Защита данных (Privacy Policy)

1. An overview of data protection

General information

The fol­low­ing infor­ma­tion will pro­vide you with an easy to nav­i­gate overview of what will hap­pen with your per­son­al data when you vis­it this web­site. The term “per­son­al data” com­pris­es all data that can be used to per­son­al­ly iden­ti­fy you. For detailed infor­ma­tion about the sub­ject mat­ter of data pro­tec­tion, please con­sult our Data Pro­tec­tion Dec­la­ra­tion, which we have includ­ed beneath this copy.

Data recording on this website

Who is the respon­si­ble par­ty for the record­ing of data on this web­site (i.e. the “con­troller”)?

The data on this web­site is processed by the oper­a­tor of the web­site, whose con­tact infor­ma­tion is avail­able under sec­tion “Infor­ma­tion Required by Law” on this website.

How do we record your data?

We col­lect your data as a result of your shar­ing of your data with us. This may, for instance be infor­ma­tion you enter into our con­tact form.

Oth­er data shall be record­ed by our IT sys­tems auto­mat­i­cal­ly or after you con­sent to its record­ing dur­ing your web­site vis­it. This data com­pris­es pri­mar­i­ly tech­ni­cal infor­ma­tion (e.g. web brows­er, oper­at­ing sys­tem or time the site was accessed). This infor­ma­tion is record­ed auto­mat­i­cal­ly when you access this website.

What are the pur­pos­es we use your data for?

A por­tion of the infor­ma­tion is gen­er­at­ed to guar­an­tee the error free pro­vi­sion of the web­site. Oth­er data may be used to ana­lyze your user patterns.

What rights do you have as far as your infor­ma­tion is concerned?

You have the right to receive infor­ma­tion about the source, recip­i­ents and pur­pos­es of your archived per­son­al data at any time with­out hav­ing to pay a fee for such dis­clo­sures. You also have the right to demand that your data are rec­ti­fied or erad­i­cat­ed. If you have con­sent­ed to data pro­cess­ing, you have the option to revoke this con­sent at any time, which shall affect all future data pro­cess­ing. More­over, you have the right to demand that the pro­cess­ing of your data be restrict­ed under cer­tain cir­cum­stances. Fur­ther­more, you have the right to log a com­plaint with the com­pe­tent super­vis­ing agency.

Please do not hes­i­tate to con­tact us at any time under the address dis­closed in sec­tion “Infor­ma­tion Required by Law” on this web­site if you have ques­tions about this or any oth­er data pro­tec­tion relat­ed issues.

Analysis tools and tools provided by third parties

There is a pos­si­bil­i­ty that your brows­ing pat­terns will be sta­tis­ti­cal­ly ana­lyzed when your vis­it this web­site. Such analy­ses are per­formed pri­mar­i­ly with what we refer to as analy­sis programs.

For detailed infor­ma­tion about these analy­sis pro­grams please con­sult our Data Pro­tec­tion Dec­la­ra­tion below.

2. Hosting and Content Delivery Networks (CDN)

External Hosting

This web­site is host­ed by an exter­nal ser­vice provider (host). Per­son­al data col­lect­ed on this web­site are stored on the servers of the host. These may include, but are not lim­it­ed to, IP address­es, con­tact requests, meta­da­ta and com­mu­ni­ca­tions, con­tract infor­ma­tion, con­tact infor­ma­tion, names, web page access, and oth­er data gen­er­at­ed through a web site.

The host is used for the pur­pose of ful­fill­ing the con­tract with our poten­tial and exist­ing cus­tomers (Art. 6 para. 1 lit. b GDPR) and in the inter­est of secure, fast and effi­cient pro­vi­sion of our online ser­vices by a pro­fes­sion­al provider (Art. 6 para. 1 lit. f GDPR).

Our host will only process your data to the extent nec­es­sary to ful­fil its per­for­mance oblig­a­tions and to fol­low our instruc­tions with respect to such data.

Exe­cu­tion of a con­tract data pro­cess­ing agreement

In order to guar­an­tee pro­cess­ing in com­pli­ance with data pro­tec­tion reg­u­la­tions, we have con­clud­ed an order pro­cess­ing con­tract with our host.

