We are very delighted that you have shown interest in our enterprise. Data protection is of a
particularly high priority for the management of the b-drives GmbH. The
use of the Internet pages of the b-drives GmbH is possible without any
indication of personal data; however, if a data subject wants to use special enterprise services
via our website, processing of personal data could
processing of personal data may become necessary. If the processing
of personal data is necessary and there is no
legal basis for such processing, we generally obtain the consent of the data subject.
The processing of personal data, such as the name, address, e-mail
address, or telephone number of a data subject shall always be in line with the
General Data Protection Regulation and in accordance with the country-specific data protection regulations applicable to b-drives GmbH. By means of this
data protection declaration, our company would like to inform the public about the type, scope and
purpose of the personal data we collect, use and process.
Furthermore, data subjects are informed of the
rights to which they are entitled by means of this data protection declaration.
As the controller, the b-drives GmbH has implemented numerous
technical and organisational measures to ensure the most complete
protection of personal data processed through this website.
However, Internet-based data transmissions may in principle have security gaps,
so absolute protection may not be guaranteed. For this reason,
each data subject is free to transfer personal data to us via alternative means,
e.g. by telephone.
1. Definitions
The data protection declaration of the b-drives GmbH is based on the terms
used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable
be legible and understandable for the general public, as well as our customers and business partners.
To ensure this, we would like to first explain the
terminology used.
In this data protection declaration, we use, among other things, the following terms:
a) Personal data
Personal data means any information relating to an identified or
identifiable natural person (referred to hereinafter as ‘data subject’).
An identifiable natural person is one who can be identified, directly or indirectly,
in particular by reference to an identifier such as a name, an
identification number, location data, an online identifier or to one or
several special characteristics that express the physical, physiological,
genetic, psychological, economic, cultural or social identity of this
natural person.
b) Affected person
The affected person is any identified or identifiable natural person whose
personal data is processed by the person responsible for the processing
.
c) Processing
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means,
such as collection, recording, organisation, structuring, storage,
adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. d) Restriction of processingRestriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.
provision, comparison or linking, restriction, erasure
or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal
data with the aim of limiting their processing in the future.
e) Profiling
Profiling is any form of automated processing of personal data that
consists of using personal data to evaluate certain
personal aspects relating to a natural person,
in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation,
health, personal preferences, interests, reliability, behaviour,
location or movements.
(f) Pseudonymisation
Pseudonymisation is the processing of personal data in such a manner that
the personal data can no longer be attributed to a specific data subject without the use of additional information,
provided that
such additional information is kept separately and is subject to technical and
organisational measures to ensure that the
personal data are not attributed to an identified or identifiable natural
person.
g) Controller or controller responsible for the processing
Controller or controller responsible for the processing is the natural or
legal person, public authority, agency or other body which, alone or jointly
with others, determines the purposes and means of the processing of personal
data; where the purposes and means of such processing are determined by
Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
responsible party or the specific criteria for their nomination
can be provided for under European Union law or the law of the member states.
h) Processor
A processor is a natural or legal person, public authority, agency
or other body that processes personal data on behalf of the responsible party
.
i) Recipient
Recipient is a natural or legal person, public authority, agency or
other body, to which personal data are disclosed, regardless of whether
it is a third party or not. However, public authorities which, in the framework of a
specific investigation task under Union or
Member State law, may receive personal data, shall not be
deemed to be recipients.
j) Third party
Third party is a natural or legal person, public authority, agency or body
other than the data subject, controller, processor
and persons who, under the direct authority of the controller
or processor, are authorised to process personal data
.
k) Consent
Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by
means of a statement or by a clear affirmative action, signifies agreement to the
processing of personal data relating to him or her.
2. Name and Address of the controller
Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws
applicable in Member states of the European Union and other
provisions related to data protection is:
b-drives GmbH
Oststraße 96
22844 Norderstedt
Germany
Phone: +49-(0)40-538092-20
Email: info@b-drives.com
Website: www.b-drives.com
3. Cookies
The Internet pages of the b-drives GmbH use cookies. Cookies are
text files that are stored in a computer system via an Internet browser
.
Numerous Internet sites and servers use cookies. Many cookies contain a
so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists
of a character string through which Internet pages and servers can be assigned to the specific
Internet browser in which the cookie was stored. This
enables visited Internet sites and servers to differentiate the individual browser of the
data subject from other Internet browsers that contain other cookies.
A specific Internet browser can be recognized and identified using the unique cookie ID.
