HAVER & BOECKER OHG

Privacy and Security Policy Statement including Social Networks and Marketing Automation Software | Version dated 17.02.2020

Privacy and Security Policy Statement for this Website of HAVER & BOECKER OHG

Thank you for your interest in our company; the protection of your data is extremely important to us. 

This Privacy and Security Policy Statement explains how HAVER & BOECKER OHG, as the operator of the website www.haverboecker.com, processes the personal data of users of the website. Hereafter HAVER & BOECKER OHG will be referred to as “we“ or “us“, and “you“ or “your“ will be employed to mean the users of the website. 

The Controller of this website, in compliance with Article 26 of the EU General Data Protection Regulation (GDPR), miscellaneous data protection laws valid in member states of the European Union and other regulations concerning data protection, is 

HAVER & BOECKER OHG
Carl-Haver-Platz 3, 59302 Oelde, Germany
Tel.: +49 2522 30-0
E-Mail: haver(at)haverboecker(dot)com
Website: www.haverboecker.com

We operate this website in accordance with the applicable data protection regulations and are responsible for adherence to said regulations when your personal data are processed by us and by Third Parties acting on our authority.

For any matters regarding data protection you can approach our Data Protection Officer directly. You may make contact with him by the following means: 

Tel.: +49-2522-30 346
E-Mail: datenschutzbeauftragter(at)haverboecker(dot)com 

Please note that this Privacy and Security Policy Statement applies exclusively to this website (including sub-domains) and the associated data-processing procedures. It is not applicable to the processing of personal data from individuals who make use of products or services of the enterprises of HAVER & BOECKER OHG and/or of associated commercial entities (in accordance with § 15 of the AktG, the German Public Companies Act) through other websites. In such cases please consult the Privacy and Security Policy Statements and other terms and conditions of those websites, as applicable for the establishment of the relevant contractual relationship.

If you want to take advantage of certain services that we provide on our website, it may be necessary for us to process some of your personal data. Should this be the case, if there is no legal provision which allows us to do so, we will request your agreement. If you prefer not to give us this agreement, we will not be able to process your personal data. This may result in our being unable to provide the services you have requested or only being able to provide them to a limited extent.

The processing of any personal data, such as the name, address, email address and/or telephone number of the person concerned, proceeds exclusively in accordance with the EU General Data Protection Regulation (GDPR) and in compliance with the relevant data protection regulations. In this Privacy and Security Policy Statement we want to provide you with information about the nature, extent and purpose of any personal data that we collect, employ and process (further information concerning the processing of personal data can be found in Section 3). We also wish to inform the persons concerned, the data subjects, of the rights they possess in this respect. 

We have deployed considerable technical and organizational measures in order to ensure that any personal data which are provided to us through this website is protected from abuse to the greatest possible degree. However, it is always possible for data collected over the Internet to fall victim to security lapses. Consequently we are unable to guarantee absolute protection. For this reason, anybody who wishes to provide us with personal data by an alternative method, for example by telephone or by post, is perfectly entitled to do so. We recommend that you should employ this method in the case of information which is particularly confidential.

We reserve the right to update this Privacy and Security Policy Statement from time to time and to publish the latest version on our website. This Privacy and Security Policy Statement was last updated on March 25th 2020. 

We should first like to provide you with information about the specific terminology relating to data protection and the meaning of the individual terms.

This Privacy and Security Policy Statement is based on the terms and definitions employed in the General Data Protection Regulation (GDPR). To facilitate better understanding of this Privacy and Security Policy statement, a brief definition of the terms used here is provided below.  

2.1 Personal Data 

Personal means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

2.2 Data Subject 

A data subject is a natural person who can be or has been identified on the basis of personal data processed when that person visits our website. A natural person is deemed to be identifiable in this sense when it is possible for said person to be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

2.3 Processing 
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction; 


2.4 Restriction of Processing 
Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future;


2.5 Profiling
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;

2.6 Pseudonymisation 
Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person;


2.7 Processor

Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;


2.8 Recipient
Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;

2.9 Third Party
Third means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;

 


2.10 Consent of the Data Subject
Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

3.1 When you make contact with us, by email or by using a contact form, we store the data you supply (your email address and possibly your name and phone number, etc) in order to process your enquiries (for further details see Section 6.1.1). We erasure these data when it is no longer necessary for them to be stored, or we restrict the processing of these data if complete erasure is prohibited by legal retention requirements, for the period and extent stipulated by these requirements.

3.2 Should we wish to refer to our authorized service providers for individual functions of our services, or to use your data for commercial purposes, we shall specifically inform you of this in advance and not proceed in this matter without your explicit agreement. 

3.3 If you access our website purely to obtain information, i.e. if you do not register or provide us with any other information, we only collect the personal data which is supplied by your browser to our server. This comprises the following data, which we require for technical reasons in order to display our website to you and to maintain its stability and security (the legal basis for this is Article 6(1)(f) of the GDPR): 

  • IP address of the accessing system or retrieval device
  • date and time of enquiry
  • time zone difference to Greenwich Mean Time (GMT)
  • content of request/s (concrete page, images, data, further page content)
  • access status/HTTP status code
  • data quantity transferred
  • website of the accessing system or retrieval device (“referrer-tracking”)
  • browser type and version employed
  • operating system of accessing system or retrieval device and its interface
  • language and version of browser software
  • Internet service provider of the accessing system
  • other similar data and information which serves to defend our IT systems in the case of attacks

This data and information is stored in log files on our server. The legal basis for this is Article 6(1)(f) of the GDPR.

When we utilize your general data and information we do not draw any conclusions about you as the individual data subject. 

Instead, this information is required in order to

  • present the content of our website in appropriate fashion and preserve the website’s compatibility for as many visitors as possible,
  • help combat abuse and rectify any faults,
  • optimize the content of our website and the relevant advertisements, 
  • ensure the sustainable functional capacity of our IT system and the technology of our website, and
  • compile information necessary for pursuing a prosecution which can be supplied to the appropriate authorities in the case of cyber attack.


It is therefore necessary to log the technical data of the accessing system to facilitate the earliest possible response to display errors, attacks on our IT systems and/or malfunctions of our website. This anonymously-acquired data and information is statistically evaluated and solely employed for the purpose of optimizing data protection and data security in our company, so that we may provide an appropriate level of protection for the personal data that we process.

