Data Privacy Statement
Welcome to the EKD Systems website and thank you for your interest in our company and our products and services. We care about the protection of your personal data during its collection, processing, and use in the course of your visit to our website.
As the controller responsible for the processing of data, EKD Systems has implemented numerous technical and organisational measures to make the protection of personal data processed via this website as seamless as possible. However, the transmission of data via the internet has some inherent weaknesses so that absolute protection cannot be guaranteed. For this reason, data subjects have the right to use other means for transferring personal data to us, e.g. by phone.
a) Personal data
Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) Data subject
A data subject is any identified or identifiable person whose personal data has been processed by the controller.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separate and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
j) Third party
Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
The controller in the sense of the General Data Protection Regulation as well as other data protection laws and regulations pertaining to data protection applicable in the European Union is:
EKD Systems GmbH
Telefon: +49 211/24904-0
Fax: +49 211/241088
The data protection officer appointed by the controller is:
Dr. Oliver Meyer-van Raay
c/o V-Formation GmbH,
Any data subject may contact the data protection officer at any time for questions or suggestions about data protection.
Cookies enable EKD Systems to provide better service to the users of this website, which would not be possible without such cookies.
A data subject is able to set his or her web browser to block our website from setting cookies and thereby object to the placement of cookies permanently at any time. In addition, stored cookies can be deleted at any time using a web browser or other software. All commonly used web browsers offer this function. If the data subject deactivates the storage of cookies in their web browser, then this may result in not all of the functions of our website being fully usable.
The website of EKD Systems collects a certain amount of data or information with every visit of the website by a data subject or an automated system. This general data and information is stored in the server's log files. The types of data that can be collected are (1) browser types and versions, (2) the operating system used by the accessing system, (3) the website from where an accessing system goes to our website (called referrers), (4) the subpages that are accessed on our website by an accessing system, (5) the date and time of access to the website, (6) an Internet Protocol (IP) address, (7) the internet service provider of the accessing system, and (8) other similar data and information that is used for protection against attacks on our IT systems.
EKD Systems does not draw any conclusions about the data subject in the use of this general data and information. This information isinstead required to (1) deliver the contents of our website correctly, (2) optimise the contents of our website and the advertising for it, (3) ensure the long-term functionality of our IT systems and the technology of our website, and (4) provide law enforcement with the necessary information in the event of a cyber attack. This anonymously collected data and information is evaluated by EKD Systems, on one hand statistically, and on the other with the goal of improving data protection and data security at our company and to ensure an optimum level of protection for the personal data that are processed by us. The anonymous data of the server logfiles are saved separate from all personal data provided by the data subject.
The data subject has the option of registering on the controller's website. This registration process involves the collection of personal data. Which personal data are disclosed to the controller can be seen on the registration page. The personal data entered by the data subject are collected and stored exclusively for the purpose of internal processing at the controller. The controller may disclose data to one or several processors, such as shipping services, who will in turn use the personal data exclusively for internal processes that are related to the controller's purposes.
By registering on the controller's website, the IP address assigned by the data subject's internet service provider (ISP) as well as the date and time of the registration are stored. These data are stored because they are required for preventing the abuse of our services, as well as for the investigation of potential crimes, if applicable. As a result, the storage of this data is required for safeguarding the controller. This data will not be disclosed to third parties unless there is a legal obligation for such disclosure, or the disclosure is for purposes of crime prosecution.
The registration of the data subject, with its voluntary disclosure of personal data, enables the controller to offer contents or services to the data subject that by their nature can only be offered to registered users. Registered persons may change the personal data disclosed during their registration, or obtain its erasure from the controller's data stores, at any time.
The EKD Systems website has an option for subscribing to our company newsletter. Which personal data are transferred to the controller during the subscription to the newsletter can be seen in the subscription screen.
