The data controller as per the European General Data Protection Regulation (“EU GDPR”), other applicable national data protection regulations valid in the member states and other data protection provisions is:
TeMeno GmbH Breite Straße 10
40670 Meerbusch
+49 2159 8146 0
info@temeno.de
temeno.de
If you have any questions or suggestions regarding data protection, feel free to contact us at any time at info@temeno.de
1. Scope of the processing of personal data
We solely process the personal data of our users where required to provide a functioning website along with our content and services. We process the personal data of our users on a regular basis solely after obtaining consent from the user. In an exception to the above rule, we do not require the data subject’s consent if we are unable to obtain it in advance for practical reasons and we need to process your data due to statutory requirements.
2. The legal basis for processing personal data
If we obtain the data subject’s consent in order to process personal data, this takes place on the legal basis of Art. 6(1)(1) lit. a GDPR.
In cases where we process personal data to perform a contract to which the data subject is party, this takes place on the legal basis of Art. 6(1)(1) lit. b GDPR. The same applies to processing required to take steps at the request of the data subject prior to entering into a contract.
If we need to process personal data to fulfil a legal requirement to which our company is subject, this takes place on the legal basis of Art. 6(1)(1) lit. c GDPR.
In the event that processing is necessary in order to protect the vital interests of the data subject or of another natural person, this takes place on the legal basis of Art. 6(1)(1) lit. d GDPR.
Where processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, this takes place on the legal basis of Art. 6(1)(1) lit. f GDPR.
3. Data erasure and retention period
The data subject’s personal data shall be erased or blocked from further processing once the purpose for which the data was stored ceases to exist. The personal data may be stored for a longer period where required by Union directives, laws or other provisions enacted by the European or national legislator to which the controller is subject. Data shall also be blocked from further processing or erased upon completion of the retention period prescribed by the aforementioned standards where continued storage of the data is not required to conclude or perform a contract.
4. If and to the extent that you submit your travel voucher to us as part of one of our partnerships with a travel agency, we shall also receive data required to check for fraud from the travel agency in order to validate your voucher.
We have ensured that this data is transmitted securely with adequate protection and solely used to check the travel voucher submitted to us by you. The legal bases for this processing are stipulated in Section 2.
If your personal data is processed, you are regarded as the data subject in accordance with the GDPR and you are granted the following rights:
1. Right of access
You are entitled to seek confirmation from the controller regarding which personal data pertaining to you it processes.
If your data is processed in this manner, you reserve the right to obtain the following information from the controller: You are entitled to seek information on whether personal data concerning you is transferred to a third country or international organisation. In this context, you can also demand that appropriate safeguards are provided in relation to the transfer of your data as per Art. 46 GDPR. This right to information may be limited in cases where it is likely to render impossible or seriously hinder the accomplishment of the respective research or statistical purposes and this restriction is necessary to fulfil research or statistical purposes.
1. The purposes for which personal data may be processed;
2. The categories of personal data that have been processed;
3. The recipients or categories of recipients to whom your personal data is or will be disclosed;
4. The planned storage duration for your personal data or, if it isn’t possible to provide specific information on the storage duration, the criteria used to determine the storage duration;
5. The existence of a right to rectify or erase the corresponding personal data, to restrict processing by the data controller or to object to this processing;
6. The existence of the right to lodge a complaint with a supervisory authority;
7. All available information on the origin of the data if personal data was not collected from the data subject;
8. The existence of automated decision-marking, incl. profiling, in accordance with Art. 22 (1) and (4) GDPR and, at least in the following cases, information on the implicated reasoning, scope and intended impact of this processing for the data subject..
2.Right to rectify
You have the right to obtain from the controller without undue delay the rectification and/or completion of inaccurate or incomplete personal data concerning you. The controller must rectify your personal data without undue delay.
Your right to rectification may be limited in cases where it is likely to render impossible or seriously hinder the accomplishment of the respective research or statistical purposes and this restriction is necessary to fulfil research or statistical purposes.
3.Right to restrict data processing
You have the right to obtain from the controller restriction of processing where one of the following applies:
1. The accuracy of the personal data is contested by you, for a period enabling the controller to verify the accuracy of the personal data;
2. The processing is unlawful and you object to the erasure of personal data and instead request the restriction of their use;
3. The controller no longer requires the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims;
4. If you have objected to processing pursuant to Art. 21(1) GDPR pending the verification whether the legitimate grounds of the controller override yours.
If the processing of your personal data is restricted, this data- apart from its storage – may only be processed with your consent or for the purpose of asserting, exercising or defending legal claims, or protecting the rights of another natural person or legal entity, or for reasons of an important public interest of the European Union or a Member State.
If you have obtained restriction of processing pursuant to the above terms, you shall be informed by the controller before the restriction of processing is lifted.
Your right to restrict processing may be limited in cases where it is likely to render impossible or seriously hinder the accomplishment of the respective research or statistical purposes and this restriction is necessary to fulfil research or statistical purposes.
4. Right to erasure
a) Obligation to erase personal data
You have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
1. The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
2. You withdraw the consent on which processing is based in accordance with Art. 6(1) lit. a GDPR or Art. 9(2) lit. a GDPR and there is no other legal basis for processing.
3. You object to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21(2) GDPR;
4. The personal data have been unlawfully processed;
5. The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
6. The personal data have been collected in relation to the offer of information society services referred to in Art. 8(1) GDPR.
b) Disclosures to third parties
Where the controller has made the personal data public and is obliged pursuant to Art. 17(1)1 GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
c) Exceptions
The right to erasure shall not apply to the extent that processing is necessary:
7. For exercising the right of freedom of expression and information;
8. For compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
9. For reasons of public interest in the area of public health in accordance with points (h) and (i) of Art. 9(2) as well as Art. 9(3) GDPR;
10. for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89(1) GDPR in so far as the right referred to in paragraph a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
11. for the establishment, exercise or defence of legal claims.
5. Right to instruction
If you have asserted your right to rectify, erasure or restrict processing against the controller,
it shall be obligated to inform all recipients to whom your personal data was disclosed of this rectification or erasure of the data or the restriction to processing, unless it can prove that this would be impossible or entail a disproportionate amount of work. You remain entitled to request the identity of these recipients at all times from the controller.
6. Right to data portability
You have the right to receive the personal data concerning you, which you have provided to a controller, in a structured, commonly used and machine-readable format You also have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:
1. The processing is based on consent pursuant to point (a) of Art. 6(1) GDPR or point (a) of Art. 9(2) GDPR or on a contract pursuant to point (b) of Art. 6(1) GDPR; and
2. The processing is carried out by automated means.
In exercising your right to data portability pursuant to the above clause, you shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible. This right must not adversely affect the rights and freedoms of others.
The right to data portability shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. Right to object to processing
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Art. 6(1) GDPR, including profiling based on those provisions. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.Where personal data are processed for direct marketing purposes, you shall have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. Where you object to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes. In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications. Where personal data are processed for scientific or historical research purposes or statistical purposes pursuant to Article 89(1), you, on grounds relating to your particular situation, shall have the right to object to processing of personal data concerning you, unless the processing is necessary for the performance of a task carried out for reasons of public interest. Your right to object to processing may be limited in cases where it is likely to render impossible or seriously hinder the accomplishment of the respective research or statistical purposes and this restriction is necessary to fulfill research or statistical purposes.
8.Right to withdraw consent granted in accordance with data protection provisions
You have the right to withdraw your consent at any time The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
9. Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This shall not apply if the decision: is necessary for entering into, or performance of, a contract between you and the data controller;
1.is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
2.is based on your explicit consent. However, decisions shall not be based on special categories of personal data referred to in Art. 9(1) GDPR, unless point (a) or (g) of Art. 9(2) GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place. In the cases referred to in clauses 1 and 3, the controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.
10. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78.GDPR
1. Description and scope of the data processing
Each time you visit our website, our system automatically collects data and information from the computer system of the visiting device. The following data is collected:
o Information on the browser type and used version
o The user’s operating system
o The user’s IP address
o Date and time of the visit
o Websites the user’s system accessed our website from
This data is stored in the log files for our system. It is not stored together with any other personal data from the user.
2. Purpose of the data processing
Temporary storage of the user’s IP address by our system is necessary in order to display the website on the user’s device. The user’s IP address will need to be stored for the duration of the session for this purpose. The relevant data is stored in log files to ensure the functionality of the website. In addition, we use this data to optimise our website and maintain the security of our IT systems. Data is not analysed for marketing purposes in relation to this processing. We process this data on the basis of our legitimate interest in processing as per Art. 6(1)(1) lit f GDPR.
3. Legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6(1)(1) lit. f GDPR.
4. Storage duration
Your data is erased as soon as it is no longer required for the purpose for which it was collected. In cases where your data is collected in order to display the website, this will occur once the respective session ends. Where data is stored in log files, it will be erased within 7 days. Extended storage is possible for a number of reasons. In this case, the IP addresses of the user be deleted or edited so they can no longer be assigned to the user’s computer.
