Informativa sulla privacy

Thank you for being so interested in our website. As the operator of this website, the protection of your personal data has an exceptionally high priority. The use of our website is basically possible without any indication of personal data. However, if a data subject wishes to use special services of our website, processing of personal data could become necessary. If the processing of personal data is needed and there is no legal basis for such processing, we generally obtain the data subject’s consent.

The processing of personal data, such as the name, e-mail address, or IP address of a data subject, shall always be in line with the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to us. By means of this data protection declaration, we would like to inform you about the type, scope and purpose of the personal data collected, used and processed by us. Furthermore, data subjects are informed about the rights they are entitled to using this data protection declaration.

As the controller, we have implemented numerous technical and organizational measures to ensure the complete protection of personal data processed through this website. Nevertheless, Internet-based data transmissions (e. g. when communicating via e-mail) can generally have security gaps, so we cannot guarantee absolute protection. For this reason, every data subject is free to transmit personal data to us by alternative means, for example, by telephone.

Responsible body within the meaning of data protection law

The controller within the meaning of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member States of the European Union and other provisions relating to data protection is:

Karberg & Hennemann Srl
Via Guido Baccelli, 44
41126 Modena
ITALIA

Tel.: +49 (0)40 8550479-0
E-mail: info@cjc.it

Contact details of the data protection officer:

Karberg & Hennemann GmbH & Co. KG
Johannes Heitmann
Marlowring 5
D-22525 Hamburg
GERMANIA

Phone: +49 (0)40 8550479-81
E-mail: datenschutz@cjc.de

1. Definitions

In this data protection declaration, we use the terms used by the European legislator to adopt the General Data Protection Regulation (GDPR). To ensure that our privacy policy is simple and understandable, we explain the terms in advance:

Personal data
Personal data means any information relating to an identified or identifiable natural person (hereinafter: „data subject“). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Data subject
A data subject is any identified or identifiable natural person whose personal data are processed by the controller.

Processing
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of restricting their processing in the future.

Profiling
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

Pseudonymisation
Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

Controller or controller responsible for the processing
Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Processor
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Recipient
Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients. The processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

Third party
A third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

Consent
Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Supervisory authority
The supervisory authority means an independent public authority established by a Member State pursuant in accordance with Article 51.

Supervisory authority concerned
A supervisory authority concerned means a supervisory authority which is concerned by the processing of personal data because:

  • the controller or processor is established in the territory of the Member State of that supervisory authority;
  • data subjects residing in the Member State of that supervisory authority are substantially affected or likely to be substantially affected by the processing
  • or a complaint has been lodged with that supervisory authority.

2. Rights of data subjects

Right to confirmation

Each data subject shall have the right granted by the European legislator to obtain from the controller confirmation as to whether personal data concerning him or her are being processed. If a data subject wishes to avail himself of this right of confirmation, he or she may, at any time, contact any employee of the controller.

Right to information

Each data subject shall have the right granted by the European legislator to obtain free information from the controller at any time about the personal data stored about him or her and a copy of this information. Furthermore, the European legislator has granted the data subject access to the following information:

  • the purposes of the processing
  • the categories of personal data that are processed
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations
  • if possible, the envisaged period for which the personal data will be stored or, if this is not possible, the criteria for determining that period
  • the existence of a right to rectification or erasure of personal data concerning them or to restriction of processing by the controller or a right to object to such processing
  • the existence of a right of appeal to a supervisory authority
  • if the personal data are not collected from the data subject: all available information on the origin of the data
    the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject
  • Furthermore, the data subject has a right to information as to whether personal data have been transferred to a third country or to an international organisation. If this is the case, the data subject also has the right to obtain information about the appropriate guarantees in connection with the transfer.

If a data subject wishes to exercise this right of access, he or she may, at any time, contact any employee of the controller.

Right to rectification

Each data subject shall have the right granted by the European legislator to obtain the immediate rectification of inaccurate personal data concerning him or her. Furthermore, the data subject has the right, taking into account the purposes of the processing, to request the completion of incomplete personal data, including by means of a supplementary statement.

If a data subject wishes to exercise this right to rectification, he or she may, at any time, contact any employee of the controller.