EKD Systems uses a newsletter to periodically send notifications about the company's offers and products to customers and business partners. Data subjects can receive our company newsletter only if they (1) have a valid e-mail address and (2) subscribe to the newsletter. For legal reasons, a confirmation message is sent to the e-mail address provided by the data subject during the initial newsletter subscription (double opt-in method). This confirmation message is used to verify whether the owner of the e-mail address, as the data subject, has authorized the subscription to the newsletter.
During the newsletter subscription, we also store the IP address assigned by the internet service provider (ISP) to the computer system used by the data subject at the time of subscription, as well as the date and time of subscription. The collection of this data is necessary for tracking a (potential) abuse of a data subject's e-mail address at a later date and therefore serves as a legal safeguard for the controller.
The personal data collected during a newsletter subscription is used only for sending our newsletter. Furthermore, subscribers to the newsletter could be sent e-mail notifications if this is required for the operation of the newsletter service and related registration processes as might be the case in the event of changes to the newsletter offer or the technical circumstances. Personal data collected during newsletter subscription will not be disclosed to third parties. The data subject may cancel the newsletter subscription at any time. The consent to the storage of personal data given by the data subject for the purposes of sending the newsletter may be withdrawn at any time. Every newsletter contains a link for withdrawing consent. Furthermore, users may unsubscribe from the newsletter directly on the controller's website or notify the controller in other ways.
EKD Systems newsletters contain tracking pixels. A tracking pixel is a miniature graphic that is embedded in e-mails sent in html format to enable log file recording and analysis. This enables a statistical evaluation of the success or failure of online marketing campaigns. The embedded tracking pixel allows EKD Systems to detect whether and when an e-mail was opened and which of the links in an e-mail were accessed by a data subject.
Personal data collected via tracking pixels are stored and evaluated by the controller for the purpose of optimising the sending of newsletters and to better adapt the contents of future newsletters to the interests of the data subjects. Such personal data are not disclosed to third parties. Data subjects may at any time withdraw their consent, which has been given separately using a double opt-in process. The controller deletes such personal data when consent is withdrawn. EKD Systems automatically interprets unsubscribing from the newsletter as a withdrawal of consent.
To comply with legal requirements, the website of EKD Systems contains information to enable contacting our company quickly as well as to enable direct communication with us. This includes a general electronic mail contact (e-mail address). If a data subject contacts the controller via e-mail or a contact form, the personal data submitted by the data subject is stored automatically. Such personal data, which is voluntarily transferred to the controller by the data subject, is stored for purposes of processing or contacting the data subject. Such personal data will not be disclosed to third parties. SSL encryption technology is used for transferring such data. The contact options are:
- Online form for file download
- Catalogue order
- Drum feedback
The controller processes and stores personal data of data subjects only for as long as required to achieve the purpose of storing the data, or as provided by the European issuer of directives and ordinances or other legislative bodies in laws and regulations to which the controller is subject.
Personal data are made unavailable or deleted in accordance with applicable laws and regulations when the purpose of storing the data no longer exists, or a storage period specified by the European issuer of directives and ordinances or another legislative body expires.
a) Right of confirmation
Every data subject has the right, defined by the European issuer of directives and ordinances, to request confirmation from the controller about whether the controller processes personal data related to the data subject. Data subjects who wish to make use of this right of confirmation may contact our data protection officer at any time.
b) Right of access
Every data subject shall have the right, defined by the European issuer of directives and ordinances, to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information, as well as a copy of such information. In addition, the European issuer of directives and ordinances has granted the data subject a right of information with regard to the following matters:
- The purposes of processing
- The categories of personal data concerned
- The recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations
- Where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period
- The existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing
- The right to lodge a complaint with a supervisory authority
- Where the personal data are not collected from the data subject: Any available information as to the source of the data
- The existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
The data subject also has a right to information about whether or not personal data have been transferred to a third country or an international organisation. If this is the case, then the data subject shall also have the right to be informed of the appropriate safeguards relating to the transfer.
