Data privacy
General
As the operator of this website and as a company, we come into contact with your personal data. This concerns all data that reveals something about you and by which you can be identified. In this privacy policy, we would like to explain how, for what purpose and on which legal basis we process your data.
ResponÂsible for the data processing (“data controller”) on this website and in our company is:
cobicon GmbH
Hans-Bunte-StraĂźe 10
69123 Heidelberg
Deutschland
Phone: +49 6221 6516102
E‑mail: bernd.herz@cobicon.de
General inforÂmation
SSL or TLS encryption
When you enter your data on websites, place online orders or send e‑mails via the Internet, you must always be prepared for unautÂhoÂrized third parties to access your data. There is no complete protection against such access. However, we do our utmost to protect your data as best we can and to close security gaps as far as we can.
An important protection mechanism is the SSL or TLS encryption of our website, which ensures that data you transmit to us cannot be read by third parties. You can recognize the encryption by the lock icon in front of the Internet address entered in your browser and by the fact that our Internet address begins with https:// and not with http://.
Encrypted payment transacÂtions
Payment data, such as account or credit card numbers, require special protection. For this reason, payment transacÂtions made with the most common means of payment are carried out excluÂsively via an encrypted SSL or TLS connection.
How long do we store your data?
In some parts in this privacy policy, we inform you about how long we or the companies that process your data on our behalf will store your data. In the absence of such inforÂmation, we store your data until the purpose of the data processing no longer applies, you object to the data processing or you revoke your consent to the data processing.
In the event of an objection or revocation, we may however continue to process your data if at least one of the following condiÂtions applies:
- We have compelling legitimate grounds for contiÂnuing to process the data that override your interests, rights and freedoms (only applies in the case of an objection to data processing; if the objection is to direct marketing, we cannot provide legitimate grounds).
- The data processing is necessary to assert, exercise or defend legal claims (does not apply if your objection is directed against direct adverÂtising).
- We are required by law to retain your data.
In this case, we will delete your data as soon as the requirement(s) cease to apply.
Data transfer to the USA
On our website, we use tools from companies that transfer your data to the USA and store it there and, if necessary, process it further. The European Commission has adopted an adequacy decision for the EU-US data protection framework. The decision estabÂlishes that the US ensures an adequate level of protection for EU personal data transÂferred to US companies. This decision is based on new safeguards and measures put in place by the US to meet data protection requiÂreÂments. The adequacy decision includes, among other things, restricÂtions and safeguards on access to data by US intelÂliÂgence agencies. Binding safeguards were introÂduced to limit US intelÂliÂgence agencies’ access to what is necessary and proporÂtionate to protect national security. In addition, enhanced oversight of US intelÂliÂgence activities was estabÂlished to ensure that restricÂtions on surveilÂlance activities are respected. An independent redress mechanism has also been estabÂlished to handle and resolve complaints from European citizens about access to their data. The EU-US data protection framework thus allows European companies to transfer data to certified US companies without having to introduce additional data protection safeguards. A list of all certified companies can be found at the following link: https://www.dataprivacyframework.gov/s/participant-search.
A change in the European Commission’s decision cannot be ruled out.
Data protection officer
We have appointed a data protection officer for our company.
Aeonic Data GmbH
Dieter Dusdal
FranzöÂsische StraĂźe 47
10117 Berlin
E‑mail: datenschutz@cobicon.de
Your rights
Objection to data processing
IF IT’S STATED IN THIS PRIVACY STATEMENT THAT WE HAVE LEGITIMATE INTERESTS FOR THE PROCESSING OF YOUR DATA AND THAT THIS PROCESSING IS THEREFORE BASED ON ART. 6 PARA. 1 SENTENCE 1 LIT. F) GDPR, YOU HAVE THE RIGHT TO OBJECT IN ACCORDANCE WITH ART. 21 GDPR. THIS ALSO APPLIES TO PROFILING THAT IS CARRIED OUT ON THE BASIS OF THE AFOREÂMENÂTIONED PROVISION. THE PREREÂQUISITE IS THAT YOU STATE REASONS FOR THE OBJECTION THAT ARISE FROM YOUR PARTIÂCULAR SITUATION. NO REASONS ARE REQUIRED IF THE OBJECTION IS DIRECTED AGAINST THE USE OF YOUR DATA FOR DIRECT ADVERÂTISING.
