1. General
LIQUI MOLY GmbH (hereinafter: LIQUI MOLY), Jerg-Wieland-Straße 4, 89081 Ulm, is the operator of the website www.liqui-moly.com and other websites and would therefore like to inform you in the following Privacy Policy to what extent data are collected when you use our websites and what purpose these data are used for.

LIQUI MOLY also wishes to point out the rights you are entitled to in this context. Please note: this Privacy Policy applies exclusively to the page www.liqui-moly.de,  including any subpages (such as www.liqui-moly.com and www.liqui-moly.biz) and subdomains (such as shop.liqui-moly.de). You have the option of switching to other websites. For these pages, Data protection regulations, for the content of which the respective operators of these websites are responsible.

The careful handling of your personal data has top priority at LIQUI MOLY GmbH. When processing data, we comply with the statutory provisions of the General Data Protection Regulation (GDPR) and the associated national provisions.
When you visit our website, the web servers save the connection data of the requesting computer, the subpages you visit on our site, the date and duration of your visit, the identification data of the browser and operating system type used as well as the website from which you are visiting us as standard and temporarily for system security purposes.

This data batch consists of

• the page from which the file was requested,
• the name of the file,
• the date and time of the request,
• the amount of data transferred,
• the access status (file transferred, file not found),
• a description of the type of web browser used,
• the IP address of the requesting computer, shortened by the last three digits.

These data are stored anonymously. Personal user profiles are thus not created. These data are erased or made anonymous after the end of the connection.

In addition, we collect personal data from you in other cases, specifically

• when you contact us via e-mail or the contact form
• when you use the protected “My user account” areas in the online shop
• when you subscribe to the newsletter/press releases/digital communication
• when you register in one of the forums and make a contribution
• - through the software used for website tracking
• to secure our web server and to ensure the functionality of our online services
• for processing orders placed via our online shop
• for the online application process

Personal data are processed exclusively for a specific purpose (purpose limitation principle). In addition, we regularly review our data processing practices to ensure that we process as little personal data as possible (data minimization principle).

2. Details of the controller

Below you will find the details of the controller as defined by Art. 4 No. 17 GDPR:

Company name & legal form:LIQUI MOLY GmbHRepresentative: Günter Hiermaier, Dr. Uli WellerAddress of the head office as defined by Art. 4 No. 16 GDPR:Jerg-Wieland-Straße 4, 89081 Ulm, GermanyContact details:LIQUI MOLY GmbH Jerg-Wieland-Straße 4 89081 Ulm info@liqui-moly.deContact details of the Data Protection Officer:Bernhard C. Witt it.sec GmbH&Co.KG Einsteinstraße 55, 89077 Ulm (Germany) Tel.: 0 731 205 89 0 E-Mail: datenschutz(at)it-sec.de

3. What are personal data?

Personal data are all information relating to an identified or identifiable natural person. An identifiable person is a natural person who can be identified directly or indirectly, in particular by assignment to an identifier such as a name. Personal data include information such as your name, address, telephone number and date of birth (if provided). Statistical information that cannot be directly or indirectly associated with you – such as the popularity of individual websites operated by us or the number of users of a site – is not personal data.

4. Protection of minors

Our website is not directed at minors and we do not knowingly collect personal data from minors.

If persons under the age of 16 transfer personal data to us, this is only permitted if the parent or legal guardian themselves has consented or has agreed to the consent of the young person. Pursuant to Art. 8 (2) GDPR, the contact details of the parent or legal guardian must be communicated to us in order to convince us of the consent or the agreement of the parent or legal guardian. These data and the data of the minor will then be processed in accordance with this Privacy Policy.

If we determine that a minor under the age of 16 has sent us personal data without the parent or guardian consenting themselves or agreeing to the consent of the minor, we will erase the data immediately.

5. Purposes of data processing and legal basis

Your personal data will be processed for the following purposes on the following legal bases:

• Contract initiation pursuant to Art. 6(1) a) and b) GDPR
• Contract execution pursuant to Art. 6(1) b) GDPR
• Customer management pursuant to Art. 6(1) b) and c) GDPR
• Communication and data exchange pursuant to Art. 6(1) a), b), c), f) GDPR
• Public image and advertising pursuant to Art. 6(1) f) GDPR
• Implementation of declarations of consent pursuant to Art. 6(1) a) GDPR
• Ensuring the proper operation of a data processing system pursuant to Art. 6(1) c) and f) GDPR
• Applicant selection procedures within the framework of personnel and resource management pursuant to Art. 6(1) a) GDPR b) in conjunction with § 26 new GDPR

