Privacy policy
Thank you for visiting our website. In the following, we would like to inform you about the handling of your data in accordance with Art. 13 of the General Data Protection Regulation (DSGVO).
Responsible
The office named in the imprint is responsible for the data processing described below.
Usage data
When you visit our websites, so-called usage data is temporarily analysed on our web server for statistical purposes as a protocol in order to improve the quality of our websites. This data record consists of
- the page from which the data is requested,
- the name and address of the requested content,
- the date and time of the query,
- the amount of data transferred,
- the access status (content transferred, content not found),
- the description of the web browser and operating system used,
- the referral link, which indicates the page from which you came to ours,
- the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established.
The aforementioned log data is only evaluated anonymously.
Storage of the IP address for security purposes
In addition, we store the complete IP address transmitted by your web browser for a strictly limited period of seven days in the interest of being able to recognise, limit and eliminate attacks on our websites. After this period, we delete or anonymise the IP address.
The legal basis is Art. 6 para. 1 p. 1 lit. f DSGVO.
Data security
In order to protect your data from unwanted access as comprehensively as possible, we take technical and organisational measures. We use an encryption process on our websites. Your data is transferred from your computer to our server and vice versa via the internet using TLS encryption. You can usually recognise this by the fact that the lock symbol is closed in the status bar of your browser and the address line begins with https://.
Required cookies
We use cookies on our websites, which are necessary for the use of our websites.
Cookies are small text files that are stored on your terminal device and can be read. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session.
We do not use these necessary cookies for analysis, tracking or advertising purposes.
In part, these cookies only contain information on certain settings and are not personally identifiable. They may also be necessary to enable user guidance, security and implementation of the site.
We use these cookies on the basis of Art. 6 para. 1 p. 1 lit. f DSGVO.
You can set your browser to inform you about the placement of cookies. This makes the use of cookies transparent for you. You can also delete cookies at any time using the appropriate browser settings and prevent the setting of new cookies. Please note that our websites may then not be displayed and some functions may no longer be technically available.
Google Analytics
We use the web analysis tool "Google Analytics" to design our websites in line with requirements. Google Analytics creates user profiles on the basis of pseudonyms. For this purpose, permanent cookies are stored on your end device and read by us. In this way, we are able to recognise returning visitors and count them as such. Within the scope of Google Analytics, we also use the technical extension "Google Signals", which enables cross-device tracking. This makes it possible to associate your website visit with different end devices, provided that you have logged into your Google accounts across devices when visiting the website and at the same time have activated the "personalised advertising" option in your Google account settings. However, no personal data or user profiles are transmitted to us by Google. We only process your data anonymously.
UserID: This website also uses the Analytics functions UserID to track interaction data. This User ID is additionally anonymized and encrypted and will not be associated with any other data.
Google Signals: As part of Google Analytics, we also use the technical extension "Google Signals", which enables cross-device tracking. This makes it possible to associate your website visit with different end devices, provided that you have logged into your Google accounts across devices when visiting the website and at the same time have activated the "personalized advertising" option in your Google account settings. However, no personal data or user profiles are transmitted to us by Google. We only process your data anonymously.
This website also uses Google Analytics reports on performance by demographic characteristics and interests, as well as reports on impressions on the Google Display Network. You can disable Google Analytics for display advertising and customize ads on the Google Display Network by accessing the ad settings at this link: https://www.google.de/settings/ads.
You can disable Google Analytics for display advertising and customize ads on the Google Display Network by accessing the ad settings at this link: https://www.google.de/settings/ads.
Within the scope of Google Analytics, we are supported by Google Ireland Limited and Google LLC. (USA) as processors according to Art. 28 DSGVO. The data processing may therefore also take place outside the EU or the EEA. With regard to Google LLC, an adequate level of data protection cannot be assumed due to processing in the USA. There is a risk that authorities may access the data for security and monitoring purposes without you being informed or being able to seek redress. Please bear this in mind if you decide to give your consent to our use of Google Analytics.
Data processing is based on your consent pursuant to Art. 6 para. 1 sentence 1 lit. a DSGVO or § 15 para. 3 sentence 1 TMG, if you have given your consent via our banner. The transfer to a third country is based on Art. 49 para. 1 lit. a DSGVO.
You can revoke your consent at any time. Please follow this link and make the appropriate settings via our banner.
To protect our web forms from automated requests, we use a so-called captcha from a third-party provider. Within the scope of the captcha function, you may be asked to solve tasks or click on checkboxes. The user entries made in this context and possibly also the mouse movements are used to assess whether the entries originate from a human or an automated programme.
The data processing is based on your consent pursuant to Art. 6 para. 1 p. 1 lit. a DSGVO or § 15 para. 3 p. 1 TMG, provided that you have previously given your consent via our banner solution.
