×
Search
Vincorion > Privacy Policy
I. Controller

The controller as defined by Article 4 of the GDPR is:
VINCORION Advanced Systems GmbH, Feldstrasse 155, 22880 Wedel, Germany
Phone: +49-4103-60-0
Email: info@vincorion.com

You can reach our data protection officer at akirsch@goerg-dienstleistungen.de or via postal mail at the above address.

II. General information on data processing
1. Scope of the processing of personal data

We only process the personal data of our users to the extent that this is necessary to provide a functional website as well as our content and services. We generally only process our users’ personal data after obtaining the consent of the user. An exception applies in such cases in which the processing of the data is permitted by legal regulations.

2. Legal basis for the processing of personal data

To the extent that we obtain the consent of the data subject for the processing of personal data, Art. 6(1) a EU General Data Protection Regulation (GDPR) is the legal basis for the processing of personal data.

Where the processing of personal data is necessary for the fulfillment of a contract to which the data subject is a party, Art. 6(1) b GDPR is the legal basis. This also applies to processing that is necessary to carry out pre-contractual measures.
To the extent that the processing of personal data is necessary to fulfill a legal obligation imposed on our company, Art. 6(1) c GDPR is the legal basis.
Where processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6(1) f GDPR is the legal basis for processing.

If cookies or similar technologies are used in the context of data processing, the storage of information on the user’s device or accessing information already stored on the user’s device is carried out in accordance with section 25(1) of Germany’s Telecommunications Digital Services Data Protection Act (abbreviated TDDDG in German) in conjunction with Article 6(1)(a) of the GDPR and the further processing of such personal data in accordance with Article 6(1) of the GDPR as described above.

If the use of cookies is absolutely necessary, this is carried out on the basis of section 25(2) of the TDDDG and the further processing of such personal data in accordance with Article 6(1) of the GDPR as described above.

3. Data erasure and storage duration

The user’s personal data will be erased or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or erased if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.

III. Provision of the website and creation of log files
1.  Description and scope of data processing

Every time you visit our website, our system automatically collects data and information from the computer system of the visiting computer. The following data are collected:

  • Date, time, access status (file found, not found, etc.) and the request that your browser has sent to the server
  • The amount of data transferred and the website from which you accessed the requested page, and
  • The individual pages that you visit on our website
  • The product and version information of the browser used (user agent) as well as the preferred language set
  • GEO IP data
  • The IP address of the user.

The data are also stored in our system’s log files. These data are not stored together with other personal data of the user.

2. Legal basis for data processing

The legal basis for the temporary storage of data and log files is Art. 6(1) f GDPR.

3. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this, the user’s IP address must remain stored for the duration of the session.

The data are stored in log files to ensure the correct functioning of the website. In addition, the data help us to optimize the website and to ensure the security of our IT systems. The data are not analyzed for marketing purposes in this context.

Our legitimate interest in data processing pursuant to Art. 6(1) f GDPR also lies in these purposes.

4.  Duration of storage

The personal data will be erased as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the session in question has ended.
If the data are stored in log files, this is the case after one month at the latest.

Further storage is possible in anonymous form. In this case, the IP addresses of the users are erased or distorted, so that it is no longer possible to allocate the visiting client.

5.  Objection and elimination option

The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Consequently, it is not possible for the user to object.

IV. Use of cookies
1. Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. If a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a distinctive string that enables an unambiguous identification of the browser when the website is visited again.

We use strictly necessary cookies to make our website more user-friendly. Some elements of our website require the visiting browser to be identified even after a page change.

The following data are stored and transferred in the cookies:

  • Globally Unique Identifier (GUID)
  • Language settings
  • Shared secret (alphanumeric string)
  • Boolean
2. Legal basis for data processing

The legal basis for the storage and use of such strictly necessary cookies is section 25(2) of the TDDDG. The legal basis for the subsequent processing of personal data using these cookies is Article 6(1)(f) of the GDPR.

