Controller

The controller responsible for the described data collection and processing is named in the imprint.

Usage Data

When you visit our website, the data collected from the use of the website is temporarily stored on our web server for statistical purposes in order to improve the quality of our website. This data set contains:

  • the page, from which the data is requested
  • the name of the data file,
  • the date and time of the query,
  • the amount of data transferred,
  • the access status (file transmitted, file not found),
  • a description of the type of browser used,
  • the IP address of the requesting computer shortened to such an extent that no reidentification of any persona data is possible.

The listed usage data is stored anonymously.

Data Security

To avoid unauthorized access to your data, we have implemented technical and organizational measures. We use encryption technologies on our website. Your data will be transferred to our servers and back again via a connection that is protected by a TLS encryption technology. You can recognize that you are browsing on an encryption secured website by the lock-symbol shown in the address bar of your browser and by the address bar starting with https://.

Necessary Cookies

We use cookies on our website that are necessary for an optimal display and user guidance of our website.
Cookies are small pieces of data that are stored and read in your end-device. A distinction is made between session cookies, which are deleted when you close your browser, and permanent cookies, which are stored even after your visit has expired.
We do not use the necessary cookies for analysis, tracking or promotional purposes.
Cookies may contain data that enables the recognition of the device being used. However, in some cases cookies only contain information on certain settings which are not personal data.
The data is processed in accordance to Art. 6 para. 1 s. 1 lit. f GDPR
Please be aware that you can set your browser to inform you when cookies are being stored or used on the website you are visiting. Thus, any use of cookies is transparent to you. You have the possibility to delete your browser configuration at any time and prevent any use of new cookies. In the event you refuse the use of cookies, please note that our web sites may not be displayed optimally and some functions are then no longer technically available.

Google Analytics

We use Google Analytics to create pseudonymous user profiles for improving and designing our website on demand. Google Analytics uses “cookies”, which are text files placed on your end device and can be read by us. In this way, we are able to recognize and count returning visitors.
In order to use Google Analytics, we are supported by Google Ireland Limited and Google LLC. (USA) and have signed a data processing agreement according to Art. 28 DSGVO. The data processing can also take place outside the EU or the EEA. With regard to Google LLC, no adequate level of data protection can be assumed due to the processing in the USA. There is a risk that authorities may access the data for security and surveillance purposes without your being informed or having the right to appeal. Please take this into account if you decide to give your consent to our use of Google Analytics.
The data processing is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, provided that you have given your consent via our banner. The transfer to a third country is based on Art. 49 para. 1 lit. a GDPR.
You can withdraw your consent to the processing at any time. Please click the “Cookie Preferences” button and make the appropriate settings via our banner.

LinkedIn

On our pages we use the Insight Tag of the social network LinkedIn. This is offered by the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter “LinkedIn”). The LinkedIn Insight tag is a small JavaScript code snippet that we have added to our website. The LinkedIn Insight tag allows us to collect information about visits to our website, including URL, referrer URL, IP address, device and browser characteristics (user agent) and timestamps. IP addresses are shortened or hashed. The direct identifiers of members are removed within seven days in order to pseudonymise the data. This remaining pseudonymised data is then deleted within 180 days.
LinkedIn does not share any personally identifiable information with us, but only provides reports (in which you are not identified) about website audience and ad performance.
In order to use LinkedIn Insight Tag we have signed a data processing agreement according to Art. 28 DSGVO with LinkedIn. The data processing can also take place outside the EU or the EEA. With regard to LinkedIn no adequate level of data protection can be assumed due to the processing in the USA. There is a risk that authorities may access the data for security and surveillance purposes without you being informed or having the right to appeal. Please take this into account if you decide to give your consent to our use of LinkedIn Insight Tag.
The data processing is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, provided that you have given your consent via our banner. The transfer to a third country is based on Art. 49 para. 1 lit. a GDPR.
You can withdraw your consent to the processing at any time. Please click the “Cookie Preferences” button and make the appropriate settings via our banner.

Embedded Videos

On our websites we embed videos that are not stored on our servers. In order to ensure that accessing our web pages with embedded videos does not automatically lead to the downloading of content from the third party provider, we ask you for your consent before playing.
We request your consent to data processing on the one hand via the consent tool integrated on our website under the heading “external media”. Alternatively, you can also give your consent immediately before playing the respective video. For this purpose you will be shown a corresponding note instead of the video. Due to this the third-party provider will not receive any information.
Only after a click on the notice, contents of the third party provider are reloaded. This informs the third party that you have called up our site and provides the technically necessary usage data. We have no influence on further data processing by the third party provider. By clicking on the notice, you give us the consent to reload the contents of the third party provider.
The data processing is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. The transfer to a third country is based on Art. 49 para. 1 lit. a GDPR.

Provider: YouTube / Google (USA) | Adequate level of data protection: No adequate level of data protection. Transfer of data is based on your consent. | Right of appeal: If you wish to object to the embedding. Please do not click on the notice shown to you on the preview screen or adjust the setting via our consent banner.