Through the use of cookies, the b-drives GmbH can provide the users of this
website with more user-friendly services that would not be possible without the cookie setting
.
By means of a cookie, the information and offers on our website can be
optimised with the user in mind. Cookies allow us, as previously mentioned, to
recognise our website users. The purpose of this recognition is to make it
facilitate the use of our website for users. For example, the user of a website that
uses cookies does not have to re-enter their access data each time they visit the website
because this is taken over by the website and the
cookie stored on the user’s computer system. Another example
is the cookie of a shopping basket in an online shop. The online shop remembers the items
a customer has placed in the virtual shopping basket, via a cookie.
The data subject can prevent the setting of cookies by our website at any time
by means of a corresponding setting in the Internet browser used and thus
permanently object to the setting of cookies. Furthermore, cookies that have already been set can
be deleted at any time via an Internet browser or other software programs. This
possible in all common Internet browsers. If the data subject deactivates the setting of
cookies in the Internet browser used, not all functions of
our website may be entirely usable.
4. Collection of general data and information
The website of the b-drives GmbH collects a series of general data and information when a data subject or automated system calls up the website
data and information. This general data and information are stored in the
server log files. Collected may be (1) the browser types
and versions used, (2) the operating system used by the accessing system, (3) the
website from which an accessing system reaches our website
(so-called referrers), (4) the sub-websites, (5) the date and time of access to the Internet site
our website, (5) the date and time of access to the
website, (6) an Internet Protocol address (IP address), (7) the Internet service
provider of the accessing system, and (8) any other similar data and information that
can be used in the event of attacks on our information technology systems
.
When using these general data and information, the b-drives
GmbH does not draw any conclusions about the data subject. Rather, this information is
needed to (1) deliver the content of our website correctly, (2) optimize the content of our
website as well as its advertisement, (3) ensure the long-term
functioning of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, the b-drives GmbH analyzes anonymously collected data and information statistically
website, as well as (4) to provide law enforcement authorities with the
necessary information for prosecution in the event of a cyber attack. This
anonymously collected data and information is evaluated by b-drives GmbH
therefore, on the one hand, statistically and, on the other hand, with the aim of increasing data protection and
data security in our company in order to ultimately ensure an optimal level of protection
for the personal data processed by us. The anonymous data
of the server log files are stored separately from all personal data provided by a data subject.
5. Registration on our website
The data subject has the option to register on the website of the data controller
by providing personal data. Which
personal data transmitted to the controller
is determined by the respective input mask used for the registration.
The personal data entered by the data subject are
exclusively collected and stored for internal use by the controller
and for the controller’s own purposes. The controller
may arrange for the data to be passed on to one or more processors, such as a
parcel service provider, who also uses the personal data exclusively for
an internal use attributable to the controller,
uses.
By registering on the website of the controller,
the IP address assigned by the Internet Service Provider (ISP) to the data subject,
the date and time of registration are also stored. The storage of this data
is carried out against the background that this is the only way to prevent the misuse of our services
and, if necessary, to enable the investigation of criminal offences.
In this respect, the storage of this data is necessary to secure the data controller.
This data is not passed on to third parties
unless there is a legal obligation to do so or if the passing on of the data
serves the aim of criminal prosecution.
The registration of the data subject, with the voluntary provision of personal data,
enables the controller to offer the data subject content or
services that, due to the nature of the matter, can only be offered to registered users.
Registered persons are free to modify the
personal data provided during registration at any time or to have it completely
deleted from the database of the controller.
The data controller shall, at any time, provide information upon request to each data subject as to
what personal data are stored about the data subject.
In addition, the data controller shall correct or erase personal data at the request or indication of the data subject, insofar as there are no
legal storage obligations.
A data protection officer named in this data protection declaration and
all the employees of the data controller
processing controller are available to the data subject as
contact persons in this context.
6. GetResponse
This website uses GetResponse to send newsletters. The provider is
GetResponse Sp.z o.o., ul. ARKONSKA 6/A3, 80-387 GEDANSK, Poland.
GetResponse is a service which, among other things, can be used to organise and analyse the sending of newsletters.
The data you enter to subscribe to our newsletter
is stored on GetResponse servers.
Data analysis by GetResponse
When we send newsletters with the help of GetResponse, we can determine whether a
newsletter message has been opened and which links, if any, have been clicked on.