3. General information and mandatory information

Data protection

The oper­a­tors of this web­site and its pages take the pro­tec­tion of your per­son­al data very seri­ous­ly. Hence, we han­dle your per­son­al data as con­fi­den­tial infor­ma­tion and in com­pli­ance with the statu­to­ry data pro­tec­tion reg­u­la­tions and this Data Pro­tec­tion Declaration.

When­ev­er you use this web­site, a vari­ety of per­son­al infor­ma­tion will be col­lect­ed. Per­son­al data com­pris­es data that can be used to per­son­al­ly iden­ti­fy you. This Data Pro­tec­tion Dec­la­ra­tion explains which data we col­lect as well as the pur­pos­es we use this data for. It also explains how, and for which pur­pose the infor­ma­tion is collected.

We here­with advise you that the trans­mis­sion of data via the Inter­net (i.e. through e‑mail com­mu­ni­ca­tions) may be prone to secu­ri­ty gaps. It is not pos­si­ble to com­plete­ly pro­tect data against third par­ty access.

Information about the responsible party (referred to as the “controller” in the GDPR)

The data pro­cess­ing con­troller on this web­site is:

Recht­san­walt
Eber­hardt Stock
als Insol­ven­zver­wal­ter über das Ver­mö­gen des Her­rn Dieter Lap­pen (AG Krefeld IN 95 IN 5216),
Her­renpfad 14
41334 Net­te­tal

Phone: +49 2157 818 0
E‑mail: info@baumbonheur.com

The con­troller is the nat­ur­al per­son or legal enti­ty that sin­gle-hand­ed­ly or joint­ly with oth­ers makes deci­sions as to the pur­pos­es of and resources for the pro­cess­ing of per­son­al data (e.g. names, e‑mail address­es, etc.).

Designation of a data protection officer as mandated by law

We have appoint­ed a data pro­tec­tion offi­cer for our company.

Recht­san­walt
Daniel Zumhasch
Wil­helmshofall­ee 75
47800 Krefeld

Phone: +49 (0) 2151 / 5813–140
E‑mail: zumhasch@nst-inso.com

Revocation of your consent to the processing of data

A wide range of data pro­cess­ing trans­ac­tions are pos­si­ble only sub­ject to your express con­sent. You can also revoke at any time any con­sent you have already giv­en us. This shall be with­out prej­u­dice to the law­ful­ness of any data col­lec­tion that occurred pri­or to your revocation.

Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)

IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6 SECT. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21 SECT. 1 GDPR).

IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21 SECT. 2 GDPR).

Right to log a complaint with the competent supervisory agency

In the event of vio­la­tions of the GDPR, data sub­jects are enti­tled to log a com­plaint with a super­vi­so­ry agency, in par­tic­u­lar in the mem­ber state where they usu­al­ly main­tain their domi­cile, place of work or at the place where the alleged vio­la­tion occurred. The right to log a com­plaint is in effect regard­less of any oth­er admin­is­tra­tive or court pro­ceed­ings avail­able as legal recourses.

Right to data portability

You have the right to demand that we hand over any data we auto­mat­i­cal­ly process on the basis of your con­sent or in order to ful­fil a con­tract be hand­ed over to you or a third par­ty in a com­mon­ly used, machine read­able for­mat. If you should demand the direct trans­fer of the data to anoth­er con­troller, this will be done only if it is tech­ni­cal­ly feasible.

SSL and/or TLS encryption

For secu­ri­ty rea­sons and to pro­tect the trans­mis­sion of con­fi­den­tial con­tent, such as pur­chase orders or inquiries you sub­mit to us as the web­site oper­a­tor, this web­site uses either an SSL or a TLS encryp­tion pro­gram. You can rec­og­nize an encrypt­ed con­nec­tion by check­ing whether the address line of the brows­er switch­es from “http://” to “https://” and also by the appear­ance of the lock icon in the brows­er line.

If the SSL or TLS encryp­tion is acti­vat­ed, data you trans­mit to us can­not be read by third parties.

Information about, rectification and eradication of data

With­in the scope of the applic­a­ble statu­to­ry pro­vi­sions, you have the right to at any time demand infor­ma­tion about your archived per­son­al data, their source and recip­i­ents as well as the pur­pose of the pro­cess­ing of your data. You may also have a right to have your data rec­ti­fied or erad­i­cat­ed. If you have ques­tions about this sub­ject mat­ter or any oth­er ques­tions about per­son­al data, please do not hes­i­tate to con­tact us at any time at the address pro­vid­ed in sec­tion “Infor­ma­tion Required by Law.”