Newsletter Registration and delivery

On our website we provide the opportunity to subscribe to our newsletter. Please note that we need certain data (at least your e-mail address) to subscribe to the newsletter.
The newsletter will only be sent if you have given us your explicit consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. After providing your contact data you will receive a confirmation e-mail to the e-mail address you have provided (so-called double opt-in). You can revoke your consent at any time. An uncomplicated way to revoke your consent is to use the cancellation link provided in every newsletter.
Within the scope of the newsletter registration, we store further data in addition to the data already mentioned, insofar as this is necessary so that we can prove that you have registered for our newsletter. This may include the storage of the complete IP address at the time of ordering or confirmation of the newsletter, as well as a copy of the confirmation e-mail sent by us. The corresponding data processing is carried out on the basis of Art. 6 para. 1 sentence 1 letter f GDPR and is carried out in the interest of being able to account for the legality of the newsletter delivery.
The newsletters are sent via “MailChimp”, a newsletter delivery platform of the US supplier Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA, who supports us as a data processor according to Art. 28 DSGVO. The data protection regulations of MailChimp can be found here: https://mailchimp.com/legal/privacy/. Data processing may also take place outside the EU/EEA. In order to guarantee an adequate level of data protection, the EU standard contractual clause according to art.46 paragraph 2 lit. c DSGVO was concluded with MailChimp.

Map services

On our web pages we embed map services that are not stored on our servers. In order to ensure that accessing our web pages with embedded maps services does not automatically lead to the downloading of content from the third party provider, we initially only display locally stored preview pictures. Due to this the third-party provider will not receive any information
Only after a click on the notice, contents of the third party provider are reloaded. This informs the third party that you have called up our site and provides the technically necessary usage data. We have no influence on further data processing by the third party provider. By clicking on the notice, you give us the consent to reload the contents of the third party provider.
Alternatively we request your consent to data processing via the consent tool integrated on our website under the heading “external media”.
The data processing can also take place outside the EU or the EEA. With regard to Google LLC, no adequate level of data protection can be assumed due to the processing in the USA. There is a risk that authorities may access the data for security and surveillance purposes without your being informed or having the right to appeal. Please take this into account if you decide to give your consent to our use of the map services.
The data processing is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. The transfer to a third country is based on Art. 49 para. 1 lit. a GDPR.

Provider: Google (USA) | Adequate level of data protection: No adequate level of data protection. Transfer of data is based on your consent. | Right of appeal: If you wish to object to the embedding. Please do not click on the notice shown to you on the preview screen or adjust the setting via our consent banner.

Integration of other technical third-party content and functions

We use the below mentioned technical functions and contents of third party providers.
When you access our page, certain third-party content is downloaded in order to provide these functions and services. This informs the third party provider that you have called up our site and provides the usage data that is technically necessary in this context.
We have no influence on further data processing by the third-party provider.
The data processing is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. The transfer to a third country is based on Art. 49 para. 1 lit. a GDPR.
The data processing can also take place outside the EU or the EEA. With regard to the USA no adequate level of data protection can be assumed. There is a risk that authorities may access the data for security and surveillance purposes without your being informed or having the right to appeal. Please take this into account if you decide to give your consent to the respective function.

Provider: Google (USA) Google Fonts | Adequate level of data protection: No adequate level of data protection. Transfer of data is based on your consent. | Right of appeal: If you wish to object to the embedding, please do not use our website.

Your Rights as a User

As a website user, the GDPR grants you certain rights when processing your personal data.

Right of access (Art. 15 GDPR):
You have the right to obtain confirmation at to whether or not personal data concerning you is being processed, and, where that is the case access to the personal data and the information specified in Art. 15 GDPR.

Right to rectification and erasure (Art. 16 and 17 GDPR):
You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you and, if necessary, the right to have incomplete personal data completed.
You also have the right to obtain an erasure of the personal data concerning you without undue delay, if one of the reasons listed in Art. 17 GDPR applies, e.g. if the data is no longer necessary for the intended purpose.

Right to restriction of processing (Art. 18 GDPR):
If one of the conditions set forth in Art. 18 GDPR applies, you shall have the right to restrict the processing of your data to mere storage, e.g. if you revoke consent, to the processing, for the duration of a possible examination.

Right to data portability (Art. 20 GDPR):
In certain situations, listed in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or demand a transmission of the data to another third party.

Right to object (Art. 21 GDPR):
If the data is processed pursuant to Art. 6 para. 1 s. 1 lit. f GDPR (data processing for the purposes of the legitimate interests), you have the right to object to the processing at any time for reasons arising out of your particular situation. We will then no longer process personal data, unless there are demonstrably compelling legitimate grounds for processing, which override the interests, rights and freedoms of the person concerned, or the processing serves the purpose of asserting, exercising or defending legal claims.

Right to lodge a complaint with a supervisory authority:
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you consider the processing of the data concerning you infringes data protection regulations. The right to lodge a complaint may be invoked in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement.

Contact Details of the Data Protection Officer

Please contact our data protection officer if you have any further questions, suggestions or wishes regarding data protection:
datenschutz nord GmbH
Konsul-Smidt-Straße 88
28217 Bremen, Germany
Web: www.datenschutz-nord-gruppe.de
E-Mail: office@datenschutz-nord.de