GetResponse also allows us to divide newsletter recipients into different
categories (so-called tagging). In doing so, newsletter recipients can be
divided, for example, according to gender, personal preferences (e.g. vegetarian or non-vegetarian) or
customer relationship (e.g. customer or potential customer). This makes it
possible to better adapt the newsletter to the respective target group. For more information,
please visit: https://www.GetResponse.de.
If you do not want GetResponse to analyse your data, you must unsubscribe from the newsletter.
We provide a link for this purpose in every newsletter message
. You can also unsubscribe from the newsletter directly on the website.
Legal basis
Data processing is based on your consent (Art. 6 (1) (a) GDPR).
You may revoke your consent at any time. The legality of the data processing already carried out
remains unaffected by the revocation.
Storage duration
The data you provide us with for the purpose of subscribing to the newsletter will be
stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of GetResponse after you unsubscribe from the newsletter
.
Data that we have stored for other purposes (e.g. email addresses for the
members area) remain unaffected.
For details, see the GetResponse privacy policy at:
https://www.getresponse.de/email-marketing/legal/datenschutz.html.
Conclusion of a contract for commissioned data processing
We have concluded a contract for commissioned data processing with GetResponse, in which
we oblige GetResponse to protect our customers’ data and not to pass it on to
third parties.
7. Newsletter tracking
The newsletter of b-drives GmbH contains so-called tracking pixels. A
tracking pixel is a miniature graphic embedded in e-mails sent in HTML format
to enable log file recording and log file analysis.
This allows a statistical evaluation of the success or failure of
online marketing campaigns. Based on the embedded tracking pixel,
b-drives GmbH can recognise whether and when an e-mail was opened by an
affected person and which links in the e-mail were accessed by the
person concerned.
Such personal data collected in the tracking pixels contained in the newsletters
are stored and analysed by the controller in order to
optimise the shipping of the newsletter, as well as to adapt the content of future newsletters even better
to the interests of the data subject. These personal data will
not be passed on to third parties. Data subjects are at any time entitled to
separate declaration of consent submitted via the double opt-in procedure.
After a revocation, this
personal data will be deleted by the controller.
The b-drives automatically regards a withdrawal from the receipt of the newsletter as
revocation.
8. Contact via the website
The website of the b-drives GmbH contains information that enables a quick electronic contact to our
enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address).
If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.
transmitted personal data is automatically stored. Such personal data transmitted on a voluntary
basis by a data subject to the data controller
is stored for the purpose of processing or
contacting the data subject. There is no transfer of this
personal data to third parties.
9. Routine erasure and blocking of personal data
The data controller shall process and store the personal data of
the data subject only for the period necessary to achieve the purpose of storage
or as far as this is granted by the European legislator or other legislators in laws or regulations to which the
controller is subject to, was provided for.
If the storage purpose no longer applies or if a storage period prescribed by the European
regulators and legislators or another competent legislator
expires, the personal data will be routinely and in accordance with the
statutory provisions blocked or deleted.
10. Rights of the data subject
a) Right to confirmation
Every data subject has the right, as granted by the European directive and regulation
giver, to request confirmation from the controller
as to whether personal data relating to him or her is being processed.
If a data subject wishes to exercise this right of confirmation, they can
contact our data protection officer or another
employee of the controller at any time.
b) Right to information
Every data subject has the right, as granted by the
European directive and regulation maker, to at any time request from the
controller free information about the
personal data stored about him/her and to receive a copy of this information.
Furthermore, the European directive and regulation maker has
granted the data subject access to the following information:
- the purposes of the processing
- the categories of personal data concerned
- the recipients or categories of recipients to whom the
personal data have been or will be disclosed,
in particular recipients in third countries or international
organisations
- where possible, the envisaged period for which the personal data will be
stored or, if this is not possible, the criteria for
determining that duration
- the existence of a right to request from the controller rectification or erasure of
personal data or restriction of
processing of personal data concerning the data subject or to object to such processing
- the existence of a right to lodge a complaint with a supervisory authority
- if the personal data are not collected from the data subject
: All available information about the origin of the data
- the existence of automated decision-making, including
profiling, in accordance with Article 22 (1) and (4) of the GDPR and, at least in these
cases, meaningful information about the logic involved and the
scope and intended impact of such processing
on the data subject
Furthermore, the data subject has the right to be informed as to whether
personal data has been transferred to a third country or to an international organisation.
If this is the case, the data subject has
the right to be informed of the appropriate safeguards relating to
the transfer.