THE CONSEÂQUENCE OF THE OBJECTION IS THAT WE MAY NO LONGER PROCESS YOUR DATA. THIS ONLY DOES NOT APPLY IF ONE OF THE FOLLOWING PREREÂQUISITS EXISTS:
- WE CAN DEMONSÂTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS.
- THE PROCESSING IS NECESSARY FOR ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.
THESE EXCEPÂTIONS DO NOT APPLY IF YOUR OBJECTION IS DIRECTED AGAINST THE USE OF YOUR DATA FOR DIRECT ADVERÂTISING OR TO PROFILING RELATED TO IT.
Other rights
Withdrawal of your consent to data processing
Many data processing operaÂtions are based on your consent. You can give this consent, for example, by ticking the approÂpriate box on online forms before you send the form, or by allowing the operation of certain cookies when you visit our website. You may revoke your consent at any time without giving reasons (Art. 7 (3) GDPR). From the time of revocation, we may then no longer process your data. The only exception: we are required by law to retain the data for a certain period of time. Such retention periods exist in partiÂcular in tax and commercial law.
Right to complain to the competent superÂvisory authority
If you believe that we are in breach of the General Data Protection Regulation (GDPR), you have the right to complain to a superÂvisory authority in accordance with Art. 77 GDPR. You may contact a superÂvisory authority in the Member State of your residence, place of work or the place where the alleged infrinÂgement took place. The right to complain exists alongside adminisÂtrative or judicial remedies.
Right to data portaÂbility
We must hand over data that we process automaÂtiÂcally on the basis of your consent or in fulfillment of a contract to you or a third party in a common machine-readable format if you request this. We can only transfer the data to another “data controller” if this is techniÂcally possible.
Right to inforÂmation, deletion, and correction of data
According to Art. 15 GDPR, you have the right to receive inforÂmation free of charge about which of your personal data we have stored, where the data came from, to whom we transmit the data and for what purpose it is stored. If the data is incorrect, you have a right to rectiÂfiÂcation (Art. 16 GDPR), and under the condiÂtions of Art. 17 GDPR you may demand that we delete the data.
Right to restriction of processing
In certain situaÂtions, according to Art. 18 GDPR, you may demand that we restrict the processing of your data. The data may then — apart from storage — only be processed as follows:
- with your consent
- for the assertion, exercise or defense of legal claims
- to protect the rights of another natural or legal person
- for reasons of important public interest of the European Union or a Member State.
The right to restrict processing exists in the following situaÂtions:
- You have disputed the accuracy of your personal data stored by us and we need time to verify this. The right exists for the duration of the review.
- The processing of your personal data is unlawful or was unlawful in the past. The right exists alterÂnaÂtively to the deletion of the data.
- We no longer need your personal data, but you need it to exercise, defend or assert legal claims. The right exists alterÂnaÂtively to the deletion of the data.
- You have filed an objection pursuant to Art. 21 (1) GDPR and now your interests and our interests must be weighed against each other. The right exists as long as the result of the balancing of interests has not yet been deterÂmined.
Hosting and Content Delivery Networks (CDN)
External hosting
Our website is hosted on a server of the following Internet service provider (hoster):
RAIDBOXES GmbH
Hafenstr. 32
48151 MĂĽnster, Germany
Has a data processing agreement been concluded with the hoster or are standard contractual clauses (SCC) in place?
Yes
How do we process your data?
The hoster stores all the data from our website. This includes all personal data that is collected automaÂtiÂcally or through entering. This can be in partiÂcular: Your IP address, pages accessed, names, contact details and requests, as well as meta and commuÂniÂcation data. When processing data, our hoster adheres to our instrucÂtions and always processes the data only insofar as this is necessary to fulfill the service obligation to us.
On what legal basis do we process your data?
Since we address potential customers via our website and maintain contacts with existing customers, the data processing by our hoster serves to initiate and fulfill contracts and is therefore based on Art. 6 (1) lit. b) GDPR. In addition, it is our legitimate interest as a company to provide a profesÂsional Internet offering that meets the necessary requiÂreÂments for security, speed and efficiency. In this respect, we also process your data on the legal basis of Art. 6 (1) lit. f) GDPR.
