we are pleased about your visit to our website. In the following, we would like to inform you about how your data is handled per Article 13 of the General Data Protection Regulation (GDPR).
The person responsible for the following data collection and processing is the person named in the Imprint section of this website.
When you visit our websites, usage data is temporarily stored as a logfile on our web server for statistical purposes and to improve the quality of our websites. This data consists of:
The log data is stored exclusively in anonymised form.
In order to protect your data from unwanted access as securely as possible, we take various technical and organisational measures. We use encryption on our websites. Your information is transferred from your computer to our server and vice versa via the internet using TLS encryption. You can recognise this by the fact that the lock symbol in the status bar of your browser is closed and the address bar begins with https:// .
Per Article 28 of GDPR, we transfer your data for data processing by service providers who support us in the operation of our websites (e.g. website, hosting, tracking and newsletter service providers) and the associated processes. Our service providers are strictly bound by instructions we subject them to contractual obligations.
Transmission of Data to Third Countries
We sometimes transfer personal data to a third country outside the EU. In each case, we have taken care to ensure an appropriate level of data protection:
In the cases of Google Analytics, Google+ and YouTube (USA), an appropriate level of data protection is ensured by the Privacy Shield Agreement (Article 45 (1) of GDPR): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
In the case of Cloudflare (USA), an appropriate level of data protection is ensured by the Privacy Shield Agreement (Article 45 (1) of GDPR): https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0&status=Active
In the case of salesforce (USA), an appropriate level of data protection is ensured by the Privacy Shield Agreement (Article 45 (1) of GDPR): https://www.privacyshield.gov/participant?id=a2zt0000000KzLyAAK&status=Active
In the case of LinkedIn (USA), an appropriate level of data protection is ensured by the Privacy Shield Agreement (Article 45 (1) of GDPR): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active
In the case of Twitter (USA), an appropriate level of data protection is ensured by the Privacy Shield Agreement (Article 45 (1) of GDPR): https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active
In the case of Facebook (USA), an appropriate level of data protection is ensured by the Privacy Shield Agreement (Article 45 (1) of GDPR): https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
We will forward your enquiry to our subsidiaries and sales companies within and outside the EU if further processing in one of these locations is necessary.
We use hosting services as follows: Infrastructure and platform services, data processing power, storage space and database services, security services and technical maintenance services which we use for the purpose of operating this website.
We and/or our hosting provider process inventory data, contact data, content data, contract data, usage data, metadata and communication data relating to customers, interested parties and visitors to this website on the basis of our legitimate interests in the efficient and secure provision of this website in accordance with Article 6 (1)(f) of GDPR and Article 28 of GDPR (concluding data processing contracts).
We use a Content Delivery Network (CDN) offered by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. Cloudflare is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0&status=Active).
A CDN is a service which helps deliver website content, especially large media files such as graphics or scripts, more quickly. It does this with the help of regionally distributed servers connected via the internet. The processing of user data is carried out solely for the aforementioned purposes and to maintain the security and functionality of the CDN.
Our use of this service is based on our legitimate interests, i.e. interest in secure and efficient provision, analysis and optimisation of our website per Article 6 (1)(f) of GDPR.
We use session cookies and permanent cookies on our websites. This data processing is based on Article 6 (1)(f) of GDPR and is done to make our website more user-friendly, effective and secure.
The following data and information are stored in the cookies:
You can set your browser so that it tells you when cookies are saved. This makes it clear to you how cookies are being used. You can also delete cookies at any time via your browser settings, and you can block the setting of new cookies. Please note that our web pages may then not be optimally displayed and some technical features may no longer be available.
The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA, where the cookie is then stored. However, because we have enabled IP anonymisation on this website, Google will truncate your IP address within European Union Member States before it is sent to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA (where there is an adequate level of data protection per Article 45 (1) of GDPR due to Google’s participation in the Privacy Shield) and shortened there. We have also concluded a contract with Google Inc. (USA) for data processing in accordance with Article 28 of GDPR. Google will therefore use all information strictly and only for the purpose of evaluating your use of our website and compiling reports on website activity.
You can object to this data processing at any time. Please use one of the following options:
This website uses Hotjar, an analysis software from Hotjar Ltd (“Hotjar”) (http://www.hotjar.com, 3 Lyons Range, 20 Bisazza Street, Sliema SLM 1640, Malta, Europe). With Hotjar, it is possible to measure and evaluate usage behaviour (clicks, mouse movements, scroll heights, etc.) on our website. The information generated by the tracking code and cookie about your visit to our website is transmitted to and stored on Hotjar servers in Ireland. The tracking code collects the following information:
The following information can be recorded via your device and browser:
The following data is automatically generated by our servers when Hotjar is used:
Hotjar will use this information to evaluate your use of our website, to compile reports on use, and to provide other services relating to website use and internet evaluation of the website. Hotjar also uses third-party services such as Google Analytics and Optimizely to provide services. These third-party companies may store information that your browser sends when you visit the website, such as cookies or IP requests. For more information on how Google Analytics and Optimizely store and use data, please refer to their privacy policies.
