Data Protection
Under the following links you can adjust your cookie settings:
Change Settings
Reset
1. About us
We, KÖGL GmbH, are responsible for the collection, processing and storage of your data. You can find details about us in our imprint at any time.
The careful handling of your personal data is our highest priority. During processing, we comply with the statutory provisions, e.g. the General Data Protection Regulation (GDPR) and the associated national provisions.
This privacy policy applies to all our company’s websites that can be accessed under our domain (www.koegl.de) as well as our social media sites such as Facebook, Instagram and LinkedIn. If you switch to other operators’ websites within the scope of our offer, their own data protection regulations will apply in each case, and these websites’ respective operators are responsible for their websites’ content.
Since we would like to give you a comprehensive overview of the processing of personal data in our group of companies, you will find below an overview of all our services in the context of which we collect and process personal data.
If separate or additional conditions apply to individual services or if we request your consent, we will indicate this to you separately before you use the respective service.
We also take various security measures to protect your personal data. For example, transmission between your web browser and our servers is always transport-encrypted and we maintain a variety of technical and organizational measures to always protect your data.
2. Why we process your data
In principle, you can visit our website without disclosing your identity. Should you wish to contact us, for example, we will ask you for your name and other personal information. It is up to you whether you enter this (extended) data. Data that we absolutely need from you to provide our services are marked as such.
Your personal data is collected and processed for the following purposes on the basis of the following lega bases:
- Contract initiation in accordance with Article 6(1)(a) and (b) GDPR;
- Contract execution in accordance with Article 6(1)(b) GDPR;
- Customer management in accordance with Article 6(1)(b) and (f) GDPR;
- Communication and data exchange in accordance with Article 6(1)(a)(b)(c) and (f) GDPR;
- External representation and advertising in accordance with Article 6(1)(a) and (f) GDPR
- Implementation of declarations of consent in accordance with Article 6(1)(a) GDPR;
- To ensure proper operation of a data processing system according to Article 6(1)(c) and (f) GDPR;
- Applicant selection procedures in the context of personnel and resource management based on Article 6(1)(a) and (b) GDPR in conjunction with Section 26 of the German Federal Data Protection Act.
3. What information we collect from you and process
We collect different categories of personal data from you. Personal data is all information relating to an identified or identifiable natural person, and an identifiable natural person is someone who can be identified directly or indirectly, in particular by assignment to an identifier such as a name. Personal data includes, for example, information such as your name, your address, your telephone number and your date of birth (if stated). Statistical information that cannot be directly or indirectly associated with you - such as the popularity of individual websites of our offer or the number of a page’s users - is not personal data. Data is collected directly and indirectly. In both cases, data will only be collected to the extent necessary; the data will only be processed for the purposes stated under point 2. It is your decision whether you want to transmit data to us that optimizes the use of our services for you, but is not necessary for this purpose. Corresponding data fields are marked “voluntary”.
The personal data we collect directly from you include:
- Mail address, name, company and telephone number to contact us via our contact form
- Salutation and name, e.g. to personalize your user account or for ordering in our online shop
- E-mail address and, if applicable, a password chosen by you, e.g. for the purpose of receiving our newsletter, using your customer account or contacting us via our contact form
- Address data, e.g. for the purpose of order processing (delivery) within the framework of our online shop
- Payment data, for processing the payment of your order
- Applicant data, to carry out our online application procedure
- Data that you actively and consciously transmit to us in the course of using our services,
- Further data, which you transmit to us voluntarily, e.g. data fields filled in by you and marked as 'voluntary
In addition, data about you is collected indirectly when using our services:
- Technical connection data, e.g. the page called up on our website, your IP address, date and time of the call, terminal device used, browser configuration data.
- Data that we receive from our service providers in the context of order processing in the online shop, e.g. information on payment probabilities and payment disruptions or delivery notifications
Minors:
Our website is not targeted at minors and we do not knowingly collect personal data from minors.
Persons under the age of 16 may only transmit personal data to us if their legal guardian themselves have given consent or have approved the minor’s consent. In accordance with Article 8(2) GDPR, the legal guardian’s contact details must be provided in order to convince us of the consent or the legal guardian’s approval. This data and the minor’s data will then be processed in accordance with this privacy policy.
We will immediately delete personal data sent to us by a minor under the age of 16 if we establish that it was sent without their legal guardian’s consent or approval of the minor’s consent.
4. Who has access to your data and to whom we transmit your data
a) Access
Access to your personal data that we have stored is limited to our employees and the service providers we have commissioned who are required to handle this personal data due to their tasks.
If third parties gain access to your data, we will have obtained your permission for this or there will be a legal basis permitting it.
We also use service providers to provide services and to process your data. If special provisions apply to them, we will implement them subsequently for you for the respective service. The service providers will process the data exclusively on our instructions and are required to comply with the applicable data protection regulations. All data processors have been carefully selected and will only have access to your data to the extent and for the time required to provide the services or to the extent to which you have consented to the data processing and use.
b) Data exchange within the corporate group
Data exchanges within the corporate group to which we belong will only take place within the EU/EEA and will only be carried out for internal administrative purposes. The term “corporate group” is used to mean affiliated companies within the meaning of Article 4(19) GDPR.
c) Transfer to third countries and legal basis
The servers of some of the service providers we use are located in the USA and other countries outside the European Union. Companies in these countries are subject to a data protection law that does not generally protect personal data to the same extent as is the case in the European Union member states. If your data are processed in a country where the level of data protection is not recognised as being as high as that of the European Union, we will use contractual arrangements or other recognised instruments to ensure that your personal data are adequately protected. Subsequently, we will expressly indicate this to you again within the scope of the individual services.
Insofar as a transfer of personal data to third countries takes place, this takes place on the basis of the EU Standard Contract 2010 pursuant to Art. 46 para. 2 lit. c GDPR in conjunction with the decision of the EU Commission of 05.02.2010 (2010/87/EU) or on the basis of your consent pursuant to Art. 49 para. 1 lit. a) GDPR.
d) Transfer to law enforcement and criminal investigation authorities
In exceptional cases we will transmit personal data to law enforcement and criminal investigation authorities. This will be done on the basis of corresponding legal obligations, e.g. arising from the German Code of Criminal Procedure, the German Fiscal Code, the German Anti-Money Laundering Act or state police laws.