3. Purpose of data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some features of our website cannot be offered without the use of cookies. For these features, it is necessary for the browser to be recognized even after a page change.

We need cookies for the following applications:

  • Identification of the user session in the server’s memory
  • Prevention of and defense against attacks (e.g. anti-forgery tokens to prevent cross-site request forgery)
  • Storage of the information that the user has read and accepted the Privacy Policy
  • Storage of the information that the user does not want to be redirected to the URL suitable for his country

The user data collected by technically necessary cookies are not used to create user profiles.

Our legitimate interest in processing personal data pursuant to Art. 6(1) f GDPR also lies in these purposes.

4. Duration of storage, objection and elimination option

Cookies are stored on the user’s computer and transferred to our site from here. Therefore, you as a user also have full control over the use of cookies. You can deactivate or restrict the transfer of cookies by changing the settings in your Internet browser. Cookies that have already been stored can be erased at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website in full.

V. Contact form and e-mail contact
1. Description and scope of data processing

The website provides a contact form, which can be used for making contact electronically. If a user makes use of this option, the data entered in the input mask are transferred to the Jenoptik-Group company responsible for processing the request in question and stored. These data are:

  • Title
  • Name*
  • Company
  • Country
  • Telephone number
  • E-mail address*
  • Request text
  • Existing customer or new customer
  • Customer Number

whereby mandatory fields are marked with (*).

At the time the message is sent, the following data are also stored:

  • The user’s IP address
  • Date and time of registration

Context data (referrer, domain, browser language, user’s country, etc.).

For the processing of the data, during the sending process your consent is obtained and reference is made to this Privacy Policy.

Alternatively, you can contact us via the e-mail address provided. In this case, the user’s personal data transferred by e-mail will be stored.

The data will not be passed on to third parties in this context. The data are used exclusively for processing the conversation.

2. Legal basis for data processing

The legal basis for the processing of data with the presence of the user’s consent is Art. 6(1) a GDPR.

The legal basis for the processing of data transferred in the course of sending an e-mail is Art. 6(1) f GDPR. Where the e-mail contact is for the purpose of concluding a contract, the additional legal basis for the processing is Art. 6(1) b GDPR.

3. Purpose of data processing

We only process personal data from the input mask for the purpose of processing the establishment of contact. Where contact is made by e-mail, this also constitutes the necessary legitimate interest in the processing of the data.
The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our IT systems.

4. Duration of storage

The personal data will be erased as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those that were sent by e-mail, this is the case when the particular conversation with the user is finished. The conversation is finished when it can be inferred from the circumstances that the matter in question has been clarified.

The additional personal data collected during the sending process will be erased after three months at the latest.

5. Objection and elimination option

The user is able to withdraw his consent to the processing of his personal data at any time. If the user contacts us by e-mail, he may object to the storage of his personal data at any time. In such a case, the conversation cannot be continued. To withdraw his declaration of consent, the user only has to notify us of this. All personal data stored in the course of contacting us will be erased in this case.

6. Commenting

You have the possibility to leave comments on individual contributions on this website. If users leave a comment, the IP address of the author or the respective subscriber and the deposited e-mail address, as well as the given name will be saved for our security. The IP address will not be passed on to third parties or compared with other data collected on this site. This storage is only carried out in the event that the user’s comment contains illegal content, for example, because the user infringes the rights of third parties. The legal basis for the processing is Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in protecting ourselves from possible infringements of the law.

VI. Whistleblower Hotline
1. Hotline

As part of our compliance management system, we have set up a whistleblower hotline. This hotline gives you the ability to provide us with information on matters that we have a legitimate interest in knowing about.

We have engaged the law firm Heuking Kühn Lüer Wojtek as an outsourced internal whistleblower hotline provider (hereinafter referred to as the “hotline provider”) to receive and review such information.

Information can be submitted to the hotline provider via web form, telephone, email, or postal mail.

Information can be submitted to the hotline provider anonymously.