Please note that the use of captchas may result in your data being processed outside the EU/EEA. In some countries, there is a risk that authorities may access your data for security and monitoring purposes without informing you or allowing you to seek redress. If we use providers in unsafe third countries and you consent, the transfer to an unsafe third country takes place on the basis of Article 49(1)(a) of the GDPR.
| Provider | Maximum storage time | Adequate level of data protection | Possibility to object |
|---|---|---|---|
| Google LLC (USA) | No adequate level of data protection. The transfer is made on the basis of Art. 49 (1) lit. a DSGVO. | If you would like to withdraw your consent, please click here and make the appropriate setting via our banner. However, you will then no longer be able to use our web forms. |
Hotjar
We use Hotjar to better understand the needs of our users and to optimise the offering and experience on this website. Hotjar's technology gives us a better understanding of our users' experiences (e.g. how much time users spend on which pages, which links they click on, what they like and dislike, etc.) and helps us to tailor our offering to our users' feedback. Hotjar uses cookies and other technologies to collect data about the behaviour of our users and their devices, in particular the IP address of the device (only collected and stored anonymously during your use of the website), screen size, device type (unique device identifiers), information about the browser used, location (country only), preferred language for viewing our website. Hotjar stores this information on our behalf in a pseudonymised user profile. Hotjar is contractually prohibited from selling the data collected on our behalf. For more information, please see the 'about Hotjar' section of Hotjar's help page: https://help.hotjar.com/hc/en-us/categories/115001323967-About-Hotjar.
Data processing is based on your consent pursuant to Art. 6 para. 1 sentence 1 lit. a DSGVO or § 15 para. 3 sentence 1 TMG, if you have given your consent via our banner. The transfer to a third country is based on Art. 49 para. 1 lit. a DSGVO.
You can revoke your consent at any time. Please follow this link and make the appropriate settings via our banner.
| Provider | Maximum storage time | Adequate level of data protection | Possibility to object |
|---|---|---|---|
| Hotjar Ltd, Malta | 12 months | Processing within EU/EEA | If you would like to withdraw your consent, please click here and make the appropriate setting via our banner. However, you will then no longer be able to use our web forms. |
Contact form
You have the option of contacting us via our contact form. To use our contact form, we first need the data marked as mandatory fields from you. We use this data on the basis of Art. 6 para. 1 p. 1 lit. f DSGVO to answer your enquiry. In addition, you can decide for yourself whether you would like to provide us with further information. This information is provided voluntarily and is not mandatory for contacting you. We process your voluntary information on the basis of your consent in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO. Your data will only be processed to respond to your request. We delete your data if it is no longer required and there are no legal retention obligations to the contrary. Insofar as your data transmitted via the contact form is processed on the basis of Art. 6 para. 1 p. 1 lit. f DSGVO, you can object to the processing at any time. In addition, you can revoke your consent to the processing of voluntary data at any time. To do so, please contact the e-mail address stated in the imprint.
Captcha
To protect our web forms from automated requests, we use a so-called captcha from a third-party provider. Within the scope of the captcha function, you may be asked to solve tasks or click on checkboxes. The user entries made in this context and possibly also the mouse movements are used to assess whether the entries originate from a human or an automated programme. The data processing is based on your consent pursuant to Art. 6 para. 1 p. 1 lit. a DSGVO or § 15 para. 3 p. 1 TMG, provided you have previously given your consent via our banner solution. Please note that the use of captchas may result in your data being processed outside the EU or EEA. In some countries, there is a risk that authorities may access the data for security and monitoring purposes without informing you or allowing you to seek redress. If we use providers in insecure third countries and you consent, the transfer to an insecure third country will be based on Article 49(1)(a) of the GDPR.
Direct mail
If we receive your e-mail address in connection with the sale of a product or service, we will use the address for direct advertising for our own similar goods or services, unless you have objected to the processing. When collecting the address and for each use, we clearly indicate that you can object to the use at any time without incurring any costs other than the transmission costs according to the basic rates. The data is used on the basis of Art. 6 Para. 1 S. 1 lit. f DSGVO and in the interest of promoting the sale of our goods or services. You have an uncomplicated option to object, e.g. via the unsubscribe link in every email.
Visitor measurement
We use web analytics tools to tailor our websites to your needs. This creates user profiles on the basis of pseudonyms. For this purpose, permanent cookies are stored on your end device and read by us. In addition, it is possible that we retrieve recognition features for your browser or end device (e.g. a so-called browser fingerprint or your unabbreviated IP address). In this way, we are able to recognise returning visitors and count them as such.
In addition, we use the following functions as part of visitor measurement:
- We enrich the pseudonymous data with further data provided to us by third-party providers. In this way, we are able to record demographic characteristics of our visitors, e.g. statements on age, gender and place of residence.
- We use a recognition method that allows us to record and subsequently evaluate the mouse pointer movement of our visitors.
The data processing is based on your consent pursuant to Art. 6 para. 1 p. 1 lit. a DSGVO or § 15 para. 3 p. 1 TMG, provided you have given your consent via our banners..
Which third-party providers do we use in this context?