Right to demand processing restrictions

You have the right to demand the impo­si­tion of restric­tions as far as the pro­cess­ing of your per­son­al data is con­cerned. To do so, you may con­tact us at any time at the address pro­vid­ed in sec­tion “Infor­ma­tion Required by Law.” The right to demand restric­tion of pro­cess­ing applies in the fol­low­ing cases:

  • In the event that you should dis­pute the cor­rect­ness of your data archived by us, we will usu­al­ly need some time to ver­i­fy this claim. Dur­ing the time that this inves­ti­ga­tion is ongo­ing, you have the right to demand that we restrict the pro­cess­ing of your per­son­al data.
  • If the pro­cess­ing of your per­son­al data was/is con­duct­ed in an unlaw­ful man­ner, you have the option to demand the restric­tion of the pro­cess­ing of your data in lieu of demand­ing the erad­i­ca­tion of this data.
  • If we do not need your per­son­al data any longer and you need it to exer­cise, defend or claim legal enti­tle­ments, you have the right to demand the restric­tion of the pro­cess­ing of your per­son­al data instead of its eradication.
  • If you have raised an objec­tion pur­suant to Art. 21 Sect. 1 GDPR, your rights and our rights will have to be weighed against each oth­er. As long as it has not been deter­mined whose inter­ests pre­vail, you have the right to demand a restric­tion of the pro­cess­ing of your per­son­al data.

If you have restrict­ed the pro­cess­ing of your per­son­al data, these data – with the excep­tion of their archiv­ing – may be processed only sub­ject to your con­sent or to claim, exer­cise or defend legal enti­tle­ments or to pro­tect the rights of oth­er nat­ur­al per­sons or legal enti­ties or for impor­tant pub­lic inter­est rea­sons cit­ed by the Euro­pean Union or a mem­ber state of the EU.

Rejection of unsolicited e‑mails

We here­with object to the use of con­tact infor­ma­tion pub­lished in con­junc­tion with the manda­to­ry infor­ma­tion to be pro­vid­ed in sec­tion “Infor­ma­tion Required by Law” to send us pro­mo­tion­al and infor­ma­tion mate­r­i­al that we have not express­ly request­ed. The oper­a­tors of this web­site and its pages reserve the express right to take legal action in the event of the unso­licit­ed send­ing of pro­mo­tion­al infor­ma­tion, for instance via SPAM messages.

4. Recording of data on this website

Cookies

Our web­sites and pages use what the indus­try refers to as “cook­ies.” Cook­ies are small text files that do not cause any dam­age to your device. They are either stored tem­porar­i­ly for the dura­tion of a ses­sion (ses­sion cook­ies) or they are per­ma­nent­ly archived on your device (per­ma­nent cook­ies). Ses­sion cook­ies are auto­mat­i­cal­ly delet­ed once you ter­mi­nate your vis­it. Per­ma­nent cook­ies remain archived on your device until you active­ly delete them or they are auto­mat­i­cal­ly erad­i­cat­ed by your web browser.

In some cas­es it is pos­si­ble that third par­ty cook­ies are stored on your device once you enter our site (third par­ty cook­ies). These cook­ies enable you or us to take advan­tage of cer­tain ser­vices offered by the third par­ty (e.g. cook­ies for the pro­cess­ing of pay­ment services).

Cook­ies have a vari­ety of func­tions. Many cook­ies are tech­ni­cal­ly essen­tial since cer­tain web­site func­tions would not work in the absence of the cook­ies (e.g. the shop­ping cart func­tion or the dis­play of videos). The pur­pose of oth­er cook­ies may be the analy­sis of user pat­terns or the dis­play of pro­mo­tion­al messages.

