We process the data of our customers, trade partners, interested parties and other contractual partners (hereinafter referred to as "contractual partners") in accordance with Art. 6 Para. 1 lit. b. DSGVO in order to provide them with our pre-contractual or contractual services and to carry out our commercial transactions with our contractual partners. The data processed in this context, their nature and scope as well as the purpose and necessity of their processing, shall be determined by the underlying contractual relationship.
The data processed include
This data is collected in particular to be able to identify you as our customer
In addition, we process and store personal data as part of our administrative tasks, the organisation of our company, our financial accounting and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process within the scope of providing our pre-contractual and contractual services and within our commercial transactions. The basis for processing is Art. 6 para. 1 lit. c. DSGVO, Art. 6 para. 1 lit. f. DSGVO.
Furthermore, we process and store personal data in order to run our business economically, to identify market trends and conduct market research, to carry out marketing measures and to be able to assess the wishes of our contractual partners and users. For this purpose, we analyse the data available to us on commercial transactions, contracts, inquiries, other business transactions, etc. In doing so, we process contract data, usage data, inventory data, communication data, as well as meta data on the basis of Art. 6 Para. 1 lit. f. DSGVO, whereby the persons concerned include our contractual partners, interested parties, customers as well as users and visitors of our online offer or our trading portal.
The analyses serve us to increase user-friendliness, to optimize our offer and business efficiency. The analyses serve only us and are not disclosed externally, unless they are anonymous analyses with summarized values. If such analyses or profiles are personal, they will be deleted or made anonymous upon termination by the user, otherwise after two years from conclusion of the contract. In all other respects, the overall business analyses and general tendency determinations will be prepared anonymously if possible.
When using our online services and our trading portal, we store the IP addresses used and the time of use. The storage takes place on the basis of our legitimate interests to avoid misuse as well as unauthorized use of our online services or our trading portal. As a matter of principle, this data is not passed on to third parties, unless it is necessary to pursue and enforce our claims in accordance with Art. 6 Para. 1 lit. f. DSGVO or there is a legal obligation to do so in accordance with Art. 6 Para. 1 lit. c. DSGVO.
Beyond that, we do not process any special categories of personal data, unless these are components of a processing commissioned by our contractual partners or resulting from our commercial transactions.
We would like to point out the necessity of providing personal data, if this is not evident to the contractual partners. Disclosure to external persons or companies is only made if it is necessary in the context of the initiation and conclusion of commercial contracts. When processing the data provided to us, we act in accordance with the instructions of the client and the legal requirements.
The data will be deleted when the data is no longer required to fulfil contractual or statutory duties of care and for dealing with any warranty or comparable obligations, whereby the necessity of keeping the data will be reviewed every three years; otherwise the statutory retention obligations apply.
According to Art. 6(1)(b) DSGVO, Art. 6 para. 1 lit. c. DSGVO and Art. 6 para. 1 lit. f. DSGVO, we transmit company data, which may also include personal data, to the third parties named below for the purposes listed below:
We have concluded agreements with the parties involved for order processing in accordance with Art. 28 DSGVO.
Data transfer to third countries: If the processing is carried out by services of third parties outside the European Union or the European Economic Area, they must comply with the specific conditions of Art. 44 et seq. DSGVO or, in the case of US companies, the so-called "privacy shield".
We, or our hosting provider, on the basis of our legitimate interests as defined in Art. 6 Par. 1 lit. f. DSGVO collect data about every access to the server on which this service is located (so-called server log files). The access data includes
The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website or serves the purpose of user-friendly, functional and secure delivery of our website to you with functions and contents as well as their optimization and statistical evaluation. For security reasons, we store this data in server log files for a storage period of 30 days. After this period has elapsed, they are automatically deleted, unless we require their storage for evidence purposes in the event of attacks on the server infrastructure or other legal violations. In individual cases, further storage may be carried out if this is required by law.
Users can create a user account with us. Within the scope of registration, the required mandatory data will be communicated to the users and processed on the basis of Art. 6 para. 1 lit. b DSGVO for the purpose of providing the user account. The processed data includes in particular the login information (name, password and an e-mail address). The data entered during registration is used for the purposes of using the user account.
Users can be informed about information relevant to their user account - such as technical changes - by e-mail. If users have cancelled their user account, their data with regard to the user account will be deleted - subject to a legal obligation to keep records. It is the users' responsibility to save their data before the end of the contract if they have terminated it. We are entitled to irretrievably delete all user data stored during the contract period.