6. Storage duration

We save personal data until the purposes for which they were collected expire (e.g. upon the termination of a contractual relationship or with the last activity, if no continuing obligation exists, or in the case of a withdrawal of your consent for specific data processing). Storage beyond this only occurs if

• Legal storage obligations (e.g. pursuant to AO (German Tax Code) and HGB (German Commercial Code)) exist;

• The data is still required for the enforcement and exertion of legal claims or for defending against legal claims, e.g. due to technological and forensic requirements for the defense of attacks on our webservers and their prosecution;

• Preventing the deletion of the interests of affected persons worth protecting; Or

• or there is another exception as per art. 17 section 3 GDPR. • Furthermore, you always have the right to withdraw the use of your data for the purpose of direct advertising with future effect, as per art. 21 section 2 GDPR. c) and f)

7. Rights of data subjects

7.1. Right to information and data portability

You have a right to information about the personal data processed by us pursuant to Art. 15 GDPR at any time.
If the data processing is based on your consent or on a contract pursuant to Art. 6 (1) b) GDPR, you may, pursuant to Art. 20(1) GDPR, request that you receive the personal data stored about you in a structured, established and machine-readable format, or to have these data transferred to a system of a third party. You are thus entitled to direct forwarding of your data.

7.2. Right to rectification, restriction and erasure

Furthermore, pursuant to Art. 16 to 18 GDPR, you may request that we rectify, restrict (block) or erase your personal data if we have processed the data incorrectly, if there are grounds for restricting further data processing or if the data processing has become illegal for various reasons, or if its storage is inadmissible for other legal reasons. We would like to point out that your right to erasure may be restricted by legal retention periods.

7.3. Rights to object

If our data processing is based exclusively on our legitimate interest pursuant to Art. 6(1) f) GDPR, you may object to this processing pursuant to Art. 21(1) GDPR. We will then stop processing your data unless we can prove grounds for processing worthy of protection which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend a legal claim.

7.4. Right of withdrawal

If you have allowed us to process your personal data by giving your consent, you have a right of withdrawal with effect for the future pursuant to Art. 7(3) GDPR.

7.5. Right of complaint to the supervisory authority

You are free to lodge a complaint with a supervisory authority if you believe that our processing of your personal data is in breach of the European General Data Protection Regulation or other national and international data protection laws, Art 77 GDPR.

The contact details of the supervisory authority responsible for us are as follows:

State Representative for Data Protection Baden-Württemberg
Dr. Stefan Brink
P.O. Box 10 29 32
70025 Stuttgart

or:

Königstraße 10a
70173 Stuttgart 

7.6. Contact details

To exercise your rights, you can send us an informal message to the contact details below. Please also address the withdrawal of your consent to the contact details below, indicating which declaration of consent you wish to withdraw:

Company name & legal form:LIQUI MOLY GmbHAddress:Jerg-Wieland-Straße 4, 89081 Ulm, GermanyE-Mail adress:datenschutz@liqui-moly.de.Webform https://www.liqui-moly.com/en/your-direct-path-to-us/contact-form.html

8. Data transfer by means of contact

8.1. Contact form via www.liqui-moly.com/en/your-direct-path-to-us/contact-form.html

Via the web form at www.liqui-moly.de/kontakt/kontaktformular.html we request the following data:

• Department (optional)
• Message text (optional)
• Title (freiwillige Angabe)
• E-mail address (required)
• First and last name (optional)
• Telephone number (optional)
• Street and house number (optional)
• Postcode (freiwillige Angabe)
• Country (required)
• Company (optional)

Data that you send us via the contact form will be processed for the purpose of communication and data exchange pursuant to Art. 6(1) a), b), c), f) GDPR. These data are only stored as long as their processing is required for these purposes or until the expiry of any subsequent retention periods.

8.2. Contact form via shop.liqui-moly.de/bezahlung

Via the web form at shop.liqui-moly.de/bezahlung/ we request the following data:

• E-mail address (required)
• Name (optional)
• Subject (required)
• Message text (required)

Data that you send us via the contact form will be processed for the purpose of communication and data exchange pursuant to Art. 6(1) a), b), c), f) GDPR. These data are only stored as long as their processing is required for these purposes or until the expiry of any subsequent retention periods.