Cook­ies, which are required for the per­for­mance of elec­tron­ic com­mu­ni­ca­tion trans­ac­tions (required cook­ies) or for the pro­vi­sion of cer­tain func­tions you want to use (func­tion­al cook­ies, e.g. for the shop­ping cart func­tion) or those that are nec­es­sary for the opti­miza­tion of the web­site (e.g. cook­ies that pro­vide mea­sur­able insights into the web audi­ence), shall be stored on the basis of Art. 6 Sect. 1 lit. f GDPR, unless a dif­fer­ent legal basis is cit­ed. The oper­a­tor of the web­site has a legit­i­mate inter­est in the stor­age of cook­ies to ensure the tech­ni­cal­ly error free and opti­mized pro­vi­sion of the operator’s ser­vices. If your con­sent to the stor­age of the cook­ies has been request­ed, the respec­tive cook­ies are stored exclu­sive­ly on the basis of the con­sent obtained (Art. 6 Sect. 1 lit. a GDPR); this con­sent may be revoked at any time.

You have the option to set up your brows­er in such a man­ner that you will be noti­fied any time cook­ies are placed and to per­mit the accep­tance of cook­ies only in spe­cif­ic cas­es. You may also exclude the accep­tance of cook­ies in cer­tain cas­es or in gen­er­al or acti­vate the delete func­tion for the auto­mat­ic erad­i­ca­tion of cook­ies when the brows­er clos­es. If cook­ies are deac­ti­vat­ed, the func­tions of this web­site may be limited.

In the event that third par­ty cook­ies are used or if cook­ies are used for ana­lyt­i­cal pur­pos­es, we will sep­a­rate­ly noti­fy you in con­junc­tion with this Data Pro­tec­tion Pol­i­cy and, if applic­a­ble, ask for your consent.

Cookie Consent with Borlabs Cookie

Our web­site uses the Bor­labs cook­ie con­sent tech­nol­o­gy to obtain your con­sent to the stor­age of cer­tain cook­ies in your brows­er and for their data pri­va­cy pro­tec­tion com­pli­ant doc­u­men­ta­tion. The provider of this tech­nol­o­gy is Bor­labs — Ben­jamin A. Born­schein, Georg-Wil­helm-Str. 17, 21107 Ham­burg, Ger­many (here­inafter referred to as Borlabs).

When­ev­er you vis­it our web­site, a Bor­labs cook­ie will be stored in your brows­er, which archives any dec­la­ra­tions or revo­ca­tions of con­sent you have entered. These data are not shared with the provider of the Bor­labs technology.

The record­ed data shall remain archived until you ask us to erad­i­cate them, delete the Bor­labs cook­ie on your own or the pur­pose of stor­ing the data no longer exists. This shall be with­out prej­u­dice to any reten­tion oblig­a­tions man­dat­ed by law. To review the details of Bor­labs’ data pro­cess­ing poli­cies, please vis­it https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

We use the Bor­labs cook­ie con­sent tech­nol­o­gy to obtain the dec­la­ra­tions of con­sent man­dat­ed by law for the use of cook­ies. The legal basis for the use of such cook­ies is Art. 6 Sect. 1 Sen­tence 1 lit. c GDPR.

Server log files

The provider of this web­site and its pages auto­mat­i­cal­ly col­lects and stores infor­ma­tion in so-called serv­er log files, which your brows­er com­mu­ni­cates to us auto­mat­i­cal­ly. The infor­ma­tion comprises:

  • The type and ver­sion of brows­er used
  • The used oper­at­ing system
  • Refer­rer URL
  • The host­name of the access­ing computer
  • The time of the serv­er inquiry
  • The IP address

This data is not merged with oth­er data sources.

This data is record­ed on the basis of Art. 6 Sect. 1 lit. f GDPR. The oper­a­tor of the web­site has a legit­i­mate inter­est in the tech­ni­cal­ly error free depic­tion and the opti­miza­tion of the operator’s web­site. In order to achieve this, serv­er log files must be recorded.

Contact form

If you sub­mit inquiries to us via our con­tact form, the infor­ma­tion pro­vid­ed in the con­tact form as well as any con­tact infor­ma­tion pro­vid­ed there­in will be stored by us in order to han­dle your inquiry and in the event that we have fur­ther ques­tions. We will not share this infor­ma­tion with­out your consent.

The pro­cess­ing of these data is based on Art. 6 para. 1 lit. b GDPR, if your request is relat­ed to the exe­cu­tion of a con­tract or if it is nec­es­sary to car­ry out pre-con­trac­tu­al mea­sures. In all oth­er cas­es the pro­cess­ing is based on our legit­i­mate inter­est in the effec­tive pro­cess­ing of the requests addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your agree­ment (Art. 6 Para. 1 lit. a GDPR) if this has been requested.