Use of the whistleblower hotline is voluntary.

When you submit information to the hotline provider, the hotline provider saves the information you submit. This includes your own personal information, if you choose to disclose it, and usually the names and other personal information of the individuals you name in your report. Further details on how the hotline provider handles your personal data can be found in the hotline provider’s privacy policy.

2. Categories of Personal Data That We Process

We receive a report from the hotline provider once they have reviewed information that has been submitted that may include the following personal data:

  • Names and other personal data of the person providing the information (only if the person providing the information does not wish to remain anonymous and agrees to the information being disclosed to us)
  • Names and other personal data disclosed in the information submitted related to the individuals named in the information submitted

In the course of further investigating the reported matter and further processing, we may collect and process additional personal data.

3. Purpose of Data Processing, Legal Basis

The purpose of processing the data provided to us by the hotline provider is to address and manage indications of compliance violations, violations of legal requirements, and violations related to our business operations by employees, customers, suppliers, and other third parties.

The legal basis for the processing of your personal data as a person providing information is, insofar as you disclose your identity and agree to your name being disclosed to us by the hotline provider,  your consent (Article 6(1)(a) of the GDPR).

The legal basis for the processing of the personal data of the individuals included in the information you provide is our legitimate interest in detecting and preventing violations of the law and misconduct (Article 6(1)(f) of the GDPR). We have a legitimate interest in detecting and preventing legal violations and misconduct to the extent that we are legally obligated to do so in certain areas. Furthermore, such violations can not only cause considerable financial damage, but also lead to significant damage to the company’s reputation.

If the individual named is an employee of ours, the legal basis for processing in the course of addressing or further investigating the reported matter is Section 26(1)(1) of Germany’s Federal Data Protection Act (abbreviated BDSG in German) (i.e., “processing for purposes of employment”) or Section 26(1)(2) of the BDSG (i.e., “processing for purposes of uncovering criminal offenses”) and, if applicable, our legitimate interest as described above (Article 6 (1)(f) of the GDPR).

4. Disclosure to Third Parties

If the information submitted concerns another company in our group of companies, we will disclose the information and the results of any further investigation to this company within our group of companies.

We may disclose the information submitted and the results of any further investigation of the reported matter to courts, public authorities, and other government offices. This may be the case if we are legally obligated to disclose the information or if this is necessary for the establishment, exercise, or defense of legal claims.

Within the course of investigating the matter and/or in establishing, exercising, or defending against legal claims, we may also seek the assistance of law firms and/or auditing companies.

In addition, we may involve (technical) service providers in the clarification and processing of the reported matter, who in this case act for us as processors within the meaning of Article 28 of the GDPR and are bound by instructions on the basis of corresponding agreements.

5. Duration of Data Storage

We will retain personal data for as long as is necessary to investigate and clarify the situation and any subsequent measures, or for as long as we have a legitimate interest in doing so, or for as long as is required by law. Afterwards, the data will be deleted in accordance with the legal requirements.

6. Transfer of Data to Third Countries

As a general rule, we will not transfer personal data from information submitted via the whistleblower hotline to countries outside the European Union (EU) or the European Economic Area (EEA), unless the information relates to a company in our group of companies that is located in a country outside the EU or the EEA. Countries outside the European Union or the European Economic Area may have different laws in place governing the protection of personal data. In the event that we do transfer data in this way, we will always comply with the applicable data protection and privacy laws.

VII. etracker

The provider of this website uses the services of etracker GmbH, Hamburg, Germany (www.etracker.com) to analyse usage data. We do not use cookies for web analysis by default. If we use analysis and optimisation cookies, we will obtain your explicit consent separately in advance. If this is the case and you agree, cookies are used to enable a statistical range analysis of this website, a measurement of the success of our online marketing measures and test procedures, e.g. to test and optimise different versions of our online offer or its components. Cookies are small text files that are stored by the Internet browser on the user’s device. etracker cookies do not contain any information that could identify a user.