Data collection on this website
Use of cookies
Our website places cookies on your device. These are small text files that are used for various purposes. Some cookies are techniÂcally necessary for the website to function at all (necessary cookies). Others are needed to perform certain actions or functions on the site (functional cookies). For example, without cookies it would not be possible to take advantage of a shopping cart in an online store. Still other cookies are used to analyze user behavior or to optimize adverÂtising measures. If we use third-party services on our website, for example to process payment transacÂtions, these companies may also leave cookies on your device when you access the website (so-called third-party cookies).
How do we process your data?
Session cookies are only stored on your device for the duration of a session. As soon as you close the browser, they therefore disappear by themselves. Permanent cookies, on the other hand, remain on your device unless you delete them yourself. This can, for example, lead to your user behavior being permaÂnently analyzed. You can use the settings in your browser to influence how it handles cookies:
- Do you want to be informed when cookies are set?
- Do you want to exclude cookies in general or for certain cases?
- Do you want cookies to be deleted automaÂtiÂcally when you close the browser?
If you disable or do not allow cookies, the functionÂality of the website may be limited.
If we use cookies from other companies or for analysis purposes, we will inform you about this as part of this privacy policy. We also request your consent in this regard when you access our website.
On what legal basis do we process your data?
We have a legitimate interest in ensuring that our online offers can be used by visitors without technical problems and that all desired functions are available to them. The storage of necessary and functional cookies on your device therefore takes place on the legal basis of Art. 6 (1) lit. f) GDPR. We use all other cookies on the legal basis of Art. 6 (1) lit. a) GDPR, provided you give us your consent. You can revoke this at any time with effect for the future. If you have consented to the placement of necessary and functional cookies when requesting consent, these cookies will also be stored excluÂsively on the basis of your consent.
Cookie consent with Borlabs Cookie
What is Borlabs Cookie?
Cookie plugin for compliance with the DSGVO and ePrivacy.
Who processes your data?
Only us, not the provider of Borlabs Cookie.
Where can you find more inforÂmation about data protection at Borlabs Cookie?
https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/
How do we process your data?
We use Borlabs Cookie to obtain your consent to store cookies on your device. When you visit our website and close the Borlabs Cookie window requesting consent, a Borlabs cookie with the following content is stored in your browser:
- cookie runtime
- cookie version
- domain and path of the website
- consents
- a randomly generated ID
This data is not transÂmitted to the provider of Borlabs Cookie.
We store the data until the purpose of the data storage no longer applies, you delete the Borlabs cookie or request us to delete the data. This does not apply only if we are required by law to retain the data.
On what legal basis do we process your data?
We are legally obliged to obtain the consent of our website visitors for the use of certain cookies. In order to fulfill this obligation, we use Borlabs Cookie. The legal basis for data processing is therefore Art. 6 (1) lit. c) GDPR.
Server log files
Server log files log all requests and accesses to our website and record error messages. They also include personal data, in partiÂcular your IP address. However, this is anonyÂmized by the provider after a short time, so that we cannot assign the data to your person. The data is automaÂtiÂcally transÂmitted to our provider by your browser.
How do we process your data?
Our provider stores the server log files in order to be able to track the activities on our website and to locate errors. The files contain the following data:
- browser type and version
- operating system used
- referrer URL
- host name of the accessing computer
- Time of the server request
- IP address (anonyÂmized if necessary)
We do not combine this data with other data but use it only for statisÂtical analysis and to improve our website.
On what legal basis do we process your data?
We have a legitimate interest in ensuring that our website runs without errors. It is also our legitimate interest to obtain an anonyÂmized overview of the accesses to our website. Therefore, the data processing is lawful according to Art. 6 (1) lit. f) GDPR.
Contact form
You can send us a message via the contact form on this website.
How do we process your data?
We store your message and the inforÂmation from the form in order to process your request including follow-up questions. This also applies to the contact details provided. We do not pass on the data to other persons without your consent.
How long do we store your data?
We delete your data as soon as one of the following occurs:
- Your request has been concluÂsively processed.
- You request us to delete the data.
- You revoke your consent to the storage.
This does not apply only if we are required by law to retain the data.
On what legal basis do we process your data?
If your request is related to our contractual relatiÂonship or serves the impleÂmenÂtation of pre-contractual measures, we process your data on the legal basis of Art. 6 (1) lit. b) GDPR. In all other cases, it is our legitimate interest to effecÂtively process requests directed to us. The legal basis for data processing is therefore Art. 6 (1) lit. f) GDPR. If you have consented to the storage of your data, Art. 6 (1) lit. a) GDPR is the legal basis. In this case, you can revoke your consent at any time with effect for the future.
