Data Protection and Privacy Policy
We would like to welcome to our website and we are delighted you are interested in our company and our products. The THIMM Group (henceforth: THIMM) takes the protection of your personal data very seriously. This Privacy Policy applies to the entire THIMM website, for which THIMM Group GmbH + Co. KG named in the Imprint is responsible.
Our data protection notice for business contacts, customers and suppliers can be viewed here.
In this document we hereby inform you about the collection of personal data in the use of our website. Personal data are all data which are personally related to you, for example, name, address, email addresses, user behaviour. We have undertaken extensive technical and operational safeguards in order to protect your data from accidental or intentional manipulations, loss, destruction or from access by unauthorised persons. Our security procedures are reviewed regularly and adjusted to take any technological advances into account.
1 Controller for data processing
The controller pursuant to the General Data Protection Regulation (GDPR) Article 4 (7) is THIMM Group GmbH + Co. KG, Breslauer Str. 12, 37154 Northeim, Germany
Tel.: +49 5551 703 0
Email: infoline@thimm.de
2 How to contact the data protection officer
You can contact our data protection officer at datenschutz@thimm.de or via our mailing address marked “The Data Protection Officer”.
3 Your rights
In relation to us you have the following rights regarding your personal data:
3.1 General rights
You have the right of access, rectification, erasure, of restriction of processing, of objection to the processing and of data portability. Provided that the processing is based on your consent, you have the right to withdraw consent from us with future effect.
3.2 Rights regarding data processing according to legitimate interest
You have the right pursuant to GDPR Article 21 (1) on grounds relating to your particular situation, to object at any time to processing of personal data concerning you which is based on GDPR Article 6 (1) (e) (data processing in the public interest) or on GDPR Article 6 (1) (f) (data processing to protect a legitimate interest) and this also applies to profiling based on these provisions. In the event of your objection, we shall no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
3.3 Rights relating to direct marketing
Where we process your personal data for direct marketing purposes, you shall have the right pursuant to GDPR Article 21 (2) to object at any time to the processing of personal data concerning you for such marketing purposes and this also applies to profiling to the extent that it is related to such direct marketing.
In the event that you object to the processing for direct marketing purposes, we shall no longer process your personal data for these purposes.
3.4 Right to lodge a complaint with a supervisory authority
You also have the right to lodge a complaint with the responsible data protection supervisory authority about the processing of your personal data.
4 Collection of personal data in the use of our website
If you use our website for informational purposes only, in other words, if you do not register on the site or transfer information to us in any other way, we only collect the personal data that your browser transmits to our server. If you want to view our website we collect the following data which are required technically by us in order to display our website to you and to ensure the stability and security. The legal basis for this is GDPR Article 6 (1)(f).
We use the Mautic software to record the parts of the website you use. We also use Mautic to customise the content and design of the website to meet your needs based on your defined use of the website. Mautic is operated on its own servers in Germany, separate from other software systems.
IP address, date and time of the query, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, transferred data volume, referrer website of the enquiry, browser, operating system and its interface, language and version of the browser software.
The data are also deleted after a statistical evaluation and then only used to improve the attractiveness, content and functionalities of our websites.
5 Making contact by email or contact form
If you contact us by email or via a contact form the data that you share with us (your email address, if applicable your name, telephone number and your postal address) will be saved by us so that we can answer your questions. If we ask for inputs from you via our contact form which are not required solely for the purpose of making contact, we always mark these as optional. These details are used by us to learn more about your query and to improve our processing of your issue. The communication of these data is expressly voluntary and is provided with your consent as stated in GDPR Article 6 (1)(a). To the extent that here it is a question of information regarding communications channels (for instance, email address, telephone number) you also consent that we can also contact you via these communications channels in order to answer your issue. You can of course withdraw your consent for the future at any time. An email to the email address infoline@thimm.de suffices here.
Our emails contain a 1-pixel graphic, which is loaded by our Mautic server as soon as you open the email to read it. This graphic collects technical information (e.g. email software, IP address). The analyses also include the evaluation of whether or at what times our emails are opened. All links and analyses you clicked on will be used to measure success in order to improve our emails and newsletters.
We erase any data that occurs in this context once their storage is no longer required, or we restrict the processing in the case of statutory retention obligations.