In each case these data are only stored for as long as is required for the purpose involved, for as long as is stipulated by law or for the pursuit of our legitimate interests. This includes the storage of some personal data after the termination of our relationship with you insofar as this is required to resolve possible disputes or for current or future legal cases, to keep records regarding our services or to fulfil our legal obligations. If these personal data are not erased after the expiry of the relevant retention period, they are anonymized and then only employed for statistical purposes.

3.4 Social Media

Please note that information placed at our disposal via Social Media is, as a rule, also employed and stored by the Social Media Provider in accordance with its own conditions and guidelines (for further details see Section 8.3 to Section 8.10). For issues regarding the use of information conveyed by Social Media Providers we therefore advise you to consult their own website for information about the policy of the individual Social Media Provider regarding data protection.

3.5 Use of Cookies 

In addition to the data outlined above, when you use our website cookies are stored on your computer, unless you have made use of the Cookie Opt-Out Function which we display alongside our note about cookies when you access our website. 

Cookies are small text files which your browser automatically creates when you visit this website; they are placed and stored on your device (personal computer, laptop, smartphone or similar). These cookies transmit information to us about the way you use this website. Cookies cannot execute any programs or transfer viruses to your computer. They serve purely to make our Internet service more user-friendly and efficient. 

The use of cookies also serves to maintain the full functionality of this website and to ensure that using our services is as easy and comfortable as possible by helping us simplify and optimize the accessibility. In addition, cookie technology enables us to recognize individual visitors by means of pseudonyms, e.g. an individual, random ID, so that we can offer individual products and services. Furthermore, we employ cookies in order to analyze and evaluate the use of this website statistically (for further details see Section 7). If there is any intention to deploy tracking methods, we will obtain your prior approval for this.

Browsers frequently accept cookies automatically. You can configure your browser so that no cookies are stored on your computer, though, or so that a notification appears before any new cookie is installed. However, completely deactivating cookies can result in your being unable to make use of all functions of this website. 

Cookies are employed as follows;

  • This Website uses the following types of Cookies; their scope and operation are described in the following section:
    – Transient Cookies 
    – Persistent Cookies  
  • Transient Cookies are automatically deleted when you close the browser. These include in particular session cookies, which store a session ID: this is used to allocate the enquiries made by your browser during a session. In this way your computer can be recognized when you return to our website. Session cookies are deleted when you log out or close your browser. 
  • Persistent Cookies are automatically deleted after a stipulated period, which can be different for each cookie. You can delete the cookies at any time from the security settings of your browser. 
  • You can configure your browser settings in accordance with your personal wishes and, for example, refuse to accept third-party cookies or all cookies. In this context please refer to our Cookie Opt-Out Function, which we display alongside our note about cookies when you access our website. Please bear in mind that using this opt-out function may mean that you are unable to use all functions of this website.
  • If you have an account on our website we deploy cookies so we can recognize the IP address you use on subsequent visits and there is no need for you to log in on every subsequent visit.

We recommend that you regularly delete your cookies and browser history manually.This website also employs technologies which are similar to cookies, such as Flash Cookies and HTML5 storage objects, although only if you give your approval to this. 

  • Flash Cookies (also known as Local Shared Objects or LSO) are cookies attached to the Adobe Flash Player, data files where user-related data from Internet surfing are stored on the user's device by the website or web application involved for later retrieval. They are recorded not by your browser but by your flash plug-in. If you wish to terminate the use of these Flash Cookies you can prevent further placement at any time by installing a corresponding add-on. Suitable examples include Clear Flash Cookies by Chris Peterson for Mozilla Firefox (https://addons.mozilla.org/en-US/firefox/addon/clear-flash-cookies/?src=search) or the Adobe Flash Killer Cookie for Google Chrome. 
  • In addition, HTML5 storage objects are employed on this website – provided you give your approval – and stored on your device. These objects store the required data independent from the browser you are employing and have no automatic deletion date. You can prevent or terminate the use of HTML5 storage objects by setting your browser to private mode. 

3.6 Hyperlinks to Third Party Websites

Our website can also contain hyperlinks to Third Party Websites (for further details see Section 8). With regard to the use of such links, we must state explicitly that we have no control over the data protection guidelines and practices of these Third Party Websites, and we are not responsible for them. Consequently if you intend to use such hyperlinks we advise you to consult the Third Party Websites involved for information about their approach to data protection issues.

4.1 Lawfulness of Processing 
The processing of personal data on this website proceeds on the legal basis of either your explicit agreement in accordance with Article 6(1)(a) of the GDPR or of our legitimate interests in accordance with Article 6(1)(f) of the GDPR, and in particular the ongoing optimization of our website service, the pursuit of our commercial interests and the execution of our entrepreneurial activities. Our legitimate interests also include maintaining and optimizing on an ongoing basis the functionality of this website. 

4.2 Period of Storage 
When the legal basis for the storage or processing of your personal data no longer applies, these data are routinely erasured. This means that your personal data are erased as soon as the purpose of processing them has been achieved, there is no retention requirement (or this no longer applies), and the data are not necessary (or no longer necessary) for the pursuit of our legitimate interests.

5.1 You have the following rights regarding your personal data and our processing of said data:

  • The right to Confirmation and Information about the processing of personal data
  • The right to Rectification or Erasure,
  • The right to Restriction of Processing,
  • The right to Object to Processing,
  • The right to Data Portability.

With respect to enforcing your rights regarding your personal data, please consult directly our Data Protection Officer (Email: datenschutzbeauftragter(at)haverboecker(dot)com)

5.2 You also have the right to complain to a Data Protection Supervisory Authority about our conduct with respect to the processing of your personal data.

5.3 Individual Rights in Detail:
Every data subject has the right to demand from us confirmation that we are, or are not, processing his or her personal data. If we are indeed processing the data of that individual, he or she has the right to information about which data referring to his or her person we are processing. This includes the following information:

  • The reason or reasons for processing the data; 
  • The category of personal data being processed; 
  • The recipients or categories of recipients to whom the personal data have been revealed or will be revealed, especially if the controller intends to transfer personal data to a third country or international organization; 
  • If possible, the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period; 
  • The existence of the right to rectification or erasure of personal data or the right to restriction of processing concerning the data subject or the right to object to this processing: 
  • The right to lodge a complaint with a supervisory authority; 
  • If the personal data have not been obtained from the data subject in person, all available information about the origin of the data. 