The data generated by etracker on behalf of the provider of this website is processed and stored by etracker solely in Germany by commission of the provider of this website and is thus subject to the strict German and European data protection laws and standards. In this regard, etracker was independently checked, certified and awarded with the ePrivacyseal data protection seal of approval.

The data processing is based on Art. 6 Section 1 lit f (legitimate interest) of the General Data Protection Regulation (GDPR). Our legitimate interest is the optimisation of our online offer and our website. As the privacy of our visitors is very important to us, the data that may possibly allow a reference to an individual person, such as IP address, registration or device IDs, will be anonymised or pseudonymised as soon as possible. etracker does not use the data for any other purpose, combine it with other data or pass it on to third parties.

You can object to the outlined data processing at any time by clicking on the slider. The objection has no disadvantageous consequences. If no slider is displayed, the data collection is already prevented by other blocking means.

Further information on data protection with etracker can be found here.

VIII. Google Analytics
1. Description and scope of data processing

We use the component Google Analytics on our website. Google Analytics is a web analysis service operated by Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. Web analysis is the collection, recording and evaluation of data about the behavior of users on our website. A web analysis service collects, among other things, data about which website the user came to a website from, which subpages of the website were accessed or how often and for how long a subpage was viewed.

We use the addition “_gat._anonymizeIp” for web analysis via Google Analytics. By means of this addition, Google shortens the IP address of the user and thus makes it anonymous if our websites are accessed from a Member State of the European Union or from another signatory to the agreement on the European Economic Area. The shortening of the IP address results in anonymization. It is then no longer possible to assign the shortened address to an identified or identifiable person.

In accordance with section 25(1) of the TDDDG, Google Analytics only stores a cookie on the user’s device with their express consent. By placing the cookie, Google is able to analyze the use of our website. Each time one of the individual pages of this website is visited, the Internet browser on the user’s computer is automatically prompted by the Google Analytics component to transmit data to Google for the purpose of online analysis. As part of this technical procedure, Google obtains knowledge of user data, such as the shortened IP address of the data subject, which allows Google, among other things, to trace the origin of visitors and clicks.

The cookie is used to store personal data, such as the access time, the location from which access originated and the frequency of visits to our website by the user. Whenever you visit our website, these data, including the IP address of the Internet connection used by the data subject, is transferred to Google in the USA. These personal data are also stored by Google in the USA. Google may pass on these personal data collected through the technical procedure to third parties.

2. Legal basis for data processing

The legal basis for the processing of your personal data is Article 6(1)(a) of the GDPR.

3. Purpose of data processing

The purpose of using Google Analytics is to analyze the flow of visitors to our website. Google uses the data and information obtained to evaluate the use of our website in order to compile online reports for us that show activity on our website and to provide other services in connection with the use of our website. This enables us to further optimize our website for the user.

Our legitimate interest in processing personal data pursuant to Art. 6(1) f GDPR also lies in these purposes.

4. Duration of storage

The data stored via Google Analytics will be automatically erased by us after 26 months.

5. Objection and elimination option

As mentioned above, the user may prevent the storage of cookies by our website at any time by changing the settings of the Internet browser used and thus permanently objecting to the storage of cookies. In addition, a cookie already stored by Google Analytics can be erased at any time via the Internet browser or other software programs.

Furthermore, the user has the option of objecting to and thus preventing the collection of data generated by Google Analytics as well as the processing of these data by Google. To do this, the user must download and install a browser add-on under the link https://tools.google.com/dlpage/gaoptout. This browser add-on automatically informs Google Analytics after installation that no data and information on the user’s visits to websites may be transferred to Google. The installation of the browser add-on is deemed an objection. If the user’s system is erased, formatted and reinstalled in the future, the user must reinstall the browser add-on to deactivate Google Analytics.

6. Additional information

Further information and Google’s current privacy policy can be found at https://www.google.de/intl/de/policies/privacy/ and at

http://www.google.com/analytics/terms/de.html . Google Analytics is explained in more detail at https://www.google.com/intl/de_de/analytics/ .