6 Newsletter and press distribution list
6.1 General information
With your consent in accordance with GDPR Article 6 (1)(a), you can subscribe to our Newsletter and/or our press distribution list through which we inform you about our current offers, seminar dates and/or press releases.
For registration to our Newsletter or press distribution list we use the double opt-in procedure. This means that after your registration we send an email to you to the specified email address in which we request confirmation that you wish to be sent the Newsletter.
We also save the IP addresses you used and the times of the registration and the confirmation. The purpose of the procedure is to prove your registration and, if applicable, clarify a possible misuse of your personal data.
Mandatory inputs for the sending of the Newsletter are your salutation, name and email address. After your confirmation we save these data for the purpose of sending the Newsletter with a personal form of address. The legal basis for this is GDPR Article 6 (1)(a).
Mandatory inputs for participation in the press distribution list are your salutation, name and email address, your medium/editorial department and your business telephone number.
You can withdraw your consent for the sending of the Newsletter or the participation in the press distribution list at any time and deregister for the Newsletter or press distribution list. You can state the withdrawal by clicking on the link provided in every email or by sending an email to infoline@thimm.de.
7 Participation in prize draws
If you participate in prize draws we collect the data required to conduct the prize draw. Generally these data include an individual prize draw entry (e.g. a comment or a photo) as well as name and contact details. It could happen that we forward these data to our prize draw partners, e.g. for them to send you a prize. The data processing and data forwarding may vary depending on the prize draw and it is therefore described specifically in the respective participation conditions. Participation in a prize draw and the associated data collection is of course voluntary. The legal basis for the data processing is your consent in accordance with GDPR Article 6 (1)(a). Your data are erased after the completion of the prize draw.
8 Job applications
You may apply for a job with our company via electronic means, in particular via email or a web form. We shall of course only use your data to process your application and they shall not be forwarded to third parties. Please note that any emails sent unencrypted are not transmitted with access-protection.
You may also apply for a job with our company online via our application portal. Your online application is forwarded via an encrypted connection directly to the personnel department where it is of course treated confidentially. We shall of course only use your data to process your application and they shall not be forwarded to third parties. Further information regarding data processing as part of a job application procedure can be found in the Privacy Policy of our job application portal.
If you have applied for a specific job and this position has already been filled or if we consider that another job is equally or even better suited to you, then we would be pleased to forward your application within the company. Please inform us if you do not consent to this forwarding.
Your personal data will be erased immediately upon completion of the application procedure, or after a maximum of 6 months unless you have expressly given your consent for a longer storage period for your data or if a contract has been concluded. The legal basis for this is GDPR Article 6 (1) (a)(b)(f) and the German Data Protection Act (BDSG) Article 26.
9 Use of social media plugins
This website uses social media plugs in of the provider(s)
- Facebook (Operator: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA)
- XING (Operator: XING SE, Dammtorstraße 30, 20354 Hamburg, Germany)
- LinkedIn (Operator: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)
As standard these plugins normally collect data from you and transmit these to the servers of the respective provider. In order to guarantee the protection of your privacy we have undertaken technical measures which ensure that your data cannot be collected by the operators of the respective plugins without your consent. When accessing a website where the plugins are incorporated they are initially deactivated. Only by clicking on the respective symbol are the plugins activated and you hereby give your consent that your data is transferred to the respective provider. The legal basis for the use of plugins is GDPR Article 6 (1) (a) and (f).
After activation these plugins also collect personal data such as your IP address and send these to the server of the respective provider where they are saved. When accessing the website concerned, the activated social plugins also set a cookie with a unique identifier. This also enables the providers to create profiles about your user behaviour. This also occurs if you are not a member of the social network of the respective provider. If you are a member of the social network of the provider and you are logged into the social network during your visit to this website, your data and information about the visit to this website can be linked with your profile on the social network. We have no influence on the specific extent of the data collected by the respective provider. Please consult the privacy policies of the respective social network providers for more information on the extent, type and purpose of the data processing and the rights and settings options for the protection of your privacy. These can be retrieved at the following addresses:
Facebook: https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0
XING: https://privacy.xing.com/en/privacy-policy
LinkedIn: www.linkedin.com/legal/privacy-policy
10 Use of cookies
We use several types of cookies on our website: Necessary cookies maintain the functionality of our website. We use Performance Cookies, Functional Cookies and Comfort Cookies, for example, to analyse website usage anonymously or to display videos. If you would like to use all the services on our website, you must select all cookie categories. You can find more information in the cookie statements.