8.3. Contact form via www.shop.liqui-moly.de/stornierung_retoure_de

Via the web form at shop.liqui-moly.de/stornierung_retoure_de/ we request the following data:

• E-mail address (required)
• Name (optional)
• Subject (required)
• Message text (required)

Data that you send us via the contact form will be processed for the purpose of communication and data exchange pursuant to Art. 6(1) a), b), c), f) GDPR. These data are only stored as long as their processing is required for these purposes or until the expiry of any subsequent retention periods.

8.4 Contact form via oil guide
Via the web form in our oil guide we request the following data:

- Selected vehicle (required)
- Product group (required)
- E-mail address (required)
- Telephone number (optional)
- Your message (required)

Data that you send us via the contact form will be processed for the purpose of communication and data exchange pursuant to Art. 6 (1) a), b), c), f) GDPR. These data are only stored as long as their processing is required for these purposes or until the expiry of any subsequent retention periods.
 

8.5. Contact via e-mail

Data that you send us by e-mail for the purpose of making contact with us will be processed for the purpose of communication and data exchange pursuant to Art. 6(1) a), b), c), f) GDPR. These data are stored as long as their processing is required for these purposes or until the expiry of any subsequent retention periods.

9. Dealer and sales representative search via postcode

9.1. Dealer search

On our website you can search for suitable dealers in your area under www.liqui-moly.de/service/bezugsquellen.html using your postcode. No other data about you will be collected or stored. Your postcode will not be stored beyond the search.

9.2. Sales representative search

In addition, as a business customer, you can search for the contact details of the sales representatives in your area via www.liqui-moly.biz/kontakt/aussendienst-deutschland.html and www.liqui-moly.biz/kontakt/aussendienst-oesterreich.html using your postcode. Your postcode will not be stored beyond the search.

10. Handling of personal data within the scope of the customer account

10.1. Private customer account

We offer you the option of setting up a personal customer account. Before you use this for the first time, you have to register once. For this, we need the following information from you:

• Title (required),
• First and last name (required),
• E-mail address (required),
• Password (required),
• Date of birth (optional)

For the processing of orders in the online shop we require the following additional information from you:

• Invoice address (title, first name, last name, e-mail address, company (if applicable), street, house number, postcode, town/city, country, date of birth (optional),
• Delivery address (title, first name, last name, company (if applicable), street, house number, postcode, town/city, country, federal state),
• Payment details (Sepa direct debit, PayPal details, instant bank transfer, credit card details).

A customer number will also be automatically assigned to your customer account.

In addition, you can voluntarily add the following information to your customer account:

• Mobile phone number,
• Date of birth

You can also access the “My garage” area in your customer account. In this area you as a registered customer can save your vehicle and add optional information, such as the following:

• Mileage
• Date of initial registration

We will use data that you transfer to us during registration and when placing orders in the online shop for the following purposes on the following legal bases:

• Contract initiation pursuant to Art. 6(1) a) and b) GDPR, communication and data exchange pursuant to Art. 6(1) a), b), c), f) GDPR, ensuring proper operation of a data processing system pursuant to Art. 6(1) c) and f) GDPR:
  - Provision of the customer account,
  - Making your customer profile available on our website,
  - Use of the online shop under www.shop.liqui-moly.de,
  - Authentication of registered users.

• Contract execution pursuant to Art. 6(1) b) GDPR, customer management pursuant to Art. 6(1) b), and f) GDPR, communication and data exchange pursuant to Art. 6(1) a), b), f) GDPR:
  - Deliveries,
  - Payment processing,
  - Queries in connection with your customer account and/or orders placed,
  - Information about changes to the Terms and Conditions or data protection information,
  - Provision of a shopping list.
• Public image and advertising pursuant to Art. 6(1) a) and f) GDPR:
  - Internal statistical market research,
  - Sending of the newsletter, if expressly ordered,
  - Sending of product recommendations for our own similar offers, unless expressly not desired,
  - Sending of information, if expressly requested,
  - Sending of postal advertising, unless expressly not desired.

10.2. My LIQUI MOLY account

We offer you the opportunity to set up a personal my LIQUI MOLY account. Before you use this for the first time, you have to register once. For this, we need the following information from you:

• Title (required),
• First and last name (required),
• Company (required),
• Role in the company (required),Street, postcode, town/city, country (required),
• Telephone number (required),
• Fax (optional),
• Business e-mail address (required),
• Website (optional),
• Source of LIQUI MOLY products (optional),
• If applicable, LIQUI MOLY customer number (optional),
• If applicable, information about the dealer from whom you purchase your products (optional).

