Privacy Policy. The legal basis for processing your data when using Rapidmail for newsletters is your consent, obtained through the subscription process, in accordance with Article 6(1)(a) of the GDPR.

Hetzner
Our website and app hosting, as well as web server hosting, are provided by Hetzner. They are responsible for hosting the infrastructure that supports our services. Hetzner's data processing practices can be found in their Privacy Policy. The legal basis for processing your data when using Hetzner's hosting services is the performance of a contract, in accordance with Article 6(1)(b) of the GDPR.

IONOS
IONOS is utilized for hosting databases. They provide infrastructure support for our database services. You can find information about IONOS' data processing practices in their Privacy Policy. The legal basis for processing your data when using IONOS' services is the performance of a contract, in accordance with Article 6(1)(b) of the GDPR.

Microsoft 365
We use Microsoft 365 Business Standard for email communication and hosting email accounts. Microsoft's data handling practices for Microsoft 365 can be found in their Privacy Statement. The legal basis for processing your data when using Microsoft 365 is the performance of a contract, in accordance with Article 6(1)(b) of the GDPR.

Payment with Credit Card
When you choose to pay with a credit card, your payment is processed directly by our payment processing provider. Please note that we do not store sensitive credit card data on our own servers. The processing of your payment information is done in accordance with the security standards of the payment provider. For credit card payments, we use FastSpring see above.The legal basis for processing your data when paying with a credit card is contract fulfillment according to Article 6(1)(b) of the GDPR.

Payment with PayPal
When selecting the payment method PayPal, the payment processing is carried out by PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). Your transactions made through PayPal are subject to PayPal's applicable privacy policies. You can find further information in the Privacy Policy of PayPal: https://www.paypal.com/us/legalhub/privacy-full
The legal basis for processing your data when paying via PayPal is contract fulfillment according to Article 6(1)(b) of the GDPR.

Payment with SofortÜberweisung (Klarna)
When selecting the payment method SofortÜberweisung, the payment processing is carried out by Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden. Your transactions made through SofortÜberweisung are subject to Klarna's applicable privacy policies. You can find further information in the Privacy Policy of Klarna: https://www.klarna.com/us/privacy-policy/
The legal basis for processing your data when paying via SofortÜberweisung (Klarna) is contract fulfillment according to Article 6(1)(b) of the GDPR.

Payment with giropay
When selecting the payment method giropay, the payment processing is carried out by your own bank service provider. Please note that we do not store sensitive banking data on our own servers. The processing of your payment information is done according to the security standards of your bank service provider. The legal basis for processing your data when paying with giropay is contract fulfillment according to Article 6(1)(b) of the GDPR.

Payment with WireTransfer
When selecting the payment method WireTransfer, the transfer is made directly from your bank account to ours. Please note that we do not store sensitive banking data on our own servers. The processing of your payment information is done according to the security standards of your bank service provider. The legal basis for processing your data when paying with WireTransfer is contract fulfillment according to Article 6(1)(b) of the GDPR.

Calendly
We use Calendly to schedule appointments and meetings with our customers. Calendly is a scheduling tool provided by Calendly, Inc.. When you use Calendly to book an appointment with us, certain personal data may be collected, such as your name, email address, and meeting preferences. This data is used solely for scheduling purposes and to provide you with the best possible experience. The legal basis for processing your data when using Calendly is our legitimate interest in efficient appointment scheduling, in accordance with Article 6(1)(f) of the GDPR. For more information about Calendly's data processing practices, please refer to their Privacy Policy: https://calendly.com/privacy

Zoom
We utilize Zoom for conducting consultations and meetings. Zoom is a video conferencing platform offered by Zoom Video Communications, Inc. When you participate in a Zoom meeting with us, certain data, such as your IP address and meeting activity, may be collected to ensure the quality of the session. Please review Zoom's Privacy Policy for detailed information on how they handle your data: https://explore.zoom.us/en/privacy/
The legal basis for processing your data when using Zoom is our legitimate interest in effective communication, in accordance with Article 6(1)(f) of the GDPR.

WebFonts (local integration)
The fonts we are using on our website are integrated locally with us. There is no data transfer to external servers.