Within the scope of the use of our registration and login functions as well as the use of the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the user's need for protection against misuse and other unauthorized use. This data will not be passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so in accordance with Art. 6 Para. 1 lit. c DSGVO.
When contacting us (e.g. by contact form, e-mail, telephone or via social media), the user's details are processed for the purpose of handling the contact request and its processing in accordance with Art. 6 Para. 1 lit. b) DSGVO. The user's details may be stored in a customer relationship management system ("CRM system") or comparable enquiry organisation.
We will delete the requests if they are no longer necessary. We review the necessity every two years; furthermore, the statutory archiving obligations apply.
You have the right,
Applications sent by electronic means or by post to the competent body within the company are processed electronically or manually for the purpose of the application procedure.
We expressly point out that application documents containing "special categories of personal data" in accordance with Art. 9 DSGVO (e.g. a photograph which allows conclusions to be drawn about your ethnic origin, religion or marital status) are undesirable, with the exception of any severe disability which you may wish to disclose of your own free will. You should submit your application without these data. This has no effect on your chances of applying.
The legal basis for the processing is Art. 6 Para. 1 S.1 lit. b) DSGVO and Art. 26 BDSG as amended.
If an employment relationship is entered into with the applicant after completion of the application procedure, the applicant's data will be stored in compliance with the relevant data protection regulations. If you are not offered a position after the conclusion of the application procedure, your submitted letter of application including documents will be deleted 6 months after the rejection has been sent, in order to be able to satisfy any claims and obligations to provide proof according to AGG.
The hosting services provided by ionos (by 1&1) to us are for the following purposes: the provision of infrastructure and platform services, computing capacity, storage space and database services, email delivery, security services and technical maintenance services.
In doing so, we or our hosting providers process inventory data, contact data, content data, contract data, usage data, meta and communication data of contractual partners, users, customers, interested parties and visitors of our online offers on the basis of our legitimate interests in an efficient and secure provision of our online offers in accordance with Art. 6 para. 1 lit. f DSGVO in conjunction with Art. 28 DSGVO (conclusion of contract processing contract).
b. We use the following dispatch service providers for e-mail and newsletter dispatch:
c. You can subscribe to our newsletter with your voluntary consent by entering your e-mail address and confirming the "double opt-in" procedure. After your registration you will receive an e-mail from us with a confirmation link to confirm your subscription. Only after you click on this link will your e-mail be added to the newsletter distribution list and saved for the purpose of sending e-mails.
In order to meet legal requirements, we log your IP address used during registration and the date and time of the double opt-in (registration and confirmation).
For statistical evaluation and optimization of our newsletter we evaluate your user behaviour (opening the newsletter, link click) with the help of so-called "web beacons" or "tracking pixels".
You can object to the tracking and consent to the sending of the newsletter at any time by clicking on the unsubscribe link at the end of the newsletter. In this case the receipt of the newsletter will also be terminated. If you deactivate the display of images in your e-mail software, tracking is also not possible. However, this may have restrictions on the functions of the newsletter and contained images will not be displayed. We save your data as long as you have subscribed to the newsletter. After unsubscribing, your data will only be stored anonymously for statistical purposes.
We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply. The US providers are certified according to the so-called Privacy-Shield and are therefore obliged to comply with European data protection regulations. When you use and access our profile in the respective network, the respective data protection notices and terms of use of the respective network apply. Unless otherwise stated in our data processing information, we process the data of users, provided that they communicate with us within the social networks and platforms, e.g. send us messages.
Our website uses so-called cookies, the content and purpose of which are described below. When you call up our website, we will inform you about the use of cookies for the above-mentioned purposes by referring to our data protection policy. Our website uses session cookies, persistent cookies and third-party cookies:
Data sent by us and linked to cookies, user IDs (e.g. User ID) or advertising IDs are automatically deleted after 26 months. Data whose retention period has been reached is automatically deleted once a month.
The full extent of data processing is not known to us. With a logged in Google account the data can be assigned to your account by AdWords. If you do not wish this, you must log out of Google before visiting our website.
The full extent of data processing is not known to us. According to Google, the data collected by remarketing is not merged with your personal data, which may be stored by Google, but is processed using a pseudonym.
The data obtained is transferred to the USA and stored there. This is also done without a user account at Google. If you are logged into your Google account, Google can assign the above data to your account. If you do not wish this, you must log out of your Google account. Google creates user profiles from such data and uses these data for the purpose of advertising, market research or optimization of its websites.