Inquiry by e‑mail, telephone or fax
You can send us a message by e‑mail or fax or call us.
How do we process your data?
We store your message as well as your self-made contact details or the transÂmitted telephone number in order to be able to process your inquiry including follow-up questions. We do not pass on the data to other persons without your consent.
How long do we store your data?
We delete your data as soon as one of the following occurs:
- Your inquiry has been concluÂsively processed.
- You request us to delete the data.
- You revoke your consent to the storage.
This does not apply only if we are required by law to retain the data.
On what legal basis do we process your data?
If your request is related to our contractual relatiÂonship or serves the impleÂmenÂtation of pre-contractual measures, we process your data on the legal basis of Art. 6 (1) lit. b) GDPR. In all other cases, it is our legitimate interest to effecÂtively process requests directed to us. The legal basis for data processing is therefore Art. 6 (1) lit. f) GDPR. If you have consented to the storage of your data, Art. 6 (1) lit. a) GDPR is the legal basis. In this case, you can revoke your consent at any time with effect for the future.
TypeForm
What is TypeForm?
Form tool for collecting customer inquiries and other data.
Who processes your data?
TYPEFORM S.L., Carrer Bac de Roda, 163, 08018 Barcelona, Spain
Where can you find more inforÂmation about data protection at TypeForm?
https://admin.typeform.com/to/dwk6gt
How do we process your data?
Using TypeForm, online forms can be created and embedded on our website. The data you enter will be stored on Typeform’s servers until you request us to delete it, revoke any consent you have given to store it, or until the purpose for storing the data no longer applies. Mandatory legal proviÂsions remain unaffected.
On what legal basis do we process your data?
We have a legitimate interest in functioning customer forms. The basis for data processing is therefore Art. 6 (1) lit. f) GDPR. If you have consented to data processing, we process your data excluÂsively on the basis of Art. 6 (1) lit. a) GDPR. You can revoke your consent at any time with effect for the future.
Analysis tools and adverÂtising
We use the following tools to analyze the behavior of our website visitors and show you adverÂtiÂseÂments.
Google Tag Manager
What is Google Tag Manager?
Tag management system for the integration of tracking codes and conversion pixels of Google Ireland. Ltd.
Who processes your data?
Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland
Where can you find more inforÂmation about data protection at Google Tag Manager?
https://policies.google.com/privacy
On what legal basis do we transfer your data to the USA?
On the basis of the European Commission’s adequacy decision and the company’s correÂsponding certiÂfiÂcation.
How do we process your data?
We use the Google Tag Manager. The tool helps us to integrate tracking codes and conversion pixels into our website, manage them and play them out. Google Tag Manager does not create user profiles itself, does not place cookies on your device, and does not analyze your behavior as a user. It does, however, record your IP address and transmit it to Google servers in the USA.
On what legal basis do we process your data?
We have a legitimate interest in a quick and uncomÂpliÂcated integration and management of various tools on our website. The use of Google Tag Manager is therefore lawful according to Art. 6 (1) lit. f) GDPR. If you have consented to the transfer of your IP address, we process your data excluÂsively on the basis of Art. 6 (1) lit. a) GDPR. You can revoke your consent at any time with effect for the future.
Google Analytics
What is Google Analytics?
Tool for analyzing user behavior of Google Ireland Ltd.
Who processes your data?
Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland.
Has a data processing agreement been concluded with Google Analytics?
Yes
Where can you find more inforÂmation about Google Analytics data protection?
https://support.google.com/analytics/answer/6004245?hl=en
On what legal basis do we transfer your data to the USA?
On the basis of the European Commission’s adequacy decision and the company’s correÂsponding certiÂfiÂcation.
How can you prevent data collection?
Among other things, with a browser plugin: https://tools.google.com/dlpage/gaoptout?hl=en
How do we process your data?
We are always interested in optimizing our web offer for visitors to our website and placing adverÂtiÂseÂments in the best possible way. We are helped in this by Google Analytics, a tool that analyzes the behavior of users and thus provides us with the necessary database for adjusÂtÂments. Through the tool, we receive inforÂmation about the origin of our visitors, their page views and the time they spend on the pages, as well as the operating system they use.
