Data protection

Privacy Policy

Scope:
This privacy policy applies to the joint online presence of Spedition Wiedmann GmbH, Spedition Knecht GmbH, Mundinger Transport GmbH, and WIE GmbH.

1. Controller within the meaning of the GDPR

The person responsible for data processing on this website (joint online presence of the above-mentioned companies) is: Ass. jur. Thomas Weik
Zumhofer Str. 25
73635 Rudersberg (Hereinafter also referred to as “we” or “us”.)

2. General Information and Mandatory Disclosures

Data protection and purpose of this statement: Protecting your personal data is very important to us. We treat your personal data confidentially and in accordance with the statutory data protection regulations (in particular the GDPR and TTDSG) as well as this privacy policy.
Personal data is all information with which you can be personally identified. When you use our website, various personal data is collected. In this privacy policy, we explain which data we collect and what we use it for, as well as the purposes for which this happens.
We also inform you about your rights regarding your data and the measures we take to protect it. Technical and organizational measures: We use appropriate technical and organizational measures to protect your data against unauthorized access. In particular, we use SSL/TLS encryption. You recognize an encrypted connection by the fact that "https://" instead of "http://" appears in your browser’s address bar and a lock symbol is displayed. With SSL/TLS encryption activated, the data you transmit to us cannot be read by third parties.
However, please note that data transmission on the internet (e.g., when communicating by email) may have security vulnerabilities – complete protection of the data from third-party access is not possible.

Storage period
Unless a more specific storage period is specified in this privacy policy, your personal data will remain with us until the purpose for the data processing no longer applies. If you, for example, revoke your consent or request the deletion of your data for legitimate reasons, the relevant data will be deleted unless we have another legal basis for storing it (e.g., tax or commercial retention periods).
In the latter case, the data will be deleted after these legal grounds cease to apply.
Legal bases for processing
The processing of your personal data is only carried out on a legal basis. Specifically:
Consent (Art. 6(1)(a) GDPR): If you have given us your consent, we process your data on the basis of Art. 6(1)(a) GDPR. This applies in particular when we ask for your permission to store certain cookies or to retrieve information from your device (according to §25(1) TTDSG).
Consent is voluntary and can be revoked at any time with future effect.
If you have expressly consented to a transfer to third countries, processing may additionally take place on the basis of Art. 49(1)(a) GDPR.
Contract performance (Art. 6(1)(b) GDPR): If data processing is required for the performance of a contract with you or for pre-contractual measures (e.g., processing data from an enquiry aimed at contract conclusion), processing is based on this legal ground.
Legal obligation (Art. 6(1)(c) GDPR): If processing is required to comply with a legal obligation (e.g., storage of business documents), we process your data on the basis of Art. 6(1)(c) GDPR.
Legitimate interest (Art. 6(1)(f) GDPR): We also process data on the basis of our legitimate interest, provided your fundamental rights and freedoms do not override. A legitimate interest exists, e.g., in the secure, efficient provision of our online offering, handling inquiries, or for marketing/analytics purposes, as long as these do not disproportionately affect your interests.
If we process data on this basis, you as the data subject have the right to object for reasons arising from your particular situation (see below, your right to object).
You will be informed in detail about the relevant legal basis for each processing operation in this policy.
Data transfer to third parties and processors
No transfer without legal basis: We do not transfer your personal data to third parties unless: (1) you have consented, (2) the transfer is required for contract performance or pre-contractual measures, (3) we are legally obliged, or (4) the transfer is based on legitimate interests and is permissible within the framework of data protection law. Hosting and external service providers: Our website is hosted by an external service provider (host), who processes data on our behalf.
This includes, for example, technical data generated during website visits (see below, server log files), and, if applicable, data from the contact form. The host is used for contract fulfillment regarding our potential and existing customers (Art. 6(1)(b) GDPR) as well as on the basis of our legitimate interest in secure, fast, and efficient provision of our online offering (Art. 6(1)(f) GDPR).
Our host processes your data only according to our instructions and within the scope of a so-called data processing agreement (DPA) in accordance with Art. 28 GDPR.
This means the host does not use the data for its own purposes, but exclusively for the provision of the website and according to our specifications. The same applies to other service providers we use. For example, we have also concluded a DPA with Google for the use of Google Analytics.
see below).
Data transfer to third countries (especially the USA)
Our website also integrates tools from providers based in third countries (outside the EU/EEA) – specifically, services from companies in the USA (e.g., Google, Meta/Facebook). When these tools are active, personal data may be transmitted to servers in the USA or other insecure third countries and processed there.
We point out that in third countries such as the USA, a level of data protection equivalent to the EU cannot be guaranteed.
U.S. companies, for example, are legally obliged to hand over personal data to security authorities upon request, without you being able to take legal action against this.
It therefore cannot be ruled out that U.S. authorities (such as intelligence agencies) process, analyze, and permanently store your data stored in the USA for surveillance purposes.
We have no influence over such processing activities.
Wherever possible, we take measures to ensure an adequate level of data protection also for recipients in third countries. This is done, for example, by concluding the standard contractual clauses adopted by the EU Commission or by choosing service providers certified under a valid adequacy decision (such as the EU-US Data Privacy Framework). You will find details on this, if applicable, below in the explanations of the individual services.
Your rights as a data subject
As a data subject within the meaning of the GDPR, you have the following rights. You can exercise these rights at any time free of charge – for example, using the contact details given above for the controller. Specifically, you have the following rights:
Right of access (Art. 15 GDPR): You have the right to request information from us as to whether we process personal data concerning you. If this is the case, you can request information about this data – including a copy of the data – and information on the purposes of processing, the categories of data processed, the recipients, and the planned storage period.
Right to rectification (Art. 16 GDPR): You have the right to demand the immediate correction of incorrect personal data concerning you. You may also request the completion of incomplete data – also by means of a supplementary statement.
Right to erasure (Art. 17 GDPR): You can request the deletion of your personal data from us if the legal requirements are met. This right exists, in particular, if the purpose of the processing no longer applies, you have revoked a given consent, you have objected to processing based on legitimate interest, the data was unlawfully processed, or if deletion is required to comply with a legal obligation. Excluded are data that we must continue to retain for compliance with legal retention obligations or for the assertion, exercise, or defence of legal claims.