Right to erasure (Right to be forgotten)

Each data subject shall have the right granted by the European legislator to obtain from the controller the erasure of personal data concerning him or her without undue delay, provided that one of the following reasons applies and insofar as the processing is not necessary:

  • The personal data have been collected or otherwise processed for such purposes for which they are no longer necessary.
  • The data subject withdraws his or her consent, on which the processing is based (Art. 6 para. 1 letter a GDPR or Art. 9 para. 2 letter a GDPR), and there is no other legal basis for the processing.
  • The data subject submits in accordance with Art. 21 para. 1 GDPR, and there are no overriding legitimate reasons for the processing, or the data subject submits pursuant to Article 21 para. 2 GDPR.
  • The personal data have been unlawfully processed.
  • The erasure of the personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the controller is subject.
  • The personal data have been processed in relation to information society services offered in accordance with Art. 8 para. 1 GDPR.
  • If one of the aforementioned reasons applies, and a data subject wishes to request the erasure of personal data stored by the Karberg & Hennemann GmbH & Co KG, he or she may, at any time, can contact any employee of the controller. An employee of the controller shall promptly ensure that the erasure request is complied with immediately.

If the personal data has been made public by Karberg & Hennemann GmbH & Co KG and our company is the controller pursuant to Art. 17 para. 1 GDPR to delete personal data. Karberg & Hennemann GmbH & Co KG, taking into account available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other controllers processing the personal data that the data subject has requested erasure of the personal data – including copies, replications and links to those personal data. Exception: processing is required. An employees of the Karberg & Hennemann GmbH & Co KG will arrange the necessary measures in individual cases.

Right to restriction of processing

Each data subject shall have the right granted by the European legislator to obtain from the controller restriction of processing where one of the following applies:

  • The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
  • The processing is unlawful, the data subject opposes the erasure of the personal data and instead requests the restriction of the use of the personal data.
  • The controller no longer needs the personal data for the purposes of the processing, but the data subject needs them for the establishment, exercise or defence of legal claims.
  • The data subject has objected to the processing acc. Art. 21 para. 1 GDPR and it has not yet been determined whether the legitimate reasons of the controller outweigh those of the data subject.

If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of the processing of personal data stored by the Karberg & Hennemann GmbH & Co KG, he or she may at any time contact any employee of the controller. The employee of the Karberg & Hennemann GmbH & Co KG will arrange the restriction of the processing.

Right to data portability

Each data subject shall have the right granted by the European legislator to receive the personal data concerning him or her, which was provided by the data subject to a controller, in a structured, commonly used and machine-readable format. It also has the right to transmit this data to another controller without hindrance from the controller to whom the personal data have been provided, provided that the processing is based on the consent pursuant to Art. 6 para. 1 letter a GDPR or Art. 9 para. 2 letter a GDPR or on a contract pursuant to Art. 6 para. 1 letter b GDPR and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Furthermore, in exercising his or her right to data portability pursuant to Art. 20 para. 1 GDPR, the right to obtain that the personal data are transmitted directly from one controller to another controller, insofar as this is technically feasible and provided that this does not adversely affect the rights and freedoms of other persons.

In order to assert the right to data portability, the data subject may at any time contact any employee of the Karberg & Hennemann GmbH & Co KG.

Right to object

Each data subject shall have the right granted by the European legislator to object, on grounds relating to his or her particular situation, at any time, to processing of personal data concerning him or her, which is based on Art. 6 para. 1 letter e or f GDPR. This also applies to profiling based on these provisions.

The Karberg & Hennemann GmbH & Co KG shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defence of legal claims.

If the Karberg & Hennemann GmbH & Co KG processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing. This also applies to profiling insofar as it is related to such direct advertising. If the data subject objects to the Karberg & Hennemann GmbH & Co KG to the processing for direct marketing purposes, the Karberg & Hennemann GmbH & Co KG will no longer process the personal data for these purposes.

In addition, the data subject has the right, on grounds relating to his or her particular situation, to object to processing of personal data concerning him or her by the Karberg & Hennemann GmbH & Co KG for scientific or historical research purposes, or for statistical purposes pursuant to Art. 89 para. 1 GDPR, unless such processing is necessary for the performance of a task carried out in the public interest.

In order to exercise the right to object, the data subject may contact any employee of the Karberg & Hennemann GmbH & Co KG. The data subject is also free to exercise his or her right to object in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by automated means using technical specifications.

Automated individual decision-making, including profiling

Each data subject shall have the right granted by the European legislator not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her, or similarly significantly affects him or her, provided that the decision (1) does not support the conclusion or performance of a contract between the data subject. (2) is not permitted by Union or Member State law to which the controller is subject and which contains suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, or (3) is based on the data subject’s explicit consent.