11. Use of our online shop

Within the scope of the use of our online shop, further personal and transaction-based data, such as data on shopping basket compilations ordered and any delivery of these, the shopping lists created and data on orders, are collected and stored. LIQUI MOLY will process these personal and transaction-based data on its own behalf in technical and logistical terms, Art. 6(1) b) and f) GDPR, if this is necessary for the performance of the desired services.

12. Forum

You have the option of leaving comments in our LIQUI MOLY Forum forum-liqui-moly.de. To register for the forum we need your name, user name, a password and your e-mail address. We request this information to promote a more transparent and personalized communication between the forum participants. Storing this information also helps to avoid spam. You can have your registration in our forum erased at any time. To do so, please simply send an e-mail to: datenschutz@liqui-moly.de. The disclosure of the data provided by you in this context is expressly on a voluntary basis and with your consent. We use the personal data transferred in this way exclusively for the purpose for which you provide us with your data. Of course, you can withdraw your declaration of consent at any time for the future. To do so, please use the contact details above.

13. Use of PayPal (only concerns the use of the online shop)

In our online shop we enable you to pay by means of the payment service provider PayPal. The processing of the payment takes place either via your PayPal or via your credit card or bank account using PayPal. Furthermore, PayPal offers buyer protection and trust services.

When you select the payment service provider PayPal in the online shop, data is automatically transferred to PayPal. You hereby expressly consent to this transfer of personal data (first and last name, address, e-mail address, IP address, phone number(s), order data, delivery data) for the purpose of processing the payment as well as fraud prevention if you decide upon the PayPal payment type.

The exchange of data does not only take place for the purpose of processing the payment, but also for identification, fraud prevention and the reduction of a default risk, in this respect, data on economic situation and on past purchase and payment behavior may also be exchanged. In this context, data is also exchanged with credit agencies by Klarna, if there is a legitimate interest for this and it does not run counter to the interests of affected persons worth protecting.

Forwarding of the data to associated companies can occur; this also applies to downstream service providers (processors, mutually responsible and third parties, if required for contract implementation). You can withdraw existing consent from PayPal at any time with future effect. A withdrawal has no effect on the transfers carried out in the past. PayPal’s current data protection regulations can be found at www.paypal.com/de/webapps/mpp/ua/privacy-full.

Data recipient: PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg

14. Credit card payment method (only concerns the use of the online shop)

In our online shop we enable you to pay by means of credit card using the payment service providers CardProcess GmbH and BS PAYONE GmbH. You enter the credit card data required for this directly into an embedded form of our payment service provider.

Upon the selection of the "credit card" payment option, data is automatically transferred to our service provider You hereby expressly consent to this transfer of personal data (first and last name, address, purchase price) for the purpose of processing the payment as well as fraud prevention if you decide upon payment by credit card.

Forwarding of the data to associated companies can occur; this also applies to downstream service providers (processors, mutually responsible and third parties, if required for contract implementation). You can withdraw existing consent from CardProcess GmbH and BS PAYONE GmbH at any time with future effect. A withdrawal has no effect on the transfers carried out in the past.

Data recipient: (1) CardProcess GmbH, Wachhausstraße 4, 76227 Karlsruhe, Germany (2) BS PAYONE GmbH, Lyoner Straße 9, 60528 Frankfurt/Main, Germany

15. Instant transfer payment method (only concerns the use of the online shop)

In our online shop we enable you to pay by means of instant transfer using the payment service provider SOFORT GmbH.

Using the payment method at hand a real-time payment confirmation to us as the seller is possible, so that we can immediately being processing your order.

Upon the selection of the "instant transfer" payment option, data is automatically transferred to SOFORT GmbH. You hereby expressly consent to this transfer of personal data (first and last name, address, e-mail address, IP address, phone number(s), bank account details, PIN, TAN, purchase price) for the purpose of processing the payment as well as fraud prevention if you decide upon the payment by instant transfer.

The exchange of data does not only take place for the purpose of processing the payment, but also for identification and fraud prevention, in this respect, data on economic situation and on past purchase and payment behavior may also be exchanged. In this context, data is also exchanged with credit agencies by SOFORT GmbH, if there is a legitimate interest for this and it does not run counter to the interests of affected persons worth protecting.

Forwarding of the data to associated companies can occur; this also applies to downstream service providers (processors, mutually responsible and third parties, if required for contract implementation). You can withdraw existing consent from SOFORT GmbH at any time with future effect. A withdrawal has no effect on the transfers carried out in the past.