Right to restriction of processing (Art. 18 GDPR): You have the right, under certain conditions, to request the restriction of the processing of your personal data.
This means that, apart from storage, we will not process your data further for the time being (block it). The right to restriction exists, in particular, in the following cases:
(1) If you dispute the accuracy of the data stored by us, for the duration required for us to verify the accuracy; (2) If the processing was unlawful and you request restriction instead of deletion; (3) If we no longer need the data, but you require it for the establishment, exercise, or defence of legal claims; or (4) If you have objected to processing under Art. 21(1) GDPR and it is not yet clear whose interests prevail.
If processing is restricted, these data – apart from storage – may only be processed with your consent or for certain legally provided purposes (e.g., for legal claims).

Right to data portability (Art. 20 GDPR): You have the right to receive data you have provided to us and that we process automatically on the basis of your consent or for contract performance, in a common, machine-readable format.
At your request, and if technically feasible, we can also transfer these data directly to another controller.
.
Right to object (Art. 21 GDPR): If we process your data on the basis of Art. 6(1)(e) or (f) GDPR (public interest or legitimate interest), you have the right, at any time, to object to this processing for reasons arising from your particular situation.
If you object, we will no longer process your respective data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or the processing serves the assertion, exercise, or defence of legal claims.

Objection to direct marketing: If your personal data are processed by us for direct marketing purposes, you have the right to object at any time to processing for such advertising.
This also applies to profiling, insofar as it is associated with such direct marketing. If you object, we will no longer use your personal data for direct marketing purposes.
Withdrawal of your consent (Art. 7(3) GDPR): Many data processing operations are only permitted with your express consent. Any consent you have given can be withdrawn at any time.
An informal communication to us (e.g., by email) is sufficient for this. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal; i.e., all processing operations that occurred before the withdrawal remain legal.
Right to complain to the supervisory authority (Art. 77 GDPR): In case of violations of data protection law, you have the right, without prejudice to other remedies, to lodge a complaint with a data protection supervisory authority.
You can do this with the authority responsible for us or with the authority in the EU member state of your residence, workplace, or the place of alleged infringement. A list of German data protection supervisory authorities with contact details can be found on the website of the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
Right to judicial remedy: If your rights are infringed by our decisions or actions, you also have recourse to the courts. You have, for example, the right to judicial enforcement of your aforementioned rights or to damages if the legal requirements are met.
(Note: You can exercise your rights at any time by contacting us via the contact details provided in the imprint or above for the controller.) Objection to advertising emails: The contact data published as part of the imprint obligation must not be used for unsolicited advertising or information materials. We hereby object to the use of our contact data for advertising purposes and reserve the right to take legal action in the event of the unsolicited sending of advertising information (e.g., spam emails).