If the decision (1) is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or (2) it is based on the data subject’s explicit consent, the Karberg & Hennemann GmbH & Co KG shall implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, on the presentation of one’s own position and on the challenge to the decision.

If the data subject wishes to exercise the rights relating to automated individual decision-making, he or she may, at any time, contact any employee of the controller.

Right to revoke consent under data protection law

Each data subject shall have the right granted by the European legislator to withdraw consent to the processing of personal data at any time.

If the data subject wishes to exercise the right to withdraw the consent, he or she may, at any time, contact any employee of the controller.

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

3. Data collection on our website

Access to and storage of information in terminal equipment

By using our website, you may access information (e. g. IP address) or store information (e. g. cookies) in your terminal equipment. This access or storage may involve further processing of personal data within the meaning of the GDPR.

In cases where such access to information or such storage of information is essential for the technically error-free provision of our services, this is done based on § 25 para. 1 sentence 1, para. 2 No. 2 TTDSG.

In cases where such a process serves other purposes (e.B the needs-based design of our website), this is done based on § 25 para. 1 TTDSG only with your consent in accordance with Art. 6 para. 1 lit. a GDPR. The consent can be revoked at any time and for the future. The processing of your personal data is subject to the provisions of the GDPR and the Federal Data Protection Act (BDSG).

Further information on the processing of your personal data and the relevant legal bases in this context can be found in the following sections on the specific processing activities on our website.

Web hosting

This website is hosted by an external service provider (Hereweare). Personal data collected on this website is stored on the hoster’s servers located in Frankfurt am Main, Germany. These may include IP addresses, contact requests, meta and communication data, website access and other data generated via a website.

We collect the listed data to ensure a smooth connection to the website and a technically error-free provision of our services. The processing of this data is strictly necessary to make the website available to you. The legal basis for processing the data is our legitimate interest in the correct presentation and functionality of our website in accordance with Art. 6 para. 1 lit. f GDPR.

We have concluded an order processing contract with the provider in accordance with the requirements of Art. 28 GDPR, in which we oblige the provider to protect the data of our customers and not to pass it on to third parties. This fully implements the strict requirements of the German data protection authorities. Our provider’s contact details: Hereweare GmbH, Im Seelenkamp 15, 32791 Lage, Germany. Further information can be found in Hereweare’s privacy policy: .

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from „http://“ to „https://“ and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Server log files

When you or an automated system access this website, information is automatically collected and stored in so-called server log files. Your web browser automatically transmits this technically necessary and security-relevant information to our web server. The data is recorded during a running connection. These are:

We collect the listed data to deliver the content of our website correctly, optimize the website content and the advertising, ensure the long-term system security and stability and provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber attack.

We do not draw any conclusions about the data subject when using these general data and information. For reasons of technical security, in particular, to ward off attack attempts on our web server, this data is stored by us for a short time. Based on this data, we can’t draw conclusions about data subjects. After seven days at the latest, the data is anonymized by shortening the IP address at the domain level, so that it is no longer possible to establish a reference to the individual user. In an anonymous form, the data may also be processed for statistical purposes. A storage of this data together with other personal data of the user, a comparison with other data stocks or a transfer to third parties takes place at no time.

The legal basis for data processing is Art. 6 para. 1 lit. f GDPR, which allows the processing of data for the performance of a contract or pre-contractual measurements.

Cookies

Our website uses cookies. Cookies are small text files that are stored on your computer system via a web browser. Cookies do not harm your computer system and do not contain viruses.

Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters through which the website and server can be assigned to the specific web browser in which the cookie was stored. This allows the visited websites and servers to distinguish the individual browser of the data subject from other web browsers that contain other cookies. A specific Internet browser can be recognized and identified by the unique cookie ID. This allows our website to recognize that you have previously visited it with this browser. As soon as you visit this website again with the same device, the cookie and the information stored in it are sent either to our website (first-party cookie) or to another website to which it belongs (third-party cookie). Cookies are used to make our website more user-friendly, effective and secure.

Cookies differ in their storage period:

Most of the cookies we use are so-called „session cookies“. They are automatically deleted at the end of your website visit. Other cookies remain stored on your terminal equipment until they are automatically deleted after a certain period of time or you delete them. These cookies allow us to recognize your browser the next time you visit our website.