Standard processing
To collect the data, Google Analytics uses cookies, device fingerÂprinting or other user recognition technoÂlogies. The data is transÂmitted to Google servers in the USA and, with the help of the IP address that is also collected, summaÂrized in a profile that can be assigned to you or your device.
You can prevent Google from processing your data by installing a browser plugin that Google itself provides: https://tools.google.com/dlpage/gaoptout?hl=de.
IP anonyÂmization
We have activated the “IP anonyÂmization” function within Google Analytics. For you, this means that Google truncates your IP address (from the EU or EEA) before transÂmitting it to the USA. Only in excepÂtional cases does Google transmit the full IP address to servers in the USA and only shorten it there.
How long do we store your data?
According to its own inforÂmation, Google deletes or anonyÂmizes data stored at user and event level that is linked to cookies, user identiÂfiers (e.g. user IDs) or adverÂtising IDs after 14 months (cf. https://support.google.com/analytics/answer/7667196?hl=de).
On what legal basis do we process your data?
As a website operator, we have a legitimate interest in analyzing user behavior for the purpose of optimizing our website and the adverÂtising placed there. The data processing is therefore lawful according to Art. 6 (1) lit. f) GDPR. In the event that you have consented, for example, to the storage of cookies or have otherwise consented to data processing by Google Analytics, only Art. 6 (1) lit. a) GDPR is the legal basis. You can revoke your consent at any time with effect for the future.
Metricool
What is Metricool?
Tool for analyzing user behavior
Who processes your data?
METRICOOL SOFTWARE, SL, Calle TĂ©llez, Nr. 12, EntreÂplanta H, 28007, Madrid, Spain
Where can you find more inforÂmation about data protection at Metricool?
https://metricool.com/de/datenschutzrichtlinie/
How do we process your data?
We are always interested in optimizing our web offering for users and placing adverÂtising in the best possible way. We are helped in this by Metricool, a tool that analyzes user behavior and thus provides us with the necessary database for adjusÂtÂments. Metricool only sets analysis and optimization cookies if you have given your prior consent. In this case, the tool performs a statisÂtical reach analysis of our website and a perforÂmance measuÂrement of our online marketing measures. It also enables test proceÂdures, e.g. to test and optimize different versions of our online offer or its components. The cookies from Metricool do not contain any inforÂmation by which you can be identified, and if they do, they are anonyÂmized or pseudÂonyÂmized as soon as possible.
On what legal basis do we process your data?
As a website operator, we have a legitimate interest in the anonyÂmized analysis of user behavior for the purpose of optimizing our website and the adverÂtising placed there. The data processing is therefore lawful according to Art. 6 (1) lit. f) GDPR. In the event that you have, for example, consented to the storage of cookies or otherwise consented to data processing by Metricool, the legal basis is excluÂsively Art. 6 (1) lit. a) GDPR. You can revoke your consent at any time with effect for the future.
Google Ads
What is Google Ads?
Online adverÂtising program of Google Ireland Ltd.
Who processes your data?
Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland.
Has a data processing agreement been concluded with Google Ads?
Yes
Where can you find more inforÂmation about data protection at Google Ads?
https://policies.google.com/privacy?hl=en&gl=en
On what legal basis do we transfer your data to the USA?
On the basis of the European Commission’s adequacy decision and the company’s correÂsponding certiÂfiÂcation.
How do we process your data?
We use Google Ads. Google’s adverÂtising program enables us to play adverÂtiÂseÂments in the Google search engine or on third-party websites when visitors to our website enter certain search terms on Google (keyword targeting). Furthermore, we can place targeted adverÂtiÂseÂments based on the user data available at Google (e.g. location data and interests) (target group targeting). We evaluate the collected data quantiÂtaÂtively by analyzing, for example, which search terms led to the playout of our ads and how many ads resulted in correÂsponding clicks.
On what legal basis do we process your data?
As a website operator, we have a legitimate interest in the placement and evaluation of adverÂtiÂseÂments. The data processing is therefore lawful according to Art. 6 para. 1 lit. f) DSGVO. In the event that you have consented, for example, to the storage of cookies or have otherwise consented to data processing by Google, only Art. 6 (1) a) DSGVO is the legal basis. You can revoke your consent at any time with effect for the future.
Google Conversion Tracking
What is Google Conversion Tracking?
Tool for analyzing user behavior provided by Google Ireland Ltd.