3. Data Collection on this Website

Server log files
When you visit our website purely for information purposes (i.e., if you do not register or otherwise transmit information), we automatically collect and store information that your browser transmits to our server in so-called server log files. These include in particular:
IP address of the requesting device,
Date and time of the server request,
Name and URL of the file accessed,
Amount of data transferred, message about successful retrieval,
Referrer URL (website from which you accessed us),
Browser used and, if applicable, the operating system of your device,
Name of your access provider (internet service provider).
This data is not combined with other data sources; the log data alone does not allow direct conclusions about your person. However, we reserve the right to subsequently check the log files if there are concrete indications of illegal use. Purposes: These data are collected to ensure the functionality and security of the website (e.g., defense against attempted attacks) and, where necessary, for technical analysis in the event of errors. In addition, the log data helps us optimize the website (e.g., by evaluating accesses for statistical purposes); no evaluation for marketing purposes takes place in this context.
Legal basis: The storage of the above-mentioned log data is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the technically error-free presentation and stability of our website – for this the server log files must be recorded.
Log data (especially the IP address) is also technically required to deliver the website to your device.
Storage period: The server log data is only stored for a limited period. IP addresses are anonymized or deleted by us at the latest after 7 days unless anomalies are detected that require longer storage for security reasons. Detailed log files with anonymized IP addresses may be kept for statistical purposes for longer.
Cookies
Our website uses so-called "cookies". Cookies are small text files that your browser stores on your device. Cookies do not cause any damage to your computer and do not contain viruses. Some of the cookies we use are technically necessary to enable certain functions of the website (e.g., correct page display or saving your cookie settings). These required cookies are generally set without prior consent based on our legitimate interest in the technically error-free provision of our service (Art. 6(1)(f) GDPR).
For example, if you make entries in a contact form, a session cookie may be necessary to ensure your inputs persist during your visit. Session cookies are automatically deleted after your visit; permanent cookies remain on your device until you delete them or a predefined period expires.
Other cookies are used to analyze user behavior or to personalize and optimize our offers for you (e.g., analytics cookies, marketing cookies). We only use such cookies and similar technologies (e.g., pixels or device fingerprinting) with your express consent.
On your first visit to our website, we ask for your consent to set non-essential cookies as part of a cookie banner (Art. 6(1)(a) GDPR in conjunction with §25(1) TTDSG).
You can withdraw this consent at any time via our cookie settings or by deleting the cookies in your browser with effect for the future. Note on settings: You can configure your browser to inform you about the setting of cookies and to allow cookies only in individual cases. You can also exclude the automatic storage of cookies altogether or block certain types of cookies. You can delete already stored cookies at any time. Please note, however, that without cookies the functionality of this website may be limited (especially for technically necessary cookies).
(For more information on specific cookies (e.g., from third parties such as Google), see below in the sections on the respective services.)
Contact form and inquiries
If you send us inquiries via a contact form on the website, the information you provide in the form (in particular name, email address, phone number – if provided – and message text) will be stored and processed by us.
We use this data exclusively to answer your request and for the associated technical administration.
The form data will not be passed on to third parties without your express consent.
We treat the information you enter in the contact form confidentially. Legal basis: The processing of the data entered into the contact form takes place – depending on the nature of your inquiry – on different legal grounds. If your inquiry is related to the initiation or performance of a contract (e.g., inquiry about our transport services, request for quotation), Art. 6(1)(b) GDPR is the legal basis.
In all other cases, we process inquiry data on the basis of our legitimate interest in effective communication with the inquirer (Art. 6(1)(f) GDPR).
This particularly includes responding to general questions or handling matters that are not aimed at concluding a contract. Storage period: The data you enter in the contact form remains with us until the purpose for data processing no longer applies (usually once your inquiry has been fully answered and no further communication is necessary). If there are statutory retention obligations (e.g., for business correspondence under commercial or tax law), the relevant data will be deleted at the latest after these periods have expired. If you wish for deletion before such a period expires, please let us know – we will then check whether any legal retention obligations prevent deletion. In the case of revocation of your consent (if processing was based on consent), we will delete the data immediately, provided there is no legal obligation to retain it. (Note: The above principles apply accordingly if you contact us by email, phone, or mail. In these cases, we also only process your information for the purpose of communication with you and on the legal bases mentioned.)