Cookies differ in their function:

Essential cookies are technically necessary to make our website usable by enabling essential functions such as page navigation, language setting, shopping cart function and access to secure areas of the website. The website cannot function properly without these cookies. Essential cookies are first-party cookies. Your consent is not required for the use of essential cookies. Essential cookies cannot be disabled on our website.
The processing of data through the use of essential cookies takes place on the basis of a legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR to the technically error-free and optimized provision of our services. For details on the processing purposes and legitimate interests, please refer to the explanations on the specific data processing.

Other cookies are used to analyze user behavior, display advertising or display certain tools (e.B videos, showroom, map service Google Maps).
The processing of personal data through the use of these cookies takes place on the basis of consent in accordance with Art. 6 para. 1 lit. a GDPR. The consent can be revoked at any time and for the future. Insofar as such cookies are used for analysis and optimization purposes, we will inform you separately in the context of this data protection declaration and give your consent in accordance with Art. 6 para. 1 lit. a GDPR.

You can make further settings in your browser to customize security and privacy. To use your browser to:

The cookie settings can be managed under the following links for the respective browsers:

You can revoke or change your cookie settings at any time. To do this, call up the cookie settings again via the tool icon at the bottom left of our website.

List of cookies we use on this website:

Contact form and contact by e-mail

If you send us inquiries via contact form or e-mail, your details from the inquiry form or your e-mail, including the contact details you provided there, will be stored by us to process the request and in the event of follow-up questions. An e-mail address, name and company name are required to provide contact. Under no circumstances we will pass on your personal data to third parties without your consent.

Such personal data transmitted voluntarily by a data subject to the controller will be stored for the purposes of processing or contacting the data subject.

The legal basis for the processing of the data is our legitimate interest in answering your request in accordance with Art. 6 para. 1 lit. f GDPR and, if applicable, Art. 6 para. 1 lit. b GDPR, if your request is aimed at the conclusion of a contract. The data provided by you in the contact form or in your e-mail will remain with us until you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e. g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected. You can revoke this consent at any time. For this purpose, an informal message by e-mail to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

Transfers to third countries

If we collect data in a third country (i. e. outside the European Union (EU) or the European Economic Area (EEA)) or this is done in the context of the use of third-party services or disclosure or transmission of data to third parties, this will only take place if it is done to fulfil our (pre)contractual obligations, based on your consent, a legal obligation or our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only if the special requirements of Art. 44 et seq. GDPR are met. This means that the processing takes place e. g. on the basis of special guarantees, such as the officially recognized determination of a level of data protection corresponding to the EU (e. g. for the USA through the “Privacy Shield”) or compliance with officially recognized special contractual obligations (so-called „standard contractual clauses“).

4. Analysis tools

etracker

The provider of this website uses the services of etracker GmbH from Hamburg, Germany (www.etracker.com) for the analysis of usage data. By default, we do not use cookies for web analysis. If we use analysis and optimization cookies, we will obtain your explicit consent separately in advance. If this is the case and you agree, cookies are used that enable a statistical reach analysis of this website, a performance measurement of our online marketing measures as well as test procedures to test and optimize e. g. different versions of our online offer or its components. Cookies are small text files that are stored by the Internet browser on the user’s device. etracker cookies do not contain any information that enables the identification of a user.

The data generated with etracker is processed and stored by etracker exclusively in Germany on behalf of the provider of this website and is therefore subject to the strict German and European data protection laws and standards. In this respect, etracker has been independently audited, certified and awarded the ePrivacyseal data protection seal of approval.

Data processing is carried out on the basis of the statutory provisions of Art. 6 para. 1 lit. f (legitimate interest) of the General Data Protection Regulation (GDPR). Our concern within the meaning of the GDPR (legitimate interest) is the optimization of our online offer and our website. Since the privacy of our visitors is important to us, the data that may allow a reference to an individual person, such as the IP address, login or device identifiers, is anonymized or pseudonymized as early as possible. Any other use, combination with other data or transfer to third parties does not take place.

You can object to the aforementioned data processing at any time. The objection has no adverse consequences.

Tracking deaktivieren

Further information on data protection at etracker can be found here.