5. Retention Periods
We will store personal data in accordance with statutory provisions or your consent.
We use the following criteria to determine the specific storage period:
We will store the personal data until the purposes for which they were collected cease to apply (e.g. upon termination of a contractual relationship or through the last activity, if there is no continuing obligation, or in the event of a withdrawal of your consent for the specific data processing).
Data will only be stored beyond these periods in the following cases:
- Existence of legal storage obligations (e.g. under the German Fiscal Code and the German Commercial Code);
- A continuing need for data in order to establish and exercise legal claims or to defend against legal claims, e.g. due to technological and forensic requirements to defend against attacks on our web servers and their prosecution;
- Where erasure would be contrary to the data subjects’ legitimate interest; or
- Another exception pursuant to Art. 17(3) GDPR applies.
6. Your rights
You have a number of legal rights to which we would like to draw your attention below. Naturally, our data protection officer is also available using the contact information given below to answer any questions you may have about your personal data that we have collected and processed.
a) Right to information and data portability
You have a right to information about the personal data we process concerning you at any time.
If the data processing is based on your consent or on a contract pursuant to Article 6(1)(b) GDPR, under Article 20(1) GDPR, you may also request that the personal data stored about you be made available to you in a structured, commonly used and machine-readable format. We will also forward the data directly to the recipient of your choice at your request.
b) Right to rectification, restriction and erasure
Furthermore, in accordance with Articles 16 to 18 GDPR, you may request us to correct, restrict (block) or erase your personal data if we have processed the data incorrectly, if there is a reason for restricting further data processing, if the data processing has become illegal for various reasons, or if its storage is forbidden for other legal reasons. We would like to point out that your right to erasure may be restricted by legal retention periods.
c) Right to object
If our data processing is based exclusively on our legitimate interest under Article 6(1)(f) GDPR, you may object to this processing under Article 21(1) GDPR. In the event of an objection, we shall discontinue the processing of your data unless we can demonstrate compelling and protection-worthy reasons for the processing that outweigh your interests, rights and freedoms, or if the processing serves to establish, exercise or defend legal claims. Furthermore, under Article 21(2) GDPR, you always have the right to object to the use of your data for the purpose of direct advertising with effect for the future.
d) Right of withdrawal
If you have allowed us to process your personal data by giving your consent, under Article 7(3) GDPR, you have a right of withdrawal with effect for the future.
e) Right to lodge a complaint with the supervisory authority
You are free to lodge a complaint with a supervisory authority if you believe that our processing of your personal data violates the European Data Protection Regulation or other national and international data protection laws.
The contact details of the supervisory authority responsible for us are as follows:
Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 27
91522 Ansbach
Telephone: +49 981 53 1300
Email: poststelle@lda.bayern.de
f) Contact details
You can send us an informal message using the following contact details in order to exercise your rights. Please also address the withdrawal of your consent to the following contact persons, indicating which declaration of consent you would like to withdraw:
Responsible for Data
KÖGL GmbH Betriebs-, Lager- und Fahrzeugeinrichtungen
Industriestraße 2
D-89347 Bubesheim-Günzburg
Telefon: +49 (0)82 21 / 36 90 - 0
Date Protection Officer
it.sec GmbH
Datenschutzbeauftragter
Einsteinstrasse 55
89077 Ulm
Telefon +49 (0)7 31 / 20 58 - 924
7. Use of our website - Profiling, cookies and web tracking
a) Basic information about cookies and opt-out options
We use so-called cookies in some areas of our Website, e.g. to recognize the preferences of visitors and to be able to design the website accordingly. This facilitates navigation and a high degree of user-friendliness of a website. Cookies also help us to identify particularly popular areas of our Website. Cookies are small files that are stored on a visitor's hard drive of the used device. They allow information to be stored for a certain period of time and to identify the visitor's computer. For better user guidance and individual service presentation, we use permanent cookies.
We also use so-called session cookies, which are automatically deleted when you close your browser. You can set your browser so that it informs you about the placement of cookies. This makes the use of cookies transparent for you. We collect the following technical connection data. This is done to verify the authorization of actions and the authentication of the requesting user of our services. The legal basis is Art. 6 (1) lit. c) in conjunction with Article 32 and Article 6 (1) lit. f) GDPR. Our legitimate interest is to secure our web server, for example to defend ourselves against attacks, and to ensure the functionality of our services.
We only set non-technically necessary cookies after your express consent, which you can of course revoke at any time.
As part of our cookie information on our Website, you have agreed to the following statement in this regard:
This website uses cookies, which are necessary for its operation, to provide statistical analysis, to enable you to share content in social networks or to show you advertisements that match your interests. Depending on the activated level, you accept the previous levels by clicking on the respective button. By clicking on "Confirm selection" or "Select & confirm all", you also consent, in accordance with Art. 49 Paragraph 1 Sentence 1 lit. a DSGVO, to your data being processed by the relevant services in countries outside the EU without an adequate level of security (including the USA), although your data subject rights may not be enforceable there. You can revoke your consent at any time by deactivating the corresponding cookies.
If you exclude the use of cookies, you may not be able to use certain functions of our Website - including the possibility of cookie-based opt-out from tracking. Please allow the opt-out cookies of those services for which you wish to prevent tracking.
Please also note that deleting all cookies will also delete opt-out cookies. You may therefore have to reset them. Cookies are also browser-bound, i.e. they must be set separately for each browser you use on each device you use. You will find the necessary links in the description of the respective service below.