SOFORT GmbH’s current data protection regulations can be found at www.sofort.com/ger-DE/datenschutzerklaerung-sofort-gmbh/ Data recipient: SOFORT GmbH, Fußbergstraße 1, 82131 Gauting, Germany. )

16. Online application process

To apply to us online, you can use the online application system under the link www.liqui-moly.com/en/company/career.html
You can access this in the “Company, Careers” section. The data entered by you and the attachments you send with it are transferred via a secure https connection. Your electronic application data will be received by the relevant HR department and only forwarded to the department responsible for the position in question or to the persons in charge of processing. All parties involved will treat your application documents with the necessary care and with absolute confidentiality. Data processing is based on Art. 6(1) a)GDPR in conjunction with § 26 GDPR. In the event that you apply for a position offered by a third party (our cooperation partners or importers, see also Section 18) in a third country, by submitting your application documents you consent to the transfer of your personal data to the named third parties in the respective third countries as part of the application procedure.
By sending your application documents, you agree to the processing of your personal data within the application procedure. After completion of the applicant selection procedure, we will keep your application documents for another 3 months and then erase them or destroy any copies if we have not concluded a contract of employment with you. If we add your application documents to our talent pool, we will notify you accordingly. In the notification you can actively consent to the further storage of your documents. If you consent to the storage of your documents, we will store them for one year. Please note that applications that you send us by e-mail will be transferred to us unencrypted. We therefore recommend that you use the online application program.

17. Data processing and use for public image and advertising purposes

We also use your data as described in more detail below for the purposes of public image and advertising pursuant to Art. 6(1) a) and f) GDPR.

17.1. Market and opinion research

We use your data (existing data of your customer account, if applicable further data provided voluntarily, transaction data for orders in the online shop) with a corresponding consent on your part for market and opinion research.

You have given the following consent for this if you consent in this Privacy Policy:

I consent to LIQUI MOLY processing and using my personal data for its own market and opinion research purposes, so that LIQUI MOLY services can be further improved.

17.2. Individually tailored offers

We want to offer you services that are as tailored to your needs as possible. We therefore use the information that you submit and that is automatically generated when you visit our website, use your customer account and use the online shop to design advertising tailored to you and your interests. To do this, we use existing information such as your shopping history, e-mail receipt and read confirmations, the date and time of your visit to our website and products you have viewed. We use this information exclusively in pseudonymized form.

You have given the following consent for this if you have consented in this Privacy Policy:

I consent to LIQUI MOLY using the data I have provided, further information stored regarding my customer account as well as pseudonymized usage data to send me individually tailored advertising, offers and services by post, when using the online shop or if I have given my consent to receive the newsletter by e-mail.

You can object to the use of your data for public image and advertising purposes at any time. A notification in text form to the contact details above is sufficient.

17.3. Abonnement digitale Kommunikation

17.3.1 Private customers

You have the option of registering for our digital communication on our website under www.liqui-moly.de/unternehmen/newsletter.html. LIQUI MOLY GmbH uses digital communication to inform you of its latest offers. For the registration we require your e-mail address. You can tell us your name, but you do not have to do so. If you tell us your name, we will use it to address you personally. You will then receive an e-mail at the e-mail address you provided asking you to click on a link in the e-mail to confirm your subscription to the newsletter. Your e-mail address will only be activated for sending the newsletter after you have confirmed your e-mail address (double opt-in procedure).

If you have registered for digital communication, you have given the following declaration of consent for this:

Yes, I would like to receive information about LIQUI-MOLY products, news and offers free of charge via digital communication.

Optionally, you can also confirm:

I have read and agree to the Privacy Policy and the consents contained therein.

Of course, you can withdraw your consent with effect for the future or object to the further processing of your personal data for sending the newsletter at any time by clicking on the link “Unsubscribe” in the newsletter itself or sending us an e-mail with this request to the above address.

17.3.2. Business customers

You have the option of registering for our digital communication on our website under www.liqui-moly.biz/aktuelles/anmeldung-partner-info.html. LIQUI MOLY GmbH uses digital communication to inform you of its latest offers. For registration we require your first and last names in order to be able to verify you as a contact, your business e-mail address, the name of your company and its classification. This data is stored in the CRM system. You will then receive an e-mail at the e-mail address you provided asking you to click on a link in the e-mail to confirm your subscription to the newsletter. Your e-mail address will only be activated for sending the newsletter after you have confirmed your e-mail address (double opt-in procedure). If you have registered for digital communication, you have given the following declaration of consent for this:

Yes, I would like to receive information about LIQUI-MOLY products, news and offers free of charge via digital communication.