Who processes your data?
Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland.
Has a data processing agreement been concluded with Google Conversion Tracking?
Yes
Where can you find more inforÂmation about data protection at Google Conversion Tracking?
https://www.google.de/intl/de/policies/privacy/
On what legal basis do we transfer your data to the USA?
On the basis of the European Commission’s adequacy decision and the company’s correÂsponding certiÂfiÂcation.
How do we process your data?
We are always interested in optimizing our web offering for users and placing adverÂtising in the best possible way. For this purpose, we also use Google’s conversion tracking. With its help, we can record whether and how often visitors clicked on certain buttons on our website and which products were viewed and purchased partiÂcuÂlarly frequently (conversion statistics) . In the course of data collection and storage, we do not receive any inforÂmation with which we can persoÂnally identify individual visitors. Google itself uses cookies or compaÂrable recognition technoÂlogies for identiÂfiÂcation.
On what legal basis do we process your data?
As a website operator, we have a legitimate interest in analyzing user behavior for the purpose of optimizing our website and the adverÂtising placed there. The data processing is therefore lawful according to Art. 6 para. 1 lit. f) GDPR. In the event that you have consented, for example, to the storage of cookies or have otherwise consented to data processing by Google Conversion Tracking, only Art. 6 (1) lit. a) GDPR is the legal basis. You can revoke your consent at any time with effect for the future.
Facebook Pixel
What is Facebook Pixel?
Tool for analyzing user behavior that measures the effecÂtiÂveness of adverÂtising on Facebook.
Who processes your data?
Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland.
Where can you find more inforÂmation about data protection at Facebook Pixel?
https://de-de.facebook.com/about/privacy/
On what legal basis do we transfer your data to the USA?
On the basis of the European Commission’s adequacy decision and the company’s correÂsponding certiÂfiÂcation.
How can you prevent data processing?
If you have a Facebook account: Deactivate the “Custom Audiences” remarÂketing function in the Ad Settings section (https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen).
If you do not have a Facebook account: Disable usage-based adverÂtising from Facebook on the European InterÂactive Digital AdverÂtising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.
How do we process your data?
We use the Facebook Pixel on our website. The analytics tool helps us learn more about the behavior of visitors to our website after they click on one of our ads on Facebook. This allows us to measure how effective our Facebook ads are and align future adverÂtising efforts with the insights we gain. The data that Facebook collects via the pixel is anonymous to us as the operator of this website. So we cannot identify you as a visitor. However, the data is stored and processed by Facebook. Thus, Facebook estabÂlishes a connection to your Facebook account via the pixel and, in addition, uses the data to place adverÂtiÂseÂments itself within and outside the network (cf. Facebook Data Use Policy). In the course of storage and processing, Facebook also transmits the data to the USA and other third countries.
If you have a Facebook account, you can deactivate the “Custom Audiences” remarÂketing function in this account in the AdverÂtising Settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.
If you do not have a Facebook account, it is possible to deactivate usage-based adverÂtising from Facebook on the website of the European InterÂactive Digital AdverÂtising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.
On what legal basis do we process your data?
As a website operator, we have a legitimate interest in effective adverÂtising measures on social networks. The data processing is therefore lawful according to Art. 6 (1) lit. f) GDPR. In the event that you have consented, for example, to the storage of cookies or have otherwise consented to data processing by Facebook, only Art. 6 (1) lit. a) GDPR is the legal basis. You can revoke your consent at any time with effect for the future.
Google Fonts (local hosting)
We use fonts from the US company Google on our website. We have installed the fonts locally, so there is no connection to Google’s servers when you visit our website.
For more inforÂmation about Google Fonts, please visit https://developers.google.com/fonts/faq and read Google’s privacy policy: https://policies.google.com/privacy?hl=de.
Audio and video confeÂrences
As a company we are in contact with many people: Customers, business partners, service providers, etc. In doing so, we also use so-called online confeÂrencing tools for the exchange, in addition to other means of commuÂniÂcation. InforÂmation relevant to data protection law on the provider(s) of the tools we use can be found at the end of this section. If you commuÂnicate with us via such a tool, not only we, but in partiÂcular the provider of the respective tool, process your personal data.
How do we process your data?
Online confeÂrence tools collect and store various personal data in order to enable partiÂciÂpation in an online confeÂrence and its smooth execution. In addition to regisÂtration, confeÂrence and technical data, this also concerns certain commuÂniÂcation content.