5. Right to object and be forgotten
We need to collect data in order to provide the website and store the data in log files for website operation. As follows, users are not entitled to object hereto.
1. Description and scope of the data processing
We use cookies on our website. Cookies are small text files stored in or by the browser on the user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookies contains a character string, which enables us to recognise the user when they next visit our website. We use cookies to make our website easier to use. Certain elements of our website require identification of the accessing browser when it visits a new page.Furthermore, we also use cookies that allow us to analyse the user’s surfing behaviour on our website.
The following data may be transmitted in relation hereto:
o Entered search terms
o Site visit frequency
Technical measures are used to pseudonymise user data collected in this manner. As such, it is not possible to assign the data to the accessing user. This data is not stored together with other personal data from the user. When the user first opens our website, they will receive information on the use of cookies for analytical purposes and their consent will be obtained for the processing of personal data in this manner. They will also be referred to this Privacy Notice. The user’s consent is obtained using a tool XXXXXXXXX???. Accordingly, the request for consent takes place in compliance with recent consent requirements (Judgment of the European Court (Grand Chamber) from 01/10/2019 – C-673/17).
2. Purpose of the data processing
We use technically necessary cookies to make our website easier to use. Certain features on our website will not work without the use of cookies. They need to be able to recognise the user’s browser when the user changes page. We require cookies for the following applications:
o Saving search terms
User data collected by technically necessary cookies are not used to create user profiles. We use analysis cookies to improve our website and its content. Analysis cookies provide us with information on how our website is used, helping us continuously optimise our services. Analysing user behaviour. We process this personal data concerning you on the basis of our legitimate interest in processing as per Art. 6(1)(1) lit f GDPR.
3. Legal basis for data processing
The legal basis for the processing of personal data due to the use of technically necessary cookies is Art. 6(1)(1) lit. f GDPR. The legal basis for the processing of personal data due to the use of cookies for analysis purposes where the user’s consent has been granted is Art. 6(1)(1) lit. a GDPR.
4. Retention period, right to object and be forgotten Cookies are stored on the user’s device, which transmits them to our website. As such, you, as the user, are granted full control over the use of cookies. You can deactivate or limit the use of cookies by changing your browser settings. Cookies that have previously been stored can be deleted at any time. This may also take place automatically. If cookies are deactivated for our website, you may find that certain features will not work properly. Cookies will be automatically deleted after 7 days if you use Safari version 12.1 or newer. This also pertains to opt-out cookies set to prevent tracking.
1. Description and scope of the data processing
Our website features a contact form that can be used to contact us electronically. If a user opts to contact us in this way, all data entered in the input mask will be transmitted to us and stored. The following data are stored at the time the message is sent:
o Email address
o Company name
o Surname
o First name
o Phone number
o Date and time of the message
We shall obtain your consent for the processing of your data during the sending process and draw your attention to this Privacy Notice. You can also contact us using the provided email address. In this case, personal data disclosed with the email will be stored. This information is solely used for processing the conversation.
2. Purpose of the data processing
Personal data entered into the input mask will only be processed by us to facilitate communication. Contact that is established by email constitutes a necessary legitimate interest for the processing of data. Other personal data processed when the form is submitted aims to prevent the misuse of the contact form and ensure the security of our IT systems.
3. Legal basis for data processing
The legal basis for the data processing is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
The legal basis for processing data transmitted via email is Art. 6(1)(1) lit. f GDPR. If an email concerns the conclusion of a contract, an additional legal basis for the processing is Art. 6(1)(1) lit. b GDPR.
4. Storage duration
Your data is erased as soon as it is no longer required for the purpose for which it was collected. This is deemed the case for personal data collected from the input mask on the contact form or by email when the respective conversation with the user ends. The conversation is considered over when the circumstances surrounding the matter in question have been conclusively resolved. Any additional personal data collected when the form was submitted will be deleted after a period of seven days at the latest.
5. Right to object and be forgotten
Users can revoke their consent to the processing of their personal data at any time. If the user contacts us by email, they reserve the right to object to the storage of their personal data at any time. The conversation cannot be continued in the above cases. All personal data stored in relation to the user contacting us shall be deleted in this case.
1. Description and scope of the data processing
Our website features a contact form that can be used to contact us electronically. If a user opts to contact us in this way, all data entered in the input mask will be transmitted to us and stored. The following data are stored at the time the message is sent:
o Email address
o Company name
o Surname
o First name
o Phone number
o Date and time of the message
We shall obtain your consent for the processing of your data during the sending process and draw your attention to this Privacy Notice. You can also contact us using the provided email address. In this case, personal data disclosed with the email will be stored. This information is solely used for processing the conversation.
2. Purpose of the data processing
Personal data entered into the input mask will only be processed by us to facilitate communication. Contact that is established by email constitutes a necessary legitimate interest for the processing of data. Other personal data processed when the form is submitted aims to prevent the misuse of the contact form and ensure the security of our IT systems.
3. Legal basis for data processing
The legal basis for the data processing is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
The legal basis for processing data transmitted via email is Art. 6(1)(1) lit. f GDPR. If an email concerns the conclusion of a contract, an additional legal basis for the processing is Art. 6(1)(1) lit. b GDPR.
4. Storage duration
Your data is erased as soon as it is no longer required for the purpose for which it was collected. This is deemed the case for personal data collected from the input mask on the contact form or by email when the respective conversation with the user ends. The conversation is considered over when the circumstances surrounding the matter in question have been conclusively resolved. Any additional personal data collected when the form was submitted will be deleted after a period of seven days at the latest.
5. Right to object and be forgotten
Users can revoke their consent to the processing of their personal data at any time. If the user contacts us by email, they reserve the right to object to the storage of their personal data at any time. The conversation cannot be continued in the above cases. All personal data stored in relation to the user contacting us shall be deleted in this case.
The use of company pages on social networks
1. Instagram:
Instagram, Part of Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2 Ireland
We provide information on our company profile and give Instagram users the opportunity to get in touch. If you perform an action (commenting, posting, likes, etc.) on our company Instagram profile, your personal data may enter the public domain as a result (real name or photo of your user profile). However, as we generally have no influence on the processing of your personal data by the company with whom TeMeno GmbH shares responsibility for the company profile, namely Instagram, we are unable to provide binding information on the purposes and scope to which your data is processed.
We use our company presence on social networks to communicate and provide information to (potential) customers. In particular, we use our company pages:
to inform customers about our services
Posts published on our company pages may include the following content:
o Information on products
o Information on services
o Advertising
In this sense, the user is free to publish their own personal data by performing actions on social media sites. The legal basis for data processing in this regard in Art. 6(1)(1) GDPR. Data generated by our company pages is not stored on our systems.
Instagram is a signatory and certified by according to the EU-U.S. Privacy Shield. According to which, Instagram is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
You reserve the right to object to the processing of your data we collect in relation to your use of our Instagram page at any time and assert the data subject rights to which you are entitled, as stipulated in Section IV of this Privacy Notice. To do so, all you need to do is send us an informal notification by email (info@temeno.de).You can find more information on how your personal data is processed by Instagram and your options to object to this processing at:
Instagram: https://help.instagram.com/519522125107875
2. Twitter:
Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103 U.S.A.
We provide information on our company profile and give Twitter users the opportunity to get in touch.
If you perform an action (commenting, posting, likes, etc.) on our company Twitter page, your personal data may enter the public domain as a result (real name or photo of your user profile). However, as we generally have no influence on the processing of your personal data by the company with whom TeMeno GmbH shares responsibility for the company profile, namely Twitter, we are unable to provide binding information on the purposes and scope to which your data is processed.