4. Facebook (Links and Social Plug-ins)

Facebook presence and linking: On our website, you may find links (icons or text links) to our company page on the social network Facebook (provider: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). Clicking the Facebook icon takes you to the external Facebook website. Only from that point are data transmitted directly to Facebook. If you only visit our site without clicking the Facebook link, no automatic data transfer to Facebook occurs. Please note that we have no control over which data Facebook collects once you click the link – further information can be found in Facebook's privacy policy (see there). Facebook social plug-ins: Apart from simple links, so-called social plug-ins of Facebook may also be used on our website (e.g., the "Like" button or a share button). You can recognize these plug-ins by the Facebook logo (white "f" on a blue tile, "thumbs up" symbol) or the notice "Facebook Social Plugin". We use a privacy-friendly solution in which the social plug-ins are initially deactivated by default and only activated with your consent. This means that when you merely visit our site, no data is initially transmitted to Facebook. Only when you activate a social plug-in (e.g., by clicking the "Like" button), your browser establishes a direct connection to Facebook’s servers.
The content of the plug-in (e.g., the display of the Like button) is then transmitted directly from Facebook to your browser and embedded into the website.
This gives Facebook the information that you have visited our site (your IP address is transmitted).
If you are logged into Facebook, Facebook can associate the visit to our website with your Facebook account.
If you interact with the plug-in (e.g., click "Like" or share a post), the relevant information is also transmitted directly to Facebook and stored there.
Even if you are not a Facebook member, Facebook may still collect and store at least your IP address.
According to Facebook, only an anonymized IP address is stored in Germany.
Purpose and scope of data processing: Integration of these Facebook functions serves to make our company more visible on Facebook and to facilitate sharing our content in social networks. We consider this a legitimate interest within the meaning of Art. 6(1)(f) GDPR (increasing awareness, public relations).
If we actively use social plug-ins, we will, however, first obtain your express consent, as cookies may be set or your device read when loading the plug-ins (Art. 6(1)(a) GDPR in conjunction with §25(1) TTDSG).
You can withdraw your consent at any time via our consent banner; without your consent, Facebook plug-ins will not be activated. Please note that as the website operator, we have no knowledge of the full extent of data processing by Facebook and Facebook processes this data according to its own data policy.
Further information can be found in Facebook’s data policy. The purpose and scope of data collection by Facebook as well as your rights and settings options for protecting your privacy can be found in Facebook’s privacy notices (at facebook.com/about/privacy or in the Facebook Help pages). Notes: If you are a Facebook member and do not want Facebook to collect data about you via our website and link it with your Facebook profile, please log out of Facebook before visiting our website and delete any existing Facebook cookies from your browser. You can also completely prevent the loading of Facebook plug-ins with add-ons for your browser (e.g., with script blockers). (Please note: The data processing described here via Facebook is jointly controlled by us and Facebook Ireland Ltd. For so-called Facebook fan pages, the ECJ has ruled on joint responsibility. We have concluded a corresponding agreement ("Page Insights Supplement") with Facebook. For details, please refer to the privacy notices on our Facebook page.) Data transfer to the USA: Technologies used by Facebook may transfer data to the USA. Facebook (Meta Platforms, Inc.) is certified under the EU-U.S. Data Privacy Framework (DPF), which means that the company is recognized as providing an adequate level of data protection. Alternatively, Facebook bases data transfers on standard contractual clauses. Nevertheless, we point out the issue of the US data protection level mentioned above, over which we have no influence.

