Data Privacy Statement Website & Social Media
Protecting your personal data during its collection, processing, and use while you visit our website is an important matter to us. We handle your personal data confidentially and according to the legal data protection regulations as well as according to this data privacy statement.
The responsible party in the sense of the General Data Protection Regulation (VO (EU) 2016/679) is Crespel & Deiters GmbH & Co. KG, Groner Allee 76, 49479 Ibbenbüren, Germany, Phone: +49 5451 5000-0, Fax: +49 5451 5000-300, Electronic mail: firstname.lastname@example.org represented by its Managing Director Gustav Deiters.
Data privacy supervisor:
Mr Sascha Hesse, Attorney at Law, Hanauer Landstraße 151-153, 60314 Frankfurt am Main, Germany, Phone: +49 69 90437965, Fax: +49 69 90437974, Electronic mail: email@example.com
Visiting our Website/Homepage
You may visit our homepage without registering yourself or providing personal details.
With every access of a user on our website and with each access of a file, data concerning these events are automatically collected and stored in a log file. In detail, the following data are stored about each access:
- IP address of the requesting device
- Name of the accessed file.
- Date and time of the access.
- Amount of data transferred.
- Notification of whether the access was successful.
- Description of the type of web browser used.
- Requested domain.
The storage exclusively supports internal system-related and statistical purposes. We use this information to continuously improve and update our website in order to increase its attractiveness (safeguarding legitimate interests). In addition, we use the data to identify and defend against attempted attacks and to clarify the suspicion of use relevant to criminal law. The basis of law for this is Article 6 Section 1 Letter f of the DSGVO (Datenschutzgrundverordnung, English: General Data Protection Regulation [GDPR]) (safeguarding legitimate interests).
The recorded data will not be pooled together with other data sources, in particular data which permits an association with a particular person.
We use the ‘WP Statistics’ WordPress analysis plugin on our website (https://wp-statistics.com). The analysis tool uses anonymised data to generate statistics concerning the general use of our website. The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest is the optimisation and economic operation of our website. No user profiles are creates, and no cookies are used or needed. Further information can be found in the WP Statistics data privacy declarations: https://wp-statistics.com/privacy-and-policyhttps://wp-statistics.com/privacy-and-policy
Most of the cookies we use are so-called “session cookies.” These cookies are automatically deleted at the end of your visit. Other cookies remain saved on your terminal device until you delete them. These cookies enable us to recognize your browser the next time you visit our website.
If you do not wish that we recognize information about your computer, please configure your browser so that it deletes cookies from your computer’s hard drive, blocks all cookies, or warns you before a cookie is saved. However, in those cases, not all functions of this website may be available to you.
If you leave our website through a link or through clicking possible banner advertising, and reach the site of a third party, it can happen that the addressee of the clicked-on target site sets cookies. We are not legally responsible for these cookies. Please refer to the data privacy policies of those third parties concerning the use of such cookies and the information recorded in them through our advertising partners.
Our websites use the reCAPTCHA function of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (‘Google’). This function is used primarily to distinguish whether an entry is made by a natural person or abusively by machine and automated processing. The service includes sending the IP address and any other data required by Google for the reCAPTCHA service to Google, and is pursuant to Art. 6(1)(f) GDPR, on the basis of our legitimate interest in establishing individual responsibility on the internet and preventing abuse and spam. As part of using Google reCAPTCHA, personal data may also be transmitted to the Google LLC. servers in the USA. In the case of the transmission of personal data to Google LLC. based in the USA, Google LLC. is certified under the US-European ‘Privacy Shield’ data protection agreement ” which guarantees compliance with the data protection level applicable in the EU. You can see the most recent certificate here: https://www.privacyshield.gov/list. You can see further information concerning Google reCAPTCHA and the Google data privacy declaration here: https://www.google.com/intl/de/policies/privacy/
We use Google Fonts to visually improve the presentation of various information on this website. This is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. In order to enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is accessed. The legal basis is Art. 6 para. 1 letter f of the General Data Protection Regulation (GDPR). Our legitimate interest lies in the optimisation and economic operation of our Internet presence.
Through the established connection to their server, Google are able to determine from which website your request has been sent and to which IP address the representation of the font is to be transmitted.