We will use the following cookies for a more detailed purpose:
b) Google Analytics
This website uses Google Analytics, a web analytics service of Google LLC (“Google”). Google Analytics uses so-called "cookies", which are text files stored on your computer and which enable an analysis of your use of the site. The information generated by the cookie about your use of this website will usually be transferred to a Google server in the USA and stored there. However, if IP anonymization has been activated on this website Google shall truncate your IP address beforehand within Member States of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activities and to provide the website operator with other services relating to website and Internet use. The IP address transmitted by your browser in the context of Google Analytics will not be merged with other Google data. One way to object to web analysis by Google Analytics is to set an opt-out cookie that instructs Google not to store or use your data for web analysis purposes. Please note that with this solution the web analysis will only not take place as long as the opt-out cookie is stored by the browser. If you want to set the opt-out cookie now, please click https://developers.google.com/analytics/devguides/collection/gajs/?hl=en#disable.
You may also prevent the use of cookies through a corresponding setting of your browser software. However, please note that if you do this, you may not be able to use this website’s full functionality. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available at the following link: The current link is: http://tools.google.com/dlpage/gaoptout?hl=en.
Data Recipient Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland
In case of access to the data from the USA (e.g. support): Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
The legal basis for the transfer is the EU standard contractual clauses pursuant to Art. 46 (2) lit. c GDPR.
As an alternative to the browser add-on or within browsers on mobile devices, please click this link to prevent Google Analytics from collecting data on this website in the future (the opt-out only works in the browser and only for this domain). An opt-out cookie is stored on your device. If you delete your cookies in this browser, you must click this link again.
c) Google Tag Manager
Google Tag Manager is a product from Google that allows us to manage website tags from applications such as Google Analytics through one interface. The Tag Manager is a cookie-less domain and does not collect any personal data.
d.) Google Maps
Our website uses the service 'Google Maps'. When calling up Google Maps on this website, data is transmitted to Google.
Controller with whom Google Maps is jointly operated on our website ('Google'):
Google LLC
1600 Amphitheatre Pkwy
Mountain View
CA, 94043 USA
Responsible for data processing of persons living within the European Union/EEA and Switzerland:
Google Ireland Ltd.
Gordon House, Barrow Street, Dublin 4 Irland
The agreement within the meaning of Art. 26 para. 1 DSGVO with Google can be found under the following link:
privacy.google.com/intl/de/businesses/mapscontrollerterms/
The Google Privacy Officer can be contacted at the following web form: https://support.google.com/policies/contact/general_privacy_form
Categories of data subjects:
Visitors to our website who use Google Maps
Categories of personal data:
Data that Google processes about our website visitors can be taken from the following link:
policies.google.com/privacy/update, supplemented by the separate privacy policy for Google Maps: https://www.google.com/intl/de_de/help/terms_maps.html
Origin of the data
Google receives the data from the data subjects directly via our website.
Legal basis of the data processing
We only use Google Maps with your consent, Art. 6 para. 1 lit. a) DSGVO.
The Google Maps page is therefore integrated by means of a local preview and is only activated when you click on the link displayed there.
You can also prevent Google Maps from running by disabling the localisation of the location in your browser settings (browser-dependent).
For example Firefox: Settings -> Privacy & Data Security -> Permissions -> Location-> Block new requests for access to your location
For example Google Chrome: Settings -> Advanced -> Privacy & Security -> Website Settings -> Permissions -> Location -> Ask before access
You can prevent the execution of Google Maps by selectively preventing the execution of the Java-Script code used by using a Java-Script blocker; alternatively, you can also completely disable the execution of Java-Script in your browser settings.
The legal basis on which Google bases its data processing can be found in the following link:
https://policies.google.com/privacy/update?hl=de&gl=de , supplemented by the separate privacy policy for Google Maps: https://www.google.com/intl/de_de/help/terms_maps.htm
Purposes of data processing
We use Google Maps to enable you to search for a dealer or plan a route and pursue the following purposes:
- Public image and advertising
- Communication and data exchange
- Event Management
- if necessary, contract initiation and processing
The purposes that Google pursues with the data processing can be seen from the following link: policies.google.com/privacy/update , supplemented by the separate data protection regulations for Google Maps: www.google.com/intl/de_de/help/terms_maps.html
Storage duration
We do not store any data. The storage and deletion of data is the duty of Google. The information on this can be taken from the following link:
policies.google.com/privacy/update , supplemented by the separate data protection regulations for Google Maps: www.google.com/intl/de_de/help/terms_maps.html
Categories of recipients
We or our employees and service providers have no access to the data processed by Google.
The categories of recipients to whom Google discloses the data and information about the sharing of data within the Group can be found at the following link: https://policies.google.com/privacy/update?hl=de&gl=de , supplemented by the separate privacy policy for Google Maps: https://www.google.com/intl/de_de/help/terms_maps.html
Data transfers to third countries
In the context of the use of Google Maps, the data is also processed by Google LLC. The legal basis for the transfer is the EU standard contractual clauses pursuant to Art. 46 (2) lit. c GDPR.
Google will transfer the data to the United States, Ireland and any other country in which Google does business, and store and otherwise process the data there, regardless of the residence of the data subjects. Related data transfers to third countries are secured by an adequacy decision of the EU Commission pursuant to Art. 45 GDPR or by appropriate safeguards pursuant to Art. 46 DSGVO: policies.google.com/privacy/update
Involved logic and scope of profiling or automated individual decision-making based on the collected data.
Insofar as the data subjects are tracked by collecting their data, whether through the use of cookies or comparable techniques or by storing the IP address, Google is obliged to provide information about this.
The information on this can be taken from the following link:
policies.google.com/privacy/update , supplemented by the separate data protection regulations for Google Maps: https://www.google.com/intl/de_de/help/terms_maps.html
Logic involved and scope of a profiling or automated individual decision based on the collected data
The joint controllers must grant various rights to the data subjects with regard to the processing of their data.
The rights to which data subjects are entitled can be found in our privacy policy. These rights can be exercised directly against Google.
The supervisory authority responsible for Google is:
The Data Protection Commission
21 Fitzwilliam Square, Dublin 2
D02 RD28, Ireland
Web address: gdprandyou.ie/contact-us/
e) Social media buttons
Our website uses social media buttons (Facebook, Google+, and Twitter) to enable you to interact with third parties.