If a data subject wishes to avail himself of this right of access, he or she may, at any time,
contact any employee of the controller.
c) Right to rectification
Each data subject shall have the right granted by the European legislator to obtain from the controller without undue delay the
rectification of inaccurate personal data concerning him or her.
Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Furthermore, the data subject has the right, taking into account the purposes
of the processing, to request the completion of incomplete personal data,
including by means of a supplementary declaration.
If a data subject wishes to exercise this right of rectification,
they may, at any time, contact our data protection officer or another
employee of the controller.
d) Right to erasure (right to be forgotten)
Each data subject shall have the right granted by the European legislator to
obtain from the controller the erasure of personal data concerning him or her without undue delay, and the
controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies, as long as the processing is not necessary:
- The personal data have been collected for such purposes or
processed in such a way that they are no longer necessary.
- The data subject withdraws the consent on which the
processing was based pursuant to Article 6(1)(a) of the GDPR or Article 9(2)
(a) of the GDPR and there is no other
legal basis for the processing.
- The data subject objects to the processing pursuant to Article 21(1) of the GDPR
and there are no overriding legitimate reasons for
the processing, or the data subject objects to the processing pursuant to Article 21(2)
of the GDPR.
- The personal data have been processed unlawfully.
- The personal data must be erased for compliance with a legal
obligation in Union or Member State law
to which the controller is subject.
- The personal data have been collected in relation to the offer of information
society services referred to in Article 8(1) of the GDPR.
If one of the aforementioned reasons applies, and a data subject wishes to
erasure of personal data stored by the b-drives GmbH,
they may, at any time, contact our
Data Protection Officer or another employee of the controller.
The Data Protection Officer of the b-drives
GmbH or another employee shall promptly ensure that the erasure request
is complied with immediately.
If the personal data has been released by b-drives GmbH
and our company, as the responsible party according to Article 17
(1) of the GDPR, is obliged to delete personal data, b-drives GmbH, taking into account the available technology
and the implementation costs, shall take appropriate measures, including technical measures, to
notify other data controllers which process the published
process the personal data, that the
data subject has requested that these other data controllers
delete all links to this personal data or copies or
replicas of this personal data, insofar as the processing
is not necessary. The data protection officer of b-drives GmbH
or another employee will take the necessary steps in individual cases.
e) Right to restriction of processing
Each data subject shall have the right granted by the
European legislator to obtain from the controller restriction of processing where one of the
following applies:
- The accuracy of the personal data is contested by the data subject, for a period enabling the controller to
verify the accuracy of the personal data.
- The processing is unlawful, the data subject refuses to delete
the personal data and instead requests that
the use of personal data be restricted.
- The controller no longer needs the personal data for the purposes of
processing, but the data subject needs it in order to
assertion, exercise or defence of legal claims.
- The data subject has objected to processing pursuant to Article 21
(1) of the GDPR pending the verification whether the legitimate
reasons of the controller override those of the data subject
.
If one of the aforementioned conditions is met, and a data subject
person wishes to request the restriction of personal data stored by b-drives GmbH,
they can contact our data protection officer or another employee of the
controller at any time. The data protection officer of b-drives GmbH or another employee will arrange the restriction of the
processing.
f) Right to data portability
Each data subject shall have the right granted by the
European legislator, to receive the personal data concerning him or her, which was provided to a
controller, in a structured, commonly used and
machine-readable format. He or she shall have the right to transmit those data
to another controller without hindrance from the controller to whom
the personal data has been provided, where the
processing is based on consent pursuant to point (a) of Article 6(1) of the GDPR or
point (a) of Article 9(2) of the GDPR, or on a contract pursuant to point (b) of Article 6(1) of the
GDPR, and the processing is carried out by automated means,
, unless the processing is necessary for the performance of a task
carried out in the public interest or in the exercise of official authority
vested in the controller.
Furthermore, in exercising their right to data portability, the data subject shall have
the right to have the personal data transmitted directly from one controller to another
responsible party, insofar as this is technically feasible and provided that
this does not affect the rights and freedoms of other persons.
To assert the right to data portability, the data subject
can contact the data protection officer appointed by b-drives GmbH or
another employee at any time.
g) Right to object
Every data subject affected by the processing of personal data has the
European directive and regulation giver granted the right, for reasons arising
from their particular situation, at any time against the processing of
personal data relating to them, which, on the basis of Art. 6 para. 1 letters e
or f DS-GVO takes place to object. This also applies to this
Profiling based on regulations.