Furthermore, the data subject has the right to information about whether personal data will be transferred to a third country or international organization. 

Any individual affected by the processing of personal data has the right to demand that any inaccurate personal data be rectified without delay. At the same time, taking into account the purposes of the processing, the data subject has the right to demand that incomplete personal data be completed, including by means of providing a supplementary statement. 


Any individual affected by the processing of personal data has the right to demand that we erasure his or her personal data without delay where one of the following conditions applies and the processing is not required:

  • The personal data are no longer necessary in relation to the purposes for which they were collected and/or processed; 
  • The data subject withdraws the consent on which the processing is based according to Article 6(1)(a) or Article 9(2)(a) of the GDPR, and where there is no other legal ground for the processing; 
  • The data subject makes an objection to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or the data subject makes an objection to the processing pursuant to Article 21(2); 
  • The personal data have been unlawfully processed; 
  • The personal data have to be erased for compliance with a legal obligation in European Union or Member State law to which we are subject; 
  • The personal data have been unlawfully collected in relation to the offer of information society services referred to in Article 8 (1) of the GDPR. 

If we, as controller, are obliged pursuant to Article 17(1) of the GDPR to erase the personal data, we shall, taking into account available technology and the associated implementation costs, take reasonable steps, including technical measures, to inform controllers – Third Parties if necessary – which are processing the personal data on our behalf that the data subject has requested the erasure by such controllers of any links to those personal data, and copies of replications of those personal data. Our Data Protection Officer will ensure that all necessary steps are taken in each individual case. 

Any individual affected by the processing of personal data also has the right to demand that we restrict the processing of said data where one of the following conditions applies: 

  • The accuracy of the personal data is contested by the data subject, for a period which enables us to verify the accuracy of the personal data. 
  • The processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of the personal data instead. 
  • We as controller no longer need the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims. 
  • The data subject has objected to processing pursuant to Article 21(1) of the GDPR but it has not yet been ascertained whether the legitimate grounds of the controller override those of the data subject. 

Any individual affected by the processing of personal data also has the right to data portability, i.e. the right to receive his or her personal data in a structured, commonly used and machine-readable format. The data subject also has the right to transmit those data to another controller without hindrance from us, where the processing is based on consent pursuant to Article 6(1)(a) or Article 9(2)(a) or on a contract pursuant to Article 6(1)(b) of the GDPR, and the processing is carried out by automated means, insofar as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority which has been vested in us. 

Furthermore, in exercising the right to data portability the data subject also has the right, pursuant to Article 20(1) of the GDPR, to have the personal data transmitted directly from us to another controller, where this is technically feasible, the processing is carried out by automated means, and this does not adversely affect the rights and freedoms of others. 

Any individual affected by the processing of personal data also has the right to object at any time to the processing of his or her personal data. 

If such an objection is made we will no longer process the personal data unless we can demonstrate compelling legitimate grounds for continuing with the processing which override the interests, rights and freedoms of the data subject, or the processing serves for the establishment, exercise or defense of legal claims. 

Where we process personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of his or her personal data for such marketing. This includes profiling to the extent that it is related to such direct marketing. Where the data subject objects to processing for direct marketing purposes, we will no longer process the personal data for such purposes. 

Furthermore, where personal data are processed for scientific or historical research purposes or statistical purposes pursuant to Article 89(1) of the GDPR, the data subject, on grounds relating to his or her particular situation, has the right to object to the processing of his or her personal data, unless the processing is necessary for the performance of a task carried out for reasons of public interest. 

The data subject may also exercise his or her right to object by automated means using technical specifications. 

5.4 Automated Individual Decision-Making (including Profiling)


Each data subject whose personal data are processed shall have the right not to be subject to a decision based solely on automated processing, including profiling, unless said decision

  • is necessary for entering into, or performance of, a contract between the data subject and a data controller, or
  • is authorized by European Union or Member State law to which we, as controller, are subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, or
  • is based on the data subject’s explicit consent.


In the following section we would like to inform you about the processing of personal data when you use one of the Internet forms we provide on our website.


6.1 Contact Forms

6.1.1 Extent of Processing for Personal Data

In order to make contact with us you can use the following methods: the Contact Form, the Newsletter Registration or the Form to Download Information/Content Resources (White Paper, Infographic, etc).

 

When you make contact with our company by using one of our forms, such as the Contact Form or the form for Newsletter Registration, we process and use the personal data you provide. In this way the following kinds of data are regularly collected as obligatory information: salutation, surname, company, position, email address and reason for making contact. In addition, further and possibly personal data can be submitted voluntarily, such as telephone number, type of industry and size of company. All types of information, both obligatory and voluntary, are processed by us in the same way. The marking of obligatory information is required in order to facilitate orderly processing of your enquiry.

6.1.2 Legal Basis for Processing Personal Data

 

By filling in one of our forms and submitting it to us you explicitly indicate your agreement, in accordance with Article 6(1)(a) of the GDPR (provision of consent), to our processing the personal data for the purpose which is specified on each form.

6.1.3 Procedure for Using our Contact Forms

Whichever method you use to make contact with us, we use what is known as the Double Opt-In Procedure. This means that after receiving the personal data you have provided when you fill in one of our contact forms, we send a confirmation email to the email address you have provided. Our confirmation email contains a confirmation link: by clicking on this confirmation link you can confirm to us that you wish to make contact as you have indicated. By doing so you also indicate your agreement to our processing the personal data you have provided for the purpose stipulated. If you do not click on this confirmation link within 24 hours of receiving it, we will not make any further contact with you and you will not receive any further information from us. In this case we will not process any more of the personal data which were submitted for processing with your approval when you made contact, unless and only for as long as this data are necessary for orderly processing in accordance with Article 6 of the GDPR. 

