Protecting your privacy
is important to us

Privacy statement

Thank you for visiting our website. Please find below information pursuant to Art. 13 of the General Data Protection Regulation (GDPR) about how we use your personal data.

Controller

The controller responsible for data processing as described below is the authority specified in the legal notice.

Usage data

When you visit our website, a log of so-called usage data is temporarily stored on our web server and analysed for statistical purposes in order to improve the quality of our website. This data record includes

  • the name and address of the requested content,
  • the date and time of the request,
  • the data volume transmitted,
  • the access status (content transmitted, content not found),
  • the description of the web browser and operating system used,
  • the referral link specifying which website you accessed our website from,
  • the IP address of the requesting computer, shortened to ensure that it can no longer be connected to an identifiable person.

The above log data is only stored in anonymised form.

Data security

In order to protect your data from unauthorised access as much as possible, we take technical and organisational measures. We use an encryption method on our website. Your data is transmitted from your computer to our server and vice versa via the internet using TLS encryption. This is usually indicated by the closed lock symbol in your browser’s status bar and the URL starting with https://.

Necessary cookies

Our website uses cookies that are necessary for using our website.

Cookies are small text files that are stored and can be read on your terminal. There are session cookies that are deleted as soon as you close your browser, and persistent cookies that are stored even after the session has been terminated.

We do not use these necessary cookies for analysis, tracking or promotional purposes.

Sometimes, these cookies only contain information on certain settings with no reference to any identifiable person. They may also be necessary to enable user prompting, security and implementation of the page.

We use such cookies in accordance with Art. 6(1) lit. f GDPR.

You can adjust your browser settings to notify you when cookies are set in order to make the use of cookies transparent for you. Furthermore, you can delete cookies using the corresponding browser setting and prevent the setting of new cookies at any time. Please note that in this case, our website may no longer be displayed correctly and some features may no longer be available to you.

Matomo

For a needs-based design of our website, we use the “Matomo” web analytics tool. Matomo creates usage profiles based on anonymous usage data (hash value of the operating system, the browser, the browser plugins, the anonymised IP address and the browser language). It does not set any cookies. If, in exceptional cases, reference to any identifiable person must be assumed to be possible, the data is processed in accordance with Art. 6(1) lit. f GDPR.

You can object to the processing at any time.  In this case, an opt-out cookie will be set in your browser, preventing the storage of usage data by Matomo. If you delete your cookies, the Matomo opt-out cookie will be deleted as well. You will need to reactivate the opt-out when you next visit our website.

Contact form

You can contact us by means of our contact form. In order to use the contact form, we first need the information in the fields marked as mandatory.

We will use this data in accordance with Art. 6(1) lit. f GDPR to respond to your enquiry.

The data will only be processed in order to respond to your enquiry. Your data will be deleted as soon as it is no longer required, provided that it is not subject to statutory obligations to retain such data.

As regards the processing in accordance with Art. 6(1) lit. f GDPR, you have the right to object an any time. For this purpose, please send an email to the email address specified in the legal notice.

Embedded videos

We embed videos on our website that are not stored on our servers. To ensure that calling up our website with embedded videos does not automatically cause third-party content to be downloaded, we only display thumbnail images of the videos stored locally at first. This does not transmit any data to the third-party provider.

Only by clicking on the thumbnail is the third-party content downloaded, whereupon the third-party provider is notified that you have called up our website and given the usage data required for technical purposes. We have no influence on the data processing by the third-party provider. By clicking on the thumbnail, you are giving your consent to download the third-party content.

Videos are embedded based on your consent in accordance with Art. 6(1) lit. a GDPR, provided that you have given your consent by clicking on the thumbnail. Please note that the embedding of many videos means that your data will be processed outside the EU or EEA. In some countries, there is a risk that authorities may access the data for security and surveillance purposes without your being informed or having the right to appeal. If we use providers in insecure third countries and you give your consent, the transfer to an insecure third country is based on Art. 49 para. 1 lit. a DSGVO.

Provider

Appropriate level of protection

Withdrawal of consent

YouTube / Google LLC (USA)

No adequate level of data protection.
The transmission is based on Art. 49 para. 1 lit. a DSGVO.

The content of the third-party provider is downloaded immediately upon clicking on a thumbnail. If you do not want such content to be downloaded on other pages, please do not click on the thumbnails.

Other processors

We provide your data to service providers who assist us with the operation of our website and the associated processes within the framework of contract data processing, e.g. to hosting service providers. Our service providers are strictly bound by our instructions and governed by a corresponding contract.

Please find below the processors we employ that have not yet been disclosed in the text of the privacy statement above. If, within this framework, data is transmitted to parties outside the EU or the EEA, we provide information on the appropriate level of protection.

Processor

Purpose

Appropriate level of protection

Nevicon GmbH

Webhosting and support

Processing only within the EU/EEA

Your rights as data subject

When your personal data is being processed, the GDPR grants you as data subject certain rights:

Right of access (Art. 15 GDPR)

You have the right to obtain confirmation as to whether or not personal data concerning you are being processed; where that is the case, you have the right to access such personal data and the information specified in Art. 15 GDPR.

Right to rectification (Art. 16 GDPR)

You have the right to obtain the rectification of inaccurate personal data concerning you without undue delay and, if necessary, to have incomplete personal data completed.

Right to erasure (Art. 17 GDPR)

You have the right to obtain the erasure of personal data concerning you without undue delay where one of the grounds specified in Art. 17 GDPR applies.

Right to restriction of processing (Art. 18 GDPR)

You have the right to obtain restriction of processing where one of the prerequisites specified in Art. 18 GDPR applies, e.g. when you have objected to processing, for the duration of the verification by the controller.

Right to data portability (Art. 20 GDPR)

In certain cases specified in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format and to have those data transmitted to a third party.

Right to object (Art. 21 GDPR)

Where personal data is collected in accordance with Art. 6(1) lit. f GDPR (data processing for legitimate interests) or in accordance with Art. 6(1) lit. e GDPR (data processing in the public interest or in the exercise of official authority), you have the right to object to the processing, on grounds relating to your particular situation, at any time. We will then cease to process such personal data, unless there are verifiable compelling legitimate grounds for the processing which override your interests, rights and freedoms, or processing is required for the assertion, exercise or defence of legal claims.

Right to lodge a complaint with a supervisory authority

Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data relating to you infringes the provisions of privacy law. The right to lodge a complaint may in particular be exercised with a supervisory authority in the Member State of your habitual residence, your place of work or the place of the alleged infringement.

Contact details of the data protection officer

Our external data protection officer is at your disposal for your requests regarding the issue of data protection:

datenschutz nord GmbH
Konsul-Smidt-Straße 88
28217 Bremen
Germany

office@datenschutz-nord.de
www.datenschutz-nord-gruppe.de

If you contact our data protection officer, please specify the controller indicated in the legal notice.