We use our company presence on social networks to communicate and provide information to (potential) customers. In particular, we use our company pages:
to inform customers about our services
Posts published on our company pages may include the following content:
o Information on products
o Information on services
o Advertising
In this sense, the user is free to publish their own personal data by performing actions on social media sites. The legal basis for data processing in this regard in Art. 6(1)(1) GDPR. Data generated by our company pages is not stored on our systems. Twitter a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Twitter is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active
You reserve the right to object to the processing of your data we collect in relation to your use of our Twitter page at any time and assert the data subject rights to which you are entitled, as stipulated in Section IV of this Privacy Notice. To do so, all you need to do is send us an informal notification by email (info@temeno.de).You can find more information on how your personal data is processed by Twitter and your options to object to this processing at:
Twitter: https://twitter.com/en/privacy
3. Facebook:
Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2 Ireland
We provide information on our company profile and give Facebook users the opportunity to get in touch. If you perform an action (commenting, posting, likes, etc.) on our company Facebook profile, your personal data may enter the public domain as a result (real name or photo of your user profile). However, as we generally have no influence on the processing of your personal data by the company with whom TeMeno GmbH shares responsibility for the company profile, namely Facebook, we are unable to provide binding information on the purposes and scope to which your data is processed. We use our company presence on social networks to communicate and provide information to (potential) customers. In particular, we use our company pages: to inform customers about our services
Posts published on our company pages may include the following content:
o Information on products
o Information on services
o Advertising
In this sense, the user is free to publish their own personal data by performing actions on social media sites. The legal basis for data processing in this regard in Art. 6(1)(1) GDPR. Data generated by our company pages is not stored on our systems. Facebook a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Facebook is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
You reserve the right to object to the processing of your data we collect in relation to your use of our Facebook page at any time and assert the data subject rights to which you are entitled, as stipulated in Section IV of this Privacy Notice. To do so, all you need to do is send us an informal notification by email (info@temeno.de).You can find more information on how Facebook processes your personal data and your options to object to this processing at:
Facebook: https://www.facebook.com/privacy/explanation
4. LinkedIn:
LinkedIn Ireland Unlimited Company, Attn: Legal Dept. (Privacy Policy and User Agreement), Wilton Plaza, Wilton Place, Dublin 2, Ireland
We provide information on our company profile and give LinkedIn users the opportunity to get in touch. If you perform an action (commenting, posting, likes, etc.) on our company LinkedIn profile, your personal data may enter the public domain as a result (real name or photo of your user profile). However, as we generally have no influence on the processing of your personal data by the company with whom TeMeno GmbH shares responsibility for the company profile, namely LinkedIn, we are unable to provide binding information on the purposes and scope to which your data is processed.
We use our company presence on social networks to communicate and provide information to (potential) customers. In particular, we use our company pages: to inform customers about our services.
Posts published on our company pages may include the following content:
o Information on products
o Information on services
o Advertising
In this sense, the user is free to publish their own personal data by performing actions on social media sites. The legal basis for data processing in this regard in Art. 6(1)(1) GDPR. Data generated by our company pages is not stored on our systems. LinkedIn a signatory and certified according to the EU-U.S. Privacy Shield. According to which, LinkedIn is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active
You reserve the right to object to the processing of your data we collect in relation to your use of our LinkedIn page at any time and assert the data subject rights to which you are entitled, as stipulated in Section IV of this Privacy Notice. To do so, all you need to do is send us an informal notification by email (info@temeno.de).You can find more information on how your personal data is processed by LinkedIn and your options to object to this processing at:
LinkedIn: https://www.linkedin.com/legal/privacy-policy?trk=homepage- basic_footer-privacy-policy
We use plugins for a range of purposes. The plugins used on our website are listed below:
Facebook Pixel
1. Scope of the processing of personal data
We use Facebook Pixel on our website, a plugin provided by Facebook Inc., 1601 S.
California Ave, Palo Alto, CA 94304, USA and its EU representatives at Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland (hereinafter referred to as Facebook). Using this plugin allows us to track the actions of users who have viewed or clicked on a Facebook ad. As a result, personal data may be stored or analysed, particularly data pertaining to the user’s activity (particularly which sites the user visited and which elements they clicked on), device and browser information (particularly IP address and operating system), data on the displayed ads (particularly which ads were displayed and whether the user clicked on them) along with data from ad partners (particularly pseudonymised user IDs). This allows us to determine the effectiveness of Facebook ads for statistical and marketing purposes.
The above processing may mean that data is transferred to Facebook servers located in the U.S. Facebook a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Facebook is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active. Data collected in this way is anonymous for us, meaning we are not able to view the personal data of individual users. However, this data will be stored and processed by Facebook. Facebook may link this data to your Facebook account and use it for its marketing purposes according to the Facebook data use policy.
You can learn more about how Facebook processes data at: https://de-de.facebook.com/policy.php
2. Purpose of the data processing
We use the Facebook Pixel to analyse and optimise advertising measures.
3. The legal basis for processing personal data
The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Storage duration
Your personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law, e.g. for tax and accounting purposes.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You can prevent Facebook from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function in a supported browser, deactivate the execution of script code in your browser, or install a script blocked such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can learn more about your right to object and be forgotten by Facebook at:
https://de-de.facebook.com/policy.php
Use of Google Analytics
1. Scope of the processing of personal data
We use Google Analytics, a web analysis service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its EU representatives at Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). Google Analytics checks the origin of visitors, the time they spend on individual pages and the use of search engines along with other aspects, enabling it to improve the success rate of ad campaigns. Google places a cookie on your computer for this purpose. As a result, personal data may be stored or analysed, particularly data pertaining to the user’s activity (particularly which sites the user visited and which elements they clicked on), device and browser information (particularly IP address and operating system), data on the displayed ads (particularly which ads were displayed and whether the user clicked on them) along with data from ad partners (particularly pseudonymised user IDs). The information generated by the cookie about your use of this website will be transmitted to a Google server in the USA and stored there. If IP anonymisation is enabled, your IP address will be truncated by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will your full IP address sent to a Google server in the USA and shortened there.
Google is a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Google is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active IP anonymisation has been enabled on this website. Google will use this information to analyse your use of this website, compile reports on your activities on the website and perform additional services related to the use of the website and internet usage for the website operator on behalf of the website operator. The IP address transmitted by your browser within the scope of Google Analytics is not merged with other data from Google. You can object to the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of this website.
You can learn more about how Google processes data at: https://policies.google.com/privacy?gl=DE&hl=de
2. Purpose of processing This personal data is processed in order to address a target audience that has already shown initial interest by visiting our website in a targeted manner.
3. The legal basis for processing personal data The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Storage duration
Your personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law. According to information provided by Google, ad data is anonymised in server logs, as part of the IP address and cookie information are deleted after 9 and 18 months respectively.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You can prevent Google from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function in a supported browser, deactivate the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Furthermore, you can prevent Google’s collection and use of data generated by cookies relating to your use of the website (incl. your IP address) and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
Click on the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de
You can learn more about your right to object and be forgotten by Google at:
https://policies.google.com/privacy?gl=DE&hl=de
Google Tag Manager
1. Scope of the processing of personal data We use Google Tag Manager
(https://www.google.com/intl/de/tagmanager/) , a service provided by Google LLC, 1600 Amphitheatre
Parkway, Mountain View, CA 94043, USA and its EU representatives at Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). Google Tag Manager manages tags for services provided by Google or third-party providers and allows them to be embedded together on a website. Tags are small code elements on a website that measure visitor numbers and behaviour, record the impact of online ads and social channels, permit remarketing and the targeting of certain groups, and allow us to test and optimise our website. If a user visits our website, the current tag configuration will be sent to the user’s website. This contains instructions on which tags should be activated. Google Tag Manager also activates other tags that may collect data under certain circumstances. You can find more information on this processing on the sections on the application of the relevant service in this Privacy Notice.
Google Tag Manager is not able to access this data.
The above processing may mean that data is transferred to Google servers located in the U.S. Google is a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Google is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active You can learn more about Google Tag Manager at https://www.google.com/intl/de/tagmanager/faq.html and in the Google privacy policy: https://policies.google.com/privacy?hl=de
2. Purpose of the data processing
This personal data is processed in order to facilitate collective and clear tag management and the efficient inclusion of third-party services.
3. The legal basis for processing personal data
The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Storage duration
Your personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law. According to information provided by Google, ad data is anonymised in server logs, as part of the IP address and cookie information are deleted after 9 and 18 months respectively.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You can prevent Google from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function in a supported browser, deactivate the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Furthermore, you can prevent Google’s collection and use of data generated by cookies relating to your use of the website (incl. your IP address) and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
Click on the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de
You can learn more about your right to object and be forgotten by Google at:
https://policies.google.com/privacy?gl=DE&hl=de
Hotjar
1.Scope of the processing of personal data
We use the web analysis service Hotjar, provided by Hotjar Ltd., Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta (hereinafter referred to as: Hotjar). Among other features, Hotjar uses cookies, i.e. small text files that are stored by your browser on your device, which permit us to analyse the use of our website. As a result, personal data may be stored or analysed, particularly data pertaining to the user’s activity (particularly which sites the user visited and which elements they clicked on), device and browser information (particularly IP address and operating system), and a tracking code (particularly pseudonymised user ID). Data collected in this manner is transferred by Hotjar to a service in Ireland and stored there in anonymised form.
You can find more information on how Hotjar processes your data at: https://www.hotjar.com/legal/policies/privacy
2. Purpose of the data processing
We use Hotjar to gain a better understanding of our user’s requirements and optimise our website.