The infor­ma­tion you have entered into the con­tact form shall remain with us until you ask us to erad­i­cate the data, revoke your con­sent to the archiv­ing of data or if the pur­pose for which the infor­ma­tion is being archived no longer exists (e.g. after we have con­clud­ed our response to your inquiry). This shall be with­out prej­u­dice to any manda­to­ry legal pro­vi­sions – in par­tic­u­lar reten­tion periods.

Request by e‑mail, telephone or fax

If you con­tact us by e‑mail, tele­phone or fax, your request, includ­ing all result­ing per­son­al data (name, request) will be stored and processed by us for the pur­pose of pro­cess­ing your request. We do not pass these data on with­out your consent.

These data are processed on the basis of Art. 6 Sect. 1 lit. b GDPR if your inquiry is relat­ed to the ful­fill­ment of a con­tract or is required for the per­for­mance of pre-con­trac­tu­al mea­sures. In all oth­er cas­es, the data are processed on the basis of our legit­i­mate inter­est in the effec­tive han­dling of inquiries sub­mit­ted to us (Art. 6 Sect. 1 lit. f GDPR) or on the basis of your con­sent (Art. 6 Sect. 1 lit. a GDPR) if it has been obtained.

The data sent by you to us via con­tact requests remain with us until you request us to delete, revoke your con­sent to the stor­age or the pur­pose for the data stor­age laps­es (e.g. after com­ple­tion of your request). Manda­to­ry statu­to­ry pro­vi­sions — in par­tic­u­lar statu­to­ry reten­tion peri­ods — remain unaffected.

5. Analysis tools and advertising

Matomo (formerly called Piwik)

This web­site uses the open source web analy­sis ser­vice Mato­mo. Mato­mo uses tech­nolo­gies that make it pos­si­ble to rec­og­nize the user across mul­ti­ple pages with the aim of ana­lyz­ing the user pat­terns (e.g. cook­ies or device fin­ger­print­ing). The infor­ma­tion record­ed by Mato­mo about the use of this web­site will be stored on our serv­er. Pri­or to archiv­ing, the IP address will first be anonymized.

The use of this analy­sis tool is based on Art. 6 Sect. 1 lit. f GDPR. The web­site oper­a­tor has a legit­i­mate inter­est in the analy­sis of user pat­terns, in order to opti­mize the operator’s web offer­ings and adver­tis­ing. If a cor­re­spond­ing agree­ment has been request­ed (e.g. an agree­ment to the stor­age of cook­ies), the pro­cess­ing takes place exclu­sive­ly on the basis of Art. 6 para. 1 lit. a GDPR; the agree­ment can be revoked at any time.

The infor­ma­tion col­lect­ed by Mato­mo con­cern­ing the use of this web­site shall not be shared with any third parties.

6. Plug-ins and Tools

Google Web Fonts

To ensure that fonts used on this web­site are uni­form, this web­site uses so-called Web Fonts pro­vid­ed by Google. When you access a page on our web­site, your brows­er will load the required web fonts into your brows­er cache to cor­rect­ly dis­play text and fonts.

To do this, the brows­er you use will have to estab­lish a con­nec­tion with Google’s servers. As a result, Google will learn that your IP address was used to access this web­site. The use of Google Web Fonts is based on Art. 6 Sect. 1 lit. f GDPR. The web­site oper­a­tor has a legit­i­mate inter­est in a uni­form pre­sen­ta­tion of the font on the operator’s web­site. If a respec­tive dec­la­ra­tion of con­sent has been obtained (e.g. con­sent to the archiv­ing of cook­ies), the data will be processed exclu­sive­ly on the basis of Art. 6 Sect. 1 lit. a GDPR. Any such con­sent may be revoked at any time.

If your brows­er should not sup­port Web Fonts, a stan­dard font installed on your com­put­er will be used.

For more infor­ma­tion on Google Web Fonts, please fol­low this link: https://developers.google.com/fonts/faq and con­sult Google’s Data Pri­va­cy Dec­la­ra­tion under: https://policies.google.com/privacy?hl=en.