If you do click on the confirmation link, thus confirming to us your desire to make contact, we shall store the data you have submitted for as long as required for the stipulated purpose of processing, unless you withdraw your consent beforehand. If you do withdraw consent, we shall immediately erasure the data you submitted when you made contact with us, provided this data are no longer necessary for orderly processing in accordance with Article 6 of the GDPR. 

If you do not withdraw consent, the personal data that you submitted upon registration will be employed for the purpose specified when you made contact with us: for example, to reply to your enquiry, to transfer to you the content you have requested, and/or to subscribe you to our email newsletter. Insofar as this is also included in the specified purpose of your making contact with us, we also pass on the personal data you have submitted to the responsible sales team of the Haverboecker Unternehmensgruppe, and if you have agreed to telephone contact, you may also be contacted by phone.


If you do not download a download link that you have requested, e.g. for a White Paper or Infographic, within 24 hours, the download will no longer be possible as a result of this request, and the associated personal data will be erased from our system, provided this data are no longer necessary for orderly processing in accordance with Article 6 of the GDPR. Should you subsequently be interested in such a download again, you can register with us at any time by using a contact form.

In dispatching our newsletter (including automated dispatch of emails), we employ the email marketing system Evalanche. Evalanche is an email marketing and analysis service provided by SC-Networks GmbH, Enzianstr. 2, 82319 Starnberg which we as controller employ and which does not pass on data to third parties. Evalanche uses what are known as cookies (for further details see Section 3.5), text files which are stored on your computer and which facilitate analysis of the way you use our website. The information provided by these cookies (including your IP address) is extracted, sent to a server in Germany and stored there.


 

The newsletter and automated emails also contain a miniature graphic (with what are known as tracking pixels) which makes it possible to see whether you have opened the newsletter or email or not. These tracking pixels, as well as the links contained in the newsletter, are connected with an ID allocated to you by a cookie when you make contact with us, and this in turn is assigned to your email address. In addition, what are known as tracking scripts within the Evalanche system on our website collect information about how you use our website. On the basis of this data a user profile is created which enables us to provide you with the newsletter and additional content taking into account your interests, as far as they can be ascertained from your user behavior.

 

6.1.4 Right of Withdrawal

You have the right to withdraw consent for the contact you have made with us at any time, no matter what form that contact takes. This can be done at any time, for example by using the unsubscribe link (known as Unsubscribe Opt-Out Function) contained in every email and every newsletter. Withdrawal of consent is also possible by using another link on this website for that specific purpose or by sending an email to datenschutzbeauftragter(at)haverboecker(dot)com. Should you withdraw consent in this way, we will not process any more of the personal data which were submitted for processing with your approval when you made contact, unless and only for as long as this data are necessary for orderly processing in accordance with Article 6 of the GDPR.

We also utilize the personal data which we collect when a visitor accesses this website (for further details see Section 3.3) in a non-personalized form for statistical purposes. To facilitate this, we employ analysis and tracking software solutions (known as Web trackers), and here we shall describe the character, extent and function of these.

The tracking measures presented and described below are employed in accordance with Article 6(1)(a) of the GDPR, i.e., only with your prior consent.

The aim of the tracking measures which we employ is to structure our website in order to meet demand and to optimize it on ongoing basis, and statistical evaluation serves for this purpose. The relevant data processing purposes and categories of data can be seen in detail from the following descriptions.


7.1 Google Analytics

Google Analytics is a web analysis service provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (“Google“).

Google Analytics employs cookies which facilitate analysis of the visitors to this website for statistical purposes. Google uses this information on our behalf in order to compile reports about the use of the website and facilitate further associated services.

In addition, Google Analytics analyses for marketing purposes how many user browsers access a specific page of our website, for example. On the basis of this information it is possible to compile relevant target groups. These target groups can then be addressed by online marketing with the appropriate content. Furthermore, data are added from registered Google product uses, when they have provided their consent to Google linking their web and app browser behavior with their Google accounts, and information from their Google accounts can be utilized to create personalize advertisements.

The information generated by your visit to this website can be transferred to a server operated by Google in the USA and stored there.

However, as part of the IP anonymization process activated for this website, your IP address will first be shortened (IP anonymization) within a member state of the European Union or another signatory country to the Agreement on European Economic Area. Our website employs a Google Analytics Tracking Code for this purpose, which is extended by the operator [ga(‘set‘, ‘anonymizelp‘, true)]. In this way IP addresses are only stored in an anonymized version (the process is known as IP masking). Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there. In this way the information which is transferred can no longer be matched to an individual person.

For cases when personal data are transferred to the USA, Google has signed up to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. Information about Google data protection policies can be found at http://www.google.de/intl/en/policies/privacy.

The data processed by Google Analytics and associated with cookies are automatically erased after 26 months.

The legal basis for data processing is Article 6(1)(a) of the GDPR.

You can prevent the collection and transfer of your personal data to Google (in particular your IP address) and the processing of this data by Google if you deactivate the execution of script code by means of the Do Not Track setting on your Internet browser, thus permanently preventing the installation of cookies. Furthermore, any cookie which has already been installed by Google Analytics can be deleted at any time through the Internet browser or other software programs.

In addition, you can install a Script Blocker in your Internet browser (you can find examples of these under www.noscript.net or www.ghostery.com). There is also the possibility of preventing the transfer of personal data created by the Google cookie relating to your usage of the website (including your IP address) and the processing of this data by Google by downloading a browser plug-in from https://tools.google.com/dlpage/gaoptout and installing it. This browser plug-in informs Google Analytics by means of JavaScript that no data and information regarding your visit to this website may be transferred to Google Analytics. The installation of the browser plug-in is perceived by Google as a denial of consent. 
If the IT system you employ in order to access our website is later erasured, re-formatted or re-installed, it will be necessary to re-install the browser plug-in in order to continue deactivating Google Analytics.

 

7.2 Use of Google Ads and Conversion Tracking

We employ the services of Google Ads Conversion in order to draw attention to our services on external websites with the help of advertisements (known as Google Ads). This makes it possible to evaluate the success of individual advertising measures. In doing so, our interest is predominantly directed at providing you with advertisements which, as far as possible, are of interest to you, thus making our website even more attractive for you. 