11 Website analyses
For the purposes of analysis and optimisation of our websites we use a range of services which are specified below. This enables us, for instance, to analyse how many users visit our site, which information is the most requested or how users find our website. We also collect data about the website from which a data subject arrived at a specific web page (known as referrer), which sub-pages of the website were accessed or how often and for what period a sub-page was viewed. This helps us to design and improve our website offers to be more user-friendly. The data collected here are not used to identify individual users personally. Anonymous or at most pseudonymous data is collected. The legal basis for this is GDPR Article 6 (1) (f).
12 Advertising
We use cookies for marketing purposes to attract our users with advertising of interest to them. We also use cookies to restrict the probability of a playout of an advertisement and to measure the effectiveness of our advertising measures. This information may also be shared with third parties, e.g. advertising networks. The legal basis for this is GDPR Article 6 (1) (a) and (f). The legitimate interest of direct marketing exists for the purposes pursued with the data processing. You have the right at all times to object to the processing of your data for the purposes of this type of advertising. To this end, as follows, we have made the opt-out options of the various services available to you. Alternatively you can prevent the setting of cookies in your browser settings.
13 Data transfer
Data is in principle not forwarded to third parties unless we are under a legal obligation to do so, or if the data forwarding is required for the execution of the contractual relationship or you have previously expressly consented to the forwarding of your data.
External service providers and partner companies such as online payment providers or the shipping company commissioned to make the delivery shall only receive your data to the extent they are required for handling your order. In these cases the extent of the transmitted data is restricted to the requisite minimum. If our service providers come into contact with your personal data, we ensure within the framework of contract data processing pursuant to GDPR Article 28 that they comply with data protection legislation in the same way. Please also observe the respective privacy notices of the provider. The respective service provider is responsible for the content of external services whereby to the extent that this is reasonable we undertake a verification of the services for compliance with statutory requirements.
14 Data Security
We have undertaken extensive technical and operational safeguards in order to protect your data from accidental or intentional manipulations, loss, destruction or from access by unauthorised persons. Our security procedures are reviewed regularly and adjusted to take any technological advances into account.
Status: August 2022
Facebook Fan Page Privacy Policy
When you visit our Facebook Fan Page, we are joint controllers with Facebook for the processing of your personal data. Below we inform you about the associated data processing.
1. Contact details of the controllers and joint controllers pursuant to GDPR Article 26
THIMM Group GmbH + Co. KG,
Breslauer Str. 12,
37154 Northeim, Germany
Tel.: +49 5551 703 0
Email: infoline@thimm.de
and
Meta Platforms Ireland Limited
4 Grand Canal Square, Grand Canal Harbour,
D2 Dublin
Ireland
In the view of the European Court of Justice (CJEU), we are joint controllers, together with Facebook, for the processing of your personal data. The underlying decision of the CJEU can be found here.
Below we inform you of the legal requirements pursuant to GDPR Article 26 on the data processing for which we are joint controllers together with Facebook and how you can assert your rights under the GDPR. Facebook provides a Supplementary Agreement for this purpose, which we have concluded by operating the Fan Page.
2.Data processing on the Facebook Fan Page
Please note that you use this Facebook page and its functions under your own responsibility. This applies in particular to the use of interactive functions (e.g. comment, share, rate).
When you visit our Facebook page, Facebook collects your IP address and other information that is available in the form of cookies on your PC. This information is used to provide us, as the operator of the Facebook pages, with statistical information about the use of the Facebook page. For more information, please visit Facebook at the following link: http://de-de.facebook.com/help/pages/insights.
The data collected about you in this context will be processed by Meta Platforms Ireland Limited and may be transferred to countries outside the European Union. In its data use guidelines Facebook describes in general terms which information Facebook receives and how it is used. This is where you will also find information about contact options for Facebook and the settings options for advertising. The data use guidelines are available under the following link: https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0
You can view Facebook’s full data use policy here: https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0
Facebook does not conclusively and clearly state the manner in which Facebook uses the data from visits to Facebook pages for its own purposes, the extent to which activities on the Facebook page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Facebook page is transferred to third parties and this is not known to us. When accessing a Facebook page, the IP address assigned to your device is transmitted to Facebook. According to information from Facebook, this IP address is anonymised (for “German” IP addresses).