The b-drives GmbH shall no longer process the personal data in the event of
the objection, unless we can demonstrate compelling legitimate
reasons for the processing which override the interests, rights and freedoms
of the data subject, or for the establishment,
exercise or defence of legal claims.
If the b-drives GmbH processes personal data for
direct marketing, the data subject shall have the right to object at any time
to processing of personal data concerning him or her for such
marketing. This applies to profiling to the extent that it is related to such
direct marketing. If the data subject objects to the
b-drives GmbH to the processing for direct marketing purposes,
the b-drives GmbH will no longer process the personal data for
these purposes.
In addition, the data subject has the right, on grounds relating to his or her
particular situation, to object to processing of personal data concerning him or her
by the b-drives GmbH for
scientific or historical research purposes, or for statistical
purposes pursuant to Article 89(1) of the GDPR, unless the processing
is necessary for the performance of a task carried out for reasons of public interest
task.
In order to exercise the right to object, the data subject may directly contact
the Data Protection Officer of b-drives GmbH or another
employee. In addition, the data subject is free in the context
of the use of information society services, and notwithstanding Directive
2002/58/EC, to use his or her right to object by automated means using
technical specifications.
h) Automated individual decision-making, including profiling
Each data subject shall have the right granted by the European legislator not to be subject to a
decision based solely on automated processing, including profiling,
which produces legal effects concerning him or her, or similarly significantly affects him or her, as long as
the decision (1) is not is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or (2) is not authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, or (3) is not based on the data subject’s explicit consent.
decision (1) is not necessary for entering into, or the performance of, a contract between
the data subject and a data controller, or (2) is not authorised by
Union or Member State law to which the controller is subject and which also lays down suitable measures to
safeguard the data subject’s rights and freedoms and legitimate interests, or (3) is not based on the data subject’s explicit consent
.
If the decision (1) is necessary for entering into, or the performance of, a contract between
the data subject and a data controller, or (2) it is based on the
data subject’s explicit consent, the b-drives
GmbH shall implement suitable measures to safeguard the data subject’s rights and freedoms and
legitimate interests, at least the right
to obtain the intervention of a person on the part of the controller, to
present one’s own standpoint and to challenge the decision.
If the data subject wishes to exercise rights relating to automated decisions,
they can contact our data protection officer
or another employee of the controller at any time.
i) Right to revoke consent under data protection law
Each data subject shall have the right granted by the
European legislator to withdraw his or her consent to processing of his or her personal data at any time.
If the data subject wishes to exercise the right to withdraw the consent,
he or she may at any time directly contact our Data Protection Officer of the Sympany AG or another employee of the controller.
If the data subject wishes to exercise the right to withdraw the consent, he or she may at any time directly contact our Data Protection Officer of the Sympany AG or another employee of the controller.
11. Data protection for applications and the application procedures
other employee of the controller.
11. Data protection for job applications and in the application process
The controller collects and processes the personal
data of applicants for the purpose of the processing of the application procedure. The
processing may also be carried out electronically. This is the case, in particular,
if an applicant submits corresponding application documents by e-mail or by means of a web form on the website to the controller. If the data controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment contract.
for example by email or by means of a web form on the website, to
the controller. If the controller
enters into an employment contract with an applicant, the transmitted
data will be stored for the purpose of processing the employment relationship in compliance with
legal requirements. If the controller
does not enter into an employment contract with the applicant, the
application documents will be automatically deleted two months after notification of the rejection decision,
provided that no other legitimate interests of the data controller for the
processing conflict with such deletion. Other legitimate interests in this
sense, for example, is a duty of proof in proceedings under the General
Equal Treatment Act (AGG).
12. Legal basis for processing
Art. 6 I lit. a DS-GVO serves our company as a legal basis for
processing operations in which we obtain consent for a specific
processing purpose. If the processing of personal data is necessary for the fulfilment of
a contract to which the data subject is a party, as is
the case, for example, with processing operations that are necessary for the delivery of goods
or the provision of any other service or consideration, the processing is
based on Art. 6 I lit. b DS-GVO. The same applies to such processing operations
that are necessary to carry out pre-contractual measures, for example in cases of
requests for our products or services. If our company is subject to a
legal obligation that requires the processing of personal data
is required, for example to fulfil tax obligations, the
processing is based on Art. 6 I lit. c DS-GVO. In rare cases, the processing of
personal data may be necessary to protect the vital interests of the data subject
or another natural person. This would be the case, for example,
if a visitor to our company were to be injured and his or her name,
age, health insurance data or other vital information to a doctor,
hospital or other third party. Then the
processing would be based on Art. 6 I lit. d DS-GVO. Ultimately, processing operations could
be based on Art. 6 I lit. f DS-GVO. This legal basis is used for
processing operations that are not covered by any of the aforementioned legal bases,
if the processing is necessary to safeguard a legitimate interest of our company or
a third party, provided that the interests, fundamental rights and freedoms of the
data subject do not prevail. Such processing operations are particularly permitted to us
because they have been specifically mentioned by the European legislator. He
that a legitimate interest could be assumed if the
data subject is a client of the controller (recital 47, sentence 2 GDPR).