Optionally, you can also confirm:

I have read and agree to thedata protection regulations and the consents contained therein.

Of course, you can withdraw your consent with effect for the future or object to the further processing of your personal data for sending the newsletter at any time by clicking on the link “Unsubscribe” in the newsletter itself or sending us an e-mail with this request to the above address.

17.4. Profiling (cookies and web tracking procedures)

Profiling is based on Art. 6(1) a) or f) GDPR.

17.4.1. Cookies

Here we collect the following technical connection data: The called up page of our web offer, your IP address shortened by the last three digits, date and time of the call-up, end device used, browser configuration data. This takes place in order to check the authorization of actions and authentication of the requesting user of our services. The legal bases are art. 6 section 1 lit. c) in conjunction with art. 32 and art. 6 section 1 lit. f) GDPR. Our legitimate interest is the safeguarding of our webserver, in order to defend itself against attacks, for example, and ensuring the functionality of our services.

Cookies that are not technically required are only used after your express consent, which you can, of course, withdraw at any time.

As part of our cookie information on our website, you have agreed to the following declaration concerning this matter:

This website uses tracking cookies or tracking software, among other things, in order to provide you with the full functionality of our website and therefore be able to offer you a better online experience. Further information on the cookies used and webtracking process can be found in our data protection declaration. However, all cookies or our tracking software are only activated after you have given us your consent.

If you completely exclude the use of cookies, you will not be able to use individual functions of our website – including the possibility of a cookie-based opt-out of tracking. If applicable, please allow the opt-out cookies of the services for which you would like to prevent the tracking.

Please also consider that deleting all cookies leads to the opt-out cookies also being deleted. You will therefore have to reset these. Furthermore, cookies are associated to the browser, this means that they have to be specially set in each browser used by you on each device used by you. The links required for this can be found in the following in the description of the respective service.

We use the following cookies – if you allow this and have not set one or more opt-out cookies – for the purpose described below in more detail:

Name of the cookiePurpose of use Storage durationTechnically requiredOption to withdraw consent (if cookie not technically required)_gaDistinction of the user2 yearsYes
_gat_TR0Throttling of the requirement rate1 minuteYes
_trgaTracking
Yes
_trga_gidDistinction of the user24 hoursYes
_utmaDistinction of user and sessions. This cookie is created when the javascript libr cookie is updated.2 years from updateYes
_utmzStorage of the source, which explains how the website was reached by the user.6 years from updateYes
spamshieldE-mail Spam recognitionper sessionYes
trcontrolTracking opt-outpermanentYes
frontendShop system shopping basketpermanent

Yes

frontend_cidShop system shopping basketpermanentYes

17.4.2. Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called cookies, text files which are stored on your computer and which allow an analysis of your use of the website. The information generated by the cookie concerning your use of this website is generally passed on to a Google server in the USA and saved there. Your IP address on this website is anonymized. Your IP address is abbreviated by Google within member states of the European Union or in other signatories to the agreement regarding the European Economic Area. In the event that anonymous use of IP should be activated on this website, your IP address is first abbreviated by Google within member states of the European Union or in other signatories to the agreement regarding the European Economic Area. Only in exceptional circumstances is the full IP address transferred to a Google server in the USA and abbreviated there. On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide other services related to the use of the website and of the Internet to the website operator. The IP address transferred from your browser as part of Google Analytics is not added to other Google data. One way to object to web analysis by Google Analytics is to set an opt-out cookie that instructs Google not to store or use your data for web analysis purposes. Please note that in this solution the web analysis will not take place only for as long as the browser stores the opt-out cookie. If you wish to set the opt-out cookie now, please click here 

You can avoid the saving of cookies by adjusting your browser software appropriately; however, we would like to make you aware of the fact that in this case it is possible that you will not be able to use all the functions of this website. Furthermore, you can prevent the recording of the data created by the cookie and related to your use of the website (incl. your IP address) as well as the processing of this data by Google by downloading and installing the browser plug-in available at the following link. The current link is: http://tools.google.com/dlpage/gaoptout?hl=en

Data recipient: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active .

The information generated by the cookie concerning your use of this website will be stored by us for the duration based on the specific purpose and subsequently deleted. Session cookies are deleted directly after the session. Other cookies remain for longer and expire after two years at the latest.

17.4.3. YouTube video embedded via iFrame

We use YouTube, a Google service, to show you video content. To protect your privacy, we have activated the extended data protection mode.