5. Instagram (Links and Plug-ins)

Instagram presence and linking: On our website, we may also refer to our profiles on the social network Instagram (part of Meta Platforms/Facebook). The link is integrated in the form of the Instagram logo or a corresponding button. Clicking the Instagram symbol takes you to our Instagram page (operated by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland). As long as you do not click the link, no data is transmitted to Instagram/Meta. As soon as you access our Instagram page, Instagram processes your data on its own responsibility (see the Instagram/Facebook privacy policy). Instagram social plug-ins: Additionally, this website may integrate Instagram plug-ins (e.g., Instagram images or like buttons), which make it possible to display or like Instagram content directly on our site. These Instagram plug-ins are also provided by Meta Platforms Ireland Ltd. and are marked with an Instagram logo (e.g., camera symbol). Here, too, we use a "2-click solution" where possible, so the plug-ins do not load automatically but are only activated by your interaction. When activating an Instagram plug-in, your device establishes a direct connection to the servers of Facebook/Meta.
The content (e.g., an Instagram photo or like button) is sent from Facebook directly to your browser and embedded into our site.
We have no influence on the scope of the data collected by Facebook/Instagram.
To the best of our knowledge, Meta receives the same information as with Facebook plug-ins: your IP address, technical browser information, and the visit to the relevant page on our website.
If you are logged into Instagram, Meta can associate the visit with your Instagram user account.
Interaction with the plug-in (e.g., clicking the "heart" button, commenting) is transmitted directly to Facebook/Instagram and stored there.
Even if you are not a member of Instagram, Facebook may store your IP address
(in Germany, according to Facebook, only in anonymized form)
Purpose and legal basis: The integration of Instagram content on our website is intended to make our online presence more attractive and to give you insights into our activities (marketing/public relations). This is in our legitimate interest (Art. 6(1)(f) GDPR).
Since active Instagram plug-ins may set cookies or use similar tracking technologies, we will obtain your consent before activating them (Art. 6(1)(a) GDPR in conjunction with §25(1) TTDSG).
Without your consent, Instagram modules will not be loaded. Any consent given can be withdrawn at any time via our cookie/consent settings. The same information as above for Facebook applies to data processing by Instagram/Facebook: Meta processes the data according to its own privacy policies. Details can be found in Instagram's data policy. Notes: If you are an Instagram member and want to avoid Instagram collecting information about you via our website and linking it to your usage profile, please log out of Instagram before visiting our website and delete the corresponding cookies.
Through your Instagram account settings, you can also control to what extent Instagram uses your online behavior for advertising purposes.
Further opt-out options for various advertising networks are offered by, e.g., YourOnlineChoices
Data transfer to third countries: The use of Instagram plug-ins may include the transfer of user data to the USA. Meta Platforms Inc. (the US parent company of Instagram/Facebook) is certified under the EU-US Data Privacy Framework, which confirms an adequate level of protection. Alternatively, Meta bases international data transfers on standard contractual clauses. Nevertheless, the explanation above applies: There is potentially a lower level of data protection in the USA, and we have no influence over any possible access there.