Google Maps

Via an API, this web­site uses the map­ping ser­vice Google Maps. The provider is Google Ire­land Lim­it­ed (“Google”), Gor­don House, Bar­row Street, Dublin 4, Ireland.

To enable the use of the Google Maps fea­tures, your IP address must be stored. As a rule, this infor­ma­tion is trans­ferred to one of Google’s servers in the Unit­ed States, where it is archived. The oper­a­tor of this web­site has no con­trol over the data transfer.

We use Google Maps to present our online con­tent in an appeal­ing man­ner and to make the loca­tions dis­closed on our web­site easy to find. This con­sti­tutes a legit­i­mate inter­est as defined in Art. 6 Sect. 1 lit. f GDPR. If a respec­tive dec­la­ra­tion of con­sent has been obtained, the data shall be processed exclu­sive­ly on the basis of Art. 6 Sect. 1 lit. a GDPR. This dec­la­ra­tion of con­sent may be revoked at any time.

For more infor­ma­tion on the han­dling of user data, please review Google’s Data Pri­va­cy Dec­la­ra­tion under: https://policies.google.com/privacy?hl=en.

Google reCAPTCHA

We use “Google reCAPTCHA” (here­inafter referred to as “reCAPTCHA”) on this web­site. The provider is Google Ire­land Lim­it­ed (“Google”), Gor­don House, Bar­row Street, Dublin 4, Ireland.

The pur­pose of reCAPTCHA is to deter­mine whether data entered on this web­site (e.g. infor­ma­tion entered into a con­tact form) is being pro­vid­ed by a human user or by an auto­mat­ed pro­gram. To deter­mine this, reCAPTCHA ana­lyzes the behav­ior of the web­site vis­i­tors based on a vari­ety of para­me­ters. This analy­sis is trig­gered auto­mat­i­cal­ly as soon as the web­site vis­i­tor enters the site. For this analy­sis, reCAPTCHA eval­u­ates a vari­ety of data (e.g. IP address, time the web­site vis­i­tor spent on the site or cur­sor move­ments ini­ti­at­ed by the user). The data tracked dur­ing such analy­ses are for­ward­ed to Google.

reCAPTCHA analy­ses run entire­ly in the back­ground. Web­site vis­i­tors are not alert­ed that an analy­sis is underway.

Data are stored and ana­lyzed on the basis of Art. 6 Sect. 1 lit. f GDPR. The web­site oper­a­tor has a legit­i­mate inter­est in the pro­tec­tion of the operator’s web­sites against abu­sive auto­mat­ed spy­ing and against SPAM. If a respec­tive dec­la­ra­tion of con­sent has been obtained, the data will be processed exclu­sive­ly on the basis of Art. 6 Sect. 1 lit. a DGDPR. Any such con­sent may be revoked at any time.

For more infor­ma­tion about Google reCAPTCHA please refer to the Google Data Pri­va­cy Dec­la­ra­tion and Terms Of Use under the fol­low­ing links: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en.

7. eCommerce and payment service providers

Processing of data (customer and contract data)

We col­lect, process and use per­son­al data only to the extent nec­es­sary for the estab­lish­ment, con­tent orga­ni­za­tion or change of the legal rela­tion­ship (data inven­to­ry). These actions are tak­en on the basis of Art. 6 Sect. 1 lit. b GDPR, which per­mits the pro­cess­ing of data for the ful­fil­ment of a con­tract or pre-con­trac­tu­al actions. We col­lect, process and use per­son­al data con­cern­ing the use of this web­site (usage data) only to the extent that this is nec­es­sary to make it pos­si­ble for users to uti­lize the ser­vices and to bill for them.

The col­lect­ed cus­tomer data shall be erad­i­cat­ed upon com­ple­tion of the order or the ter­mi­na­tion of the busi­ness rela­tion­ship. This shall be with­out prej­u­dice to any statu­to­ry reten­tion mandates.

8. Custom Services

Job Applications

We offer web­site vis­i­tors the oppor­tu­ni­ty to sub­mit job appli­ca­tions to us (e.g. via e‑mail, via postal ser­vices on by sub­mit­ting the online job appli­ca­tion form). Below, we will brief you on the scope, pur­pose and use of the per­son­al data col­lect­ed from you in con­junc­tion with the appli­ca­tion process. We assure you that the col­lec­tion, pro­cess­ing and use of your data will occur in com­pli­ance with the applic­a­ble data pri­va­cy rights and all oth­er statu­to­ry pro­vi­sions and that your data will always be treat­ed as strict­ly confidential.