You can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies. However, we would like to point out at this point that you may then not be able to use all functions of our website. Please read more about this under item 13 (RIGHT OF RESPONSE) of this privacy policy.
We use social media plug-ins on our website in the context of the so-called "two-click solution" shariff from the following social networks:
No personal data is transmitted to the providers of the plug-ins when our website is accessed. Next to the logo or the brand of the social network you will find a slider with which you can activate the plug-in with a click. After activation, the respective provider of the social network receives the information (including your IP address) that you are visiting our website. In addition, your personal data is transmitted to the provider of the plug-in and stored there. When using the functions of the plug-in, e.g. clicking the "Like" button, this information is also transferred from your browser to the Facebook servers in the USA, stored there, and displayed in your Facebook profile and, if applicable, with your Facebook friends.
The plug-in provider stores the data collected about the user as user profiles. These are used for the purposes of advertising, market research and/or demand-oriented design of his website. Such an evaluation is carried out in particular (also for users who are not logged in) for the purpose of presenting need-based advertising and to inform other users of the social network about the user's activities on our website. The user has a right of objection to the creation of these user profiles, whereby one must contact the respective plug-in provider in order to exercise this right.
The legal basis for the processing of personal data, if not separately listed below, is our legitimate interest in communication with users and our external presentation for the purpose of advertising in accordance with Art. 6 para. 1 sentence 1 letter f) DSGVO.
The legal basis for the newsletter dispatch, the measurement of success and the storage of the e-mail mentioned in point 8 is your consent in accordance with Art. 6 Para. 1 S. 1 lit. a) DSGVO in conjunction with § 7 Para. 2 No. 3 UWG and for the recording of the consent in accordance with Art. 6 Para. 1 S. 1 lit. f) DSGVO, as this serves our legitimate interest of legal provability.
Insofar as you have given your consent to the persons responsible for social networks (see points 9. to 11. of this privacy policy) to process your personal data, the legal basis is Art. 6 para. 1 sentence 1 lit. a) and Art. 7 DSGVO.
The legal basis for the use of cookies mentioned in paragraph 10. is Art. 6 para. 1 sentence b) DSGVO, if the cookies are used to initiate a contract. Otherwise there is a legitimate interest in the effective functionality of our website, so that in this case Art. 6 para. 1 sentence 1 lit. f) DSGVO is the legal basis.
The legal basis for the use of the plug-ins mentioned in section 11. is our legitimate interest in improving and optimizing our website by increasing our awareness via social networks and the possibility of interaction with you and the users among themselves via social networks in accordance with Art. 6 para. 1 sentence 1 lit. f) DSGVO.
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 letter f DSGVO, you have the right to object to the processing of your personal data in accordance with Art. 21 DSGVO, if there are reasons for doing so arising from your particular situation. If you wish to exercise your right of objection, simply send an e-mail to datenschutz@entrafin.de
You can generally prevent the storage of cookies (see also item 10 of this data protection policy) on your hard drive by selecting "do not accept cookies" in your browser settings. However, this may result in a functional restriction of our offers. You can object to the use of cookies from third parties for advertising purposes by means of a so-called "opt-out" via the American website (https://optout.aboutads.info) or this European website (http://www.youronlinechoices.com/de/praferenzmanagement/).
You can prevent the collection of the data generated by the cookie and related to your use of the website to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link http://tools.google.com/dlpage/gaoptout?hl=de
As an alternative to the above browser plugin, you can prevent Google Analytics from collecting your data by setting the following "opt-out" cookie, which will prevent the collection of your data when you visit this website in the future https://developers.google.com/analytics/devguides/collection/gajs/?hl=de#disable. This cookie is only valid for our website and your current browser and will only last until you delete your cookies. In this case you would have to set the cookie again. You can deactivate the cross-device user analysis in your Google account under "My data > personal data".
The deactivation of the function "Facebook Custom Audiences" is possible for logged-in users under this link: https://www.facebook.com/settings/?tab=ads#.
Furthermore, we refer to the respective data protection policy of the services mentioned in sections 8 to 11 of this data protection guideline with regard to the individual possibilities of objection (opt-outs) of the services mentioned in sections 8 to 11 of this data protection guideline. In addition, you will also find information on your rights and setting options for the protection of your personal data.
Please note that we cannot guarantee or warrant that the third-party links or services listed in this data protection policy are up-to-date. However, we make every effort to check such links at regular and appropriate intervals to ensure that they are up-to-date. If a third-party link listed in this data protection policy no longer provides the functionality that we desire, please notify us at datenschutz@entrafin.de.