These social media buttons are not integrated as plug-ins, but are inserted as links. By clicking the social media buttons you will be redirected to the respective provider’s page. The respective provider will then be responsible within the meaning of Article 4(17) GDPR for compliance with data protection regulations and for the accuracy, currency and completeness of the information provided for data processing.
f) Facebook and Instagram
Please note that Facebook and Instagram each represent merely another of various options for contacting us or receiving information from us.
Data controller for individuals living within the European Union:
Meta Platforms Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2 Ireland
Contact details for data protection can be found in our privacy policy linked here or the platform operator's data protection officer can be contacted using the following web form: www.facebook.com/help/contact/540977946302970
Categories of data subjects:
Visitors to our fan page who are registered on the social network as well as those who are not registered.
We point out to the data subjects that they use facebook and its functions on their own responsibility. This applies in particular to the use of interactive functions (e.g. sharing, rating).
Categories of persons concerned:
Registered and unregistered visitors of our fan page in the social network
We point out to the persons concerned that they use facebook and its functions on their own responsibility. This applies in particular to the use of the interactive functions (e.g. sharing, rating).
Categories of personal data:
Data that we process from registered visitors to our fan page:
User ID under which you registered, approved profile data (e.g. name, profession, addresses, contact data, if applicable also special categories of personal data such as religious affiliation, health data etc.), and other data which we may process. ), data that is created when sharing content, exchanging messages and communication, data that is required in the context of contract processing at the request of registered visitors; otherwise, we only process pseudonymous data such as statistics and insights into how our fan page, the posts, pages, videos and other content provided on it interacts (page activity, page views, "Like" information, reach, general demographic, location and interest-related information on age, gender, country, city, language), evaluations of the success and background of our advertisements, other analyses and measurements.
The pseudonymised data cannot be combined by us with the corresponding attribution feature (e.g. name details). It is therefore not possible for us to identify individual visitors, who thus remain anonymous to us.
Data that we process from non-registered visitors to our fan page:
Pseudonymous data such as statistics and insights into how people interact with our fan page, the posts, pages, videos and other content provided on it (page activity, page views, "Like" information, reach, general demographic, location and interest information on age, gender, country, city, town, language), evaluations of the success and background of our advertisements, other analyses and measurements.
The pseudonymised data cannot be combined by us with the corresponding attribution feature (e.g. name details). It is therefore not possible for us to identify individual visitors, who thus remain anonymous to us.
Data that the platform operator processes about registered and non-registered visitors to our fan page can be found on the following link::
https://www.facebook.com/privacy/explanation
The platform operator may use various analysis tools for evaluation.
We have no influence on the use of such tools by the platform operator and have not been informed about such potential use. If tools of this kind are used by the platform operator for our fan page, we have neither commissioned nor approved nor supported this in any other way. Also, the data obtained during the analysis is not made available to us. Furthermore, we have no way of preventing or stopping the use of such tools on our fan page, nor any other effective means of control.)
Origin of the data
We receive the data from the data subjects directly or from the platform operator. Where the platform operator obtains the data of the data subjects can be found in the following link: www.facebook.com/privacy/explanation
help.instagram.com/519522125107875
We have no influence on or effective means of control over whether the data procurement by the platform operator is permissible.
Legal basis of the data processing
We process the data on the basis of the following legal bases:
- Art. 6 para. 1 lit. a) GDPR: Consent of the persons concerned
- if applicable, Art. 6 para. 1 lit. b) GDPR: Performance of a contract with the data subject or implementation of pre-contractual measures at the request of the data subject
- Art. 6 para. 1 letter f) GDPR legitimate interest
- Simplification of communication and data exchange by meaningfully supplementing existing communication channels, such as Internet presence, press releases, print products and events, with the fan page
- Promoting sales of our products and services or demand, as well as recruiting new talent through a transparent appearance and regular posts
- Optimization of our fan page
We process special categories of personal data, if at all, only on the basis of the following legal principles:
- Article 9 paragraph 2 letter a) GDPR: Consent of the person concerned
- Art. 9 para. 2 lit. e) GDPR: The data subject has manifestly made the personal data public
Purposes of data processing
The data are processed for the following purposes:
- external presentation and advertising
- Communication and data exchange
- Event Management
- if necessary, contract initiation and processing
Information on the purposes for which the platform operator processes the data can be found in the following links:
www.facebook.com/privacy/explanation
help.instagram.com/519522125107875
We have no influence on the purposes for which the platform operator actually uses the data. We also have no effective control options in this respect.
Storage duration
The storage and deletion of the data is the duty of the platform operator in accordance with the agreement in the sense of Art. 26 para. 1 GDPR. The information on this can be obtained from the following link:
https://www.facebook.com/privacy/explanation
We have no influence on how the platform operator determines the regular deletion periods and how the data is deleted. We also have no effective control possibilities in this respect.
Categories of recipients
Only our employees and service providers who maintain our fan page and need the data for the above-mentioned purposes have access to the data processed by us. If the data subjects post their data publicly on our fan page, these data can be accessed by other registered and possibly also non-registered visitors.
The recipient categories to which the platform operator discloses the data or allows registered visitors to disclose their data, as well as information on intra-group data exchange, can be found in the following link:
https://www.facebook.com/privacy/explanation
https://help.instagram.com/519522125107875
We have no influence on how the platform operator determines the regular deletion periods and how the data is deleted. We also have no effective control options in this respect.
Data transfers to third countries
If the data subjects post their data publicly on our fan page, this data can be accessed worldwide by other registered and possibly also non-registered visitors.
The platform operator will transfer the data to the United States, Ireland and any other country in which Facebook does business and store and otherwise process it there, regardless of the residence of the data subjects.