Facebook also stores information about the devices of its users (e.g. as part of the “registration notification” function); this means Facebook is able to assign IP addresses to individual users. If you are currently logged into Facebook as a user, there is a cookie with your Facebook ID on your device. This enables Facebook to understand that you have visited this page and how you have used it. This also applies to all other Facebook pages. Facebook buttons integrated into websites enable Facebook to record your visits to these websites and assign them to your Facebook profile. These data can then be used to offer content or advertising tailored to you. If you want to make it difficult for Facebook to track you, you should log out of Facebook or deactivate the “stay logged in” function, delete the cookies on your device, close your browser and restart it. This deletes the information that Facebook uses to directly identify you. This enables you to use our Facebook page without Facebook being able to identify you via your cookies.
When you access interactive functions on the page (like, comment, share, messages, etc.), a Facebook login screen appears. After logging in, you will be immediately identifiable to Facebook as a specific user.
Information on how to manage or delete existing information about you can be found on the following Facebook support pages: https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0
3. Retention period
In principle, we only store personal data until the respective purpose for which the data was collected has been achieved. As part of a business relationship with you, we store your personal data for as long as the business relationship continues, including the initiation and processing of a contract as well as the regular limitation period. We also store data if and to the extent that we are subject to statutory retention obligations. These may be pursuant to the German Commercial Code (Handelsgesetzbuch, HGB) or the German Tax Code (Abgabenordnung, AO)
If you have given us your consent for a processing operation, the data associated with the granting of consent will be stored until revocation or at the latest for the duration of the processing operation and after completion of the same within the scope of the limitation period.
4. Your rights
If the conditions specified in law are met, you are entitled to the following rights against Facebook and us:
- Information | Art. 15 GDPR
- Correction | Art. 16 GDPR
- Deletion | Art. 17 GDPR
- Blocking/Restriction of processing | Art. 18 GDPR
- Objection | Art. 21 GDPR
- Data portability | Art. 20 GDPR
- Right of complaint to the competent supervisory authority | Art. 77 GDPR
- Right of revocation with future effect if consent has been granted | Art. 7 Abs. 3 GDPR
To assert your rights, please contact Facebook or us at Datenschutz(at)thimm(dot)de.
5. Final provisions and further information
The current version of this data protection policy can be found under “Privacy” on our Facebook page. If you have any questions about our information offer, please contact us at Datenschutz(at)thimm(dot)de.
Further information on the secure use of social networks can be found on the website of the Federal Office for Information Security at https://www.bsi-fuer-buerger.de/BSIFB/DE/DigitaleGesellschaft/SozialeNetze/sozialeNetze_node.html.
Information about data protection on our Instagram page
We THIMM Group GmbH + Co. KG attach great importance to the protection of personal data. Below we inform you about the collection of personal data when you visit our Instagram page. If you still have any questions about how we handle your personal data, please contact our data protection officer.
1. General information
Social media have become an integral part of the internet and modern communications. In order to stay in contact with our customers and interested parties, we have also set up our own Instagram page. Instagram is an online photo and video sharing service from Meta Platforms, Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereafter: “Meta”) in Ireland is responsible for operating the network as well as for operating the social network Facebook.
We expressly draw attention to the fact that Meta stores data (e.g. IP address, preferences and personal interests (e.g. through hashtags and groups with which a user is connected), behaviour on Instagram pages, possibly also personal information stored on Instagram, etc.) of its users and uses it for business purposes.
We have no influence on the processing and further use of these data, as Meta alone determines the processing. We are unable to trace to what extent, where and for what duration the data are stored, to what extent the data are linked and analysed and to whom the data are transferred to. Nor do we have any insight into or influence on deletion periods, i.e. whether and to what extent deletion periods are complied with.
Meta specifies which information is collected in the Instagram Privacy Policy, which can be viewed HERE.