6. Google Analytics

This website uses Google Analytics (in the currently data protection-compliant version Google Analytics 4), a web analysis service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter "Google"). Google Analytics allows us as website operators to analyze visitor behavior on our website and to obtain reports on website activity.
. In doing so, Google processes various usage data on our behalf.
This includes, for example: which pages are accessed, how long visitors stay on the page, which region they come from, which operating system and browser they use, etc.
Google Analytics may aggregate this data under a pseudonymous user ID and assign it to a pseudonymous user profile.
In addition, Google Analytics can, among other things, record mouse movements, scrolling, and clicks; Google also uses modeling approaches and artificial intelligence (machine learning) to analyze certain data trends.
Google Analytics uses technologies such as cookies or device fingerprinting to recognize returning visitors and analyze their user behavior.
The information collected by Google about your use of this website is usually transmitted to a server of Google in the USA and stored there.
We have activated IP anonymization (IP masking) on this website. This means that Google shortens your IP address within member states of the EU or EEA before transmitting it to the USA (the last digits are truncated/anonymized). Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. According to Google, the IP address transmitted by your browser will not be merged with other Google data. This is intended to preclude a direct personal reference. Data processing contract: We have concluded a data processing contract (DPA) with Google and fully comply with the strict requirements of the German data protection authorities when using Google Analytics.
Google processes the data exclusively on our behalf and in accordance with our instructions to evaluate website use and compile reports for us. Legal basis: The use of Google Analytics only takes place with your express consent (opt-in). The legal basis is Art. 6(1)(a) GDPR in conjunction with §25(1) TTDSG.
You can activate or deactivate Google Analytics via our cookie/consent banner. If you have not given consent, Google Analytics remains deactivated. You can revoke any consent granted at any time with effect for the future (e.g., via cookie settings). Data transfer to third countries: If Google Analytics transfers data to servers in the USA, we have concluded corresponding standard contractual clauses (SCC) with Google to ensure an adequate level of data protection.
Information can be found here: privacy.google.com/businesses/controllerterms/mccs 
According to its own statements, Google is also certified under the EU-US Data Privacy Framework. However, it cannot be ruled out that US authorities may access data stored by Google (see above, section on third country transfers). Storage period for Google Analytics: Google Analytics sets cookies with a validity of up to 2 years (standard: 2 years, to recognize returning visitors). The user and event data stored in Google Analytics (which are linked to cookies, user IDs, or advertising IDs) are set by us to be automatically deleted after 14 months.
Aggregated statistics that no longer allow any personal reference can in principle be stored by Google Analytics indefinitely. Objection to data collection: You can deactivate Google Analytics via our cookie settings by refusing or withdrawing your consent. In addition, Google itself offers a browser add-on to deactivate Google Analytics. When you install this, you prevent your usage data from being collected by Google Analytics on all websites. You can download the add-on here: tools.google.com/dlpage/gaoptout?hl=de 
Further information: Details on Google's handling of user data can be found in the Google Analytics privacy policy and Google's general privacy policy. (Note: Google Analytics does not collect directly personal data such as names or exact addresses, but mainly pseudonymized usage data. However, since court decisions in the EU, Analytics requires consent because, as a US company, Google may be subject to access by US authorities. We have therefore reacted accordingly above.)

7. Google Maps

Our website may use Google Maps, a map service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Maps allows us to display interactive maps directly on the website and, for example, conveniently show you our location or directions. Data processing when using Google Maps: When you access a page of our website that includes Google Maps, after your consent, content is loaded from Google. At a minimum, your IP address is transmitted to Google, since delivery of map data to your browser is not possible without the IP.
This information (and any additional data required by Google Maps) is usually transmitted to a Google server in the USA and stored there.
We have no influence over this data transfer.
If Google Maps is activated, Google may, for the correct display, load additional resources – for example, Google Web Fonts – whereby your browser connects to Google’s servers.
Furthermore, when using Maps, Google may set cookies and collect user behavior (e.g., clicks on the map, searching for places). Legal basis and purpose: The integration of Google Maps is in our interest to make our online offering attractive and to make the locations we provide on the website (our addresses, route planning) easy to find.
This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR.
If we request your consent (e.g., via a notice in the cookie banner or when calling up the map), processing takes place only on the basis of your consent (Art. 6(1)(a) GDPR in conjunction with §25(1) TTDSG).
Consent can be revoked at any time; use our cookie settings, for example, to deactivate Google Maps. Without your consent, Google Maps will not load and no data will be transferred to Google. Data transfer to third countries: By using Google Maps, data (in particular the IP address) may be transmitted to Google servers in the USA. Google is contractually obliged by so-called EU standard contractual clauses to maintain a level of data protection in accordance with EU law.
Information can be found here: privacy.google.com/businesses/gdprcontrollerterms/sccs 
In addition, Google LLC is certified under the EU-US Data Privacy Framework (adequacy decision by the EU Commission). Nevertheless, we point out possible remaining risks with US transfers (see above). Further information: Details on handling user data can be found in Google’s privacy policy:
You can find this at policies.google.com/privacy?hl=de. There you will also find information about settings to protect your privacy (e.g., through your Google account). (Note: If you do not agree with the future transfer of your data to Google in the context of using Google Maps, you can completely disable the web service Maps by disabling JavaScript in your browser. Google Maps and thus the map display on this website can then no longer be used.)...