The Google Ads are provided by Google using what is known as an Ad Server. For this purpose we employ Ad Server cookies which make it possible to evaluate specific parameters for measuring success, such as the display of advertisements or user clicks. If you access our website by means of a Google advertisement, Google Ads stores a cookie on your device. These cookies are, as a rule, no longer valid after 30 days and do not serve to identify you personally. As a rule, the analysis values stored in these cookies comprise the unique cookie ID, the number of Ad Impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (indications that the user no longer wishes to be addressed in this way).

These cookies make it possible for Google to recognize your Internet browser. If a user visits certain pages of the website of an Ad client and the cookie stored on his computer has not yet expired, Google and the client can ascertain that the user has clicked on the advertisement and has been redirected to that page. Each Ads client is allocated a different cookie. This means that cookies cannot be traced back via the websites of Ads clients. We ourselves do not collect or process any personal data from the advertising measures referred to here. Google simply places at our disposal statistical evaluation. By using this evaluation it is possible to recognize which of the advertising measures that has been employed produces which resonance with the users of the website. No further information can be derived from this statistical information, and in particular we are not able to identify the users of our website on the basis of this information.

Due to the installation of marketing tools, your browser automatically establishes a direct link with the Google server. We have no influence on the extent or further processing of the data which is collected by Google by the use of this tool, and we can only inform you of the understanding we have the situation: by utilizing Ads Conversion, Google receives the information that the IP address you employ has accessed the appropriate part of our website or clicked on one of our advertisements. If you have, for example, registered the IP address you use with a service of Google, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider can ascertain the IP address you employed and stored it.

7.3. Google Maps
This website employs Google Maps to present interactive maps and to create descriptions of routes. Google Maps is a map service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. The use of Google Maps means that information about the use of this website, including your IP address and the (start) address you provide as part of the route planning function, is transferred to Google in the USA. If you access the website of our Internet service which contains Google Maps, your browser establishes a direct link to the Google server. The map content is transferred direct to your browser from Google and linked from part of the website. Consequently we have no influence over the extent of the data collected by Google in this way. According to the information we possess, this data comprises at least the following: 

  • Date and time of your visit to the relevant website,
  • Internet address or URL of the website accessed,
  • IP address and (start) address submitted as part of the route planning.

We have no influence over the further processing and usage of the data by Google and can therefore accept no liability in this respect.

If you do not wish Google to collect, process or use data about you via our Internet services, you can deactivate JavaScript in your browser settings. However, in this case you will not be able to use the map services.

For information about the purpose and extent of the data collection and further processing and use of data by Google, as well as your rights and the settings you can employ to protect your private sphere, please consult the Google data protection information: (https://policies.google.com/privacy?hl=en and https://www.google.com/intl/en_en/help/terms_maps.html).

By using our website you provide your consent to the processing of the data collected by Google Maps route planning in the manner described above and for the above-mentioned purposes.


7.4. Use of Web Analysis Software Matomo (formerly “Piwik“)

Data is collected and stored on this website by using the Open Source web analysis service software Matomo (formerly Piwik, see matomo.org), a service provided by InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, on the basis of our justified interest in the statistical analysis of user behavior for the purposes of optimization and marketing in accordance with Article 6(1)(f) of the GDPR. For the same purpose, pseudonymized user profiles can be created and evaluated from this data. For this purpose cookies can be installed (for further details see Section 3.5).

The data collected by means of the Matomo technology (including your pseudonymized IP address) is processed on our servers.

The information derived from the relevant cookie in a pseudonymized user profile is not used either to identify visitors to this website personally or to be combined with personal data.

You can prevent the collection of the data as described above and its processing by installing a JavaScript blocker such as http://www.noscript.net or http://www.ghostery.com.

You can find more information about data protection relating to Matomo under  https://matomo.org/privacy-policy/. 



7.5. Use of Services from Taboola

On our website we employ a service from (Taboola Inc., 16 Madison Square West, 7th Floor, New York, New York 10010; Tel.: 212.206.7663, Email: support@taboola.com) which makes it possible to provide individual user recommendations for content and advertisements on the basis of surfing behavior and specific client interests, so that we may optimize the user-friendly quality of our online service on an ongoing basis. The user profiles are created by employing pseudonyms: they are not combined with data about the individual the pseudonym refers to, and it is not possible to trace the pseudonyms back to any personal data. Taboola employs cookies (for further details see Section 3.5) to obtain the following user information:

  • User’s operating system
  • Accessed website/content of our website
  • Referrer/link by means of which the user accessed our website
  • Times website is accessed and frequency
  • Error pages accessed
  • Location information (city and state)
  • IP address in shortened form.

You can find further information about Taboola under https://www.taboola.com/privacy-policy/. Under the heading User Choices there you can also deactivate the tracking at any time. When you have successfully opted out, however, you will no longer be offered any content and/or advertisements based on user behavior.



7.6. Use of Services from Outbrain

In some segments of our website we use the technology provided by Outbrain Inc., 39 West 13th Street, 3rd Floor, New York, NY 10011. With the help of what is known as a widget (integrated reading recommendations generally placed below an article), users are referred to further topics which may be of interest to them within our website and on the websites of third parties. The information provided in the Outbrain widget is, in terms of content and technology, automatically created and delivered by Outbrain.

These widgets are compiled on the basis of content which the user has previously accessed. In order to show this further content based on the interest of the user, Outbrain employs cookies (for further details see Section 3.5) which are stored on the user's device or browser. Outbrain gathers information about the source device and the browser type, and the IP address of the user, which is anonymized by deleting the last octet. Outbrain then allocates what is known as a Universally Unique Identifier (UUID) by means of which the user can be identified through his or her device when he or she visits a website where the Outbrain widget has been implemented. Outbrain creates user profiles where the user interactions (e.g. pages accessed and clicks) of a browser or device are aggregated, so that the preferences of the UUID can be deduced.

We employ the services of Outbrain, upon consideration of the issues involved, in order to maintain our justifiable interests in the optimum user-friendly quality of our website in accordance with Article 6(1)(f) of the GDPR.