LeadREBEL

For the purpose of website optimization, we use the web analysis technology of the provider and processor Pulserio AG, based in Switzerland. We have concluded an order processing contract with the provider. For this purpose, we forward the data obtained from the use of the IP search to Pulserio AG, Wassergrabe 3 6210 Sursee, Switzerland, https://leadrebel.io/. LeadRebel enables us to analyze log files or the use of our website by means of third-party cookies. The information processed, such as IP address, date and time stamp, page views, time spent on the site, mouse cursor movements and technical data on the operating system used, is processed on the provider’s servers as part of order processing. IP anonymization is used when web analysis is carried out using cookies. LeadRebel is an analysis tool that is used to generate business leads. In principle, publicly available information on legal entities is processed.

The log file analysis is carried out on the basis of the legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. Our legitimate interest is lead generation by analyzing the data obtained with the help of IP research. It does not constitute access requiring consent within the meaning of the TTDSG. The web analysis is carried out based on Art. 6 para. 1 lit. a GDPR (only when using LeadRebel cookies) coupled with § 25 para. 1 TTDSG in conjunction with. Art. 7 GDPR. Your consent is voluntary and can be revoked at any time via the consent management tool on our website. The legality of the data processing that has already taken place remains unaffected by a revocation.

On this page: https://leadrebel.io/optout you have an opt-out option. If you opt out, your data will no longer be collected by LeadRebel.

5. Newsletter

Newsletter data

If you would like to receive our newsletter, we only need an e-mail address from you, which allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data will be collected. We use your e-mail address exclusively for sending our newsletter and do not pass it on to third parties. The newsletter contains product information, offers, valuable reports and invitations to exhibitions, seminars or other events.

To ensure that the newsletter is sent by mutual consent, we use the so-called double opt-in procedure. In the course of this, the potential recipient can be included in a mailing list. Subsequently, the user receives the opportunity to confirm the registration in a legally secure manner by means of a confirmation e-mail. Only if the confirmation is made, the address will be actively included in the mailing list. In addition, current existing customers and interested parties we are actively in contact with are in the mailing list. Active existing customers and interested parties do not receive regular newsletters, but only invitations to exhibitions and events in which we participate and which could be thematically and location-related relevant for the respective customer. The legal basis for the processing of the data of our current existing customers and interested parties is our legitimate interest in giving you the opportunity to get to know our technically highly developed products and to get to know us personally on-site (Art. 6 para. 1 lit. f GDPR).

The processing of the data entered in the newsletter registration form takes place exclusively based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the „unsubscribe“ link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

The data stored by you for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted after unsubscribing from the newsletter. Data of existing customers and current interested parties that have been stored by us for other purposes (e. g. to process inquiries and orders, login for member area) remain unaffected by this. This also applies to any invitation to a trade fair or event – there is always the possibility to unsubscribe from the mailing list.

Newsletter2Go

We use Newsletter2Go to send newsletters. The provider is Newsletter2Go GmbH, Nürnberger Straße 8, 10787 Berlin, Germany.

Newsletter2Go is a service with which, among other things, the sending of newsletters can be organized and analyzed. The data you enter for the purpose of subscribing to the newsletter will be stored on the servers of Newsletter2Go in Germany. Newsletter2Go is prohibited from selling your data and using it for purposes other than sending newsletters. Newsletter2Go is a German, certified provider, which was selected according to the requirements of the General Data Protection Regulation and the Federal Data Protection Act.

If you do not want any analysis by Newsletter2Go, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding „unsubscribe“ link in each newsletter. Furthermore, you can also unsubscribe from the newsletter directly from us. Simply write „Unsubscribe“ in the subject: Send email.

Data analysis by Newsletter2Go
With the help of Newsletter2Go, we are able to analyze our newsletter campaigns. We limit ourselves to the following key figures: clear open rate, unique click rate, click-through rate and unsubscribe rate. Furthermore, we can filter active and inactive recipients and thus find out who, for e. g., has opened, clicked or not clicked on a certain newsletter. We do not analyze the activities of individual recipients.

Newsletter2Go also allows us to divide the newsletter recipients according to different categories („clustering“). The newsletter recipients can be divided e. g. by industry, department, responsible sales representatives. In this way, the newsletters can be better adapted to the respective target groups.

Detailed information on the functions of Newsletter2Go can be found at the following link: https://www.newsletter2go.de/features/newsletter-software/.

Storage period
The data stored by you for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of Newsletter2Go after unsubscribing from the newsletter. Data stored by us for other purposes (e.B e-mail addresses for the member area) remain unaffected by this.