The opt-out can be set under: https://adssettings.google.com/authenticated
Our website uses an embedded Vimeo Player for the display and playback of videos. The operator of the video platform Vimeo is Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA. When you view a page on our website containing an embedded Vimeo Player, a connection to the servers of Vimeo is established. In the process, your IP address along with the URL of the retrieved video is transmitted to the server. If you have a Vimeo account and are logged into Vimeo, Vimeo can assign this information to you and process it in your personal profile.
If you do not wish Vimeo to collect data about you and link it to your personal profile, you must log out of Vimeo before visiting our website. Further information about the collection and use of your data by Vimeo can be found in Vimeo’s data protection statement at https://vimeo.com/privacy (English language).
Our website uses an embedded YouTube Player for the display and playback of videos. The operator of the video platform YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, represented by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. When you view a page on our website containing an embedded YouTube Player, a connection to the servers of YouTube/Google is established. In the process, your IP address along with the URL of the retrieved video is transmitted to the server. If you are logged into Google, YouTube/Google can assign this information to you and process it in your personal profile.
If you do not wish Google to collect data about you and link it to your personal profile, you must log out of Google before visiting our website. Further information about the collection and use of your data by YouTube can be found in YouTube’s data protection statement at https://policies.google.com/privacy?hl=en
Social Media Plugins
We have linked social media logos of LinkedIn, XING, and YouTube (hereinafter “Providers”) on our website, which are intended to forward to our profiles stored with the Providers and enable you to follow us there.
- Facebook is a service of Facebook Inc., 1601 Willow Road, Menlo Park, CA 94025 USA.
- Instagram is a service of Facebook Inc., 1601 Willow Road, Menlo Park, CA 94025 USA.
- LinkedIn is a service of Linkedln Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.
- XING is a service of XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany.
- YouTube is a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA.
For reasons of data protection, we have only implemented a link to our respective profiles at these Providers. This means that no data about you will be sent to the Providers if you do not click on the respective social media logo. However, as soon as you click on the link set by us to our respective profile, you will be redirected to the website of the Provider, which leads to the data being transferred to the respective Provider. We have no influence on this data transfer, which is possibly the transfer of personal data, and no influence on the data collection from and to the Providers. Likewise, we have no knowledge of the individual purposes of these data processing operations or their scope and storage duration. Whether the Providers make deletions, generate or assign profiles, or set anonymizations is also not known to us and is also not within our sphere of influence.
Shariff ABC for the sub-function of the blog about social plugins (social media, e-mail)
We do not collect any personal data ourselves via the social plugins or through their use. We use the Shariff plugin to prevent data from being transmitted to the service providers of social media channels without the user’s knowledge. This plugin ensures that, in a first step, no personal data is passed on to the providers of the individual social plugins when visiting our website. Data can only be transferred to the service provider and stored there only once you click on one of the social plugins. With the Shariff solution, to the extent that this is possible, we take the data privacy interests of our visitors into account, based on currently applicable state-of-the.art technology.
You can find more information on the Shariff solution on the provider’s pages, Heise Medien GmbH & Co. KG: http://m.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html
We maintain fan pages within various social networks and platforms with the purpose of communicating with customers, interested parties and users who are active there, and informing them about our services. For the operation of fan pages on social media platforms, a relationship in accordance with Section 26 Par. 1 GDPR (so-called joint responsibility) exists in part.
We would like to point out that your personal data may be processed outside the European Union, so that risks may arise for you (e.g. in the enforcement of your rights under European / German law). Please note that some US vendors are certified under the Privacy Shield and are committed to compliance with EU privacy standards.
User data is usually processed for market research and advertising purposes. For example, user profiles can be created on the basis of user behaviour and the resulting interests of users. In turn, these usage profiles can be used, for example, to place advertisements inside and outside the platforms that are presumed to correspond to the interests of users. For these purposes, cookies are usually stored on the user’s computer, in which the user’s usage behaviour and interests are stored. Furthermore, data can be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged on there).
The processing of users’ personal data is performed on the basis of our legitimate interests in providing effective information for users and communicating with users, pursuant to Section 6 Par. 1 lit. f. GDPR. If the users are asked for their consent to data processing by the respective providers (i.e. to declare their consent, e.g. by ticking a check box or confirming via a button), the legal basis for processing shall be Section 6 Par. 1 lit. a., Section 7 GDPR.