Data subjects who wish to make use of this right of information may contact our data protection officer at any time.
c) Right to rectification
The data subject shall have the right, defined by the European issuer of directives and ordinances, to obtain from the controller the rectification of inaccurate personal data concerning him or her without undue delay. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Data subjects who wish to make use of this right of rectification may contact our data protection officer at any time.
d) Right to erasure (right to be forgotten)
The data subject shall have the right, defined by the European issuer of directives and ordinances, to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
- The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
- The data subject withdraws consent on which the processing is based pursuant to point (a) of Article 6(1), or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing.
- The data subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of the GDPR.
- The personal data have been unlawfully processed.
- The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
- The personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.
If one of the aforementioned reasons applies, and a data subject wishes to request the erasure of personal data stored by the HELUKABEL, he or she may, at any time, contact any employee of the controller (see Section 2). This person shall promptly ensure that the erasure request is complied with immediately.
Where HELUKABEL has made the personal data public and is obliged pursuant to Article 17(1) of the GDPR to erase the personal data, our company, in its role as the controller and taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data. The data protection officer of HELUKABEL or another employee will take the necessary steps in each case.
e) Right to restriction of processing
Any data subject shall have the right, defined by the European issuer of directives and ordinances, to obtain from the controller restriction of processing where one of the following applies:
- The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
- The processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead.
- The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims.
- The data subject has objected to processing pursuant to Art. 21(1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.
Where one of the above prerequisites applies and a data subject wishes to obtain the restriction of their personal data stored at HELUKABEL, the data subject may contact our data protection officer at any time. The data protection officer of HELUKABEL or another employee will initiate the restriction of processing.
f) Right to data portability
Any data subject shall have the right, defined by the European issuer of directives and ordinances, to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format. The data subject shall also have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) of the GDPR or on a contract pursuant to point (b) of Article 6(1) of the GDPR and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Furthermore, in its exercise of the the right to data portability pursuant to Art. 20(1) of the GDPR, the data subject shall have the right to obtain the direct transfer of their personal data from a controller to another controller, where this is technically feasible and where this does not adversely affect the rights and freedoms of others.
To exercise the right to data portability, a data subject may contact the data protection officer appointed by HELUKABEL at any time.
g) Right to object
The data subject shall have the right, defined by the European issuer of directives and ordinances, to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on those provisions.
Where an objection has been submitted, HELUKABEL will no longer process the personal data unless we are can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
Where HELUKABEL processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing. This includes profiling to the extent that it is related to such direct marketing. If a data subject objects to processing for direct marketing purposes, then HELUKABEL will no longer use the personal data for these purposes.
Where personal data are processed by HELUKABEL for scientific or historical research purposes or statistical purposes pursuant to Article 89(1) of the GDPR, the data subject, on grounds relating to his or her particular situation, shall have the right to object to processing of personal data concerning him or her, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
To exercise the right to object, a data subject may contact the data protection officer of HELUKABEL of another employee directly. In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, the data subject may exercise his or her right to object by automated means using technical specifications.
h) Automated individual decision-making, including profiling
The data subject shall have the right, defined by the European issuer of directives and ordinances, not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her, unless the decision (1) is necessary for entering into or the performance of a contract between the data subject and a data controller, or (2) is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, or (3) is based on the data subject's explicit consent.
If the decision is (1) necessary for performance of a contract between the data subject and a data controller or (2) is based on the data subject's explicit consent, then HELUKABEL shall implement suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.
If a data subject wishes to exercise rights related to automated decision-making, he or she may contact our data protection officer at any time.
i) Right to withdraw consent to processing
The data subject shall have the right, defined by the European issuer of directives and ordinances, to withdraw his or her consent to the processing of personal data at any time.
If a data subject wishes to exercise his or her right to withdraw consent, he or she may contact our data protection officer at any time.
The controller collects and processes personal data of applicants for the purposes of the application process. Processing may be electronic. This is the case in particular where an applicant transfers application documents to the controller electronically, e.g. via e-mail or a form provided on the website. If the controller enters into an employment contract with the applicant, the transferred data are stored for purposes of performing the employment relationship in consideration of applicable laws and regulations. If the controller and the applicant do not enter into an employment contract, then the application documents shall be erased automatically no later than two months following the applicant's notification, unless the controller has other legitimate interests not to erase the data. Other legitimate interests in the sense of the above may include documentation obligations under the German General Act on Equal Treatment (AGG).