Related data transfers to third countries are secured by an adequacy decision of the EU Commission pursuant to Art. 45 GDPR or by appropriate safeguards pursuant to Art. 46 GDPR:
www.facebook.com/privacy/explanation
help.instagram.com/519522125107875
We have no influence on the data transfers to third countries carried out by the platform operator. We also have no effective control options in this respect.
Logic involved and scope of a profiling or an automated individual decision based on the collected data
If the persons concerned are tracked by the collection of their data, whether by using cookies or comparable techniques or by storing the IP address, the platform operator is obliged under the terms of the agreement within the meaning of Art. 26 Para. 1 GDPR to provide information about this. In particular, the platform operator is obliged to inform the persons concerned of the purposes and legal basis if, after calling up a subpage within our fan page, one session cookie and three cookies with lifetimes between four months and two years are stored.
The information on this can be taken from the following link:
https://www.facebook.com/privacy/explanation
https://www.facebook.com/policies/cookies/
https://help.instagram.com/519522125107875
The platform operator may use various analysis tools for evaluation.
We have no influence on the use of such tools by the platform operator and have not been informed about such potential use. If tools of this kind are used by the platform operator for our fan page, we have neither commissioned nor approved nor supported this in any other way. Also, the data obtained during the analysis is not made available to us. Furthermore, we have no way of preventing or stopping the use of such tools on our fan page and no other effective means of control.
Data Subject Access Rights
The joint controllers must grant the data subjects various rights with regard to the processing of their data, which they can assert directly against the platform operator on the basis of the agreement within the meaning of Article 26 (1) GDPR:
https://www.facebook.com/privacy/explanation
If certain conditions are met, data subjects have the right of access, correction or deletion of personal data concerning them or the right to limit the processing of data by the data controller, in accordance with Art. 15 to Art. 18 GDPR. Data subjects also have the right to withdraw their consent to the processing of their personal data at any time with effect for the future (Art. 7 para. 3 GDPR). They may also object to the further processing of their data, which is based solely on the legitimate interest of the controller pursuant to Art. 6 para. 1 lit. f) GDPR (Art. 21 para. 1 GDPR), if interests worthy of protection in excluding data processing arise from their particular personal situation and there are no longer compelling reasons for the controller to continue processing the data. If personal data are processed for the purpose of direct marketing, data subjects have the right to object to such processing at any time with effect for the future (Art. 21 para. 2 GDPR). If the data processing is based on the consent of the data subject pursuant to Art. 6 (1) (a), Art. 9 (1) (a) GDPR or pursuant to Art. 6 (1) (b) GDPR on a contract with the data subject and is carried out with the aid of automated procedures, the data subjects may, pursuant to Art. 20 (1) DGVO, request to receive the personal data stored about them in a structured, common and machine-readable format or to have it transmitted to a third party designated by the data subject.
In principle, data subjects have the right not to be subjected to any automated individual decision pursuant to Art. 22 para. 1 GDPR. Insofar as such an automated individual decision is permissible pursuant to Art. 22 Paragraph 2 Letters a) to c) GDPR, data subjects are granted the following rights pursuant to Art. 22 Paragraph 3 GDPR: the right to present one's own point of view, the right to object to the intervention of a person on the part of the person responsible, the right to challenge the automated individual decision (right of appeal).
- Further information about this social network and other social networks and how data subjects can protect their data can also be found here: https://www.youngdata.de/.
Furthermore, data subjects have the right to lodge a complaint with a supervisory authority if they consider that the processing of their personal data violates the basic data protection regulation, Art. 77 GDPR. The supervisory authority responsible for the platform operator is:
Data Protection Commission
21 Fitzwilliam Square, Dublin 2
D02 RD28, Ireland
Website: https://www.dataprotection.ie/docs/Contact-us/b/11.htm
- Website: http://gdprandyou.ie/contact-us/
g.) YouTube
We would like to point out that youtube is just another of several options for contacting us or receiving information from us.
Person responsible with whom the Fanpage is jointly operated ('Platform Operator'):
Google Ireland Ltd.
Gordon House, Barrow Street, Dublin 4
Irland
Contact details for data protection
The contact details for data protection can be taken from our privacy notice, the data protection officer of the platform operator can be contacted under the following web form: support.google.com/policies/contact/general_privacy_form
Categories of persons concerned:
Registered and unregistered visitors of our fan page in the social network
We point out to the persons concerned that they use Youtube and its functions on their own responsibility. This applies in particular to the use of the interactive functions (e.g. sharing, rating).
Categories of personal data:
Data that we process from registered visitors to our fan page:
User ID under which you registered, approved profile data (e.g. name, profession, addresses, contact data, if applicable also special categories of personal data such as religious affiliation, health data etc.), and other data which we may process. ), data that is created when sharing content, exchanging messages and communication, data that is required in the context of contract processing at the request of registered visitors; otherwise, we only process pseudonymous data such as statistics and insights into how our fan page, the posts, pages, videos and other content provided on it interacts (page activity, page views, "Like" information, reach, general demographic, location and interest-related information on age, gender, country, city, language), evaluations of the success and background of our advertisements, other analyses and measurements.
The pseudonymised data cannot be combined by us with the corresponding attribution feature (e.g. name details). It is therefore not possible for us to identify individual visitors, who thus remain anonymous to us.
Data that we process from non-registered visitors to our fan page:
Pseudonymous data such as statistics and insights into how people interact with our fan page, the posts, pages, videos and other content provided on it (page activity, page views, "Like" information, reach, general demographic, location and interest information on age, gender, country, city, town, language), evaluations of the success and background of our advertisements, other analyses and measurements.
The pseudonymised data cannot be combined by us with the corresponding attribution feature (e.g. name details). It is therefore not possible for us to identify individual visitors, who thus remain anonymous to us.
Data that the platform operator processes about registered and non-registered visitors to our fan page can be found on the following link :https://policies.google.com/privacy/update?hl=de&gl=de
The platform operator may use various analysis tools for evaluation.
We have no influence on the use of such tools by the platform operator and have not been informed about such potential use. If tools of this kind are used by the platform operator for our fan page, we have neither commissioned nor approved nor supported this in any other way. Also, the data obtained during the analysis is not made available to us. Furthermore, we have no way of preventing or stopping the use of such tools on our fan page, nor any other effective means of control.)