If you are an Instagram member and you are logged into your Instagram user account, Meta can assign your visit to our site with your user account. If you want to prevent Meta from linking data about your visit to our Instagram page with your member data stored on Instagram, you should
- log out of Instagram before each visit to our Instagram page
- delete any cookies on the device
- and close and restart your browser.
However, even after performing these steps, Meta may recognize you through so-called unique identifiers, such as device IDs and other identifiers, such as those of games, apps or accounts you use, or family device IDs (or other identifiers that are unique to products of the Meta company associated with the same device or account).
2. Scope of data collection and storage
You do not need to be a member of Instagram to view the content on our Instagram page. However, Meta collects, stores and uses data every time our Instagram page is visited.
When you visit our Instagram page, your browser connects to a Meta server. Therefore, data may be transferred to countries outside the European Union. In any case, regardless of whether you are registered with Instagram or not, your IP address is transmitted and cookies are set. If you are an Instagram member and you are logged into your Instagram account, Meta may assign your visit to our site with your user account.
According to information provided by Meta, cookies used by Instagram are used for authentication, security, website and product integrity, advertising and metrics, website functions and services, performance as well as analysis and research. For more information, please visit the Instagram Help section at https://help.instagram.com/
If you do not have an Instagram account, you can manage interest-based online ads via the settings in the European Interactive Digital Advertising Alliance and via your mobile device settings. You can object to the collection and storage of data through the use of the above Meta cookies at any time with future effect via the following opt-out link: http://www.youryourchoices.com/de/praferenzmanagement/.
You can also use the above link to manage your preferences with regard to usage-based online advertising. If you object to usage-based online advertising at a certain provider using the preference manager, this only applies to the specific transactional data collection via the web browser currently used. Preference management is cookie-based. Deleting all browser cookies also removes the preferences you have set with the preference manager.
You can also configure your browser before visiting our Instagram page so that no cookies are stored by Meta. Information on how to adjust the cookie settings in your browser can be found in the Help section of the browser you are using.
We have no influence on whether and which cookies Meta places on our Instagram page and how these data are processed.
Your data are processed by us if contact is made or there is interaction via our Instagram page on the basis of our legitimate interest pursuant to GDPR Article 6 (1), Sentence 1 (f). Our overriding legitimate interest consists in contacting and communicating with our interested parties, as well as responding to their specific concerns. If your message is aimed at concluding a contract or concerns issues relating to the performance of an existing contractual relationship, the legal basis for processing is also GDPR Article 6 (1), Sentence 1 (b).
In principle, we only store personal data until the respective purpose for which the data was collected has been achieved. As part of a business relationship with you, we store your personal data for as long as the business relationship continues, including the initiation and processing of a contract as well as the regular limitation period. We also store data if and to the extent that we are subject to statutory retention obligations. These may be pursuant to the German Commercial Code (Handelsgesetzbuch, HGB) or the German Tax Code (Abgabenordnung, AO).
If you have given us your consent for a processing operation, the data associated with the granting of consent will be stored until revocation or at the latest for the duration of the processing operation and after completion of the same within the scope of the limitation period.
There is no legal or contractual obligation to provide your personal data to us or to Facebook. Non-provision of data has no negative consequences.
3. Instagram Insights
We use the Instagram Insights function for statistical evaluation purposes. In this context, we receive anonymised data in the form of statistics which Meta collects on visitors to our Instagram page, including via cookies and pixels. This will not allow us to identify you personally.
The following information is provided to us via Instagram Insights from Meta:
- Followers: The number of people following us – this also includes development within a maximum period of 30 days.
- Demographic data: Average age of visitors, gender, place of residence, language.
- Activity data: Times at which most users from the community are active.
- Reach: Number of people who see the post shared by us. Number of interactions with our post. This gives us the opportunity to deduce which content is of more interest to the community than other content.
- Ad performance: The number of people who were reached with a post or a paid-for advertisement and interacted with it.
- Activities on our Instagram page: Number of clicks on our buttons (for route planning, to send emails to us, to our website)
- Accesses: Number of times our Instagram page was accessed
Meta provides more detailed information on the Insights functions in its Instagram privacy policy (https://instagram.com/about/legal/privacy).