Below we list the third party providers with whom we work in connection with visitor measurement. If the data is processed outside the EU or EEA in this context, please note that there is a risk that authorities may access the data for security and monitoring purposes without you being informed or having the right to appeal. If we use providers in unsafe third countries and you consent, the transfer to a third country will be based on Article 49(1)(a) of the GDPR..
| Provider | Maximum storage time | Adequate level of data protection | Possibility to object |
|---|---|---|---|
| Facebook (USA and/or Ireland)) | 12 months | No adequate level of data protection. The transfer is made on the basis of Art. 49 (1) lit. a DSGVO. | If you would like to withdraw your consent, please click here and make the appropriate setting via our banner. However, you will then no longer be able to use our web forms. |
| Google LLC (USA) | 12 months | No adequate level of data protection. The transfer is made on the basis of Art. 49 (1) lit. a DSGVO. | If you would like to withdraw your consent, please click here and make the appropriate setting via our banner. However, you will then no longer be able to use our web forms. |
Processing of your data when placing an order
If you decide to order products, we process your data for the fulfilment and execution of the contract and, if necessary, its reversal in the context of the termination of the contract. In addition, we use your data to inform you about the status of the order. You can deactivate these notifications at any time via the account settings.
We store your data as long as it is necessary for the fulfilment of the purpose.
The legal basis of the data processing for the fulfilment of the contract is Art. 6 para. 1 p. 1 lit. b DSGVO and for the fulfilment of legal information and storage obligations Art. 6 para. 1 lit. c DSGVO.
If you are appointed as a contact person for a company or organisation, we process your data on the basis of Art. 6 (1) sentence 1 lit. f DSGVO. As a contact person, you can object to this processing at any time with effect for the future pursuant to Art. 21 DSGVO.
| Provider | Maximum | Adequate level of data protection | Possibility to object |
|---|---|---|---|
| Google LLC (USA) | 12 months | No adequate level of data protection. The transfer is made on the basis of Art. 49 (1) lit. a DSGVO. | If you would like to withdraw your consent, please click here and make the appropriate setting via our banner. However, you will then no longer be able to use our web forms. |
Processing of your data when applying
We process your personal data within the scope of applicant management in accordance with the applicable data protection regulations on the basis of Section 26 BDSG. We process the data that you disclose to us as part of your online application solely for the purpose of selecting applicants. We do not process data for any other purpose. You yourself determine the scope of the data you wish to transmit to us as part of your online application. Online applications are transmitted electronically to our HR department and passed on to a service provider used for this purpose as an order processor (Bridgemaker GmbH) in accordance with Art. 28 DSGVO, which checks and processes the data for the intended purpose and in accordance with our instructions. The transmission is encrypted. Your data will not be passed on beyond this. Your data will be treated confidentially in our company. If your application is unsuccessful, your documents will be deleted after 3-6 months. In the event that we may also consider your application for other or future job advertisements, please make a note of this on the application. We will then process your data on the basis of your consent in accordance with Art. 6 Para. 1 S. 1 lit. a) DSGVO for 12 months.
Storage period
Unless we have already informed you in detail about the storage period, we delete personal data when they are no longer required for the aforementioned processing purposes and no statutory retention obligations prevent deletion.
Your rights as a data subject
When processing your personal data, the GDPR grants you certain rights as a data subject:
Right of access (Art. 15 GDPR)
You have the right to request confirmation as to whether personal data concerning you is being processed; if this is the case, you have the right to be informed about this personal data and to receive the information listed in detail in Article 15 of the GDPR.
Right of rectification (Art. 16 DSGVO)
You have the right to request the immediate correction of any inaccurate personal data concerning you and, if necessary, the completion of any incomplete data.
Right to erasure (Art. 17 DSGVO)
You have the right to request that personal data concerning you be deleted without delay if one of the reasons listed in detail in Article 17 of the GDPR applies.
Right to restriction of processing (Art. 18 DSGVO)
You have the right to request the restriction of processing if one of the conditions listed in Article 18 of the GDPR applies, e.g. if you have objected to the processing, for the duration of the review by the controller.
Right to data portability (Art. 20 DSGVO)
In certain cases, which are listed in detail in Article 20 of the GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to request the transfer of this data to a third party.
Right of withdrawal (Art. 7 DSGVO)
If the processing of data is based on your consent, you are entitled to revoke your consent to the use of your personal data at any time in accordance with Art. 7 (3) DSGVO. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected.
Right of objection (Art. 21 DSGVO)
If data is collected on the basis of Art. 6 (1) sentence 1 lit. f DSGVO (data processing for the protection of legitimate interests) or on the basis of Art. 6 (1) sentence 1 lit. e DSGVO (data processing for the protection of public interests or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
Right of appeal to a supervisory authority (Art. 77 DSGVO)
Pursuant to Article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of data concerning you violates data protection provisions. The right of complaint can be asserted in particular before a supervisory authority in the member state of your usual place of residence, your place of work or the place of the alleged infringement.
Assertion of your rights
Unless otherwise described above, please contact the office mentioned in the imprint to assert your data protection rights.
Contact details of the data protection officer
Our external data protection officer will be happy to provide you with information on the subject of data protection under the following contact details:
datenschutz nord GmbH
Sechslingspforte 2
22087 Hamburg
Web: www.datenschutz-nord-gruppe.de
E-mail: office@datenschutz-nord.de