You can deactivate the tracking of advertisements for interest-based recommendations by Outbrain at any time by clicking on the Opt Out section under the Privacy and Security Policy Statement from Outbrain, which is to be found under http://www.outbrain.com/en/legal/privacy. You can also obtain further information here about the data protection policies of Outbrain Inc.. An opt-out of this type is only valid for the device you are using and ceases to function if you delete your cookies.



7.7. Use of Services from Plista

Our website is supported by a recommendation and personalization system operated by Plista GmbH, Torstraße 33-35, 10119 Berlin, Germany. Plista uses cookies (for further details see Section 3.5) with a randomly generated ID in order to offer our visitors use-based and therefore individual content recommendations and relevant advertisements. For this purpose Plista creates a pseudonymized user profile from this ID. This pseudonymized user profile cannot be used to deduce any information about the identity of the user in question.

You can prevent the storage of cookies at any time by means of the settings on your web browser, or to delete cookies which have already been stored. You can also prevent Plista from creating a profile at any time by making use of the opt-out feature under www.plista.com/en/ueber/opt-out. This opt-out is only valid for the device you are using and ceases to function if you delete your cookies.

The legal basis for this form of processing is Article 6(1)(f) of the GDPR. The cookie placed by Plista has a storage period of one year.

Further information about the data protection policies of Plista can be found under https://www.plista.com/en/ueber/privacy.



7.8. Use of Services from Mouseflow, ApS

Our website uses Mouseflow, a web analysis service supplied by Mouseflow, ApS, Flaesketorvet 68, 1711 Copenhagen V, Denmark (“Mouseflow“), in order to allocate anonymized IP addresses to randomly chosen visitors.

Mouseflow makes it possible to analyze the use of our website (for example mouse clicks, mouse movements, scrolling, activities within form fields).

We use this anonymized information in order to structure our website better and to optimize the user-friendly quality on an ongoing basis. Mouseflow creates for us aggregated and anonymized reports on the basis of anonymized data regarding user behavior on our website. You can prevent your personal data being used by Mouseflow in an analysis of how our website is used at any time by making use of the opt-out feature under https://mouseflow.com/opt-out/.

You can find further information about data collection and data protection with regard to Mouseflow, ApS under https://mouseflow.com/en/privacy/.

This website also features active JavaScript content from external suppliers which are known as web services. When you access this website, these external suppliers may receive personal information about your visit to our website. The processing of data outside the EU cannot be excluded here. You can prevent this by installing a JavaScript blocker such as the browser plug-in 'NoScript' (www.noscript.net) or deactivating JavaScript in your browser. It is possible that this could limit the functionality of this website. 

We make use of the following external web services:


8.1. YouTube Videos
We have integrated components from YouTube on this website. YouTube is an Internet video portal which allows video publishers to place video clips free of charge and other users to watch, evaluate and comment upon the video clips, also free of charge. YouTube permits the publication of all kinds of videos, and consequently it is possible to access over this Internet portal complete films and television programs as well as music videos, trailers or videos created by the users themselves.

The company which operates YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

When a user accesses a page of this website where a YouTube component (YouTube video) is integrated, the Internet browser on the IT system used by the user is automatically prompted by the YouTube component in question to download a version of the corresponding YouTube component from YouTube. Further information about YouTube can be found under www.youtube.com/intl/en/about/. As part of this technical procedure, YouTube and Google obtain information about which specific sub-sites of the website have been visited by the user in question.

If the user in question is logged into YouTube at the same time, YouTube recognizes – as soon as a sub-site containing a YouTube video is accessed – which specific sub-site of this website the user is visiting. This information is gathered by YouTube and Google and allocated to the YouTube account of the user in question.

YouTube and Google therefore receive via the YouTube components information about each time the user in question visits our website, when the user is simultaneously logged in to YouTube at the time of accessing the website: this happens no matter whether the user clicks on a YouTube video or not. If the user does not wish information of this sort to be transmitted to YouTube and Google, this can be prevented by the user logging out of his or her YouTube account before accessing our website.

The data protection policies published by YouTube, which can be accessed under https://policies.google.com/privacy?hl=en-US, provide information about the way YouTube and Google collect, process and use personal data.


8.2. Vimeo Videos
Plugins from the video portal Vimeo, from Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA, are incorporated in website. Each time a webpage is accessed which offers one or more Vimeo video clips, a direct connection is established between your browser and a server operated by Vimeo in the USA. In this way information about the IP address you use and your visit is stored there. Interaction with the Vimeo plug-ins (e.g. clicking the start button) causes this information to be transmitted to Vimeo as well, and stored there. The data protection policies that have been adopted by Vimeo, including further information about how Vimeo collects and uses your data, can be found in the Vimeo Privacy and Security Policy statement under https://vimeo.com/privacy.  

If you have a Vimeo user account and do not wish that Vimeo can gather data about you from this website to combine it with the membership data stored by Vimeo, you must log out of your Vimeo account before visiting this website.

 

Furthermore, by means of an iFrame, when a video is accessed, Vimeo triggers the Google Analytics tracker. This is a tracking measure adopted by Vimeo, and we have no influence over or access to it. You can prevent tracking by Google Analytics by installing the deactivation tool which Google provides for some Internet browsers. In addition, you can prevent the collection of data created by Google Analytics relating to your usage of the website (including your IP address) by Google, and the processing of this information by Google, by downloading a browser plug-in available over the following link and installing it: https://tools.google.com/dlpage/gaoptout?hl=en.


8.3. Facebook Social Link
We have integrated on this website components from Facebook. Facebook is a social network. A social network is a social meeting point which exists on the Internet, an online community which enables users, as a rule, to communicate with one another and to interact in virtual space. A social network can function as a platform for the exchange of views and experiences, and it enables the Internet community to present personal or commerce-related information. Among other things, Facebook enables the users of the social network to create private profiles, upload photographs and face enquiries to a network of friends.

The company which operates Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. If a data subject lives outside the USA or Canada, then the controller responsible for personal data is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Each time a user accesses a page of this website where a Facebook component (Facebook plug-in) is integrated, the Internet browser on the IT system used by the user is automatically prompted by the Facebook component in question to download a version of the corresponding Facebook component from Facebook. Further information about Facebook plug-ins can be accessed under https://developers.facebook.com/docs/plugins/?locale=en_EN. As part of this technical procedure, Facebook obtains information about which specific sub-sites of the website have been visited by the user in question.

