Privacy Policy

1. Privacy Policy

Thank you for visiting our website. In this Policy, we would like to inform you about how we handle your data in accordance with Art. 13 of the General Data Protection Regulation (GDPR).

2. Controller

The Controller for the data processing operations described below is the office named in the imprint.

3. Usage Data

When you visit our website, our web server temporarily evaluates usage data for statistical purposes in order to improve the quality of our website. This data consists of the following data categories:

  • – the name and address of the requested content,
  • – the date and time of the query,
  • – of the transferred data volume,
  • – the access status (content transferred, content not found),
  • – the description of the used web browser and operating system,
  • – the referral link, which indicates from which page you reached ours,
  • – the IP address of the requesting computer, which is shortened in such a way that a personal reference can no longer be established.

The above-mentioned log data will only be evaluated anonymously.

4. Data Security

We take technical and organizational measures to protect your data as comprehensively as possible from unwanted access. These measures include encryption procedures on our web pages. Your data is transferred from your computer to our server and vice versa via the internet using TLS encryption.

You can usually recognize this by the fact that the lock symbol in the status bar of your browser is closed and the address line begins with https://.

5. Webhosting

We are supported in the hosting of our website by the service provider Kontent (Kontent GmbH, Winkelhauserstr. 63, 47228 Duisburg, Germany), on whose server our Internet pages are stored and made available.

Kontent is strictly bound by instructions to us and is contractually obligated accordingly.

Further information on data protection at Kontent can be found at https://www.kontent.com/ .

6. Content Delivery Network

We use the content delivery network (CDN) “jsDelivr” to properly deliver the content of our website. jsDelivr is a service of ProspectOne, Królewska 65A/1, 30-081, Krakow, Poland.  A CDN helps to provide content of our online service, in particular files such as graphics or scripts, more quickly with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Instagram, Inc., whereby your IP address and possibly browser data such as your user agent are transmitted.

We would like to point out that your data collected via the service may be transmitted and processed outside the area of the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR may not be complied with and that the enforcement of your rights may not be possible or may be difficult.

The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in a secure and efficient provision as well as the optimisation of our online offer according to Art. 6 para. 1 lit. f GDPR.

Further information can be found in the Instagram privacy policy: https://www.jsdelivr.com/terms/privacy-policy-jsdelivr-net.

7. Cookies

7.1. Necessary Cookies

On our website, we use cookies which are necessary in order for the site to function.

Cookies are small text files that can be placed on your computer or mobile device by websites that you visit.

A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session.

We do not use these necessary cookies for analysis, tracking or advertising purposes.

In some cases, these cookies only contain information on certain settings and cannot be linked to a person. They may also be necessary to enable user guidance, security and implementation of the site.

The legal basis for using these cookies is our legitimate interest according to Art. 6 (1) (f) GDPR.

You can set your browser to inform you about the placement of cookies. This is in order to make the use of cookies transparent for you.

You can also delete cookies or prevent the setting of new cookies at any time by using the appropriate browser settings.

Please note that if you delete certain cookies, our web pages may not be displayed correctly and some functions may no longer be available.

7.2. Non-essential Cookies

When you enter our website, we inform you about the types of cookies we use and give you the option to agree or not to individual types of cookies. We do not load non-essential cookies until you have consented to their use by type.

Our website uses the cookie consent technology of Borlabs Cookie to obtain your consent within the meaning of Art. 6 (1) p. 1 lit. a DSGVO to store certain cookies in your browser and to document this in accordance with data protection. The provider of this technology is Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg (hereinafter Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data is not shared with Borlabs.

The collected data will be stored until you request us to delete it or until you delete the Borlabs cookie yourself or until the purpose for storing the data no longer applies. Mandatory legal retention periods remain unaffected. Details on the data processing of Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

Borlabs Cookie Consent Technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c DSGVO.

8. Map Services

On our web sites, we embed map services which are not stored on our servers. In order to prevent the automatic downloading of third-party content when you visit our web sites with embedded map services, we only show locally stored preview images of the maps as a first step. This does not provide the third-party provider with any information.

Only after you click on the preview image, will third-party content be downloaded. This provides the third party with information that you have accessed our site and with the usage data technically required for this purpose. We have no influence on the further data processing by the third-party provider.