IV. Google Web Fonts

This website uses so-called Web Fonts provided by Google to ensure the uniform use of fonts on this site. These Google fonts are locally installed so that a connection to Google’s servers will not be established in conjunction with this application.

X. Social media

We do not use data processing social media plug-ins from social networks on our website.

1. What categories of personal data do we process, and for what purposes?

We process your personal data when you visit VINCORION on social media platforms. We use our social media profiles to offer a wide range of multimedia services and discuss ideas on subjects that are important to you.

In addition to the respective provider of the social network, we also collect and process personal user data via our social media profiles. In this document, we explain which data we collect from you in connection with our social media profiles, how we use this data, and how you can object to its use. We make reference to the individual social media platforms when discussing the respective purposes of data processing and data categories, and these are explained in more detail below.

Data processing serves the following purposes:

  • Communication with visitors to VINCORION’s social media profiles
  • Processing inquiries from visitors to our VINCORION social media profiles
  • Collecting statistical data on the reach of VINCORION’s social media profiles
  • Conducting customer surveys, marketing campaigns, market analyses, sweepstakes, competitions, or similar promotions or events
  • Resolving disputes, including legal disputes; substantiating, exercising, or defending against legal rights/claims or litigation; and enforcing existing contracts

Processing your personal data is necessary for these purposes.

If the purpose of your message or inquiry is to establish a contractual relationship with VINCORION, the legal basis for this processing is Article 6(1)(b) of the GDPR.

If we intend to process your personal data for a purpose other than the purposes described above, we will inform you accordingly before processing.

2. VINCORION on LinkedIn

VINCORION’s pages on the social network LinkedIn are operated by the LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter referred to as LinkedIn). When you visit VINCORION’s LinkedIn pages, LinkedIn processes your personal data in accordance with their privacy policy, which can be found here.

On LinkedIn, we process the following personal data:

  • Your LinkedIn user name as well as comments on our VINCORION LinkedIn pages and messages you send us via our VINCORION LinkedIn pages
  • Other information necessary to respond to messages and inquiries from our visitors or to clearly identify our visitors in our systems
Joint Controllership with LinkedIn

We use the statistical information collected in connection with the use of our LinkedIn company profile (such as visits to our website, the number of interactions, information about what countries and cities our visitors are from, and statistics about our visitors’ field of work) that LinkedIn provides in anonymized form via the LinkedIn Page Analytics service. It is not possible for VINCORION to identify individual users or to access individual user profiles using this data.

For this reason, VINCORION and LinkedIn are considered to be “joint controllers” as defined by the GDPR and have therefore entered into what is known as a “Joint Controller Addendum” to meet the requirements of the GDPR. This agreement governing our joint controllership can be found here. There you will find all of the information that is relevant to you as a data subject, particularly with regard to exercising your rights as a data subject.

VINCORION has no control over the processing of personal data in connection with your use of our LinkedIn company page beyond the processing of personal data mentioned in this Privacy Policy.

LinkedIn Insight Tag

With your consent, our website uses the LinkedIn Insight Tag conversion tool made available by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. In accordance with section 25(1) of the TDDDG, this tool saves a cookie on your device only after you have granted your explicit consent. This cookie allows us to collect the following data: your IP address, device and browser properties, and page events (e.g. page views). This data is encrypted, anonymized within seven days, and the anonymized data is deleted within 90 days. LinkedIn does not share any personal data with VINCORION, but provides anonymized reports on our website’s audience and ad performance. In addition, LinkedIn offers the ability to implement retargeting campaigns via the Insight Tag. VINCORION can use this data to display targeted advertising to website visitors off of its website, without identifying the website visitor specifically. Accordingly, this data is processed for the purpose of improving our website and our advertising. You can find more detailed information on privacy and data protection on LinkedIn in the LinkedIn privacy policy.

