Data Privacy
Thank you for visiting our website. In this Policy, we would like to inform you about how we handle your data in accordance with Art. 13 of the General Data Protection Regulation (GDPR).
Controller
The Controller for the data processing operations described below is the office named in the imprint.
Usage Data
When you visit our website, our web server temporarily evaluates usage data for statistical purposes in order to improve the quality of our website. This data consists of the following data categories:
-
- the name and address of the requested content,
- the date and time of the query,
- of the transferred data volume,
- the access status (content transferred, content not found),
- the description of the used web browser and operating system,
- the referral link, which indicates from which page you reached ours,
- the IP address of the requesting computer, which is shortened in such a way that a personal reference can no longer be established.
The above-mentioned log data will only be evaluated anonymously.
Data Security
We take technical and organizational measures to protect your data as comprehensively as possible from unwanted access. These measures include encryption procedures on our web pages. Your data is transferred from your computer to our server and vice versa via the internet using TLS encryption.
You can usually recognize this by the fact that the lock symbol in the status bar of your browser is closed and the address line begins with https://.
More than necessary cookies
When you enter our website, we inform you about the types of cookies we use and give you the option to agree or not to individual types of cookies. We do not load non-essential cookies until you have consented to their use by type.
Our website uses the cookie consent technology of KIProtect GmbH – Klaro to obtain your consent within the meaning of Art. 6 (1) p. 1 lit. a DSGVO to the storage of certain cookies in your browser and to document this in accordance with data protection. The provider of this technology is KIProtect GmbH – Klaro, Bismarckstr. 10-12, 10625 Berlin.
When you enter our website, a KIProtect GmbH – Klaro Cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data will not be passed on to the provider of KIProtect GmbH – Klaro.
The collected data will be stored until you request us to delete it or until you delete KIProtect GmbH – Klaro yourself or until the purpose for storing the data no longer applies. Mandatory legal retention periods remain unaffected. Details on the data processing of KIProtect GmbH – Klaro can be found at https://heyklaro.com/resources/privacy.
The use of KIProtect GmbH – Klaro takes place in order to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c DSGVO.
Data Processors
We transfer your data to service providers who support us in the operation of our websites and related processes. These service providers are usually data processors within the meaning of Art. 28 GDPR. Our service providers are strictly bound by contracts and our instructions.
Google Analytics
We use the web analysis tool “Google Analytics” to design our websites in line with requirements. Google Analytics creates usage profiles based on pseudonyms. For this purpose, permanent cookies are stored on your terminal device and read by us. In this way, we are able to recognize returning visitors and count them as such.
Within the scope of Google Analytics, we are supported by Google Ireland Limited and Google LLC. (USA) as processors according to Art. 28 DSGVO. Data processing may therefore also take place outside the EU or EEA. With regard to Google LLC, an adequate level of data protection cannot be assumed due to processing in the USA. There is a risk that authorities may access the data for security and monitoring purposes without you being informed or having legal recourse. Please keep this in mind if you decide to give your consent to our use of Google Analytics.
The data processing is based on your consent according to Art. 6 para. 1 p. 1 lit. a DSGVO or § 15 para. 3 p. 1 TMG, if you have given your consent via our banner. The transfer to a third country is based on Art. 49 para. 1 lit. a DSGVO.
You can revoke your consent at any time. To do so, make the appropriate settings via our banner.
Contact Form
You have the possibility to contact us via our contact form. To use our contact form, we first need the data marked as mandatory fields from you.
We use this data on the basis of Art. 6 para. 1 p. 1 lit. f DSGVO to answer your request.
Your data will only be processed to answer your request. We delete your data if it is no longer required and there are no legal retention obligations to the contrary.
With regard to processing pursuant to Art. 6 (1) p. 1 lit. f DSGVO, you have the right to object at any time. For this purpose, please contact the e-mail address stated in the imprint.