By clicking on the preview image, you give us the consent to download contents of the third-party provider.

The legal basis for the embedding processing is your consent if you have previously given your consent by clicking on the preview image.

Please note that the embedding of some map services means that your data may be processed outside the EU or EEA. In some countries, there is a risk that authorities may access the data for security and surveillance purposes without informing you or allowing you to take legal action. Where we use providers in third countries without an adequate level of protection and you give your consent, the transfer to this third country is based on Art. 49 (1) (a) GDPR.

We are using „Google Maps“ Provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://cloud.google.com/maps-platform; privacy policy: https://policies.google.com/privacy;.

9. Webfonts

For a consistent appearance of our site, we use so-called web fonts, which are provide by Google Fonts. When you access a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

Calling up our websites will lead to downloading contents of the third-party providers who provide these functions and contents. As a result, the third-party provider receives the information that you have visited our site as well as the usage data technically required for this purpose.

We have no control on further data processing by the third-party provider.

The implementation is based on Art. 6 (1) (f) GDPR to serve our legitimate interest of making our site as attractive and informative as possible.

If your browser does not support web fonts, a standard font from your computer will be used. Further information on Google Fonts can be found at https://fonts.google.com and in the Google Fonts privacy policy: https://policies.google.com/privacy.

10. Contact Form

You may contact us via our contact form. In order to use our contact form, we will require you to provide the data marked as mandatory.

The legal basis for this processing is Art. 6 (1) (f) GDPR, being our legitimate interest to respond to your request.

Your data will only be used to process your request.  We delete your data if they are no longer required and there are no legal obligations to retain them.

Where the processing of your data is based on legitimate interest in accordance with Art. 6 (1) (f) GDPR, you have the right to object to that processing at any time. To do so, please use the email address provided in the imprint.

11. Storage Period

Unless otherwise specified, we will delete your personal data if they are no longer required for the relevant processing purposes and no legal retention obligations oppose deletion.

12. Your rights as a data subject

When processing your personal data, the GDPR grants you certain rights as a data subject:

Right of access by the data subject (Art. 15 GDPR)

You have the right to obtain confirmation as to whether personal data concerning you are being processed; if this is the case, you have the right to be informed of this personal data and to receive the information specified in Art. 15 GDPR.

Right to rectification (Art. 16 GDPR)

You have the right to rectification of inaccurate personal data concerning you and, taking into account the purposes of the processing, the right to have incomplete personal data completed, including by means of providing a supplementary statement without delay.

Right to erasure (Art. 17 GDPR)

You have the right to obtain the erasure of personal data concerning you without undue delay if one of the reasons listed in Art. 17 GDPR applies.

Right to restriction of processing (Art. 18 GDPR)

You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g., if you have objected to the processing, for the duration of our examination.

Right to data portability (Art. 20 GDPR)

In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format, or to request that this data be transferred to a third party.

Right to withdraw consent (Art. 7 GDPR)

If the processing of data is based on your consent, you are entitled to withdraw your consent to the use of your personal data at any time in accordance with Art. 7 (3) GDPR. Please note that the withdrawal is only effective for the future. Processing that took place before the withdrawal is not affected.

Right to object (Art. 21 GDPR)

If data is collected on the basis of Art. 6 (1) 1 f GDPR (data processing for the purpose of our legitimate interests) or on the basis of Art. 6 (1) 1 e GDPR (data processing for the purpose of protecting public interests or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms or if data is still needed for the establishment, exercise or defence of legal claims.

Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

According to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your data violates data protection regulations. This right may be asserted in particular with a supervisory authority in the Member State of your habitual residence, your place of work or the place of the suspected infringement.

Asserting your rights

Unless otherwise described above, please contact us to assert your rights. You will find our contact details in our imprint.

13. Contact details of our data protection officer

Our external data protection officer is available to provide further information on data protection.

datenschutz nord GmbH

Konsul-Smidt-Straße 88

28217 Bremen

Web: www.datenschutz-nord-gruppe.de

E-Mail: office@datenschutz-nord.de

When contacting our data protection officer, please specify the name of the company, stated in our imprint.