YouTube also uses cookies to collect information about visitors to its website. YouTube uses these, among other things, to collect video statistics, to prevent fraud and to improve user-friendliness. Calling up a video usually also leads to a connection with the Google DoubleClick network. Starting the video could trigger further data processing operations, especially if you are already logged in to YouTube. We have no influence on this. You can find more information about data protection at YouTube in its privacy policy (http://www.youtube.com/t/privacy_at_youtube)

Data recipient: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Privacy-Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

17.4.4. Social media plug-ins

We use social media buttons (YouTube, Twitter, Facebook, Instagram) of Facebook Inc., Twitter Inc., Google Inc. etc. (“providers”) on our website.

These social media buttons are not integrated as plug-ins via a so-called iFrame, but as links. By clicking on the social media buttons you will be redirected to the page of the respective provider directly. The respective provider is then responsible for compliance with data protection requirements and for the accuracy, currentness and completeness of the information provided here for data processing pursuant to Art. 4 No. 17 GDPR.

17.4.5 Facebook Custom Audience
Our website uses the service “Facebook Custom Audience” by means of the so-called pixel procedure without extended comparison of customer lists with Facebook. We hereby attempt to obtain information for the optimization of our website, to improve the visitor experience and to present to you with targeted advertising content, where applicable.
Facebook can track and log your page views via an invisible pixel embedded on our website, e.g. by using your IP address and other features for identification purposes.
You can refuse this procedure by setting an opt-out cookie under the following link.
Recipient of the data: Facebook Inc., Menlo Park, CA 94025, USA
Privacy shield: www.privacyshield.gov/participant

18. Data recipient

Access to your personal data stored by us is limited to our employees and the service providers commissioned by us, who have to work with this personal data to fulfill their assignments. If third parties gain access to your data, we have obtained your permission or there is a legal basis for this. You consent to the forwarding of your online application to one of our partners (cooperation partners, importers) even in a third country and also without the existence of an adequacy decision or suitable guarantees in accordance with Art. 44 DSGVO, in awareness of the associated increased risks for the security of your data.

We use service providers to provide services and process your data (including hosting your data in a secure computer center, delivering ordered goods, creation and use of the social media wall, sending letters or e-mails and maintaining and analyzing databases, destroying documents and files, so-called order processing pursuant to Art. 28 GDPR). These service providers process the data exclusively on our instructions and are obliged to comply with the applicable data protection regulations. All processors have been carefully selected and will only have access to your data to the extent and for the time required to provide the services, or to the extent to which you have consented to the processing and use of your data. The following recipients are also included in the web tracking procedure:

Google Inc. regarding Google Analytics, YouTube videos via iFrame 
Data exchange within the group of companies to which we belong takes place exclusively within the EU/EEA and is only for internal administrative purposes with the above mentioned exception. By group of companies we mean affiliated companies as defined by Art. 4 No. 19 GDPR.

19. Data processing for the purpose of direct advertising

Direct mail advertising

To the extent permitted by law, we may also use your name and the postal address known to us for the sending of advertising for our own offers. The legal basis is art. 6 section 1 lit. f) in conjunction with recital 47 GDPR. Our legitimate interest is the promotion of sales or demand among our existing customers. Of course, you can object to the processing of your data for advertising purposes at any time for the future. A notification in text form to the contact details above is sufficient. We will then delete your data from our distribution list. The data that accounts for your objection is then kept for a further 6 years as per art. 17 section 3 lit. e) GDPR. However, during this time your personal data is blocked from further processing.

Telephone advertising

To the extent permitted by law, for business customers, we may also use your name, company affiliation and your stated telephone number, in order to inform you of our own offers that we presume you will be interested in. The legal basis is art. 6 section 1 lit. f) in conjunction with recital 47 GDPR, § 7 section 2 no. 2 UWG. Our legitimate interest is the promotion of sales or demand among our existing business customers. Of course, you can object to the processing of your data for advertising purposes at any time for the future. A notification in text form to the contact details above is sufficient. We will then delete your data from our distribution list. The data that accounts for your objection is then kept for a further 6 years as per art. 17 section 3 lit. e) GDPR. However, during this time your personal data is blocked from further processing.

20. Transfer to third countries and legal basis

A transfer of personal data to third countries only takes place

• within the scope of the use of Google Analytics on the basis of the EU Commission’s adequacy decision regarding the EU-U.S. Privacy Shield pursuant to Art. 45 GDPR.
• within the scope of the activation of YouTube videos, if you have given your consent pursuant to Art. 49(1) a) GDPR.