The Instagram Help section contains a guide explaining which settings need to be set in order to decide in which form targeted advertising will be displayed. You can access this by clicking on the link help.instagram.com selecting the tab “Manage your account” and then “Instagram Ads”.
4. Disclosure and use of personal data
It cannot be ruled out that the data will be transferred to countries outside the European Union (including the USA) and processed there. Data protection law currently considers the USA to be an unsafe third country, as it does not have the high level of European data protection. It is possible that personal data may be subject to access by US authorities for control and monitoring purposes, against which neither effective judicial remedies nor rights of data subjects can be enforced.
Meta Platforms Ireland Limited
Meta Platforms, Inc.
If you interact as part of Instagram, Meta naturally also has access to your data. In particular, Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, may have access to your data. Meta is located here in an unsafe third country, in which the level of data protection is lower.
The information in Meta’s Instagram Privacy Policy specifies that it uses, amongst others, standard contractual clauses for data transfers from the EEA to the USA. On 31.08.2020 Meta also published online a “Facebook-EU Data Transfer Addendum” the aim of which is to incorporate the standard contractual clauses in those cases where Meta Platforms Ireland Limited processes data from the EU/EEA as a processor and Meta Platforms Inc. as a sub-processor.
5. Your Rights
Provided that the conditions specified in the law are met, you have the following rights:
- Information | Art. 15 GDPR
- Correction | Art. 16 GDPR
- Deletion | Art. 17 GDPR
- Blocking/Restriction of processing | Art. 18 GDPR
- Objection | Art. 21 GDPR
- Data portability | Art. 20 GDPR
- Right of complaint to the competent supervisory authority | Art. 77 GDPR
- Right of revocation with future effect if consent has been granted | Art. 7 Abs. 3 GDPR
To assert your rights, please contact Instagram or us at Datenschutz(at)thimm(dot)de.
6. Contact details of the Controllers
Controllers
If you transfer personal data to us via our Instagram page and we alone decide on the purposes and means of processing, we are
THIMM Group GmbH + Co. KG,
Breslauer Str. 12,
37154 Northeim, Germany
Tel.: +49 5551 703 0
Email: infoline@thimm.de
the sole controller for the data processing.
If personal data is processed in connection with our Instagram page and Meta alone decides on the purposes and means of processing,
Meta Platforms Ireland Ltd.
4 Grand Canal Square,
Grand Canal Harbour,
Dublin 2
Ireland
is the sole controller for data processing.
7. More information
Further information on the secure use of social networks can be found on the website of the Federal Office for Information Security at https://www.bsi-fuer-buerger.de/BSIFB/DE/DigitaleGesellschaft/SozialeNetze/sozialeNetze_node.html.
Information on data protection Perspective
Provision of the online offer
For the provision of our online offer we use an external service provider: Perspective Software GmbH, Mailbox 659770, D-96035 Bamberg (hereinafter "Perspective"). Perspective itself stores your data exclusively on European servers. However, there is a possibility that your data may be accessible to entities in the United States of America, as Perspective uses sub-processors located in the United States. As the European Union Commission has determined that the data protection laws of the United States do not ensure an adequate level of protection for personal data collected from data subjects in the European Union, Perspective provides additional measures and safeguards for data transfers to the United States in accordance with the requirements of the GDPR to ensure an adequate level of protection. For example, by entering into standard contractual clauses between Perspective and sub-processors.
I. Description and scope of data processing
Perspective processes your data for us in order to provide you with our online services. For this purpose, Perspective will automatically transmit your IP address to deliver the content and functionality of our Online Services to your browser or terminal device. The following data may be collected:
- information about the type of browser and version used.
- the operating system of your computer
- the Internet service provider you use
- the IP address of your terminal device
- the date and time you access the Funnel
- websites from which you came to our website ("referrer")
II. legal basis for data processing
Perspective stores the data mentioned under I. in so-called log files. This is done to ensure
- to ensure a smooth connection of the website,
- to ensure a comfortable use of our website
- the evaluation of system security and stability, and
- for other administrative purposes.
The temporary storage of the IP address by the system is also necessary to enable delivery of the website to your computer. For this purpose, the IP address of your computer must remain stored for the duration of the session.
These purposes are also our legitimate interest in data processing. The legal basis for data processing is therefore Art. 6 para. 1 sentence 1 lit. f DSGVO.