We use advertising measures of the company Meta, formerly Facebook (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland).
Facebook plug-ins: With each call-up to one of the individual pages of this website, which is operated by us and on which a Facebook plug-in has been integrated, the Internet browser on the information technology system of the user (hereinafter also referred to as "data subject") is automatically prompted by the respective Facebook plug-in to display the respective Facebook plug-in of Meta Download. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=de_DE. During the course of this technical procedure, Meta gains knowledge of which specific sub-page of our website is visited by the data subject.
If the data subject is logged in at the same time on Facebook, Meta detects with each call-up to our website by the data subject and for the entire duration of their stay on our website, which specific sub-page of our website the data subject visits. This information is collected by the Facebook plug-in and assigned by Meta to the respective Facebook account of the data subject. If the data subject clicks on one of the Facebook buttons integrated on our website, such as the "Like" button, or if the data subject submits a comment, Meta assigns this information to the personal Facebook user account of the data subject and stores the personal data.
Meta receives information via the Facebook plug-in that the data subject has visited our website whenever the data subject is logged in to Facebook at the time of the call-up to our website; this takes place regardless of whether the data subject clicks on the Facebook plug-in or not. If such a transmission of information to Meta is not desirable for the data subject, he or she may prevent the transmission by logging off from their Facebook account before a call-up to our website is made.
Facebook Pixel: By integrating the so-called "Facebook Pixel" on our website, we can also display our advertising measures ("ads") to users of our website and the social network Facebook and to measure and evaluate their successes ("conversion tracking").
We also use the remarketing function "Custom Audiences", which also uses the Facebook Pixel and displays interest-based advertisements when you visit our website or other websites that have also integrated the Facebook Pixel. This allows us to show you advertising that is of interest to you in order to make our website more interesting for you and to market our offer.
Due to the marketing tools used, your browser establishes a direct connection to the Meta server when you visit our website – after giving your consent. We have no influence on the scope and further use of the data collected by Meta through the use of this tool and therefore present the processes known to us: By integrating the Facebook pixel, Meta receives the information that you have accessed the corresponding website of our website or have clicked on an advertisement from us. If you are registered with a Meta service, Meta can assign the visit to your account. Even if you are not registered with the Facebook platform or have not logged in, it is possible that the provider will find out your IP address and other identification features and use them to create your profile.
The legal basis for the processing of your data is Art. 6 para. 1 lit. a) GDPR, i.e. the integration takes place only after your consent has been given. The revocation of your consent is possible at any time, without affecting the admissibility of the processing until the revocation. The easiest way to revoke your consent is via our cookie banner. In addition, logged-in users can object directly to the provider or under the following link: www.facebook.com/settings/?tab=ads#_. You can also disable the corresponding option in the system settings of your browser. You can delete stored cookies at any time in the system settings of your browser. Your data will be stored as long as they are needed for the respective purpose, or you have not objected to the storage of your data or revoked your consent.
The information collected is stored on Meta servers, including in the USA as an unsafe third country. For these cases, the provider has imposed a standard that corresponds to the former EU-US Privacy Shield and has promised to comply with the data protection laws applicable to the international transfer of the data. We have also agreed so-called standard data protection clauses with Facebook, the purpose of which is to comply with an adequate level of data protection in third countries.
For more information on Meta's data processing, please visit: www.facebook.com/about/privacy.
The controller has integrated the component Google Analytics (with anonymisation function) on this website. Google Analytics is a web analytics service. Web analytics means the collection and evaluation of data about the behaviour of visitors to websites. Among other things, a web analytics service collects data about the website from which a data subject came to our website (known as “referrers”), which subpages of our website have been accessed, and how often and for how long a subpage was browsed. Web analysis is used mainly for optimising a website and for the cost-benefit analysis of internet advertising.