Origin of the data
We receive the data from the data subjects directly or from the platform operator.
The following link shows where the platform operator obtains the data of the data subjects: policies.google.com/privacy/update
We have no influence or effective means of controlling whether the procurement of data by the platform operator is permissible.
Legal basis of the data processing
We process the data on the basis of the following legal bases:
- Art. 6 para. 1 lit. a) GDPR: Consent of the persons concerned
- if applicable, Art. 6 para. 1 lit. b) GDPR: Performance of a contract with the data subject or implementation of pre-contractual measures at the request of the data subject
- Art. 6 para. 1 letter f) GDPR legitimate interest
- Simplification of communication and data exchange by complementing existing communication channels such as the website, press releases, print products and events with the fan page
- Promotion of the sales of our products and services or the demand as well as the recruitment of new staff by transparent appearance and regular contributions
- Optimization of our fan page
We process special categories of personal data, if at all, only on the basis of the following legal principles:
- Article 9 paragraph 2 letter a) GDPR: Consent of the person concerned
- Art. 9 para. 2 lit. e) GDPR: The data subject has manifestly made the personal data public
The legal bases on which the platform operator bases the data processing can be found in the following link: policies.google.com/privacy/update
If the persons concerned are tracked by collecting their data, whether by using cookies or comparable techniques or by storing the IP address, the platform operator will obtain the consent of the persons concerned in advance.
In particular, the platform operator is obliged to inform the persons concerned for which purposes and on which legal basis the first call of a fan page generates entries in the so-called Local Storage, even in the case of non-registered visitors, and whether personal data of non-registered visitors (e.g. IP address or other data that condense into personal data) are also used to create profiles.
We have no influence or effective means of controlling whether data processing is permitted by the platform operator.
Purposes of data processing
The data are processed for the following purposes:
- external presentation and advertising
- Communication and data exchange
- Event Management
- if necessary, contract initiation and processing
Information on the purposes for which the platform operator processes the data can be found in the following link: policies.google.com/privacy/update
We have no influence on the purposes for which the platform operator actually uses the data. We also have no effective means of control in this respect.
Storage duration
The storage and deletion of the data is the duty of the platform operator in accordance with the agreement in the sense of Art. 26 para. 1 GDPR. The information on this can be obtained from the following link:
policies.google.com/privacy/update
We have no influence on how the platform operator determines the regular deletion periods and how the data is deleted. We also have no effective control possibilities in this respect.
Categories of recipients
Only our employees and service providers who maintain our fan page and need the data for the above-mentioned purposes have access to the data processed by us. If the data subjects post their data publicly on our fan page, these data can be accessed by other registered and possibly also non-registered visitors.
The recipient categories to which the platform operator discloses the data or allows registered visitors to disclose their data, as well as information on intra-group data exchange, can be found in the following link:
policies.google.com/privacy/update We have no influence on the disclosure of data to individual recipients (categories) by the platform operator. We also have no effective means of control in this respect.
We have no influence on the disclosure of data to individual recipients (categories) by the platform operator. We also have no effective control options in this respect.
Data transfers to third countries
The platform operator will transfer the data to the United States, Ireland and any other country in which Google does business and store and otherwise process it there, regardless of the residence of the data subjects. Related data transfers to third countries are secured by an adequacy decision of the EU Commission pursuant to Art. 45 GDPR or by appropriate safeguards pursuant to Art. 46 GDPR:
policies.google.com/privacy/update
We have no influence on the data transfers to third countries carried out by the platform operator. We also have no effective control options in this respect.
Logic involved and scope of a profiling or an automated individual decision based on the collected data
If the persons concerned are tracked by the collection of their data, whether by using cookies or comparable techniques or by storing the IP address, the platform operator is obliged under the terms of the agreement within the meaning of Art. 26 Para. 1 GDPR to provide information about this. In particular, the platform operator is obliged to inform the persons concerned of the purposes and legal basis if, after calling up a subpage within our fan page, one session cookie and three cookies with lifetimes between four months and two years are stored.
The information on this can be taken from the following link: policies.google.com/privacy/update
The platform operator may use various analysis tools for evaluation.
We have no influence on the use of such tools by the platform operator and have not been informed about such potential use. If tools of this kind are used by the platform operator for our fan page, we have neither commissioned nor approved nor supported this in any other way. Also, the data obtained during the analysis is not made available to us. Furthermore, we have no way of preventing or stopping the use of such tools on our fan page and no other effective means of control.
Data Subject Access Rights
The joint controllers must grant the data subjects various rights with regard to the processing of their data, which they can assert directly against the platform operator on the basis of the agreement within the meaning of Article 26 (1) GDPR:
If certain conditions are met, data subjects have the right of access, correction or deletion of personal data concerning them or the right to limit the processing of data by the data controller, in accordance with Art. 15 to Art. 18 GDPR. Data subjects also have the right to withdraw their consent to the processing of their personal data at any time with effect for the future (Art. 7 para. 3 GDPR). They may also object to the further processing of their data, which is based solely on the legitimate interest of the controller pursuant to Art. 6 para. 1 lit. f) GDPR (Art. 21 para. 1 GDPR), if interests worthy of protection in excluding data processing arise from their particular personal situation and there are no longer compelling reasons for the controller to continue processing the data. If personal data are processed for the purpose of direct marketing, data subjects have the right to object to such processing at any time with effect for the future (Art. 21 para. 2 GDPR). If the data processing is based on the consent of the data subject pursuant to Art. 6 (1) (a), Art. 9 (1) (a) GDPR or pursuant to Art. 6 (1) (b) GDPR on a contract with the data subject and is carried out with the aid of automated procedures, the data subjects may, pursuant to Art. 20 (1) DGVO, request to receive the personal data stored about them in a structured, common and machine-readable format or to have it transmitted to a third party designated by the data subject.