13. Legitimate interests in the processing being pursued by the controller or
by a third party
Where the processing of personal data is based on Article 6(1) lit. f GDPR our
legitimate interest in conducting our business for the benefit of
all our employees and our shareholders.
14. Duration for which personal data is stored
The criterion for the duration of the storage of personal data is the respective
statutory retention period. After the deadline, the corresponding data is
routinely deleted, provided that they are no longer required for the fulfilment or initiation of the contract
.
15. Legal or contractual provisions for the provision of personal
data
Necessity for the conclusion of the contract; obligation of the data subject
to provide the personal data; possible consequences of
non-provision
We would like to clarify that the provision of personal data is partly
required by law (e.g. tax regulations) or can also result from contractual
provisions (e.g. information on the contractual partner). Sometimes it may be necessary for the
conclusion of a contract that a data subject provides us with personal data
that must subsequently be processed by us. The data subject
person is, for example, obliged to provide us with personal data when
our company signs a contract with him or her. The non-provision of the
personal data would have the consequence that the contract with the data subject could not
be concluded. Before personal data is provided by the data subject,
the data subject must contact our Data Protection Officer. Our
Data Protection Officer clarifies to the data subject whether the provision of the personal data is required by law or contract or is
provision of the personal data is required by law or contract or
is necessary for the conclusion of the contract, whether there is an obligation to
provide the personal data and the consequences of not providing the
personal data.
16. Existence of automated decision-making
As a responsible company, we do not use automatic
decision-making or profiling.
17. Data protection provisions about the application and use of Google Analytics (with
anonymisation function)
On this website, the controller has integrated the component of Google
Analytics (with the anonymizer function). Google Analytics is a web analytics
service. Web analytics is the collection, gathering, and analysis of data about the
behaviour of visitors to websites. Among other things, a web analysis service collects
data about the website from which a data subject came to a website
(so-called referrer), which sub-pages of the website were accessed
or how often and for how long a sub-page was viewed. A web
analysis is mainly used to optimise a website and for the cost-benefit
analysis of internet advertising.
The operating company of Google Analytics is Google Inc., 1600
Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.
For the web analytics through Google Analytics the controller uses the application
_gat. _anonymizeIp’. By means of this application the IP address of the
internet connection of the data subject is shortened and anonymised by Google if
our website is accessed from a member state of the European Union or from
another state that is a party to the Agreement on the European Economic Area
.
The purpose of the Google Analytics component is to analyse visitor flows on
our website. Google uses the data and information obtained, among other things,
to evaluate the use of our website, to compile online reports for us that show the
activities on our websites, and to provide other services related to the
use of our website.
Google Analytics places a cookie on the information technology system of the
data subject. The definition of cookies is explained above. With the setting of the cookie,
Google is enabled to analyse the use of our website. With each
call-up to one of the individual pages of this Internet site, which is operated by the controller
and into which a Google Analytics component was integrated, the Internet browser on the information technology system of the
automatically by the respective Google Analytics component
to transmit data to Google for the purpose of online analysis. As part of
this technical process, Google obtains knowledge of personal data, such as the
IP address of the data subject, which Google uses, among other things, to track the origin of the
visitors and clicks and subsequently to enable commission settlements
.
The cookie is used to store personal information, such as the access time,
the location from which access was made and the frequency of visits to our
website by the data subject. Each time we visit our
website, this personal data, including the IP address of the
internet connection used by the data subject, is transmitted to Google in the United States
of America. This personal data is stored by Google in the
United States of America. Google may also transfer this information
to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.
The data subject can prevent the setting of cookies through our website, as stated above,
at any time by means of a corresponding adjustment of the web browser used
and thus permanently deny the setting of cookies.
Such an adjustment to the Internet browser used would also prevent Google
sets a cookie on the data subject’s information technology system. In addition,
a cookie already set by Google Analytics can be deleted at any time via the internet browser
or other software programs.