The Google Analytics component is operated by Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
The controller uses the extension “_gat._anonymizeIp” for the web analysis via Google Analytics. This extension truncates and anonymises the IP address of the data subject's internet connection if the access to our website is from a Member State of the European Union or another country that is party to the treaty for the European Economic Area.
The purpose of the Google Analytics component is to analyse the visitor flows on our website. Google uses the obtained data and information to evaluate the use of our website, to compile reports about the activities on our webpages, and to perform other services related to the use of our website.
Google Analytics places a cookie on the IT system of the data subject. What cookies are has been explained above. Placing a cookie enables Google to perform an analysis of the use of our website. With each access to an individual page of this website, which is operated by the controller and on which the Google Analytic component has been integrated, the Google Analytics component causes internet browser on the data subject's IT system to transfer data to Google for online analysis. As part of this technical process, Google obtains knowledge of personal data, such as the data subject's IP address, which Google uses, among other things, to track the origin of visitors and clicks and calculate commissions.
Cookies are use to store personal data, such as the time of access, the location from which the access has been made, and the frequency of visits to our website by the data subject. With each visit to our web pages, this personal data, including the IP address of the internet connection used by the data subject, is transferred to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass on these personal data, which were collected by the technical process, to third parties.
As explained above, a data subject is able to set his or her web browser to block the placement of cookies by our website and thereby object to the placement of cookies permanently at any time. Such a setting on the web browser would prevent Google from placing a cookie on the data subject's IT system. In addition, cookies set by Google Analytics can be deleted at any time using a web browser or other software.
The controller has integrated Google AdWords on this website. Google AdWords is a service for internet advertising that allows advertisers to place ads in the search results of Google and in the Google advertising network. Google AdWords enables advertisers to predefine certain keywords by which an ad is shown in the search results of Google only if the user accesses a search result that is relevant to the keyword. In the Google advertising network, ads are distributed using an automated algorithm and in consideration of the predefined keywords on websites relevant to the topic.
Google AdWords is operated by Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
The purpose of our use of Google AdWords is to advertise for our website by placing relevant ads on the websites of third-party companies and in Google search results, as well as to allow third-party companies to advertise on our website.
If a data subject comes to our website via a Google ad, then something referred to as a conversion cookie is placed on the data subject's IT system by Google. What cookies are has been explained above. A conversion cookie becomes invalid after thirty days and is not used for identifying the data subject. As long as the cookie hasn't expired, the conversion cookie is used to track whether certain subpages of our website, e.g. the shopping cart of our online shop system, have been accessed. The conversion cookie can be use by us as well as by Google to track whether a data subject who has come to our website via an AdWords ad has generated revenue, i.e. made or cancelled a purchase.
The data and information collected by conversion cookies are used by Google to generate visitor statistics for our website. The visitor statistics in turn are used by us to determine the total number of users sent to us via AdWords ads, as well as to determine the success or failure of the relevant AdWords ad and to optimise our AdWords ads in the future. Neither our company nor other advertising clients of Google AdWords receive information from Google with which the data subject could be identified.
By means of the conversion cookie, personal information is stored, e.g. about the website visited by the data subject. With each visit to our web pages, personal data, including the IP address of the internet connection used by the data subject, are transferred to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass on these personal data, which were collected by the technical process, to third parties.
As explained above, a data subject is able to set his or her web browser to block the placement of cookies by our website and thereby object to the placement of cookies permanently at any time. Such a setting on the web browser would prevent Google to place a conversion cookie on the data subject's IT system. In addition, cookies set by Google AdWords can be deleted at any time using a web browser or other software.
Furthermore the data subject has the option of objecting to interest-related advertising by Google. In order to do so, the data subject needs to access the link www.google.de/settings/ads and perform the desired settings there.
The controller has integrated components of the LinkedIn corporation on this website. LinkedIn is a web-based social network which enables its users to connect with existing business contacts and to make new business contacts. More than 400 million registered people in more than 200 countries use LinkedIn. This makes LinkedIn the largest platform for business contacts and one of the most visited websites in the world.