3. The legal basis for processing personal data
The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Storage duration
Your personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You can prevent Hotjar from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function in a supported browser, deactivate the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Click on the following link to deactivate the use of your personal data by Hotjar: https://www.hotjar.com/legal/compliance/opt-out
You can learn more about your right to object and be forgotten by Hotjar at:
https://www.hotjar.com/legal/policies/privacy
1. Scope of the processing of personal data
We use the analysis tool Twitter Analytics, a service provided by Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA (hereinafter referred to as Twitter). Twitter Analytics enables us to measure interactions with Twitter users, learn more about our followers’ interests, locations and origin, and track how our Twitter Cards result in clicks, app installations and retweets. This requires processing of the following data: As a result of the above processing, data is transferred to servers operated by Twitter in the U.S. Twitter a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Twitter is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active You can find more information on how Twitter processes your data at:
https://twitter.com/de/privacy
o IP address (anonymised)
o Browser type
o Referrer/exit sites
o Operating system
o Time and date of the visit
o Clickstream data
o Views
o Clicks
o Twitter account data
2. Purpose of the data processing
Processing personal data through Twitter Analytics allows us to conduct an analysis performance of our ads on Twitter and user interactions on Twitter. Analysing the obtained data allows us to compile information on the use of individual components of our website. This helps us continuously improve our ad campaigns and increase user friendliness in this context.
3. The legal basis for processing personal data
The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Retention period Personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You can prevent Twitter from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function in a supported browser, deactivate the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Click on the following link to deactivate the use of your personal data by Twitter:
https://twitter.com/personalization
You can learn more about your right to object and be forgotten by Twitter at:
https://twitter.com/de/privacy Google
AdWords
1. Scope of the processing of personal data
We use Google AdWords, a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its EU representatives at Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). This service allows us to place ads. Google places a cookie on your computer for this purpose. As a result, personal data may be stored or analysed, particularly data pertaining to the user’s activity (particularly which sites the user visited and which elements they clicked on), device and browser information (particularly IP address and operating system), data on the displayed ads (particularly which ads were displayed and whether the user clicked on them) along with data from ad partners (particularly pseudonymised user IDs).
The above processing may mean that data is transferred to Google servers located in the U.S. Google is a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Google is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active You can find more information on how Google processes your data at: https://policies.google.com/privacy?gl=DE&hl=de
2. Purpose of the data processing
We only receive information on the entire number of users who have reacted to our ads. We do not receive any information that we could use to identify you personally. We do not use this data for tracking purposes.
3. The legal basis for processing personal data
The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Retention period Personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law, e.g. for tax and accounting purposes.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You can prevent Google from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function
in a supported browser, deactivate the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Click on the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de
You can learn more about your right to object and be forgotten by Google at:
https://policies.google.com/privacy?gl=DE&hl=de
Google Ads Remarketing
1. Scope of the processing of personal data
We use Google Ads Remarketing, a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its EU representatives at Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). Google Remarketing is used to retarget visitors to the website for advertising purposes through Google Ads. Target groups (‘similar target groups’), e.g. those that have visited certain sites, can be created using Google Ads Remarketing. This allows us to identify users on other websites and display targeted ads. Google places a cookie on the user’s computer for this purpose. As a result, personal data may be stored or analysed, particularly data pertaining to the user’s activity (particularly which sites the user visited and which elements they clicked on), device and browser information (particularly IP address and operating system), data on the displayed ads (particularly which ads were displayed and whether the user clicked on them) along with data from ad partners (particularly pseudonymised user IDs). The above processing may mean that data is transferred to Google servers located in the U.S. Google is a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Google is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active You can find more information on how Google processes your data at: https://policies.google.com/privacy?gl=DE&hl=de
2. Purpose of the data processing
This processing of personal data takes place in order to address a target group in a targeted manner. Cookies stored on the user’s end device recognise the user when they visit a website and can therefore display personalised ads.
3. The legal basis for processing personal data
The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Storage duration
Your personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law, e.g. for tax and accounting purposes.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You can prevent Google from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function in a supported browser, deactivate the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Furthermore, you can prevent Google’s collection and use of data generated by cookies relating to your use of the website (incl. your IP address) and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
Click on the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de
You can learn more about your right to object and be forgotten by Google at:
https://policies.google.com/privacy?gl=DE&hl=de
Use of the Google Marketing platform
1. Scope of the processing of personal data
We use the marketing platform provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its EU representatives at Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). Google places a cookie on your computer for this purpose. As a result, personal data may be stored or analysed, particularly data pertaining to the user’s activity (particularly which sites the user visited and which elements they clicked on), device and browser information (particularly IP address and operating system), data on the displayed ads (particularly which ads were displayed and whether the user clicked on them) along with data from ad partners (particularly pseudonymised user IDs).
Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server.
The above processing may mean that data is transferred to Google servers located in the U.S. Google is a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Google is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active We have no influence on the extent and further processing of data collected by Google through the use of this tool and will inform your corresponding of our knowledge in this regard. If you have an account for a Google service, Google may allocate your visit to your account. Even if you do not have an account with Google or are not logged in, the provider may still be able to find out and store your IP address.
You can learn more about how Google processes data at: https://policies.google.com/privacy?gl=DE&hl=de
2. Purpose of the data processing
We use the Google marketing platform to display relevant ads to our users, improve reports for advertising performance or to avoid displaying the same ads to users multiple times.
3. The legal basis for processing personal data
The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Storage duration
The Google marketing platform stores your data until the purpose for which it was collected is fulfilled. The maximum retention period is 18 months.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You can prevent Google from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function in a supported browser, deactivate the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Click on the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de
You can learn more about your right to object and be forgotten by Google at:
https://policies.google.com/privacy?gl=DE&hl=de
Google ReCaptcha
1. Scope of the processing of personal data
We use Google ReCaptcha, a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its EU representatives at Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland. This tool checks whether data entry is compliant and not performed by a bot. In addition, Google ReCaptcha analyses and authenticates the surfing behaviour of websites users in relation to various characteristics. As a result, personal data may be stored or analysed, particularly data pertaining to the user’s activity (particularly mouse movements and which elements they clicked on), device and browser information (particularly the time of the visit, IP address and operating system).
The above processing may mean that data is transferred to Google servers located in the U.S. Google is a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Google is required to comply with the standards and provisions of European data protection regulations. You can find more by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active Data is not merged with other data collected or processed in relation with parallel use of authenticated Google Services such as Gmail.
You can learn more about how Google processes data at: https://policies.google.com/privacy?gl=DE&hl=de
2. Purpose of the data processing
We use Google ReCaptcha to prevent misuse of our website.
3. The legal basis for processing personal data
The legal basis for this processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR. In this case, our legitimate interest lies in the purposes of processing specified under clause 2.
4. Storage duration
Your personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law, e.g. for tax and accounting purposes.
5. Right to object and be forgotten
You can prevent Google from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function in a supported browser, deactivate the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Click on the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de
You can learn more about your right to object and be forgotten by Google at:
https://policies.google.com/privacy?gl=DE&hl=de
MailChimp
1. Scope of the processing of personal data
We use MailChimp, a service provided by The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318, USA (hereinafter referred to as MailChimp) to send our newsletter. MailChimp is an e-mail marketing provider and enables us to communicate directly with potential customers through email newsletters. If you subscribe to the newsletter, the data you entered when signing up to the newsletter will be transferred to and stored by MailChimp. As a result, other personal data may be stored or analysed, particularly data pertaining to the user’s activity (particularly which sites the user visited and which elements they clicked on), and device and browser information (particularly IP address and operating system).
The above processing may mean that data is transferred to MailChimp servers located in the U.S. MailChimp is a signatory and certified according to the EU-U.S. Privacy Shield. According to which, MailChimp is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active MailChimp will also store your data. Your data will not be transferred to third parties in relation to the newsletter and MailChimp does not receive any right to transfer your data. Once you’ve registered, MailChimp will send you an email to confirm your registration. Furthermore, MailChimp offers various analysis options regarded how sent newsletters are opened and used, e.g. how many users an email was sent to, whether emails were dismissed and whether users subscribed after receiving an email.
You can learn more about how MailChimp processes data at:
https://MailChimp.com/legal/privacy/
2. Purpose of the data processing
Personal data collected when you register for the newsletter are solely used to send our newsletter, invite you to events and, if you are already a customer, send customer emails. Furthermore, newsletter subscribers can receive email notifications to the extent that this is required for the operation of the newsletter service or associated registration, as may be the case in the event of changes to the newsletter services or technical conditions.
3. The legal basis for processing personal data
The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Storage duration
Your personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law. In addition, you can also contact MailChimp to demand the erasure of your data.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You reserve the right to withdraw your consent to the storage or use of your data by MailChimp to send the data. You can send your withdrawal to MailChimp at any time by email or by clicking on the link provided in every newsletter.
You can learn more about your right to object and be forgotten by MailChimp at:
https://MailChimp.com/legal/privacy/
Version: 24/02/2021
The data controller as per the European General Data Protection Regulation (“EU GDPR”), other applicable national data protection regulations valid in the member states and other data protection provisions is:
TeMeno GmbH Breite Straße 10
40670 Meerbusch
+49 (0) 0211 – 97 26 91 90
info@temeno.de
temeno.de
If you have any questions or suggestions regarding data protection, feel free to contact us at any time at info@temeno.de
1. Scope of the processing of personal data
We solely process the personal data of our users where required to provide a functioning website along with our content and services. We process the personal data of our users on a regular basis solely after obtaining consent from the user. In an exception to the above rule, we do not require the data subject’s consent if we are unable to obtain it in advance for practical reasons and we need to process your data due to statutory requirements.