LinkedIn users can manage the use of their personal data for advertising purposes in their account settings. To disable the Insight tag on our website (“opt out”), please click here.

We hereby expressly inform you that data may be transferred to third countries.

The legal basis for the processing of your personal data is Article 6(1)(a) of the GDPR.

3. VINCORION on XING

VINCORION’s pages on the social network XING are operated by XING SE, Dammtorstrasse 30, 20354 Hamburg, Germany (hereinafter referred to as XING). When you visit VINCORION’s XING pages, XING processes your personal data in accordance with their privacy policy, which can be found here.

We use the statistical information collected in connection with the use of our VINCORION pages on XING (such as the number of interactions with our page and statistics on the age composition and employment status of our visitors) that XING provides in anonymized form via its statistical service. It is not possible for VINCORION to identify individual users or to access individual user profiles using this data.

On XING, we process the following personal data:

  • Your XING user name as well as comments on our VINCORION XING pages and messages you send us via our VINCORION XING pages
  • Your activity on our VINCORION pages on XING via XING’s statistical service, e.g. the number of interactions, statistics on age composition, and the employment status of our visitors
  • Other information necessary to respond to messages and inquiries from our visitors or to clearly identify our visitors in our systems
4. VINCORION on YouTube

When you visit VINCORION on YouTube, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as the provider of YouTube, collects and processes personal data to the extent described in the company’s privacy policy. Google’s privacy policy can be found here.

We use the statistical information collected in connection with the use of our VINCORION YouTube channel (such as visits to our website, the number of interactions, the average length of video playback, information about which countries and cities our visitors are from, and statistics about the gender ratio of our visitors) that YouTube provides in anonymized form via the YouTube Analytics service. It is not possible for VINCORION to identify individual users or to access individual user profiles using this data.

On YouTube, we process the following personal data:

  • Your YouTube username and comments posted on our VINCORION YouTube channel
  • Your activity on our VINCORION YouTube channel via the YouTube Analytics service, such as visits to our website, the number of interactions, the average length of video playback, information about which countries and cities our visitors are from, and statistics about the gender ratio of our visitors
  • Other information necessary to respond to messages and inquiries from our visitors or to clearly identify our visitors in our systems

We do not save or process any of your personal data except your YouTube username when you send us a direct message.

5. VINCORION on Twitter

When you visit VINCORION on Twitter, Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, collects and processes personal data to the extent described in the company’s privacy policy. Twitter’s privacy policy can be found here.

We use the statistical information collected in connection with the use of our VINCORION Twitter profiles (such as visits to our website, the number of interactions, information about which countries and cities our visitors are from, and statistics about the gender ratio of our visitors) that Twitter provides in anonymized form via the Twitter Analytics service. It is not possible for VINCORION to identify individual users or to access individual user profiles using this data.

On Twitter, we process the following personal data:

  • Your Twitter user name as well as comments on our VINCORION Twitter pages and messages you send us via our VINCORION Twitter pages
  • Your activity on our VINCORION Twitter pages via the Twitter Analytics service, such as visits to our website, the number of interactions, the average length of video playback, information about which countries and cities our visitors are from, and statistics about the gender ratio of our visitors
  • Other information necessary to respond to messages and inquiries from our visitors or to clearly identify our visitors in our systems

We do not save or process any of your personal data except your Twitter username when you send us a direct message.

6. Meta Pixel

Our website uses a visitor activity pixel from Facebook/Instagram, Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland (“Meta”) to measure conversions. This makes it possible to track the behavior of site visitors after they have been redirected to an advertiser’s website by clicking on a Facebook/Instagram ad. The information gathered in this way can be used to evaluate the effectiveness of Facebook/Instagram ads for statistical and market research purposes and to optimize future advertising efforts. As the operator of this website, the collected data is completely anonymous to us; i.e., we cannot use it to determine the identity of the user. This data is saved and processed by Facebook/Instagram, however, which means that it is possible to link it to the respective user profile and for Facebook/Instagram to use the data for its own advertising purposes in accordance with the Facebook/Instagram data usage guidelines. This allows Facebook/Instagram to enable the placement of ads on Facebook/Instagram pages as well as outside of Facebook/Instagram. We, as the website operator, have no influence over this use of the data.