If the data subject is logged into Facebook at the same time, Facebook recognizes – as soon as the data subject accesses this website, and for the entire period that the data subject remains on our website – which specific sub-site of this website the person is visiting. This information is gathered by the Facebook component and allocated by Facebook to the Facebook account of the user in question. If the data subject operates one of the Facebook buttons integrated on this website – such as the Like button – or provides a commentary, then Facebook also allocates this information to the personal Facebook user account of the data subject and stores this personal data.

Facebook therefore receives via the Facebook component information about each time the user in question visits our website, when the user is simultaneously logged in to Facebook at the time of accessing the website: this happens no matter whether the user clicks on a Facebook component or not. If the user does not wish information of this sort to be transmitted to Facebook, this can be prevented by the user logging out of his or her Facebook account before accessing our website.

 

The Facebook data guidelines, which can be accessed under https://en-en.facebook.com/about/privacy/, provide information about the collection, processing and use of personal data by Facebook. Information is also available here about the settings which Facebook provides for the protection of the private sphere of the data subject. In addition, a variety of applications can be obtained which makes it possible to suppress the transfer of data to Facebook. The data subject can use such applications in order to restrict the transfer of data to Facebook.


8.4. Facebook Custom Audiences

This website employs the retargeting product Website Custom Audiences (“WCA“) from the company Facebook Inc., 1601 Willow Road, Menlo Park, CA 94025, USA (“Facebook”) (Data Protection Advice). WCA is based on the use of cookies (for further details see Section 3.5) created on the hard disk of the device you use to access our website an entry about your visit to the website in question. On the basis of this cookie, Facebook is able to recognize you when you visit closed group areas of Facebook and offer you the appropriate advertisements. Facebook is only able to recognize you if you have an account with Facebook and are logged into the closed group area of Facebook. In other cases you are not affected by this form of data processing.

 

Facebook provides further information from its users about WCA under the following link: https://www.facebook.com/ads/manage/customaudiences/tos.php.


8.5. Microsoft BING Ads
On this website we employ Bing Ads, a service from the Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. This service allows us to trace your activities on our website when you have accessed the website via advertisements from Bing Ads. In this case a cookie is installed on your computer (for further details see Section 3.5). By means of the Bing UET tag which is integrated into our website, we can store pseudonymous information about the use of our website. This includes, among other things, the length of time you spent on our website, which areas of the website have been accessed and in some cases which advertisement prompted you to access our website.

Information regarding your identity is not collected. The information which has been collected is transferred to a Microsoft server in the USA. Microsoft certified under the US-EU data protection agreement Privacy Shield and has therefore undertaken to adhere to European data protection regulations.

You can find more information on data protection with Microsoft and Bing in the Microsoft data protection policies under https://privacy.microsoft.com/en-en/privacystatement.


8.6. LinkedIn

We have integrated components from the LinkedIn Corporation on this website. LinkedIn is an Internet-based social network which facilitates contacts between users with existing business contacts and the establishment of new business contacts. 

LinkedIn is operated by the LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. LinkedIn data protection issues outside the USA are handled by LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Each time a user accesses a page of this website where a LinkedIn component (LinkedIn plug-in) is integrated, the Internet browser on the IT system used by the user is automatically prompted by this component to download a version of the corresponding LinkedIn component. Further information about LinkedIn plug-ins can be accessed under https://developer.linkedin.com/plugins. As part of this technical procedure, LinkedIn obtains information about which specific sub-site of the website have been visited by the user in question.

If the data subject is logged into LinkedIn at the same time, LinkedIn recognizes – as soon as the data subject accesses this website, and for the entire period that the data subject remains on our website – which specific sub-site of this website the person is visiting. This information is gathered by the LinkedIn component and allocated by LinkedIn to the LinkedIn account of the user in question. If the data subject operates one of the LinkedIn buttons integrated on this website, then LinkedIn also allocates this information to the personal LinkedIn user account of the data subject and stores this personal data.

LinkedIn therefore receives via the LinkedIn component information about each time the user in question visits our website, when the user is simultaneously logged in to LinkedIn at the time of accessing the website: this happens no matter whether the user clicks on a LinkedIn component or not. If the user does not wish information of this sort to be transmitted to LinkedIn, this can be prevented by the user logging out of his or her LinkedIn account before accessing our website.

 

Under https://www.linkedin.com/psettings/guest-controls LinkedIn provides users with the opportunity to unsubscribe to email messages, SMS messages and targeted advertisements, and to administer the advertising settings. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame, which may install cookies (for details about cookies see Section. 3.5). Such cookies can be rejected: to do so, please consult https://www.linkedin.com/legal/cookie-policy. The LinkedIn data protection policies can be accessed under https://www.linkedin.com/legal/privacy-policy. The LinkedIn cookie guidelines can be accessed under https://www.linkedin.com/legal/cookie-policy.


8.7. XING
We have integrated components from Xing on this website. Xing is an Internet-based social network which facilitates contacts between users with existing business contacts and the establishment of new business contacts. Individual users can register a personal profile of themselves with Xing. Companies, for example, can create company profiles or publish information about situations vacant on Xing.

The company which operates Xing is New Work SE, Dammtorstraße 30, 20354 Hamburg, Deutschland.

Each time a user accesses a page of this website where a Xing component (Xing plug-in) is integrated, the Internet browser on the IT system used by the user is automatically prompted by this component to download a version of the corresponding Xing component from Xing. Further information about Xing plug-ins can be accessed under https://dev.xing.com/plugins. As part of this technical procedure, Xing obtains information about which specific sub-sites of the website have been visited by the user in question.

If the data subject is logged into Xing at the same time, Xing recognizes – as soon as the data subject accesses this website, and for the entire period that the data subject remains on our website – which specific sub-site of this website the person is visiting. This information is gathered by the Xing component and allocated by Xing to the Xing account of the user in question. If the data subject operates one of the Xing buttons integrated on this website, such as the Share button, then Xing also allocates this information to the personal Xing user account of the data subject and stores this personal data.