For more information, please refer to the privacy policy of Newsletter2Go at: https://www.newsletter2go.de/features/datenschutz-2/.

Conclusion of a contract for order data processing
We have concluded a contract with Newsletter2Go in which we oblige Newsletter2Go to protect the data of our customers and not to pass it on to third parties. This contract can be viewed at the following link: https://www.newsletter2go.de/docs/datenschutz/ADV_Muster_Newsletter2Go_GmbH_latest_Form.pdf?x48278.

6. Plugins and Tools

Consent Manager

We have integrated the consent management tool „consentmanager“ (www.consentmanager.net) of consentmanager AB (Håltgelvågen 1b, 72348 Västerås, Sweden, info@consentmanager.net) on our website in order to request consents for data processing or the use of cookies or comparable functions. With the help of „consentmanager“, you have the option of giving or rejecting your consent for certain functionalities of our website, e.B. for the purpose of integrating external elements, integrating streaming content, statistical analysis, reach measurement and personalized advertising. You can use „consentmanager“ to give or reject your consent for all functions or give your consent for individual purposes or individual functions. The settings you have made can also be changed by you afterwards. The purpose of the integration of „consentmanager“ is to leave the decision on the aforementioned things to the users of our website and to offer the possibility to change already made settings as part of the further use of our website. In the course of using „consentmanager“, personal data as well as information of the end devices used (IP address, language, browser, etc.) are processed and sent to consentmanager AB. The information about the settings you have made is also stored in your device.

The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. c) GDPR as amended.m. Art. 7 para. 1 GDPR, insofar as the processing serves to fulfil the legally standardized obligations to provide proof for the granting of consent. In all other respects, Art. 6 para. 1 sentence 1 lit. f) GDPR, the relevant legal basis. Our legitimate interests in the processing lie in the storage of user settings and preferences with regard to the use of cookies and the evaluation of consent rates. At the latest twenty-four months after the user settings have been made, the consent will be requested again. The user settings made will then be stored again for this period, unless you first delete the information about your user settings in the device capacities provided for this purpose.

You can object to the processing if the processing is based on Art. 6 para. 1 sentence 1 lit. f) GDPR. Your right to object exists for reasons arising from your particular situation. To object, please contact info@consentmanager.net by e-mail.

Google Maps

This site uses the map service Google Maps via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

Before you can use Google Maps, we need your consent. When you visit a page equipped with a Google Map, once you have given your consent, a connection to Google’s servers will be established. The Google server is informed which of our pages you have visited.

The use of Google Maps is in the interest of easy findability of our company. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

More information on the handling of user data can be found in Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/.

Youtube

We use YouTube videos on our website. Youtube is a public video platform of the operator YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

Before you can watch the video, we need your consent. When you visit a page equipped with a YouTube video, once you have given your consent, a connection to YouTube’s servers will be established. The YouTube server is informed which of our pages you have visited.

If you are logged in to your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

The use of YouTube is in the interest of an appealing presentation of our products. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

Further information on the handling of user data can be found in YouTube’s privacy policy at: https://www.google.de/intl/de/policies/privacy

WordPress Download Manager

Our website uses the third-party plugin WordPress Download Manager. The provider is W3 Eden, Inc., 2035 Sunset Lake Road, Suite B-2, Newark, Delaware, 19702 USA and W3 Eden, Inc. House 491, Road 1, Block B, Chandgaon RA, Chittagong, Bangladesh.

When a download is carried out, no personal data is stored (IP address). There is also no need to log in or register. Our PDF files are freely accessible to everyone. No cookies are set on our website by this third party.

The use of WordPress Download Manager is in the interest of an appealing and clear presentation of the PDF files of our brochures, product data sheets, application studies and editorial articles as well as a quick findability of the right information for the visitor through search filters on the download pages. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. In addition, we use the plugin for statistical purposes. We evaluate the total number as well as the time and date of the downloads made – also with regard to individual PDF files. This helps us learn what our visitors are interested in and which PDF files we should optimize to improve the user experience. No registration/login is necessary.

More information on the handling of user data can be found in W3 Eden’s privacy policy: http://w3eden.com/privacy-policy.html.