The legal basis for this data processing is your consent in accordance with Article 6(1)(a) of the GDPR.

Please refer to the Facebook/Instagram privacy policies for more information about how to protect your privacy:

https://www.facebook.com/about/privacy/

https://privacycenter.instagram.com/policy/

You can also disable the “Custom Audiences” remarketing feature in the “Advertising Settings” section. You must be logged in to Facebook/Instagram to do this.

If you do not have a Facebook/Instagram account, you can disable usage-based advertising from Facebook/Instagram on the European Interactive Digital Advertising Alliance website:

https://www.youronlinechoices.com/de/praferenzmanagement/.

7. Who do we share your personal data with?

Within our company, access to this data is only granted to individuals and units that require personal data to fulfill the aforementioned purposes.

We may disclose personal information to supervisory authorities, courts of law, or law firms to the extent necessary to ensure compliance with applicable law or to exercise, enforce, or defend our legal rights where permitted by law.

8. How long do we keep your personal data?

Unless expressly stated otherwise (e.g. in a special declaration of consent), we delete your personal data as soon as it is no longer required for the aforementioned purposes, unless such deletion or restriction would be in violation of our legal obligations to retain data (e.g. retention periods under commercial or tax law). Your messages sent through our social media profiles will be deleted three months after the end of our conversation, at the latest, if your request has been answered and there is no other reason authorizing or obligating us to keep these messages.

XI. Your rights as a person affected by data processing

1. What rights can you exercise as a data subject?

Our visitors can request information about their personal data that we have saved and processed. In addition, under certain circumstances, our visitors may request the correction or deletion of personal data concerning them. They may also have a right to restrict the processing of personal data and a right to receive or have us transfer to another controller the data they have provided us in a structured, commonly used, and machine-readable format.

2. Right to Object

If we process their personal data on the basis of their consent, our visitors have the right to object to the processing of this personal data at any time. If we process personal data from our visitors to protect our legitimate interests, our visitors can object to such processing at any time for reasons arising from their specific situation. In the event of an objection, we will stop processing the data subject’s personal data unless we can demonstrate compelling legitimate grounds that override the interests, rights, and freedoms of the data subject or if the processing is necessary for the establishment, exercise, or defense of legal claims.

LinkedIn has agreed to take primary responsibility for the processing of personal data through the Page Insights service offered by LinkedIn. This applies to the processing of Page Insights data and the enforcement of the rights of data subjects. As such, please contact LinkedIn directly about all obligations under the GDPR in connection with the processing of Page Insights data. Although you may assert your rights vis-à-vis our company, we will forward any requests we receive from you to LinkedIn.

3. Where can I lodge a complaint?

Without prejudice to any other administrative or judicial remedies, our visitors have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which they reside or in which the alleged infringement took place, if our visitors considers that the processing of personal data relating to them violates the GDPR.

The supervisory authority with which the complaint has been lodged will inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.

 

XII. Processing of data in countries outside the European Economic Area

Where we process data in third countries (countries outside the EU/EEA) or transmit data to companies in third countries, we will only do so if we are authorized to do so by you or by the law. If there is no adequacy decision by the Commission pursuant to Art. 45 GDPR for the third country concerned, i.e. there is no adequate level of data protection in the third country, we ensure through contractual provisions (standard EU contractual clauses on data protection) or other suitable guarantees as defined by Art. 46 GDPR that your privacy and your personal data are also adequately and legally protected in the company in the third country. If the data is transferred to the United States or another country that does not offer an equivalent level of data protection, please note that there is a theoretical risk that your data may be processed by US authorities for the purposes of inspection and monitoring, potentially without you having any legal recourse.

Contact us! Contact me!