If you continue to use this website, you consent to the processing of your personal data by Hotjar and its third parties as described above in their privacy policies. The cookies that Hotjar uses have have varying lifetimes; some last up to 365 days, some only last until the end of the current visit.
You can prevent Hotjar from collecting data by clicking on the following link and following its instructions: https://www.hotjar.com/opt-out.
We use the web analysis tool "Matomo" to design our web pages according to your needs. Matomo creates user profiles based on pseudonyms. For this purpose permanent cookies are stored on your end device and read out by us. In this way we are able to recognise recurring visitors and count them.
The data processing takes place on the basis of your consent in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO, provided that you have given your consent via our banner.
Your rights as a user
When processing your personal data, GDPR grants you as a website user certain rights:
Our company’s data protection officer will be happy to provide you with information or suggestions on the subject of data protection: firstname.lastname@example.org
You can contact us via a web form. To use our contact form we need your name, country and e-mail address. You can provide further information, but you do not have to. The information provided by users will be stored in a customer relationship management system ("CRM system") or of a comparable enquiry organisation so that we can properly process your enquiry.
The legal basis for the processing is Article 6 (1)(f) of GDPR. Your data will only be processed to answer your enquiry and deleted after the processing purpose has ceased to apply. This data is not passed on to third parties.
We use the CRM system of the provider salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich, Germany, in order to be able to process user inquiries faster and more efficiently (legitimate interest according to Art. 6 Par. 1 lit. f. DSGVO ).
Salesforce uses user data only for technical processing of the inquiries and does not pass them on to third parties. To use salesforce, you must provide, at least, a correct email address. A pseudonymous use is possible. In the course of processing service requests, it may be necessary to collect further data (name, address).
If users do not consent to the collection and storage of data by salesforce’s external system, we will provide them with alternative contact options for submitting service requests by email, telephone, fax, or mail.
Please note that the use of third-party content and functions may result in your data being processed outside the EU/EEA. In some countries, there is a risk that authorities may access the data for security and monitoring purposes without you being informed or having the right to appeal. If we use providers in unsafe third countries and you give your consent, the transfer to an unsafe third country is carried out on the basis of Art. 49 para. 1 lit. a DSGVO.
Provider: salesforce.com, Inc.Technical function or content: CRM systemAdequate level of data protection: No adequate level of data protection. The transmission is based on Art. 49 para. 1 lit. a DSGVO.Revocation or consent: If you no longer agree with the processing, please do not use our site any more.
If you would like to use our CustomerNet special customer service, you must first register. Data that you transmit to us for registration will only be used to the extent necessary for CostumerNet. You can change or delete your profile at any time within your account. The data will then be automatically removed from our system.
On our website you will also find social media plug-ins. These are social network features you can use to share the content of our website with your friends in social networks or recommend this content to others. The responsibility for data-protection-compliant operation is to be guaranteed by the respective providers. For these plugins, we use the two-click method to protect visitors to our website in the best possible way. We currently use social plug-ins from the following providers:
Via our website, you can subscribe to our newsletter. If you have given us explicit permission to inform you by email about our products and services, we will process your data per Article 6 (1)(a) of GDPR. We send newsletters, emails and other electronic notifications with advertising information (the “newsletter”) only with the consent of the recipient or a legal permit. We use the so-called double opt-in procedure to confirm your registration. This means that we will send you a confirmation email before the first newsletter is sent. In this email, you can confirm your newsletter subscription by clicking on the link provided. Only after confirmation will you receive our newsletter.
The newsletters contain a so-called “webbeacon”. This is a file the size of a pixel and which, when the newsletter is opened, is retrieved from our server (or, if we use a dispatch service provider, from its server). During this data retrieval, technical information such as information about the browser, your system, your IP address and time of retrieval are then collected.
This information is used for the technical improvement of services on the basis of technical data or target groups and their reading behaviour on the basis of their retrieval points (which can be determined with the help of the IP address) or access times. Statistical data gathering also include determining whether newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. It is, however, neither our endeavour nor, if used, that of the shipping service provider to observe individual users. The evaluations are rather used by us to determine the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users. Opt-out of this performance measurement is unfortunately not possible; instead, the entire newsletter subscription must be cancelled.
Your consent may be withdrawn at any time without prejudice to the lawfulness of the processing carried out to date. You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. You will find a link to unsubscribe from the newsletter at the end of each newsletter. If the consent is revoked, we stop the corresponding data processing.
Compliance with data protection regulations is of great importance to our company. We would like to inform you below about how we collect your personal data:
Description of data processing
In order to participate in the competition, you are required to provide personal data. Data processing is necessary to fulfil our promise of a prize draw and is carried out on the basis of Art. 6(1)(b) GDPR.
If you provide consent, we will also process your personal data in order to send you our AERZEN ComXPress Newsletter. The processing of your personal data in this regard is based on your revocable consent pursuant to Art. 6(1)(A) GDPR.
You may revoke your consent at any time with future effect (for more information on your right of revocation, see ‘Your rights as a data subject’).