Social Media (YouTube, Facebook, Twitter)
Our website includes links to our social media profiles on YouTube, Facebook, and Twitter (X). These links are located in the footer of our website and direct you to our official channels on these platforms. Please note that these social media platforms have their own privacy practices, and we are not responsible for how they handle your data. We recommend reviewing their respective privacy policies for information on data processing.

Newsletter
If you subscribe to our newsletter, we collect your email address and possibly your name to regularly send you information and updates. The processing of your data is based on your consent according to Art. 6(1)(a) of the GDPR. Your data is exclusively used for sending the newsletter and will not be shared with third parties. You can unsubscribe from the newsletter at any time by clicking the corresponding unsubscribe link in each newsletter email.

Inquiries via Email or Phone
If you contact us via email or phone, your inquiry, including all resulting personal data (name, inquiry), will be stored and processed by us for the purpose of addressing your request. We do not share this data without your consent. The processing of this data is based on Art. 6(1)(b) of the GDPR, provided your inquiry is related to the fulfillment of a contract or necessary for pre-contractual measures. In all other cases, processing is based on your consent (Art. 6(1)(a) of the GDPR) and/or our legitimate interests (Art. 6(1)(f) of the GDPR) since we have a legitimate interest in effectively processing the inquiries directed to us.
The data you send us through contact inquiries will remain with us until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after completing the processing of your request). Mandatory legal provisions, especially retention periods, remain unaffected.

WhatsApp
We offer the option to communicate with us through WhatsApp for your convenience. When you choose to communicate with us via WhatsApp, please be aware that WhatsApp is owned by Facebook, Inc. WhatsApp has its own privacy policy that applies to your use of their service, and we recommend reviewing their privacy policy, which can be found here: https://www.whatsapp.com/legal/privacy-policy
Please note that by using WhatsApp to communicate with us, you are subject to WhatsApp's terms and conditions, and your data will be processed in accordance with WhatsApp's privacy policy. WhatsApp may collect and process personal data as described in their privacy policy. We may use WhatsApp to communicate with you, but we do not have control over the data processing practices of WhatsApp. The legal basis for processing your data when using WhatsApp is based on your consent to communicate with us through this channel, as well as our legitimate interests in providing customer support and responding to inquiries via WhatsApp, in accordance with Article 6(1)(a) and Article 6(1)(f) of the GDPR.
Please make sure you are comfortable with WhatsApp's terms and privacy practices before using it to communicate with us.

Security of your data / SSL encryption
In accordance with legal regulations, this site uses SSL encryption, recognizable by a lock symbol in the address bar of your browser. Transmitted data cannot be read by third parties if SSL encryption is activated.
This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed representation of the key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

User rights
You can request information about the personal data stored about you at any time and free of charge. Your rights also include a confirmation, correction, restriction, blocking and deletion of such data and the provision of a copy of the data in a form suitable for transmission, as well as the revocation of a given consent and the objection. Statutory retention requirements remain unaffected.
Your rights arise in particular from the following standards of the GDPR:
  • Article 7(3) – Right to withdraw consent under data protection law
  • Article 12 - Transparent information, communication and modalities for exercising the rights of the data subject
  • Article 13 - Obligation to provide information when collecting personal data from the data subject
  • Article 14 - Information to be provided when the personal data have not been collected from the data subject
  • Article 15 - Right of access of the data subject, right to confirmation and to be provided with a copy of the personal data
  • Article 16 – Right to rectification
  • Article 17 – Right to erasure (“right to be forgotten”)
  • Article 18 – Right to restriction of processing
  • Article 19 – Obligation to notify in relation to rectification or erasure of personal data or restriction of processing
  • Article 20 – Right to data portability
  • Article 21 – Right to object
  • Article 22 - Right not to be subject to a decision based solely on automated processing, including profiling
  • Article 77 – Right to lodge a complaint with a supervisory authority

To exercise your rights (with the exception of Art. 77 GDPR), please contact the office named under “Responsible within the meaning of the GDPR” (e.g. by email).

Supervisory authority:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg
Lautenschlagerstraße 20
70173 Stuttgart

Phone.: +49 (0) 711/615541-0
Fax: +49 (0) 711/615541-15
Email: poststelle@lfdi.bwl.de
Website: https://www.baden-wuerttemberg.datenschutz.de/