2. The legal basis for processing personal data
If we obtain the data subject’s consent in order to process personal data, this takes place on the legal basis of Art. 6(1)(1) lit. a GDPR.
In cases where we process personal data to perform a contract to which the data subject is party, this takes place on the legal basis of Art. 6(1)(1) lit. b GDPR. The same applies to processing required to take steps at the request of the data subject prior to entering into a contract.
If we need to process personal data to fulfil a legal requirement to which our company is subject, this takes place on the legal basis of Art. 6(1)(1) lit. c GDPR.
In the event that processing is necessary in order to protect the vital interests of the data subject or of another natural person, this takes place on the legal basis of Art. 6(1)(1) lit. d GDPR.
Where processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, this takes place on the legal basis of Art. 6(1)(1) lit. f GDPR.
3. Data erasure and retention period
The data subject’s personal data shall be erased or blocked from further processing once the purpose for which the data was stored ceases to exist. The personal data may be stored for a longer period where required by Union directives, laws or other provisions enacted by the European or national legislator to which the controller is subject. Data shall also be blocked from further processing or erased upon completion of the retention period prescribed by the aforementioned standards where continued storage of the data is not required to conclude or perform a contract.
4. If and to the extent that you submit your travel voucher to us as part of one of our partnerships with a travel agency, we shall also receive data required to check for fraud from the travel agency in order to validate your voucher.
We have ensured that this data is transmitted securely with adequate protection and solely used to check the travel voucher submitted to us by you. The legal bases for this processing are stipulated in Section 2.
If your personal data is processed, you are regarded as the data subject in accordance with the GDPR and you are granted the following rights:
1. Right of access
You are entitled to seek confirmation from the controller regarding which personal data pertaining to you it processes.
If your data is processed in this manner, you reserve the right to obtain the following information from the controller: You are entitled to seek information on whether personal data concerning you is transferred to a third country or international organisation. In this context, you can also demand that appropriate safeguards are provided in relation to the transfer of your data as per Art. 46 GDPR. This right to information may be limited in cases where it is likely to render impossible or seriously hinder the accomplishment of the respective research or statistical purposes and this restriction is necessary to fulfil research or statistical purposes.
1. The purposes for which personal data may be processed;
2. The categories of personal data that have been processed;
3. The recipients or categories of recipients to whom your personal data is or will be disclosed;
4. The planned storage duration for your personal data or, if it isn’t possible to provide specific information on the storage duration, the criteria used to determine the storage duration;
5. The existence of a right to rectify or erase the corresponding personal data, to restrict processing by the data controller or to object to this processing;
6. The existence of the right to lodge a complaint with a supervisory authority;
7. All available information on the origin of the data if personal data was not collected from the data subject;
8. The existence of automated decision-marking, incl. profiling, in accordance with Art. 22 (1) and (4) GDPR and, at least in the following cases, information on the implicated reasoning, scope and intended impact of this processing for the data subject..
2.Right to rectify
You have the right to obtain from the controller without undue delay the rectification and/or completion of inaccurate or incomplete personal data concerning you. The controller must rectify your personal data without undue delay.
Your right to rectification may be limited in cases where it is likely to render impossible or seriously hinder the accomplishment of the respective research or statistical purposes and this restriction is necessary to fulfil research or statistical purposes.
3.Right to restrict data processing
You have the right to obtain from the controller restriction of processing where one of the following applies:
1. The accuracy of the personal data is contested by you, for a period enabling the controller to verify the accuracy of the personal data;
2. The processing is unlawful and you object to the erasure of personal data and instead request the restriction of their use;
3. The controller no longer requires the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims;
4. If you have objected to processing pursuant to Art. 21(1) GDPR pending the verification whether the legitimate grounds of the controller override yours.
If the processing of your personal data is restricted, this data- apart from its storage – may only be processed with your consent or for the purpose of asserting, exercising or defending legal claims, or protecting the rights of another natural person or legal entity, or for reasons of an important public interest of the European Union or a Member State.
If you have obtained restriction of processing pursuant to the above terms, you shall be informed by the controller before the restriction of processing is lifted.
Your right to restrict processing may be limited in cases where it is likely to render impossible or seriously hinder the accomplishment of the respective research or statistical purposes and this restriction is necessary to fulfil research or statistical purposes.
4. Right to erasure
a) Obligation to erase personal data
You have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
1. The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
2. You withdraw the consent on which processing is based in accordance with Art. 6(1) lit. a GDPR or Art. 9(2) lit. a GDPR and there is no other legal basis for processing.
3. You object to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21(2) GDPR;
4. The personal data have been unlawfully processed;
5. The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
6. The personal data have been collected in relation to the offer of information society services referred to in Art. 8(1) GDPR.
b) Disclosures to third parties
Where the controller has made the personal data public and is obliged pursuant to Art. 17(1)1 GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
c) Exceptions
The right to erasure shall not apply to the extent that processing is necessary:
7. For exercising the right of freedom of expression and information;
8. For compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
9. For reasons of public interest in the area of public health in accordance with points (h) and (i) of Art. 9(2) as well as Art. 9(3) GDPR;
10. for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89(1) GDPR in so far as the right referred to in paragraph a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
11. for the establishment, exercise or defence of legal claims.
5. Right to instruction
If you have asserted your right to rectify, erasure or restrict processing against the controller,
it shall be obligated to inform all recipients to whom your personal data was disclosed of this rectification or erasure of the data or the restriction to processing, unless it can prove that this would be impossible or entail a disproportionate amount of work. You remain entitled to request the identity of these recipients at all times from the controller.
6. Right to data portability
You have the right to receive the personal data concerning you, which you have provided to a controller, in a structured, commonly used and machine-readable format You also have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:
1. The processing is based on consent pursuant to point (a) of Art. 6(1) GDPR or point (a) of Art. 9(2) GDPR or on a contract pursuant to point (b) of Art. 6(1) GDPR; and
2. The processing is carried out by automated means.
In exercising your right to data portability pursuant to the above clause, you shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible. This right must not adversely affect the rights and freedoms of others.
The right to data portability shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. Right to object to processing
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Art. 6(1) GDPR, including profiling based on those provisions. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.Where personal data are processed for direct marketing purposes, you shall have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. Where you object to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes. In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications. Where personal data are processed for scientific or historical research purposes or statistical purposes pursuant to Article 89(1), you, on grounds relating to your particular situation, shall have the right to object to processing of personal data concerning you, unless the processing is necessary for the performance of a task carried out for reasons of public interest. Your right to object to processing may be limited in cases where it is likely to render impossible or seriously hinder the accomplishment of the respective research or statistical purposes and this restriction is necessary to fulfill research or statistical purposes.
8.Right to withdraw consent granted in accordance with data protection provisions
You have the right to withdraw your consent at any time The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
9. Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This shall not apply if the decision: is necessary for entering into, or performance of, a contract between you and the data controller;
1.is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
2.is based on your explicit consent. However, decisions shall not be based on special categories of personal data referred to in Art. 9(1) GDPR, unless point (a) or (g) of Art. 9(2) GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place. In the cases referred to in clauses 1 and 3, the controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.
10. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78.GDPR
1. Description and scope of the data processing
Each time you visit our website, our system automatically collects data and information from the computer system of the visiting device. The following data is collected:
o Information on the browser type and used version
o The user’s operating system
o The user’s IP address
o Date and time of the visit
o Websites the user’s system accessed our website from
This data is stored in the log files for our system. It is not stored together with any other personal data from the user.
2. Purpose of the data processing
Temporary storage of the user’s IP address by our system is necessary in order to display the website on the user’s device. The user’s IP address will need to be stored for the duration of the session for this purpose. The relevant data is stored in log files to ensure the functionality of the website. In addition, we use this data to optimise our website and maintain the security of our IT systems. Data is not analysed for marketing purposes in relation to this processing. We process this data on the basis of our legitimate interest in processing as per Art. 6(1)(1) lit f GDPR.
3. Legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6(1)(1) lit. f GDPR.
4. Storage duration
Your data is erased as soon as it is no longer required for the purpose for which it was collected. In cases where your data is collected in order to display the website, this will occur once the respective session ends. Where data is stored in log files, it will be erased within 7 days. Extended storage is possible for a number of reasons. In this case, the IP addresses of the user be deleted or edited so they can no longer be assigned to the user’s computer.
5. Right to object and be forgotten
We need to collect data in order to provide the website and store the data in log files for website operation. As follows, users are not entitled to object hereto.