With each access to our website, which is equipped with a LinkedIn component (LinkedIn plugin), this component causes the data subject's browser to download a representation of the LinkedIn component. Additional information about LinkedIn plugins is available at https://developer.linkedin.com/plugins. As part of this technical process, LinkedIn learns which actual subpage of our website is visited by a data subject.
If the data subject is logged into LinkedIn at the same time, then LinkedIn detects which subpage of our website the data subject visits with each access to our website and over the entire duration of the visit or our website. This information is collected by the LinkedIn component and mapped by LinkedIn to the the data subject's LinkedIn account. If the data subject clicks on a LinkedIn button integrated on our website, then LinkedIn traces this information to the personal LinkedIn user account of the data subject and stores this personal data.
Via the LinkedIn component, LinkedIn is notified that the data subject has visited our website whenever the data subject is logged into LinkedIn while accessing our website. This happens independent of whether the data subject clicks on the LinkedIn component or not. If the data subject does not wish this information to be transferred to LinkedIn, then this can be prevented by logging out of their LinkedIn account before accessing our website.
We have embedded YouTube videos on our website, which are hosted by YouTube but can be played directly from our website. These videos are all embedded in "extended privacy mode," which means that according to YouTube, the playback of a video is not used for personalized advertising to the user. However, we have no influence over this.
To enhance the protection of your data when visiting our website, the videos are initially deactivated and embedded using a "2-click" solution on the page. This integration ensures that when you visit a page on our website that contains such videos, no connection is made to Google's servers. Only when you activate the videos does your browser establish a direct connection to Google's servers.
By activating the videos, YouTube receives information that you have accessed the corresponding subpage of our website. In addition, basic data such as IP address and timestamp are transmitted. This happens regardless of whether YouTube provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be directly associated with your account. YouTube stores your data as usage profiles and uses them for advertising, market research, and/or the personalized design of its website. Such evaluation is carried out, in particular (even for users who are not logged in), for the provision of personalized advertising and to inform other users of the social network about your activities on our website.
The legal basis for the display of videos is Art. 6(1)(a) of the GDPR, i.e., embedding is only done with your consent. If you do not want cookies to be stored on your device and your data to be processed by YouTube, you can refuse or revoke your consent.
If you do not wish for the collected data to be associated with your profile on YouTube, you must log out before activating the videos. You also have the right to object to the creation of user profiles by YouTube, and to exercise this right, you must contact YouTube or Google, for example, at https://about.google/contact-google/. Detailed instructions on managing your own data in connection with Google products can be found at https://support.google.com/accounts/answer/3024190.
We store your data for as long as we need it for the respective purpose, unless you have objected to the storage of your data or have revoked your consent.
The collected information is stored on Google's servers, including in the USA, which is currently an insecure third country. For such cases, the provider has imposed a standard that corresponds to the former EU-US Privacy Shield and has undertaken to comply with the applicable data protection laws for the international transfer of data. We have also agreed on standard data protection clauses with YouTube, which aim to ensure an adequate level of data protection in the third country.
Our website uses counting pixel technology provided by WiredMinds GmbH (www.wiredminds.de) to analyze visitor behavior. In connection with this, the IP address of the visitor is processed. The processing occurs only for the purpose of collecting company based information such as company name, for example. IP addresses of natural persons are excluded from any further processing by means of a whitelist. An IP address is not stored in LeadLab under any circumstances.
While processing data, it is our outmost interest to protect the rights of natural persons. Our interest in processing data is based on Article 6(1)(f) GDPR. At no time is it possible to draw conclusions from the collected data on an identifiable person. WiredMinds GmbH uses this information to create anonymized usage profiles of the visit behavior on our website. Data obtained during this process is not used to personally identify visitors of our website.
Exclude from tracking (To ensure WiredMinds LeadLab permanently excludes you from tracking, a functionally necessary cookie will be set)
On this website, we use the services of Google Maps. This allows us to display interactive maps directly on the website and enables you to use the map function conveniently.