In principle, data subjects have the right not to be subjected to any automated individual decision pursuant to Art. 22 para. 1 GDPR. Insofar as such an automated individual decision is permissible pursuant to Art. 22 Paragraph 2 Letters a) to c) GDPR, data subjects are granted the following rights pursuant to Art. 22 Paragraph 3 GDPR: the right to present one's own point of view, the right to object to the intervention of a person on the part of the person responsible, the right to challenge the automated individual decision (right of appeal).
- Further information about this social network and other social networks and how data subjects can protect their data can also be found here: https://www.youngdata.de/.
Furthermore, data subjects have the right to lodge a complaint with a supervisory authority if they consider that the processing of their personal data violates the basic data protection regulation, Art. 77 GDPR. The supervisory authority responsible for the platform operator is:
Data Protection Commission
21 Fitzwilliam Square, Dublin 2
D02 RD28, Ireland
Website: https://www.dataprotection.ie/docs/Contact-us/b/11.htm
Website: gdprandyou.ie/contact-us/
h.) LinkedIn
Social network
LinkedIn: de.linkedin.com
We would like to point out that LinkedIn is merely another of various options for contacting us or receiving information from us. Alternatively, the information offered via our LinkedIn account can also be accessed on our website, for example
Person responsible with whom our LinkedIn account ('Fanpage') is jointly operated ('Platform Operator'):
LinkedIn Corporation, Wilton place, Dublin 2, Ireland
In an agreement pursuant to Art. 26 (1) of the GDPR, the jointly responsible parties have specified who fulfills which obligation pursuant to the GDPR: The platform operator shall make the essential contents of this agreement available to the data subjects: legal.linkedin.com/pages-joint-controller-addendum
We have no influence on whether or how the platform operator actually uses data (purpose, storage, deletion, disclosure, transmission, profiling). We also have no effective control options in this respect.
Privacy contact information:
The contact details for data protection can be found in our privacy policy linked here.
The Platform Operator's Data Protection Officer can be contacted at the following web form www.linkedin.com/help/linkedin/ask/TSO-DPO
Categories of persons concerned:
Visitors to our fan page who are registered on the social network as well as those who are not registered.
We point out to the data subjects that they use LinkedIn and its functions on their own responsibility. This applies in particular to the use of the interactive functions (e.g. sharing, rating).
Categories of personal data:
Data we process from registered visitors to our fan page:
User ID or user name under which the data subjects have registered, released profile data (name, e-mail address, telephone number), ProFinder profile data, education, work experience, salary expectations, photo, location data, knowledge and knowledge confirmations, professional achievements (e.g. patent granting, professional recognition, projects), possibly also special categories of personal data such as religious affiliation, health data etc., data arising from content sharing, messaging and communication, data required as part of a contract initiation, execution at the request of registered visitors, other data and content freely published, provided, disseminated, posted or uploaded by data subjects on LinkedIn or via their LinkedIn account.
Otherwise, we only process pseudonymized data such as statistics and insights on how people interact with our fan page, the posts, pages, videos and other content provided via it (page activities, page views, "like" votes, reach, general demographic, location and interest-related information on age, gender, country, city, language), evaluations on the success and background of our advertisements, other analyses and measurements.
The pseudonymized data cannot be merged by us with the corresponding assignment characteristic (e.g. name information). Thus, it is not possible for us to identify individual visitors, who thus remain anonymous for us.
Data we process from non-registered visitors to our Fanpage:
Pseudonymized data such as statistics and insights into how people interact with our Fanpage, the posts, pages, videos and other content provided via it (page activities, page views, "Like" votes, reach, general demographic, location and interest-related information on age, gender, country, city, language), evaluations of the success and background of our advertisements, other analyses and measurements.
The pseudonymized data cannot be merged by us with the corresponding assignment characteristic (e.g. name information). Thus, it is not possible for us to identify individual visitors, who thus remain anonymous for us.
Data that we process from our website visitors:
No IP addresses of our website visitors are transmitted to the platform operator via the integration of the LinkedIn button (pure link) on our website.
Data processed by the platform operator about the registered and non-registered visitors of our fan page can be found in the following link:
www.linkedin.com/legal/privacy-policy
The platform operator may use various analysis tools for evaluation purposes.
We have no influence on the use of such tools by the platform operator and have not been informed about such potential use. If tools of this type are used by the platform operator for our fan page, we have neither commissioned nor approved this nor supported it in any other way. We are also not provided with the data obtained during the analysis. Moreover, we have no possibility to prevent or turn off the use of such tools on our Fanpage and also no other effective control options.
Origin of the data
We receive the data from the data subjects directly or from the platform operator. Where the platform operator obtains the data of the data subjects can be seen from the following link: www.linkedin.com/legal/privacy-policy
Legal basis of data processing
We process the data on the basis of the following legal grounds:
- Art. 6 para. 1 lit. a) DSGVO: Consent of the data subjects
- If applicable, Art. 6 para. 1 lit. b) DSGVO: Fulfillment of a contract with the data subject or implementation of pre-contractual measures at the request of the data subject.
- Art. 6 para. 1 lit. f) DSGVO legitimate interest
- Simplification of communication and data exchange, in that the existing communication channels, such as website, press releases, print products and events, are usefully supplemented by the fan page.
- Promotion of sales of our products and services or demand as well as recruitment of new talent through transparent appearance and regular posts
- Optimization of our fan page
We process special categories of personal data, if at all, only on the basis of the following legal grounds:
- Art. 9 para. 2 lit. a) DSGVO: Consent of the data subject
- Art. 9 para. 2 lit. e) DSGVO: The data subject has manifestly made the personal data public
The legal bases on which the platform operator bases the data processing can be found in the following link:
www.linkedin.com/legal/privacy-policy
Data processing purposes
We process the data for the following purposes:
- External presentation and advertising
- Communication and data exchange
- event management
- If necessary, contract initiation and processing
Information on the purposes for which the platform operator processes the data can be obtained from the following link: www.linkedin.com/legal/privacy-policy
Storage duration
The storage and deletion of the data is the duty of the platform operator. The information on this can be taken from the following link: www.linkedin.com/legal/privacy-policy
Kategorien der Empfänger
Only our employees and service providers who manage our fan page and require the data for the above-mentioned purposes have access to the data we process. If the data subjects post their data publicly on our fan page, it can be accessed by other registered visitors and possibly also by non-registered visitors.