Scope and pur­pose of the col­lec­tion of data

If you sub­mit a job appli­ca­tion to us, we will process any affil­i­at­ed per­son­al data (e.g. con­tact and com­mu­ni­ca­tions data, appli­ca­tion doc­u­ments, notes tak­en dur­ing job inter­views, etc.), if they are required to make a deci­sion con­cern­ing the estab­lish­ment or an employ­ment rela­tion­ship. The legal grounds for the afore­men­tioned are § 26 New GDPR accord­ing to Ger­man Law (Nego­ti­a­tion of an Employ­ment Rela­tion­ship), Art. 6 Sect. 1 lit. b GDPR (Gen­er­al Con­tract Nego­ti­a­tions) and – pro­vid­ed you have giv­en us your con­sent – Art. 6 Sect. 1 lit. a GDPR. You may revoke any con­sent giv­en at any time. With­in our com­pa­ny, your per­son­al data will only be shared with indi­vid­u­als who are involved in the pro­cess­ing of your job application.

If your job appli­ca­tion should result in your recruit­ment, the data you have sub­mit­ted will be archived on the grounds of § 26 New GDPR and Art. 6 Sect. 1 lit. b GDPR for the pur­pose of imple­ment­ing the employ­ment rela­tion­ship in our data pro­cess­ing system.

Data Archiv­ing Period

If we are unable to make you a job offer or you reject a job offer or with­draw your appli­ca­tion, we reserve the right to retain the data you have sub­mit­ted on the basis of our legit­i­mate inter­ests (Art. 6 para. 1 lit. f GDPR) for up to 6 months from the end of the appli­ca­tion pro­ce­dure (rejec­tion or with­draw­al of the appli­ca­tion). After­wards the data will be delet­ed, and the phys­i­cal appli­ca­tion doc­u­ments will be destroyed. The stor­age serves in par­tic­u­lar as evi­dence in the event of a legal dis­pute. If it is evi­dent that the data will be required after the expiry of the 6‑month peri­od (e.g. due to an impend­ing or pend­ing legal dis­pute), dele­tion will only take place when the pur­pose for fur­ther stor­age no longer applies.

Longer stor­age may also take place if you have giv­en your agree­ment (Arti­cle 6 (1) (a) GDPR) or if statu­to­ry data reten­tion require­ments pre­clude the deletion.

Admis­sion to the appli­cant pool

If we do not make you a job offer, you may be able to join our appli­cant pool. In case of admis­sion, all doc­u­ments and infor­ma­tion from the appli­ca­tion will be trans­ferred to the appli­cant pool in order to con­tact you in case of suit­able vacancies.

Admis­sion to the appli­cant pool is based exclu­sive­ly on your express agree­ment (Art. 6 para. 1 lit. a GDPR). The sub­mis­sion agree­ment is vol­un­tary and has no rela­tion to the ongo­ing appli­ca­tion pro­ce­dure. The affect­ed per­son can revoke his agree­ment at any time. In this case, the data from the appli­cant pool will be irrev­o­ca­bly delet­ed, pro­vid­ed there are no legal rea­sons for storage.

The data from the appli­cant pool will be irrev­o­ca­bly delet­ed no lat­er than two years after con­sent has been granted.

Our social media appearances

Data processing through social networks

We main­tain pub­licly avail­able pro­files in social net­works. The indi­vid­ual social net­works we use can be found below.

Social net­works such as Face­book, Google+ etc. can gen­er­al­ly analyse your user behav­iour com­pre­hen­sive­ly if you vis­it their web­site or a web­site with inte­grat­ed social media con­tent (e.g. like but­tons or ban­ner ads). When you vis­it our social media pages, numer­ous data pro­tec­tion-rel­e­vant pro­cess­ing oper­a­tions are trig­gered. In detail:

If you are logged in to your social media account and vis­it our social media page, the oper­a­tor of the social media por­tal can assign this vis­it to your user account. Under cer­tain cir­cum­stances, your per­son­al data may also be record­ed if you are not logged in or do not have an account with the respec­tive social media por­tal. In this case, this data is col­lect­ed, for exam­ple, via cook­ies stored on your device or by record­ing your IP address.