More information on the processing of your personal data as well as on your possibilities to object to this can be found under the links of the respective provider listed below. The assertion of the right to information and other rights of the persons affected can also be effected against the providers, since only they have direct access to the data of the users and possess the corresponding information. Needless to say, we are at your disposal if you have any questions and are happy to support you if you need help. Provider:
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Data Privacy Declaration: https://www.facebook.com/notes/crespel-deiters/datenschutzerkl%C3%A4rung/3742911075783852/
Opt-Out: https://www.facebook.com/settings?tab=ads und http://www.youronlinechoices.com
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.
Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA
Data Privacy Declaration/ Opt-Out: http://instagram.com/about/legal/privacy/.
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)
Data Privacy Declaration: https://policies.google.com/privacy
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland
Data Privacy Declaration https://www.linkedin.com/legal/privacy-policy
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.
XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany
Data Privacy Declaration/ Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung.
Auxiliary Programs, Active Content
Use of Personal Data You Make Available to Us
Personal data such as your name, your address, telephone number, or electronic mail address are not collected unless you provide this data voluntarily.
We call your attention to the fact that transferring data in the Internet (for example, during communication by electronic mail) is subject to security breaches. It is not possible to completely protect such data against access by third parties.
Inquiries and Contracts
Insofar as you have made personal data available to us, we use these solely for the purpose of technically administering the website and fulfilling your wishes and requests, in particular for processing a contract made with you, or for answering your inquiry.
If you have made inquiries through our contact form, the information from the contact form, including the contact data you have entered into the form, will be saved by us to process your inquiry and in the event of follow-up questions. The basis of law for this is Article 6 Section 1 Letter b of the General Data Protection Regulation (pre-contractual measures and performance of the contract).
Forwarding, selling, or otherwise transferring your personal data to companies outside the Crespel & Deiters Group does not occur; excepting that:
- This is necessary to conclude the contract. Thus it can be necessary, for example, that for product orders, your address and order data are forwarded to our suppliers.
- You have previously consented to it.
The basis of law for this is Article 6 Section 1 Letter b of the General Data Protection Regulation (performance of the contract) and Article 6 Section 1 Letter a of the General Data Protection Regulation (consent).
Other Advertising and Customer Relations Management
Without your permission, we use personal data only within the legally permitted scope; that means, for customer relations management and sending advertisements by mail. We do not use your electronic mail address, fax number, or telephone number for advertisements without your express consent. The basis of law for this is Article 6 Section 1 Letter f of the General Data Protection Regulation (protection of legitimate interests).
You can object to the use of your data for the purpose of direct marketing at any time and then will not receive further advertisements from us.
Duration of Storage
We delete your data if they are no longer needed after processing an inquiry or termination of the contract. Excluded from this are data which we are not yet allowed to delete due to legal obligation (e.g., documents which are to be retained according to tax law and commercial law) and data which we need to represent legitimate interests; in particular, for asserting claims or for direct marketing.
You have the following rights if the respective legal requirements are met:
- You have the right to receive information about the personal data saved about you. (Article 15 GDPR).
- You have the right to request the correction of incorrect information (Article 16 GDPR).
- You have the right to request the deletion (Article 17) or restriction of processing (Article 18 GDPR) of data which is no longer required. Insofar as statutory retention obligations exist; e.g., for business correspondence under commercial law and tax law or another statutory exception, data will not be deleted, but only their processing will be restricted.
- You may at any time object to the processing of your data for direct marketing purposes and, for special reasons, also to the further processing of your data (Article 21 GDPR).
- You have the right to data transferability (Article 20 GDPR); that is, the right to request the data you have provided us in a structured, current, and machine-readable format and to transmit this data to another person responsible without our interference; if necessary, you also have the right to request that we transmit the data directly to another person responsible if this is technically feasible.
Right of objection: In accordance with Article 21 Section 2 GDPR, you may object to the processing of your data for direct marketing purposes at any time. The processing of your data will then be restricted to other purposes for which it is necessary, and will no longer be processed for direct marketing. Furthermore, you can also object to the additional processing of your data if there is a special reason.
To assert your rights, please contact the responsible party named above.
If you believe that the processing of your data violates data protection law, you can complain to a supervisory authority (Article 77 GDPR).