The categories of recipients to whom the platform operator discloses the data or enables registered visitors to disclose their data, as well as information on intra-group data exchange, can be found in the following link: www.linkedin.com/legal/privacy-policy.
Data transfers to third countries
Insofar as the data subjects post their data publicly on our fan page, this data can be accessed worldwide by other registered and possibly also non-registered visitors.
The platform operator will transfer the data to the United States, Ireland and any other country in which the platform operator does business, regardless of the residence of the data subjects, and store and otherwise process the data there.
Related data transfers to third countries are secured by an adequacy decision of the EU Commission pursuant to Art. 45 GDPR or by appropriate safeguards pursuant to Art. 46 GDPR:
www.linkedin.com/legal/privacy-policy
www.linkedin.com/help/linkedin/answer/62533
privacy.linkedin.com/de-de/dsgvo
Involved logic and scope of profiling or automated individual decision-making based on the data collected.
Insofar as the data subjects are tracked through the collection of their data, whether through the use of cookies or comparable technologies or through the storage of the IP address, the platform operator is obligated to inform them of this. The information on this can be found in the following links:
www.linkedin.com/legal/privacy-policy
www.linkedin.com/legal/cookie-policy
www.linkedin.com/help/linkedin/answer/3566
www.linkedin.com/help/linkedin/answer/68763
The platform operator may use various analysis tools for evaluation purposes.
We have no influence on the use of such tools by the platform operator and were not informed about such potential use. If tools of this type are used by the platform operator for our fan page, we have neither commissioned nor approved this nor supported it in any other way. We are also not provided with the data obtained during the analysis. Moreover, we have no possibility to prevent or turn off the use of such tools on our Fanpage and also no other effective control options.
Rights of the data subjects
The joint controllers must grant the data subjects various rights with regard to the processing of their data, which they can assert directly against the platform operator:
Data subjects have a right to information, correction or deletion of the personal data concerning them or a right to restriction of data processing by the controller if certain conditions are met in accordance with Articles 15 to 18 of the GDPR. Data subjects also have the right to revoke their given consent to the processing of their personal data at any time with effect for the future (Art. 7(3) DSGVO). They may also object to the further processing of their data based solely on the legitimate interest of the controller pursuant to Art. 6(1)(f) DSGVO (Art. 21(1) DSGVO), provided that interests worthy of protection in the exclusion of data processing arise for this purpose from their particular personal situation and there are no longer any compelling reasons worthy of protection for the controller to continue processing the data. Insofar as personal data is processed for the purpose of direct marketing, data subjects have the right to object to this processing at any time with effect for the future (Article 21 (2) DSGVO). If the data processing is based on the data subject's consent pursuant to Art. 6 (1) (a), Art. 9 (1) (a) GDPR or pursuant to Art. 6 (1) (b) GDPR on a contract with the data subject, and is carried out with the aid of automated processes, data subjects may, pursuant to Art. 20 (1) GDPR, request to receive the personal data stored about them in a structured, common and machine-readable format, or to have it transferred to a third party designated by the data subject.
In principle, data subjects have the right not to be subject to automated individual decision-making pursuant to Article 22(1) of the GDPR. If such an automated individual decision is permitted pursuant to Art. 22(2)(a) to (c) of the GDPR, data subjects are granted the following rights pursuant to Art. 22(3) of the GDPR: right to express one's point of view, right to object to the intervention of an individual by the controller, right to challenge the automated individual decision (right of challenge).
- Information on the available personalization and data protection setting options can be found by data subjects here (with further references): privacy.linkedin.com/de-de/faq and privacy.linkedin.com/de-de/einstellungen
- Further information on this social network as well as other social networks and how data subjects can protect their data can also be found here: www.youngdata.de.
Furthermore, data subjects have the right to lodge a complaint with a supervisory authority if they believe that the processing of their personal data violates the General Data Protection Regulation, Art. 77 DSGVO. The competent supervisory authority for the platform operator is:
Data Protection Commission
21 Fitzwilliam Square, Dublin 2
D02 RD28, Ireland
Webadresse: https://www.dataprotection.ie/docs/Contact-us/b/11.htm
Webadresse: http://gdprandyou.ie/contact-us/
i.) Web fonts
This page uses so-called web fonts provided by Monotype Imaging Holding Inc.,600 Unicorn Park Drive, Woburn, Massachusetts 01801 USA (“Monotype”) to display fonts uniformly. When you call up a page, your browser loads the required Web fonts into your browser cache to display texts and fonts correctly.
Your computer will use a default font if your browser does not support web fonts.
For more information about Monotype Web Fonts, please see Monotype's privacy policy at www.monotype.com/de/rechtshinweise/datenschutzrichtlinie/datenschutzrichtlinie-zum-tracking-von-webschriften
8. Newsletter
At your express request, we will send you our newsletter on the topics you have selected as well as information about our company. Please note that the delivery can only take place if you have again expressly confirmed your subscription request within the scope of our double opt-in procedure.
The personal data collected as part of the newsletter registration will be used exclusively for sending and personalizing the newsletter (e.g. to address you by name). You can revoke your consent to the storage of personal data that you have given us for newsletter dispatch at any time with effect for the future. For the purpose of revoking consent, each newsletter contains a corresponding link; alternatively, you are also welcome to contact us directly so that we can implement your revocation. We have provided you with details of the consent given to us in the double opt-in e-mail
9. Direct contact and contact form
Data that you send us via our contact form will be processed for the purpose of communication and data exchange, i.e. to respond to your specific request. This data is stored as long as its processing is necessary for these purposes or until the expiry of any subsequent retention periods.