- RegisÂtration data: Your email address and/or phone number and, if appliÂcable, other data you provide when regisÂtering for the confeÂrence.
- ConfeÂrence data: The start, end as well as duration of your partiÂciÂpation in the confeÂrence, the number of partiÂciÂpants and other metadata about the confeÂrence.
- Technical data: IP address, MAC address, device ID, device type, operating system and version, client version, camera type, microÂphone or speaker, and connection type.
- CommuÂniÂcation content: Cloud recorÂdings, chat/instant messages, voiceÂmails uploaded photos and videos, files, whiteÂboards and other inforÂmation shared while using the service.
For details on data processing, please refer to the privacy policy of the respective confeÂrencing tool provider.
How long do we store your data?
As your commuÂniÂcation partner, we delete your data on our systems as soon as one of the following occurs:
- The purpose of the data processing no longer applies.
- You request us to delete the data.
- You revoke your consent to the storage.
This does not apply only if we are required by law to retain the data.
Cookies remain on your terminal device until you delete them.
ConfeÂrence tool providers also store your data for their own purposes. Please ask the providers directly what this means for the duration of the storage of your data.
On what legal basis do we process your data?
If we are already contracÂtually connected or if you would like to conclude a contract with us, we use confeÂrence tools to fulfill the contract or to inform you about our services or products. In this respect, the data processing takes place on the basis of Art. 6 (1) lit. b) GDPR. Otherwise, the use of confeÂrencing tools serves the purpose of simple and quick commuÂniÂcation, without which we would not be able to run our business efficiÂently. We therefore also have a legitimate interest in data processing pursuant to Art. 6 (1) lit. f) GDPR. Another legal basis may be your consent. Relevant in this case is Art. 6 (1) lit. a) GDPR. This basis ceases to apply for the future if you revoke your consent.
Which online confeÂrence tools do we use?
Microsoft Teams
What is Microsoft Teams?
CommuÂniÂcation platform for collaÂboÂration in teams
Who processes your data?
Microsoft Corp., One Microsoft Way, Redmond, WA 98052–6399, USA
Has a data processing agreement been concluded with Microsoft Teams?
Yes
Where can you find more inforÂmation about data protection at Microsoft Teams?
https://privacy.microsoft.com/de-de/privacystatement
On what legal basis do we transfer your data to the USA?
On the basis of the European Commission’s adequacy decision and the company’s correÂsponding certiÂfiÂcation.
Own services / Other
Handling of applicant data
If you would like to work for us, we will be happy to receive your appliÂcation. We treat all personal data submitted as strictly confiÂdential. This also applies to data that we collect later in the course of the appliÂcation process.
How do we process your data?
We store and use all data that we collect as part of the appliÂcation process to the extent that this is necessary to decide whether to establish an employment relatiÂonship. In addition to contact and commuÂniÂcation data and appliÂcation documents, this also applies, for example, to notes that we take during interÂviews. We only pass on your data within our company to persons who are involved in processing your appliÂcation.
If your appliÂcation is successful, we will store the data required to carry out the employment relatiÂonship in our data processing systems.
If we are currently unable to offer you a suitable position, we will be happy to include your data in our applicant pool with your consent. This gives us the opporÂtunity to contact you if a position becomes available that fits your profile..
How long do we store your data?
If we are unable to make you a job offer, you decline a job offer or withdraw your appliÂcation, we reserve the right to keep your documents and other appliÂcation data for up to 6 months after the appliÂcation process has ended. The reason is that we may need the data for evidence purposes in the event of a legal dispute. After this period, we delete the data and destroy the documents. If a legal dispute is actually imminent or already pending, we delete the data and documents if they are no longer required for evidenÂtiary purposes.
We delete data in the applicant pool no later than 2 years after consent has been given. If you revoke your consent before this period expires, we will delete it sooner.
The deletion of your data is always subject to the condition that we are not legally obliged to keep it longer.
On what legal basis do we process your data?
We process your applicant data on the basis of Section 26 BDSG-neu (initiation of an employment relatiÂonship) and Article 6 (1) lit. b) GDPR (general contract initiation).
The same applies if your appliÂcation is successful.