Xing therefore receives via the Xing component information about each time the user in question visits our website, when the user is simultaneously logged in to Xing at the time of accessing the website: this happens no matter whether the user clicks on a Xing component or not. If the user does not wish information of this sort to be transmitted to Xing, this can be prevented by the user logging out of his or her Xing account before accessing our website.

 

The data protection policies published by Xing, which can be found under https://www.xing.com/privacy, provide information about the way Xing collects, processes and uses personal data. Furthermore, Zing has published data protection advice for the ZING Share button under https://www.xing.com/app/share?op=data_protection.


8.8. Twitter
We have integrated components from Twitter on this website. Twitter is a multi-lingual, public–access microblogging service where the users can publish and distribute what are known as tweets, short messages with a maximum of 140 characters. These short messages can be accessed by everybody, not only individuals who are registered with Twitter. However, the tweets are automatically shown to the followers of the user in question. Followers are other Twitter users who follow the tweets of one user. Twitter also makes it possible to access a broad audience by means of hash tags, links and re-tweets.

The company which operates Twitter is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

Each time a user accesses a page of this website operated by the controller responsible where a Twitter component (Twitter button) is integrated, the Internet browser on the IT system used by the user is automatically prompted by this component to download a version of the corresponding Twitter component from Twitter. Further information about Twitter buttons can be accessed under https://about.twitter.com/en/resources/buttons. As part of this technical procedure, Twitter obtains information about which specific sub-sites of the website have been visited by the user in question. The aim of the integration of the Twitter component is to facilitate for our users a broad distribution of the content of this website, to make the website better known in the digital world, and to increase our visitor numbers.

If the data subject is logged into Twitter at the same time, Twitter recognizes – as soon as the data subject accesses this website, and for the entire period that the data subject remains on our website – which specific sub-site of this website the person is visiting. This information is gathered by the Twitter component and allocated by Twitter to the Twitter account of the user in question. If the data subject operates one of the Twitter buttons integrated on this website, then Twitter also allocates this data and information to the personal Twitter user account of the data subject and stores and processes this data.

Twitter therefore receives, via the Twitter component, information about each time the user in question visits our website, when the user is simultaneously logged in to Twitter at the time of accessing the website: this happens no matter whether the user clicks on a Twitter component or not. If the user does not wish information of this sort to be transmitted to Twitter, this can be prevented by the user logging out of his or her Twitter account before accessing our website.

 

The current data protection policies of Twitter can be found under https://twitter.com/privacy?lang=en.


8.9. Instagram

We have integrated components from the Instagram service on this website. Instagram is a service classified as an audio-visual platform which enables users to share photographs and videos and also to distribute such data on other social networks.

The company which provides Instagram services is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.

Each time a user accesses a page of this website operated by the controller responsible where an Instagram component (Instagram button) is integrated, the Internet browser on the IT system used by the user is automatically prompted by this component to download a version of the corresponding Instagram component from Instagram. As part of this technical procedure, Instagram obtains information about which specific sub-sites of the website have been visited by the user in question.

If the data subject is logged into Instagram at the same time, Instagram recognizes – as soon as the data subject accesses this website, and for the entire period that the data subject remains on our website – which specific sub-site of this website the person is visiting. This information is gathered by the Instagram component and allocated by Instagram to the Instagram account of the user in question. If the data subject operates one of the Instagram buttons integrated on this website, then Instagram also allocates this data and information to the personal Instagram user account of the data subject and stores and processes this data.

Instagram therefore receives, via the Instagram component, information about each time the user in question visits our website, when the user is simultaneously logged in to Instagram at the time of accessing the website: this happens no matter whether the user clicks on an Instagram component or not. If the user does not wish information of this sort to be transmitted to Instagram, this can be prevented by the user logging out of his or her Instagram account before accessing our website.

 

Further information about the current data protection policies of Instagram can be found under https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.

8.10. Pinterest

We have integrated on this website components from Pinterest Inc. Pinterest is a social network. A social network is a social meeting point which exists on the Internet, an online community which enables users, as a rule, to communicate with one another and to interact in virtual space. A social network can function as a platform for the exchange of views and experiences, and it enables the Internet community to present personal or commerce-related information. Among other things, Pinterest enables the users of the social network to post collections of pictures or individual pictures, as well as descriptions (all known as pins) on virtual pin boards; these pins can then be shared by other users ("re-pinning"), or comments can be posted about them.

The company which operates Pinterest is Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103, USA.

Each time a user accesses a page of this website operated by the controller responsible where a Pinterest component (Pinterest plugin) is integrated, the Internet browser on the IT system used by the user is automatically prompted by this component to download a version of the corresponding Pinterest component from Pinterest. More information about Pinterest can be found under https://pinterest.com/. As part of this technical procedure, Pinterest obtains information about which specific sub-sites of the website have been visited by the user in question.

If the data subject is logged into Pinterest at the same time, Pinterest recognizes – as soon as the data subject accesses this website, and for the entire period that the data subject remains on our website – which specific sub-site of this website the person is visiting. This information is gathered by the Pinterest component and allocated by Pinterest to the Pinterest account of the user in question. If the data subject operates one of the Pinterest buttons integrated on this website, then Pinterest also allocates this data and information to the personal Pinterest user account of the data subject and stores and processes this data.

Pinterest therefore receives, via the Pinterest component, information about each time the user in question visits our website, when the user is simultaneously logged in to Pinterest at the time of accessing the website: this happens no matter whether the user clicks on a Pinterest component or not. If the user does not wish information of this sort to be transmitted to Pinterest, this can be prevented by the user logging out of his or her Pinterest account before accessing our website.

The data protection policies published by Pinterest, which can be accessed under https://about.pinterest.com/privacy-policy, provide information about the way Pinterest collects, processes and uses personal data.

If and when we enable third parties (such as web analysis or logistics service providers) access to personal data, it is only to the extent that this data are required for the performance of the corresponding services. Should we contract out a certain part of the data-processing activity (“contract data processing”), we ensure that these sub-contractors are contractually bound to process personal data only in accordance with the requirements of the relevant data protection regulations, in particular the GDPR, and to guarantee in full the data protection rights of the individual involved.

Personal data collected from this website will only be transferred to a location outside Germany and the European Economic Area when it has been ensured that this data will be subjected to a level of protection comparable to that provided by the GDPR.

Top