1. Description and scope of the data processing
We use cookies on our website. Cookies are small text files stored in or by the browser on the user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookies contains a character string, which enables us to recognise the user when they next visit our website. We use cookies to make our website easier to use. Certain elements of our website require identification of the accessing browser when it visits a new page.Furthermore, we also use cookies that allow us to analyse the user’s surfing behaviour on our website.
The following data may be transmitted in relation hereto:
o Entered search terms
o Site visit frequency
Technical measures are used to pseudonymise user data collected in this manner. As such, it is not possible to assign the data to the accessing user. This data is not stored together with other personal data from the user. When the user first opens our website, they will receive information on the use of cookies for analytical purposes and their consent will be obtained for the processing of personal data in this manner. They will also be referred to this Privacy Notice. The user’s consent is obtained using a tool XXXXXXXXX???. Accordingly, the request for consent takes place in compliance with recent consent requirements (Judgment of the European Court (Grand Chamber) from 01/10/2019 – C-673/17).
2. Purpose of the data processing
We use technically necessary cookies to make our website easier to use. Certain features on our website will not work without the use of cookies. They need to be able to recognise the user’s browser when the user changes page. We require cookies for the following applications:
o Saving search terms
User data collected by technically necessary cookies are not used to create user profiles. We use analysis cookies to improve our website and its content. Analysis cookies provide us with information on how our website is used, helping us continuously optimise our services. Analysing user behaviour. We process this personal data concerning you on the basis of our legitimate interest in processing as per Art. 6(1)(1) lit f GDPR.
3. Legal basis for data processing
The legal basis for the processing of personal data due to the use of technically necessary cookies is Art. 6(1)(1) lit. f GDPR. The legal basis for the processing of personal data due to the use of cookies for analysis purposes where the user’s consent has been granted is Art. 6(1)(1) lit. a GDPR.
4. Retention period, right to object and be forgotten Cookies are stored on the user’s device, which transmits them to our website. As such, you, as the user, are granted full control over the use of cookies. You can deactivate or limit the use of cookies by changing your browser settings. Cookies that have previously been stored can be deleted at any time. This may also take place automatically. If cookies are deactivated for our website, you may find that certain features will not work properly. Cookies will be automatically deleted after 7 days if you use Safari version 12.1 or newer. This also pertains to opt-out cookies set to prevent tracking.
1. Description and scope of the data processing
Our website features a contact form that can be used to contact us electronically. If a user opts to contact us in this way, all data entered in the input mask will be transmitted to us and stored. The following data are stored at the time the message is sent:
o Email address
o Company name
o Surname
o First name
o Phone number
o Date and time of the message
We shall obtain your consent for the processing of your data during the sending process and draw your attention to this Privacy Notice. You can also contact us using the provided email address. In this case, personal data disclosed with the email will be stored. This information is solely used for processing the conversation.
2. Purpose of the data processing
Personal data entered into the input mask will only be processed by us to facilitate communication. Contact that is established by email constitutes a necessary legitimate interest for the processing of data. Other personal data processed when the form is submitted aims to prevent the misuse of the contact form and ensure the security of our IT systems.
3. Legal basis for data processing
The legal basis for the data processing is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
The legal basis for processing data transmitted via email is Art. 6(1)(1) lit. f GDPR. If an email concerns the conclusion of a contract, an additional legal basis for the processing is Art. 6(1)(1) lit. b GDPR.
4. Storage duration
Your data is erased as soon as it is no longer required for the purpose for which it was collected. This is deemed the case for personal data collected from the input mask on the contact form or by email when the respective conversation with the user ends. The conversation is considered over when the circumstances surrounding the matter in question have been conclusively resolved. Any additional personal data collected when the form was submitted will be deleted after a period of seven days at the latest.
5. Right to object and be forgotten
Users can revoke their consent to the processing of their personal data at any time. If the user contacts us by email, they reserve the right to object to the storage of their personal data at any time. The conversation cannot be continued in the above cases. All personal data stored in relation to the user contacting us shall be deleted in this case.
1. Description and scope of the data processing
Our website features a contact form that can be used to contact us electronically. If a user opts to contact us in this way, all data entered in the input mask will be transmitted to us and stored. The following data are stored at the time the message is sent:
o Email address
o Company name
o Surname
o First name
o Phone number
o Date and time of the message
We shall obtain your consent for the processing of your data during the sending process and draw your attention to this Privacy Notice. You can also contact us using the provided email address. In this case, personal data disclosed with the email will be stored. This information is solely used for processing the conversation.
2. Purpose of the data processing
Personal data entered into the input mask will only be processed by us to facilitate communication. Contact that is established by email constitutes a necessary legitimate interest for the processing of data. Other personal data processed when the form is submitted aims to prevent the misuse of the contact form and ensure the security of our IT systems.
3. Legal basis for data processing
The legal basis for the data processing is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
The legal basis for processing data transmitted via email is Art. 6(1)(1) lit. f GDPR. If an email concerns the conclusion of a contract, an additional legal basis for the processing is Art. 6(1)(1) lit. b GDPR.
4. Storage duration
Your data is erased as soon as it is no longer required for the purpose for which it was collected. This is deemed the case for personal data collected from the input mask on the contact form or by email when the respective conversation with the user ends. The conversation is considered over when the circumstances surrounding the matter in question have been conclusively resolved. Any additional personal data collected when the form was submitted will be deleted after a period of seven days at the latest.
5. Right to object and be forgotten
Users can revoke their consent to the processing of their personal data at any time. If the user contacts us by email, they reserve the right to object to the storage of their personal data at any time. The conversation cannot be continued in the above cases. All personal data stored in relation to the user contacting us shall be deleted in this case.
The use of company pages on social networks
1. Instagram:
Instagram, Part of Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2 Ireland
We provide information on our company profile and give Instagram users the opportunity to get in touch. If you perform an action (commenting, posting, likes, etc.) on our company Instagram profile, your personal data may enter the public domain as a result (real name or photo of your user profile). However, as we generally have no influence on the processing of your personal data by the company with whom TeMeno GmbH shares responsibility for the company profile, namely Instagram, we are unable to provide binding information on the purposes and scope to which your data is processed.
We use our company presence on social networks to communicate and provide information to (potential) customers. In particular, we use our company pages:
to inform customers about our services
Posts published on our company pages may include the following content:
o Information on products
o Information on services
o Advertising
In this sense, the user is free to publish their own personal data by performing actions on social media sites. The legal basis for data processing in this regard in Art. 6(1)(1) GDPR. Data generated by our company pages is not stored on our systems.
Instagram is a signatory and certified by according to the EU-U.S. Privacy Shield. According to which, Instagram is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
You reserve the right to object to the processing of your data we collect in relation to your use of our Instagram page at any time and assert the data subject rights to which you are entitled, as stipulated in Section IV of this Privacy Notice. To do so, all you need to do is send us an informal notification by email (info@temeno.de).You can find more information on how your personal data is processed by Instagram and your options to object to this processing at:
Instagram: https://help.instagram.com/519522125107875
2. Twitter:
Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103 U.S.A.
We provide information on our company profile and give Twitter users the opportunity to get in touch.
If you perform an action (commenting, posting, likes, etc.) on our company Twitter page, your personal data may enter the public domain as a result (real name or photo of your user profile). However, as we generally have no influence on the processing of your personal data by the company with whom TeMeno GmbH shares responsibility for the company profile, namely Twitter, we are unable to provide binding information on the purposes and scope to which your data is processed.
We use our company presence on social networks to communicate and provide information to (potential) customers. In particular, we use our company pages:
to inform customers about our services
Posts published on our company pages may include the following content:
o Information on products
o Information on services
o Advertising
In this sense, the user is free to publish their own personal data by performing actions on social media sites. The legal basis for data processing in this regard in Art. 6(1)(1) GDPR. Data generated by our company pages is not stored on our systems. Twitter a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Twitter is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active
You reserve the right to object to the processing of your data we collect in relation to your use of our Twitter page at any time and assert the data subject rights to which you are entitled, as stipulated in Section IV of this Privacy Notice. To do so, all you need to do is send us an informal notification by email (info@temeno.de).You can find more information on how your personal data is processed by Twitter and your options to object to this processing at:
Twitter: https://twitter.com/en/privacy
3. Facebook:
Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2 Ireland
We provide information on our company profile and give Facebook users the opportunity to get in touch. If you perform an action (commenting, posting, likes, etc.) on our company Facebook profile, your personal data may enter the public domain as a result (real name or photo of your user profile). However, as we generally have no influence on the processing of your personal data by the company with whom TeMeno GmbH shares responsibility for the company profile, namely Facebook, we are unable to provide binding information on the purposes and scope to which your data is processed. We use our company presence on social networks to communicate and provide information to (potential) customers. In particular, we use our company pages: to inform customers about our services
Posts published on our company pages may include the following content:
o Information on products
o Information on services
o Advertising
In this sense, the user is free to publish their own personal data by performing actions on social media sites. The legal basis for data processing in this regard in Art. 6(1)(1) GDPR. Data generated by our company pages is not stored on our systems. Facebook a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Facebook is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
You reserve the right to object to the processing of your data we collect in relation to your use of our Facebook page at any time and assert the data subject rights to which you are entitled, as stipulated in Section IV of this Privacy Notice. To do so, all you need to do is send us an informal notification by email (info@temeno.de).You can find more information on how Facebook processes your personal data and your options to object to this processing at:
Facebook: https://www.facebook.com/privacy/explanation
4. LinkedIn:
LinkedIn Ireland Unlimited Company, Attn: Legal Dept. (Privacy Policy and User Agreement), Wilton Plaza, Wilton Place, Dublin 2, Ireland
We provide information on our company profile and give LinkedIn users the opportunity to get in touch. If you perform an action (commenting, posting, likes, etc.) on our company LinkedIn profile, your personal data may enter the public domain as a result (real name or photo of your user profile). However, as we generally have no influence on the processing of your personal data by the company with whom TeMeno GmbH shares responsibility for the company profile, namely LinkedIn, we are unable to provide binding information on the purposes and scope to which your data is processed.