By displaying the interactive map, Google receives information that you have accessed the corresponding subpage of our website. In addition, basic data such as IP address and timestamp are transmitted. This happens regardless of whether Google provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be directly associated with your account. Google stores your data as usage profiles and uses them for advertising, market research, and/or the personalized design of its website. Such evaluation is carried out, in particular (even for users who are not logged in), for the provision of personalized advertising and to inform other users of the social network about your activities on our website.
The legal basis for the display of the interactive map is Art. 6(1)(a) of the GDPR, i.e., integration is only done with your consent. If you do not want your data to be transmitted to Google, you can refuse or revoke your consent. Revoking your consent is possible at any time without affecting the lawfulness of processing until the revocation.
If you do not wish for the collected data to be associated with your profile on Google, you must log out before visiting the website. You also have the right to object to the creation of user profiles, and to exercise this right, you must contact Google, for example, at https://about.google/contact-google/. Detailed instructions on managing your own data in connection with Google products can be found at https://support.google.com/accounts/answer/3024190.
Your data will be stored as long as it is necessary for the respective purpose or until you have objected to the storage of your data.
The collected information is stored on Google's servers, including in the USA, which is an insecure third country. For such cases, the provider has imposed a standard that corresponds to the former EU-US Privacy Shield and has undertaken to comply with the applicable data protection laws for the international transfer of data. We have also agreed on standard data protection clauses with Google, which aim to ensure an adequate level of data protection in the third country.
For further information on the purpose and scope of data collection and its processing by Google, please refer to Google's privacy policies. You will also find further information on your rights and options for protecting your privacy at www.google.com/policies/privacy.
Processes requiring consent to a specific purpose of processing are legally based on Art. 6.1 a of the GDPR. If the processing is necessary for the performance of a contract to which the data subject is party, as may be required for processing of deliveries or the provision of other services or consideration, then the processing is based on Art. 6.1 (b) of the GDPR. The same applies for steps at the request of the data subject prior to entering into a contract, such as inquiries about or products or services. If our company is under a legal obligation that requires the processing of personal data, e.g. the fulfilment of its tax obligations, then the processing is based on Art. 6.1 (c) of the GDPR. In rare cases, the processing of personal data may become necessary to protect vital interests of the data subject or another natural person. This might be the case, for example, if a visitor were injured at our facilities, necessitating the disclosure of his or her name, age, health insurance information, or other vital information to a doctor, hospital, or other third party. In this case, the processing would be based on Art. 6.1 (d) of the GDPR. Finally, processing may be based on Art. 6.1 (f) of the GDPR. This is the legal basis for processes not covered by any of the above items, if the processing is required to safeguard legitimate interests of our company or a third party and if there are no overriding interests or basic rights and freedoms of the data subject. We are permitted such processing because it is explicitly mentioned by the European legislative. The legislative has stated in this regard that a legitimate interest should be assumed if the data subject is a customer of the controller (GDPR, “Whereas” no. (47), 2nd sentence).
If the processing of personal data is based on Art. 6.1 (f) of the GDPR, then our legitimate interest is the performance of our business activities for the benefit of our employees and our shareholders.
The legal storage period is the criterion for the duration of the storage of personal data. After the period expires, the relevant data are routinely deleted if they are no longer required for the performance or initiation of contracts.
We hereby inform you that a disclosure of personal data may be required by law (tax regulations) or in the context of a contract (e.g. information about a party to the contract). To enter into a contract, it may be required that a data subject provide us with personal data which in turn needs to be processed by us. For example, a data subject is required to provide us with personal data when our company enters into a contract with that data subject. Failure to provide such personal data would prevent the contract with the data subject to be entered. Before providing us with personal data, a data subject must contact our data protection officer. Our data protection officer informs the data subject on a per case bases whether the provision of personal data is required by law or required for the contract, whether there is an obligation to provide such personal data, and what the consequences of not providing such personal data would be.