III. Duration of processing
The personal data processed by Perspective are deleted as soon as they are no longer necessary to achieve the purpose for which they were collected:
- In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
- In the case of storage of the IP address in log files, this is the case after 7 days at the latest.
IV. Data subject rights
You have the right to receive information free of charge at any time about the origin, recipient and purpose of your stored personal data. You also have the right to demand the correction, blocking or deletion of this data. You can contact us at any time at the address given in the imprint for this purpose and for further questions on the subject of data protection. Furthermore, you have the right to lodge a complaint with the competent supervisory authority in the event of violations of the GDPR. As the data processing is based on Art. 6 para. 1 sentence 1 lit. f DSGVO, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims (objection under Article 21(1) DSGVO). Since the collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of our website, there should mostly be no possibility for you to object.
You also have the right to request the restriction of the processing of your personal data under certain circumstances. The right to restriction of processing exists in the following cases:
- If you dispute the accuracy of your personal data stored by us, we usually need time to check this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
- If the processing of your personal data has happened / is happening unlawfully, you can request the restriction of data processing instead of erasure.
- If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request restriction of the processing of your personal data instead of erasure.
- If you have lodged an objection pursuant to Art. 21 (1) DSGVO, a balancing of your and our interests must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to demand the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data may - apart from being stored - only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
Contact and enquiry management
We use an external service provider for the provision of contact, enquiry or application forms: Perspective Software GmbH, Mailbox 659770, D-96035 Bamberg (hereinafter "Perspective"). Perspective itself stores your data exclusively on European servers. However, your data may be accessible to entities in the United States of America because Perspective uses sub-processors located in the United States. As the European Union Commission has determined that the data protection laws of the United States do not ensure an adequate level of protection for personal data collected from data subjects in the European Union, Perspective provides additional measures and safeguards for data transfers to the United States in accordance with the requirements of the GDPR to ensure an adequate level of protection. For example, by entering into standard contractual clauses between Perspective and sub-processors.
I. Description and scope of data processing
When using Perspective's contact, enquiry or application forms, the following data is transmitted to Perspective's servers:
- Date and time of access
- Websites from which you came to our website ("referrer")
- Context information (e.g. button clicks on the pages, selections made on the pages)
- Contents of all completed text fields (e.g. contact data, such as your name or address, or other personal data, depending on the question posed in the specific text field)
- Files uploaded by you
II. Purpose Legal basis of data processing
The purpose of this data processing is to ensure the communication you have entered into.
The processing of your data from contact or enquiry or application forms is therefore initially based on your consent. The legal basis is Art. 6 para. 1 p. 1 lit. a DSGVO. If a contract is initiated via an enquiry form, the legal basis is also Art. 6 para. 1 p. 1 lit. b DSGVO. The legal basis for the processing of data in an application form may be Art. 88 DSGVO in conjunction with 26 BDSG in addition to Art. 6 para. 1 p. 1 lit. f DSGVO.
III. Duration of processing
Your personal data will be kept for as long as it is necessary to fulfil the purpose of the processing or until you withdraw your consent. Exempt from this principle is data that Perspective must retain due to legal obligations. These include, for example, the retention obligations under commercial and tax law. These retention periods are - currently - up to ten years.
IV. Data subject rights
You have the right at any time to receive information free of charge about the origin, recipient and purpose of your stored personal data. You also have the right to demand the correction, blocking or deletion of this data. You can contact us at any time at the address given in the imprint for this purpose and for further questions on the subject of data protection. Furthermore, you have the right to lodge a complaint with the competent supervisory authority in the event of violations of the GDPR.
You can revoke your consent to data processing at any time by informally notifying us (e.g. by e-mail). The revocation does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
You also have the right to request the restriction of the processing of your personal data under certain circumstances. The right to restriction of processing exists in the following cases:
- If you dispute the accuracy of your personal data held by us, we usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
- If the processing of your personal data has happened / is happening unlawfully, you can request the restriction of data processing instead of erasure.
- If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request restriction of the processing of your personal data instead of erasure.
- If you have lodged an objection pursuant to Art. 21 (1) DSGVO, a balancing of your and our interests must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to demand the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data may - apart from being stored - only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.