Google reCAPTCHA
In order to protect our web forms from automated requests, we use the solution “Google reCAPTCHA”(hereinafter “reCAPTCHA”) on our website. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
As part of the captcha function, you may be asked to solve tasks or click checkboxes. Another version works entirely without any active actions on your part and only monitors your interaction with the corresponding page. In the latter case, the reCaptcha analyses run completely in the background.
The user entries made in this context and possibly also the mouse movements are used to estimate whether the entries originate from a human or an automated programme. Since the corresponding service is loaded from Google servers, Google receives the data required for the retrieval. This also includes your IP address and the website called up, as well as information on the terminal device, browser and operating system used. In addition, various cookies are set when Google reCAPTCHA is used, which is why we only integrate reCAPTCHA with your express consent.
If you have consented to the use of Google reCAPTCHA via our Consent Management Tool, the corresponding data processing is carried out on the basis of this consent within the meaning of Art. 6 para. 1 lit. a DSGVO.
Further information can be found at https://developers.google.com/recaptcha/
Webfonts
For a consistent appearance of our site, we use so-called web fonts, which are provide by Adobe Typekit. When you access a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.
Calling up our websites will lead to downloading contents of the third-party providers who provide these functions and contents. As a result, the third-party provider receives the information that you have visited our site as well as the usage data technically required for this purpose.
We have no control on further data processing by the third-party provider.
The implementation is based on Art. 6 (1) (f) GDPR to serve our legitimate interest of making our site as attractive and informative as possible.
If your browser does not support web fonts, a standard font from your computer will be used. Further information on Adobe Typekit Web Fonts can be found at https://typekit.com/ and in the Adobe Typekit privacy policy: https://www.adobe.com/de/privacy/policies/typekit.html
Storage Period
Unless otherwise specified, we will delete your personal data if they are no longer required for the relevant processing purposes and no legal retention obligations oppose deletion.
Your rights as a data subject
When processing your personal data, the GDPR grants you certain rights as a data subject:
Right of access by the data subject (Art. 15 GDPR)
You have the right to obtain confirmation as to whether personal data concerning you are being processed; if this is the case, you have the right to be informed of this personal data and to receive the information specified in Art. 15 GDPR.
Right to rectification (Art. 16 GDPR)
You have the right to rectification of inaccurate personal data concerning you and, taking into account the purposes of the processing, the right to have incomplete personal data completed, including by means of providing a supplementary statement without delay.
Right to erasure (Art. 17 GDPR)
You have the right to obtain the erasure of personal data concerning you without undue delay if one of the reasons listed in Art. 17 GDPR applies.
Right to restriction of processing (Art. 18 GDPR)
You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g., if you have objected to the processing, for the duration of our examination.
Right to data portability (Art. 20 GDPR)
In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format, or to request that this data be transferred to a third party.
Right to withdraw consent (Art. 7 GDPR)
If the processing of data is based on your consent, you are entitled to withdraw your consent to the use of your personal data at any time in accordance with Art. 7 (3) GDPR. Please note that the withdrawal is only effective for the future. Processing that took place before the withdrawal is not affected.
Right to object (Art. 21 GDPR)
If data is collected on the basis of Art. 6 (1) 1 f GDPR (data processing for the purpose of our legitimate interests) or on the basis of Art. 6 (1) 1 e GDPR (data processing for the purpose of protecting public interests or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms or if data is still needed for the establishment, exercise or defence of legal claims.
Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
According to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your data violates data protection regulations. This right may be asserted in particular with a supervisory authority in the Member State of your habitual residence, your place of work or the place of the suspected infringement.
Asserting your rights
Unless otherwise described above, please contact us to assert your rights. You will find our contact details in our imprint.
Kontaktdaten des Datenschutzbeauftragten
Our external data protection officer is available to provide further information on data protection.
datenschutz nord GmbH
Konsul-Smidt-Straße 88
28217 Bremen
Web: www.datenschutz-nord-gruppe.de
E-Mail: office@datenschutz-nord.de
When contacting our data protection officer, please specify the name of the company, stated in our imprint.