We use our company presence on social networks to communicate and provide information to (potential) customers. In particular, we use our company pages: to inform customers about our services.
Posts published on our company pages may include the following content:
o Information on products
o Information on services
o Advertising
In this sense, the user is free to publish their own personal data by performing actions on social media sites. The legal basis for data processing in this regard in Art. 6(1)(1) GDPR. Data generated by our company pages is not stored on our systems. LinkedIn a signatory and certified according to the EU-U.S. Privacy Shield. According to which, LinkedIn is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active
You reserve the right to object to the processing of your data we collect in relation to your use of our LinkedIn page at any time and assert the data subject rights to which you are entitled, as stipulated in Section IV of this Privacy Notice. To do so, all you need to do is send us an informal notification by email (info@temeno.de).You can find more information on how your personal data is processed by LinkedIn and your options to object to this processing at:
LinkedIn: https://www.linkedin.com/legal/privacy-policy?trk=homepage- basic_footer-privacy-policy
We use plugins for a range of purposes. The plugins used on our website are listed below:
Facebook Pixel
1. Scope of the processing of personal data
We use Facebook Pixel on our website, a plugin provided by Facebook Inc., 1601 S.
California Ave, Palo Alto, CA 94304, USA and its EU representatives at Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland (hereinafter referred to as Facebook). Using this plugin allows us to track the actions of users who have viewed or clicked on a Facebook ad. As a result, personal data may be stored or analysed, particularly data pertaining to the user’s activity (particularly which sites the user visited and which elements they clicked on), device and browser information (particularly IP address and operating system), data on the displayed ads (particularly which ads were displayed and whether the user clicked on them) along with data from ad partners (particularly pseudonymised user IDs). This allows us to determine the effectiveness of Facebook ads for statistical and marketing purposes.
The above processing may mean that data is transferred to Facebook servers located in the U.S. Facebook a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Facebook is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active. Data collected in this way is anonymous for us, meaning we are not able to view the personal data of individual users. However, this data will be stored and processed by Facebook. Facebook may link this data to your Facebook account and use it for its marketing purposes according to the Facebook data use policy.
You can learn more about how Facebook processes data at: https://de-de.facebook.com/policy.php
2. Purpose of the data processing
We use the Facebook Pixel to analyse and optimise advertising measures.
3. The legal basis for processing personal data
The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Storage duration
Your personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law, e.g. for tax and accounting purposes.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You can prevent Facebook from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function in a supported browser, deactivate the execution of script code in your browser, or install a script blocked such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can learn more about your right to object and be forgotten by Facebook at:
https://de-de.facebook.com/policy.php
Use of Google Analytics
1. Scope of the processing of personal data
We use Google Analytics, a web analysis service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its EU representatives at Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). Google Analytics checks the origin of visitors, the time they spend on individual pages and the use of search engines along with other aspects, enabling it to improve the success rate of ad campaigns. Google places a cookie on your computer for this purpose. As a result, personal data may be stored or analysed, particularly data pertaining to the user’s activity (particularly which sites the user visited and which elements they clicked on), device and browser information (particularly IP address and operating system), data on the displayed ads (particularly which ads were displayed and whether the user clicked on them) along with data from ad partners (particularly pseudonymised user IDs). The information generated by the cookie about your use of this website will be transmitted to a Google server in the USA and stored there. If IP anonymisation is enabled, your IP address will be truncated by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will your full IP address sent to a Google server in the USA and shortened there.
Google is a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Google is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active IP anonymisation has been enabled on this website. Google will use this information to analyse your use of this website, compile reports on your activities on the website and perform additional services related to the use of the website and internet usage for the website operator on behalf of the website operator. The IP address transmitted by your browser within the scope of Google Analytics is not merged with other data from Google. You can object to the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of this website.
You can learn more about how Google processes data at: https://policies.google.com/privacy?gl=DE&hl=de
2. Purpose of processing This personal data is processed in order to address a target audience that has already shown initial interest by visiting our website in a targeted manner.
3. The legal basis for processing personal data The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Storage duration
Your personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law. According to information provided by Google, ad data is anonymised in server logs, as part of the IP address and cookie information are deleted after 9 and 18 months respectively.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You can prevent Google from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function in a supported browser, deactivate the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Furthermore, you can prevent Google’s collection and use of data generated by cookies relating to your use of the website (incl. your IP address) and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
Click on the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de
You can learn more about your right to object and be forgotten by Google at:
https://policies.google.com/privacy?gl=DE&hl=de
Google Tag Manager
1. Scope of the processing of personal data We use Google Tag Manager
(https://www.google.com/intl/de/tagmanager/) , a service provided by Google LLC, 1600 Amphitheatre
Parkway, Mountain View, CA 94043, USA and its EU representatives at Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). Google Tag Manager manages tags for services provided by Google or third-party providers and allows them to be embedded together on a website. Tags are small code elements on a website that measure visitor numbers and behaviour, record the impact of online ads and social channels, permit remarketing and the targeting of certain groups, and allow us to test and optimise our website. If a user visits our website, the current tag configuration will be sent to the user’s website. This contains instructions on which tags should be activated. Google Tag Manager also activates other tags that may collect data under certain circumstances. You can find more information on this processing on the sections on the application of the relevant service in this Privacy Notice.
Google Tag Manager is not able to access this data.
The above processing may mean that data is transferred to Google servers located in the U.S. Google is a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Google is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active You can learn more about Google Tag Manager at https://www.google.com/intl/de/tagmanager/faq.html and in the Google privacy policy: https://policies.google.com/privacy?hl=de
2. Purpose of the data processing
This personal data is processed in order to facilitate collective and clear tag management and the efficient inclusion of third-party services.
3. The legal basis for processing personal data
The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Storage duration
Your personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law. According to information provided by Google, ad data is anonymised in server logs, as part of the IP address and cookie information are deleted after 9 and 18 months respectively.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You can prevent Google from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function in a supported browser, deactivate the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Furthermore, you can prevent Google’s collection and use of data generated by cookies relating to your use of the website (incl. your IP address) and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
Click on the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de
You can learn more about your right to object and be forgotten by Google at:
https://policies.google.com/privacy?gl=DE&hl=de
Hotjar
1.Scope of the processing of personal data
We use the web analysis service Hotjar, provided by Hotjar Ltd., Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta (hereinafter referred to as: Hotjar). Among other features, Hotjar uses cookies, i.e. small text files that are stored by your browser on your device, which permit us to analyse the use of our website. As a result, personal data may be stored or analysed, particularly data pertaining to the user’s activity (particularly which sites the user visited and which elements they clicked on), device and browser information (particularly IP address and operating system), and a tracking code (particularly pseudonymised user ID). Data collected in this manner is transferred by Hotjar to a service in Ireland and stored there in anonymised form.
You can find more information on how Hotjar processes your data at: https://www.hotjar.com/legal/policies/privacy
2. Purpose of the data processing
We use Hotjar to gain a better understanding of our user’s requirements and optimise our website.
3. The legal basis for processing personal data
The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Storage duration
Your personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You can prevent Hotjar from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function in a supported browser, deactivate the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Click on the following link to deactivate the use of your personal data by Hotjar: https://www.hotjar.com/legal/compliance/opt-out
You can learn more about your right to object and be forgotten by Hotjar at:
https://www.hotjar.com/legal/policies/privacy
1. Scope of the processing of personal data
We use the analysis tool Twitter Analytics, a service provided by Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA (hereinafter referred to as Twitter). Twitter Analytics enables us to measure interactions with Twitter users, learn more about our followers’ interests, locations and origin, and track how our Twitter Cards result in clicks, app installations and retweets. This requires processing of the following data: As a result of the above processing, data is transferred to servers operated by Twitter in the U.S. Twitter a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Twitter is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active You can find more information on how Twitter processes your data at:
https://twitter.com/de/privacy
o IP address (anonymised)
o Browser type
o Referrer/exit sites
o Operating system
o Time and date of the visit
o Clickstream data
o Views
o Clicks
o Twitter account data
2. Purpose of the data processing
Processing personal data through Twitter Analytics allows us to conduct an analysis performance of our ads on Twitter and user interactions on Twitter. Analysing the obtained data allows us to compile information on the use of individual components of our website. This helps us continuously improve our ad campaigns and increase user friendliness in this context.