Furthermore, the data subject has the option of objecting to the collection of data generated by Google
Analytics and relating to the use of this website and the
processing of this data by Google and to prevent such.
To do this, the data subject must download a browser add-on under the link
https://tools.google.com/dlpage/gaoptout and install it. This browser add-
on informs Google Analytics via JavaScript that no data and information about
visits to websites may be transmitted to Google Analytics. The installation
of the browser add-on is considered an objection by Google. If the
data subject’s information technology system is deleted, formatted or reinstalled at a later date,
the data subject must reinstall the
browser add-on in order to disable Google Analytics. If the
browser add-on was uninstalled by the data subject or any other person who
falls within the data subject’s sphere of influence, or is disabled, it is possible to
reinstallation or reactivation of the browser add-on.
Further information and the applicable data protection provisions of Google may
be retrieved under https://www.google.de/intl/de/policies/privacy/ and under
http://www.google.com/analytics/terms/de.html. Google Analytics is
further explained under the following Link https://www.google.com/intl/de_de/analytics/.
18. Contact / Online (Live) Chat via Smartsupp
This website uses the chat plugin Smartsupp. The provider is Smartsupp, Milady
Horakove 13, 602 00 Brno, Czech Republic
You can use Smartsupp to start a direct conversation with our employees.
The Smartsupp plugin of this website records data (browser information, visited
page content and conversation) with a visit to the website, and when information is exchanged between
the visitor and our employee, anonymised. This involves the use of
‘session’ cookies, which are deleted after the website visit. The cookies
do not contain any personal data. The data is usually transmitted in encrypted form to servers in the
EU.
The storage is based on Art. 6 para. 1 lit. a and f DSGVO. The visitor
can use this function voluntarily to contact the operator of the offer directly.
In addition, the website operator has a legitimate interest in analysing
user behaviour in order to optimise both its website and its advertising.
Objection to data collection
You can prevent Smartsupp from collecting your data by not using the chat
function of this website. In addition, you can install an add-in in your
browser that blocks this plug-in.
Contract data processing
A processing of the data comes about when you visit the website. Smartsupp describes
the handling of data transparently in accordance with the requirements of the GDPR at
https://www.smartsupp.com/de/privacy.
19. Google Adwords Conversion Tracking
This website also uses Google Conversion Tracking. This involves Google
Adwords placing a cookie on your computer if you have reached our website via a Google ad.
These cookies lose their validity after 30 days and
do not serve personal identification. If the user visits certain pages of the
Adwords customer’s website and the cookie has not yet expired, Google
and the customer can recognise that the user clicked on the ad and was redirected to this page.
Each Adwords customer receives a different cookie. Cookies cannot
be tracked across Adwords customers’ websites. The
conversion cookies is used to generate conversion statistics for
Adwords customers who have opted for conversion tracking.
Adwords customers are told the total number of users who clicked on their ad
and were redirected to a page with a conversion tracking tag.
However, they do not receive any information that can be used to personally identify users
. If you do not wish to participate in the tracking process,
you can also refuse the setting of a cookie that is necessary for this – for example, via a browser
setting that generally deactivates the automatic setting of cookies. You can
also deactivate cookies for conversion tracking by setting your browser to
block cookies from the domain ‘www.googleadservices.com’. The Google
privacy policy for conversion tracking can be found at
http://www.google.com/intl/de/policies/privacy.
20. Google Maps privacy policy
This website uses the Google Maps product from Google Inc. By using this
website, you consent to the collection, processing and use of automated
data by Google Inc, its agents and third parties.
You can find the Google Maps terms of use under ‘Google Maps terms of use
‘.
21. Privacy policy for the use of Facebook plugins (Like button)
Our pages integrate plugins from the social network Facebook, 1601 South California
Avenue, Palo Alto, CA 94304, USA. You can recognise the Facebook plugins by the
Facebook logo or the ‘Like’ button on our page. An overview
of the Facebook plugins can be found
here: http://developers.facebook.com/docs/plugins/. When you visit our pages,
the plugin establishes a direct connection between your browser and the Facebook server.
Facebook receives the information that you have visited our site with your IP address
page. If you click on the Facebook ‘Like’ button while you are
logged into your Facebook account, you can link the contents of our pages to your
Facebook profile. This allows Facebook to associate your visit to our pages with your
user account. We would like to point out that, as the provider of the pages, we have no
knowledge of the content of the data transmitted or how Facebook uses it.