Limit Login Attempts Reloaded

We use the WordPress plugin “Limit Login Attempts Reloaded” to defend against brute force attacks. This stores all logged IP addresses encrypted and locally in the WordPress database as soon as a user logs into the administration area or the protected member area of our supplier and customer portal as well as our online shop several times incorrectly. This serves to enable lockouts in order to be able to ward off automated attacks. Data subjects will be informed by means of a message in the login area as soon as you have logged in incorrectly once that you still have two permitted attempts for registration. After the third incorrect login, a lockout takes place for 10 minutes. After 2 lockouts, the lockout time increases significantly. The data subject receives a message in the login area that your IP address and browser information is processed by the security plugin of this website and that you agree to this by continuing. The use of “Limit Login Attempts Reloaded” is in the interest of protecting our online offer from hacker attacks. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. Cookies are only set in the dashboard of our website. This fixes AJAX-related issues for customers with misconfigured websites. These cookies do not track anything and do not collect any personal data:

  • llar_enable_notify_notice_shown
  • llar_review_notice_shown

More information on the handling of user data can be found in the privacy policy of Limit Login Attemps Reloaded ® https://www.limitloginattempts.com/privacy-policy/

as well as under https://www.limitloginattempts.com/de/gdpr-qa/?from=plugin-settings-gdpr

Google Web Fonts & Fontawesome

This site uses so-called web fonts, which Google provides for the uniform presentation of fonts. We also use Fontawesome, a web-based icon library to display icons. We store the fonts and icons locally on our server in order to integrate Google Web Fonts & Fontawesome in compliance with data protection regulations.

With the local storage of the fonts, your browser does not have to load the required web fonts into your browser cache when calling up one of our websites to display texts and fonts correctly. This prevents the browser you are using from having to connect to Google’s servers. This would make Google aware that you have accessed our website with your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

If your browser does not support web fonts, a standard font will be used by your terminal equipment.

Further information on Google Web Fonts can be found under https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.

7. Data protection for applications and in the application process

The controller collects and processes the personal data of applicants for the purpose of handling the application process. Processing may also be carried out electronically. This is particularly the case if an applicant submits corresponding application documents to the controller electronically, for example, by e-mail or via a web form on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted two months after notification of the rejection decision, provided that deletion does not conflict with any other legitimate interests of the controller. Another legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).

8. Relevant legal basis and general information

Legal basis of processing

Art. 6 I lit. a GDPR serves our company as the legal basis for processing operations in which we obtain consent for a specific processing purpose. Suppose the processing of personal data is needed to fulfil a contract to which the data subject is a party, for example for the delivery of goods or another service or consideration. In that case, the processing is based on Art. 6 I lit. b GDPR. The same applies to such processing operations that are necessary to carry out pre-contractual measures, for example, in cases of inquiries about our products or services. Suppose our company is subject to a legal obligation that requires the processing of personal data, such as for the fulfilment of tax obligations. In that case, the processing is based on Article 6 I lit. c GDPR. In rare cases, the processing of personal data may become necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were injured in our company, and his name, age, health insurance data or other vital information would then have to be passed on to a doctor, hospital or another third party. In this case, the processing would be based on Art. 6 I lit. d GDPR. Ultimately, processing operations based on Art. 6 I lit. f GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on the legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail. We are permitted to carry out such processing operations in particular because the European legislator has specifically mentioned them. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (recital 47 sentence 2 GDPR).

Legitimate interests in the processing pursued by the controller or a third party

Is the processing of personal data based on Article 6 I lit. f GDPR, our legitimate interest is to carry out our business activities for the benefit of the well-being of all our employees and our shareholders.

Duration for which the personal data will be stored

The criterion for the duration of the storage of personal data is the respective legal retention period. After the expiry of the period, the corresponding data will be routinely deleted, provided that they are no longer required for the fulfilment or initiation of the contract.

Legal or contractual provisions for the provision of personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of non-provision

We inform you that the provision of personal data is partly required by law (e. g. tax regulations) or may also result from contractual regulations (e. g. information on the contractual partner). Sometimes it may be necessary for a contract to be concluded that a data subject provides us with personal data, which must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with him or her. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before personal data is provided by the data subject, the data subject must contact one of our employees. Our employee clarifies to the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what consequences the non-provision of the personal data would have.

Existence of automated decision-making

As a responsible company, we do not use automatic decision-making or profiling.

Objection to advertising e-mails

The use of contact data published within the scope of the imprint obligation for the purpose of sending unsolicited advertising and information materials is hereby rejected. The operator of this website expressly reserves the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.