Using the data col­lect­ed in this way, the oper­a­tors of the social media por­tals can cre­ate user pro­files in which their pref­er­ences and inter­ests are stored. This way you can see inter­est-based adver­tis­ing inside and out­side of your social media pres­ence. If you have an account with the social net­work, inter­est-based adver­tis­ing can be dis­played on any device you are logged in to or have logged in to.

Please also note that we can­not retrace all pro­cess­ing oper­a­tions on the social media por­tals. Depend­ing on the provider, addi­tion­al pro­cess­ing oper­a­tions may there­fore be car­ried out by the oper­a­tors of the social media por­tals. Details can be found in the terms of use and pri­va­cy pol­i­cy of the respec­tive social media portals.

Legal basis

Our social media appear­ances should ensure the widest pos­si­ble pres­ence on the Inter­net. This is a legit­i­mate inter­est with­in the mean­ing of Art. 6 (1) lit. f GDPR. The analy­sis process­es ini­ti­at­ed by the social net­works may be based on diver­gent legal bases to be spec­i­fied by the oper­a­tors of the social net­works (e.g. con­sent with­in the mean­ing of Art. 6 (1) (a) GDPR).

Respon­si­bil­i­ty and asser­tion of rights

If you vis­it one of our social media sites (e.g., Face­book), we, togeth­er with the oper­a­tor of the social media plat­form, are respon­si­ble for the data pro­cess­ing oper­a­tions trig­gered dur­ing this vis­it. You can in prin­ci­ple pro­tect your rights (infor­ma­tion, cor­rec­tion, dele­tion, lim­i­ta­tion of pro­cess­ing, data porta­bil­i­ty and com­plaint) vis-à-vis us as well as vis-à-vis the oper­a­tor of the respec­tive social media por­tal (e.g. Facebook).

Please note that despite the shared respon­si­bil­i­ty with the social media por­tal oper­a­tors, we do not have full influ­ence on the data pro­cess­ing oper­a­tions of the social media por­tals. Our options are deter­mined by the com­pa­ny pol­i­cy of the respec­tive provider.

Stor­age time

The data col­lect­ed direct­ly from us via the social media pres­ence will be delet­ed from our sys­tems as soon as the pur­pose for their stor­age laps­es, you ask us to delete it, you revoke your con­sent to the stor­age or the pur­pose for the data stor­age laps­es. Stored cook­ies remain on your device until you delete them. Manda­to­ry statu­to­ry pro­vi­sions — in par­tic­u­lar, reten­tion peri­ods — remain unaffected.

We have no con­trol over the stor­age dura­tion of your data that are stored by the social net­work oper­a­tors for their own pur­pos­es. For details, please con­tact the social net­work oper­a­tors direct­ly (e.g. in their pri­va­cy pol­i­cy, see below).

Individual social networks

Face­book

We have a pro­file on Face­book. The provider of this ser­vice is Face­book Ire­land Lim­it­ed, 4 Grand Canal Square, Dublin 2, Ire­land. Accord­ing to Facebook’s state­ment the col­lect­ed data will also be trans­ferred to the USA and to oth­er third par­ty countries.

We have signed an agree­ment with Face­book on shared respon­si­bil­i­ty for the pro­cess­ing of data (Con­troller Adden­dum). This agree­ment deter­mines which data pro­cess­ing oper­a­tions we or Face­book are respon­si­ble for when you vis­it our Face­book Fan­page. This agree­ment can be viewed at the fol­low­ing link: https://www.facebook.com/legal/terms/page_controller_addendum.

You can cus­tomise your adver­tis­ing set­tings inde­pen­dent­ly in your user account. Click on the fol­low­ing link and log in: https://www.facebook.com/settings?tab=ads.

Details can be found in the Face­book pri­va­cy pol­i­cy: https://www.facebook.com/about/privacy/.

Insta­gram

We have a pro­file on Insta­gram. The provider is Insta­gram Inc., 1601 Wil­low Road, Men­lo Park, CA, 94025, USA. For details on how they han­dle your per­son­al infor­ma­tion, see the Insta­gram Pri­va­cy Pol­i­cy: https://help.instagram.com/519522125107875.