For more information, please see Facebook’s privacy policy
at https://de-de.facebook.com/policy.php
If you do not want Facebook to be able to associate your visit to our pages with your Facebook
account, please log out of your Facebook account.
22. Privacy Policy for the Use of the Google ‘+1’ Button
Our site uses the ‘+1’ button of the provider Google+, of the company Google Inc.,
1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter ‘Google’.
Each time you visit our website that is equipped with such a ‘+1’ component,
this component causes the browser you are using to
corresponding display of the component from Google. This process
tells Google which specific page of our website
is being visited. According to Google, further
evaluation of your visit does not take place in the event that you are not logged into your Google account
.
If you visit our site while logged into Google, Google may
When you click the ‘+1’ button, Google may collect information about your Google Account, the
website you are recommending, your IP address and other browser-related
information. This is how your ‘+1’ recommendation can be saved and made publicly accessible.
Your Google ‘+1’ recommendation can then be displayed as a reference
together with your account name and, if applicable, with your Google photo
photo in Google services, such as in search results or in your Google account or in
other places, such as on websites and ads on the internet.
Furthermore, Google can link your visit to our site with your data stored on Google.
Google also records this information in order to further improve Google services
.
If you wish to prevent Google from collecting the aforementioned data, you must
log out of your Google account before visiting our website.
Google’s privacy policy for the ‘+1’ button, including all further information
about the collection, transfer and use of data by Google, your rights in this regard
rights and your profile settings options can be found here
: https://developers.google.com/+/web/buttons-policy
23. Data protection declaration for the use of Twitter
Functions of the Twitter service are integrated into our pages. These functions
are offered by Twitter Inc., Twitter, Inc. 1355 Market St, Suite 900, San
Francisco, CA 94103, USA. When you use Twitter and the ‘Re-Tweet’ function,
the websites you visit are linked to your Twitter account and
made known to other users. In doing so, data is also transmitted to Twitter.
We would like to point out that, as the provider of the pages, we have no knowledge of the content of
the transmitted data or its use by Twitter. Further information
can be found in Twitter’s privacy policy at http://twitter.com/privacy.
You can change your Twitter privacy settings in your account settings
at http://twitter.com/account/settings.
23. Privacy policy for the use of Pinterest
We use the pinterest.com service on our website. Pinterest.com is a service of
Pinterest, Inc., 808 Brannan St, San Francisco, CA 94103, USA. Through the integrated
‘Pin it’ button on our site, Pinterest receives the information that you have accessed the corresponding
page of our website. If you are logged in to Pinterest,
Pinterest can assign this visit to our site to your Pinterest account and
thus link the data. The data transmitted by clicking on the “Pin it” button is
stored by Pinterest. For information on the purpose and scope of the data collection, its processing and
use, as well as your rights and setting options for protecting
your privacy, you can find more information in the Pinterest data protection information,
which you can access at http://pinterest.com/about/privacy/.
To prevent Pinterest from associating your visit to our site with your Pinterest account,
you must log out of your Pinterest account before visiting our site.
24. Privacy Policy for the Use of Enquiries with MEETOVO
We use the software solution from MEETOVO Software GmbH, Robert-Koch-Straße 8, 21423 Winsen (Luhe), Germany, to process enquiries.
The provider works in accordance with the legal requirements of Art. 28 DSGVO. The strictest confidentiality of your data is thus maintained at all times.
When you submit a request to us, a direct connection between your browser and the provider’s server is established when you access the request page.
This provides the provider with the information that you have visited our site from your IP address. The IP address is anonymised and deleted after 7 days.
When you submit a request using the integrated form,
the personal data you entered (email address, first and last name, mobile phone number or telephone number) will be
transmitted to the provider and stored on their servers and sent to us by email.
All other form entries are already transmitted for analysis purposes during their entry if you agree to this.
The collection of this data is necessary to process the request. Without this processing, you cannot submit any requests.
This processing is carried out in accordance with Art. 6 para. 1 lit b.
GDPR to fulfil our contractual obligations and services and on the basis of our legitimate interests in processing a quick and effective request in the sense of Art. 6 para. 1 lit f. GDPR.
The provider deletes your data if it is no longer required. The provider checks the necessity every two years.
Otherwise, however, the deletion takes place no later than 5 years after the last request.
For more information, please refer to the provider’s privacy policy at:
https://meetovo.de/datenschutz
Data protection officer
Asc-Dienstleitungs GmbH
Danziger Strasse 21
37083 Göttingen
datenschutz@asc46.de