If we are unable to make you a job offer, you reject a job offer or withdraw your appliÂcation, we have a legitimate interest in using your data for evidenÂtiary purposes in any legal dispute. The data processing is therefore based on Art. 6 (1) lit. f) GDPR.
If you have expressly consented to the storage of your data, we process your data on the basis of Art. 6 (1) lit. a) GDPR. You can revoke your consent at any time with effect for the future.
Data processing on social media
What is Social Media?
By social media, we mean the social networks on which we have created publicly accesÂsible profiles. You can read below which social networks these are speciÂfiÂcally.
Who processes your data?
The respective operating companies of the social networks. You can find the individual operators below under the respective networks.
How is your data processed?
The operators of social networks are generally able to collect and evaluate compreÂhensive data about the behavior of visitors and users of the network. It is not possible for us to track all processing operaÂtions on the social networks we use, which is why further processing operaÂtions not listed here may be carried out by the operators of the social networks. You can find more inforÂmation on this in the terms of use and privacy stateÂments of the respective social networks.
The processing of your data can be triggered by you visiting the website of the social network or our profile page there. Even if you visit a website that uses certain content of the network, e.g. like or share buttons, data may already be transÂmitted to the operators of the social network. If you yourself are a user of the social network and logged into your user account, your visit to our profile page can be assigned to your account by the operator of the social network. Even if you yourself have not regisÂtered a user account or are not logged in, the operator of the network may still collect your personal data, e.g. by recording your IP address or setting cookies. With this data, the operators can create user profiles adapted to your behavior and interests and show you interest-based adverÂtising inside and outside the network. If you are a regisÂtered user of the network, the interest-based adverÂtising may also be displayed on all devices on which you are or were logged in.
On what legal basis is your data processed?
Our profiles in the social networks are intended to ensure the broadest possible presence of our company on the Internet. As a company, we have a legitimate interest in this. The data processing is therefore lawful according to Art. 6 (1) lit. f) GDPR.
The data processing operaÂtions and analyses carried out by the operators of the social networks themselves may be based on other legal grounds. These must be stated by the operators of the social networks.
Who is responÂsible for the processing of your data and how can you assert your rights?
If you visit one of our profiles on the social networks, we are jointly responÂsible with the operator of the respective network for the data processing operaÂtions triggered during this visit. In principle, you can assert your rights both against us and against the operator of the respective network.
Despite the joint responÂsiÂbility with the operators of the social networks, however, our influence on the data processing operaÂtions of the respective operator is limited and is primarily based on the operator’s speciÂfiÂcaÂtions.
How long is your data stored?
If we collect data via our profiles in the social networks, these are deleted from our systems as soon as the purpose for storing them no longer applies, you request us to delete them or you revoke your consent to storage. Stored cookies remain on your terminal device until you delete them. Mandatory legal proviÂsions — in partiÂcular retention periods — remain unaffected.
We have no influence on how long the operators of the social networks store your data, which the operators collect for their own purposes. You can obtain inforÂmation on this directly from the operator of the respective social network, e.g. in the respective privacy policy.
Which social media do we use?
What is Facebook?
A social network
Who processes your data?
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
Is your data transÂferred to third countries?
Yes, to the U.S. and also to other third countries.
Where can you find more inforÂmation about data protection at Facebook?
https://www.facebook.com/about/privacy/
As a Facebook user, where can you adjust your adverÂtising prefeÂrences?
As a regisÂtered Facebook user, you can adjust your adverÂtising settings in your user account. To do so, click on the following link and log in:
What is Instagram?
A social network speciaÂlizing in photos and videos.
Who processes your data?
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland
Is your data transÂferred to third countries?
Yes
Where can you find more inforÂmation about data protection at Instagram?
https://help.instagram.com/519522125107875/?helpref=hc_fnav&bc[0]=Instagram-Hilfebereich&bc[1]=Richtlinien%20und%20Meldungen
As a user, where can you adjust your privacy settings?
As a regisÂtered Instagram user, you can adjust your privacy settings in your user account. To do so, click the following link and log in:
https://www.instagram.com/accounts/privacy_and_security/
What is LinkedIn?
A social network for business contacts
Who processes your data?
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Is your data transÂferred to third countries?
Yes
Where can you find more inforÂmation about data protection at LinkedIn?
https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy
As a user, where can you adjust your privacy settings?
As a regisÂtered LinkedIn user, you can adjust your privacy settings in your user account. To do so, click on the following link and log in: