Directly from data subjects based on consent (web forms, e‑mail, telephone, personal contact, contract and similar legal actions).
Public registers (verification of basic identification of business partners, their business or similar authorisation).
Technical records (server and security logs generated when using the website).
Third parties based on the consent of data subjects – only if necessary (e.g., IT and security providers who inform us of security incidents or site visits).