3. The legal basis for processing personal data
The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Retention period Personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You can prevent Twitter from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function in a supported browser, deactivate the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Click on the following link to deactivate the use of your personal data by Twitter:
https://twitter.com/personalization
You can learn more about your right to object and be forgotten by Twitter at:
https://twitter.com/de/privacy Google
AdWords
1. Scope of the processing of personal data
We use Google AdWords, a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its EU representatives at Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). This service allows us to place ads. Google places a cookie on your computer for this purpose. As a result, personal data may be stored or analysed, particularly data pertaining to the user’s activity (particularly which sites the user visited and which elements they clicked on), device and browser information (particularly IP address and operating system), data on the displayed ads (particularly which ads were displayed and whether the user clicked on them) along with data from ad partners (particularly pseudonymised user IDs).
The above processing may mean that data is transferred to Google servers located in the U.S. Google is a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Google is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active You can find more information on how Google processes your data at: https://policies.google.com/privacy?gl=DE&hl=de
2. Purpose of the data processing
We only receive information on the entire number of users who have reacted to our ads. We do not receive any information that we could use to identify you personally. We do not use this data for tracking purposes.
3. The legal basis for processing personal data
The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Retention period Personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law, e.g. for tax and accounting purposes.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You can prevent Google from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function
in a supported browser, deactivate the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Click on the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de
You can learn more about your right to object and be forgotten by Google at:
https://policies.google.com/privacy?gl=DE&hl=de
Google Ads Remarketing
1. Scope of the processing of personal data
We use Google Ads Remarketing, a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its EU representatives at Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). Google Remarketing is used to retarget visitors to the website for advertising purposes through Google Ads. Target groups (‘similar target groups’), e.g. those that have visited certain sites, can be created using Google Ads Remarketing. This allows us to identify users on other websites and display targeted ads. Google places a cookie on the user’s computer for this purpose. As a result, personal data may be stored or analysed, particularly data pertaining to the user’s activity (particularly which sites the user visited and which elements they clicked on), device and browser information (particularly IP address and operating system), data on the displayed ads (particularly which ads were displayed and whether the user clicked on them) along with data from ad partners (particularly pseudonymised user IDs). The above processing may mean that data is transferred to Google servers located in the U.S. Google is a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Google is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active You can find more information on how Google processes your data at: https://policies.google.com/privacy?gl=DE&hl=de
2. Purpose of the data processing
This processing of personal data takes place in order to address a target group in a targeted manner. Cookies stored on the user’s end device recognise the user when they visit a website and can therefore display personalised ads.
3. The legal basis for processing personal data
The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Storage duration
Your personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law, e.g. for tax and accounting purposes.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You can prevent Google from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function in a supported browser, deactivate the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Furthermore, you can prevent Google’s collection and use of data generated by cookies relating to your use of the website (incl. your IP address) and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
Click on the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de
You can learn more about your right to object and be forgotten by Google at:
https://policies.google.com/privacy?gl=DE&hl=de
Use of the Google Marketing platform
1. Scope of the processing of personal data
We use the marketing platform provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its EU representatives at Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). Google places a cookie on your computer for this purpose. As a result, personal data may be stored or analysed, particularly data pertaining to the user’s activity (particularly which sites the user visited and which elements they clicked on), device and browser information (particularly IP address and operating system), data on the displayed ads (particularly which ads were displayed and whether the user clicked on them) along with data from ad partners (particularly pseudonymised user IDs).
Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server.
The above processing may mean that data is transferred to Google servers located in the U.S. Google is a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Google is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active We have no influence on the extent and further processing of data collected by Google through the use of this tool and will inform your corresponding of our knowledge in this regard. If you have an account for a Google service, Google may allocate your visit to your account. Even if you do not have an account with Google or are not logged in, the provider may still be able to find out and store your IP address.
You can learn more about how Google processes data at: https://policies.google.com/privacy?gl=DE&hl=de
2. Purpose of the data processing
We use the Google marketing platform to display relevant ads to our users, improve reports for advertising performance or to avoid displaying the same ads to users multiple times.
3. The legal basis for processing personal data
The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Storage duration
The Google marketing platform stores your data until the purpose for which it was collected is fulfilled. The maximum retention period is 18 months.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You can prevent Google from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function in a supported browser, deactivate the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Click on the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de
You can learn more about your right to object and be forgotten by Google at:
https://policies.google.com/privacy?gl=DE&hl=de
Google ReCaptcha
1. Scope of the processing of personal data
We use Google ReCaptcha, a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its EU representatives at Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland. This tool checks whether data entry is compliant and not performed by a bot. In addition, Google ReCaptcha analyses and authenticates the surfing behaviour of websites users in relation to various characteristics. As a result, personal data may be stored or analysed, particularly data pertaining to the user’s activity (particularly mouse movements and which elements they clicked on), device and browser information (particularly the time of the visit, IP address and operating system).
The above processing may mean that data is transferred to Google servers located in the U.S. Google is a signatory and certified according to the EU-U.S. Privacy Shield. According to which, Google is required to comply with the standards and provisions of European data protection regulations. You can find more by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active Data is not merged with other data collected or processed in relation with parallel use of authenticated Google Services such as Gmail.
You can learn more about how Google processes data at: https://policies.google.com/privacy?gl=DE&hl=de
2. Purpose of the data processing
We use Google ReCaptcha to prevent misuse of our website.
3. The legal basis for processing personal data
The legal basis for this processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR. In this case, our legitimate interest lies in the purposes of processing specified under clause 2.
4. Storage duration
Your personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law, e.g. for tax and accounting purposes.
5. Right to object and be forgotten
You can prevent Google from collecting and processing your personal data by opting out of the storage of third-party cookies on your computer by using the ‘Do Not Track’ function in a supported browser, deactivate the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Click on the following link to deactivate the use of your personal data by Google:
https://adssettings.google.de
You can learn more about your right to object and be forgotten by Google at:
https://policies.google.com/privacy?gl=DE&hl=de
MailChimp
1. Scope of the processing of personal data
We use MailChimp, a service provided by The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318, USA (hereinafter referred to as MailChimp) to send our newsletter. MailChimp is an e-mail marketing provider and enables us to communicate directly with potential customers through email newsletters. If you subscribe to the newsletter, the data you entered when signing up to the newsletter will be transferred to and stored by MailChimp. As a result, other personal data may be stored or analysed, particularly data pertaining to the user’s activity (particularly which sites the user visited and which elements they clicked on), and device and browser information (particularly IP address and operating system).
The above processing may mean that data is transferred to MailChimp servers located in the U.S. MailChimp is a signatory and certified according to the EU-U.S. Privacy Shield. According to which, MailChimp is required to comply with the standards and provisions of European data protection regulations. You can find more information by clicking on the link below: https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active MailChimp will also store your data. Your data will not be transferred to third parties in relation to the newsletter and MailChimp does not receive any right to transfer your data. Once you’ve registered, MailChimp will send you an email to confirm your registration. Furthermore, MailChimp offers various analysis options regarded how sent newsletters are opened and used, e.g. how many users an email was sent to, whether emails were dismissed and whether users subscribed after receiving an email.
You can learn more about how MailChimp processes data at:
https://MailChimp.com/legal/privacy/
2. Purpose of the data processing
Personal data collected when you register for the newsletter are solely used to send our newsletter, invite you to events and, if you are already a customer, send customer emails. Furthermore, newsletter subscribers can receive email notifications to the extent that this is required for the operation of the newsletter service or associated registration, as may be the case in the event of changes to the newsletter services or technical conditions.
3. The legal basis for processing personal data
The legal basis for the processing of the user’s personal data is Art. 6(1)(1) lit. f GDPR, providing the user has granted their consent.
4. Storage duration
Your personal information is only stored as long as it is required to fulfil the purposes described in this Privacy Notice or as prescribed by law. In addition, you can also contact MailChimp to demand the erasure of your data.
5. Right to object and be forgotten
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You reserve the right to withdraw your consent to the storage or use of your data by MailChimp to send the data. You can send your withdrawal to MailChimp at any time by email or by clicking on the link provided in every newsletter.
You can learn more about your right to object and be forgotten by MailChimp at:
https://MailChimp.com/legal/privacy/
Version: 24/02/2021