Duration of storage
Generally, we only process and store your personal data for as long as it is required for the purposes for which it was collected. We therefore delete/destroy your data after the end of the competition, unless storage beyond this point in time this is necessary to comply with the retention periods stipulated by commercial and tax law. Any retention periods may arise from the German Commercial Code (HGB) and the German Fiscal Code (AO) and are generally either six or ten years. If you win, we will store your data at least for the duration of the statutory limitation period, which is usually three years, in order to be able to inspect possible warranty claims. The storage of your data after the end of the competition will then be based on Art. 6(1)(C) GDPR in conjunction with the relevant legal provision.
Disclosure of data
We will only disclose your data to third parties if and insofar as this disclosure is necessary for the fulfilment of our promise of a prize draw or if another data protection-related right of disclosure exists. However, your data will neither be sold to third parties nor marketed in any other way. Moreover, no data processing will take place outside the EU or EEA.
Your rights as a data subject:
According to Art. 15 GDPR, you have the right to obtain information from the controller about the personal data concerning you, as well as the right to rectification of inaccurate data according to Art. 16 GDPR and to erasure if one of the reasons listed in Art. 17 GDPR applies, e.g. if the data is no longer needed for the purposes pursued. You also have the right to restriction of processing if one of the conditions listed in Art. 18 GDPR applies and, in the cases of Art. 20 GDPR, the right to data portability. If you have given us consent, you have the right to revoke it at any time with future effect. Any data processing carried out until consent is revoked remains lawful. If you revoke your consent, we will stop the data processing.
You can assert your data protection rights here:
Mr Sven Marcus Garve Tel.: +49 5154 817767 E-mail: email@example.com
You have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR) if you are of the opinion that the processing of the data concerning you violates data protection provisions. The right of appeal can be exercised before a supervisory authority in the Member State in which the data subject lives or at the place where the alleged infringement was committed.
Our data protection officer:
We are assisted in the fulfilment of our obligations under data protection law by our data protection officer. The contact details of our data protection officer are:
datenschutz nord GmbH, Konsul-Smidt-Straße 88, 28217 Bremen, Germany E-mail: firstname.lastname@example.org, Web: www.datenschutz-nord-gruppe.de
We use Google retargeting technologies to offer you advertising on other websites that is as tailored as possible to your interests. Data processing is based on your consent per Article 6 (1)(a) of GDPR.
When you visit our website, either identifiers are retrieved from your device or browser, your IP address is evaluated, or a recognition feature is stored as a small text file (e.g. so-called third party cookie) on your device. Your usage behaviour is recorded when you visit various websites. The identifiers are pseudonymous. If you are logged in to your Google account, these identifiers can be associated directly with your profile. Google may associate and store your visits to our websites with your identifiers to show you targeted advertising on other websites. Google can thus also see that you have previously visited our website. Your device and your browser can be recognised by Google in various ways, e.g. when you visit a page that displays advertising on behalf of Google.
We can add keywords to our websites. These keywords contain statements about the content of the website, such as products offered. Google receives these keywords, which do not contain personal or sensitive information. If you visit a page with certain keywords about products, Google stores a record of your visit and matches it with your pseudonymous identifier. Google can use this link to determine whether our advertisements have been displayed to you, and if so, which ones.
Cross Device Remarketing
Google can link the pseudonymous identifiers on your devices (tablet, smartphone and email) with each other (cross device marketing). It is assumed that you have agreed to this data processing with Google in the past. This allows Google to target advertising campaigns to your various devices.
Your data is transmitted to Google and stored in the USA. There is an adequate level of data protection per Article 45 (1) of GDPR due to Google’s participation in the Privacy Shield. We have also concluded a contract with Google Inc. (USA) for data processing in accordance with Article 28 of GDPR. Google will therefore use all information strictly and only for the purpose of evaluating your use of our website and compiling reports on website activity.
Right to Object
You can object to retargeting per Article 21 of GDPR at any time. Please click on the following link: https://adssettings.google.com/authenticated
To opt out of cross device remarketing, please go to the Google website at https://support.google.com/ads/answer/2662922 and change your personalised advertising preferences. Please keep in mind that these settings may not affect all of your devices. If you use a device with your Google account, pseudonymous identifiers may be assigned to your account. If you do not want this to happen, please log out.
We process your personal data in accordance with the applicable data protection regulations and based on Article 26 of the German Data Protection Act. When you apply for a job with us online, we process the data that you disclose to us exclusively for the purpose of selecting applicants. Your data is not processed for any other purpose.
You yourself decide how much data you wish to send us in your online application. Online applications are transferred electronically to our personnel department where they are processed as quickly as possible. All data transfer is encrypted. As a rule, applications are forwarded to the relevant heads of department in our company. Your data is not transferred to anyone else. Your data will be treated confidentially in our company. If your application is unsuccessful, your documents will be deleted after [6 months].
If you want us to consider your application for other or future job opportunities, please include a note to this effect in your application. We will then process your data based on Article 6 (1)(a) of GDPR.