The servers of some of the service providers we use are located in the USA and other countries outside the European Union. Companies in these countries are subject to data protection laws that do not generally protect personal data to the same extent as is the case in the member states of the European Union. If your data are processed in a country which does not have a recognized high level of data protection like the European Union, this will be on the basis of the EU Commission’s adequacy decision regarding the EU-U.S. Privacy Shield pursuant to Art. 45 GDPR or the EU Standard Treaty 2010 pursuant to Art. 46(2) c) GDPR in conjunction with the EU Commission’s decision of 05/02/2010 (2010/87/EU) or pursuant to Art. 49(1) a) GDPR.

21. Transfer to law enforcement and criminal investigation authorities

In exceptional cases, we transfer personal data to law enforcement and criminal investigation authorities. This is done on the basis of corresponding legal obligations, e.g. from the German Code of Criminal Procedure (Strafprozessordnung), the German Tax Code (Abgabenordnung), the Money Laundering Act (Geldwäschegesetz) or state police laws.

22. Data security

We maintain a wide variety of security measures pursuant to Art. 32 GDPR (technical and organizational measures) for the protection of your personal data.

For a secure transfer of the data you send to us, we offer SSL/TLS encryption with the current TLS v1.1. and TLS v1.2 encryption protocols on our website. We would like to point out that the comprehensive encryption of the transmission path also depends on your Internet browser. We therefore recommend that you keep your Internet browser up to date so that TLS v1.1. or TLS v1.2 encryption is automatically established when you visit our website.

If you contact us by e-mail, we would like to point out that the confidentiality of the information transferred is not guaranteed. The content of e-mails may be viewed by third parties. We therefore recommend that you send us confidential information by post or, for applications, via our online portal.

23. Prize competition

From time to time you have the opportunity to take part in prize competitions or similar promotions on our website. As part of these promotions, personal data may also be collected and stored for processing purposes; the scope of this data can be found in the respective entry form. Data that we do not absolutely require for the prize competition but which allows us to contact you more quickly should you win, for example, is explicitly marked as optional. The personal information that you provide us as part of this type of prize competition promotion is used only for the processing of the promotion (in the event of a prize competition, for example, for winner determination, winner notification and mailing of the prize). After conclusion of the promotion, the data from the participants who did not win is immediately deleted. The data from the winner is deleted after the legal retention period has expired."

24. Social Media

Facebook:

social network:

facebook.com

Please be advised that Facebook is just one of a number of ways of getting in touch with us and receiving information from us.

This fanpage is operated jointly with (‘platform operator’):

Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2 Ireland

An agreement in line with Art. 26 (1) GDPR has been drawn up between those with joint responsibility to determine who is responsible for what in relation to GDPR             

The agreement within the meaning of Art. 26 (1) GDPR can be found using the following link:

https://www.facebook.com/legal/terms/page_controller_addendum

The platform operator will make the main contents of this agreement available to the data subjects.

Data privacy contact information:

Data privacy contact information can be found in our privacy statement linked to here and the platform operator’s data protection officer can be contacted using the following online form:

https://www.facebook.com/help/contact/540977946302970

Categories of data subjects:

fanpage visitors that are registered with the social network and those that are not.

Categories of personal data:

Data that we process from registered visitors to our fanpage:

User name that they have registered with, freely available profile information (e.g. names, occupation, addresses, contact information, and where applicable particular categories of personal data such as religious affiliation, health data etc.), data arising from the sharing of content, exchanging messages and communication, data required as part of processing the contract to become a registered user; in other respects we only process pseudonymized data such as statistics and insights about how users interact with posts, pages, videos and other content made available on the fanpage (page activity, page views, “likes” data, reach, general demographics, location and interest related data by age, gender, state, city, language), evaluations of the success and background of our adverts.

We are unable to match the pseudonymized data with the corresponding identifying features (e.g. name). We are, therefore, unable to identify individual visitors that remain anonymous to us.

Data that we process from non-registered visitors to our fanpage:

pseudonymized data such as statistics and insights about how users interact with posts, pages, videos and other content made available on the fanpage (page activity, page views, “likes” data, reach, general demographics, location and interest related data by age, gender, state, city, language), evaluations of the success and background of our adverts.

We are unable to match the pseudonymized data with the corresponding identifying features (e.g. name). We are, therefore, unable to identify individual visitors that remain anonymous to us.

The following link gives details of the data that the platform operator processes concerning registered and non-registered visitors to our fanpage:

https://www.facebook.com/privacy/explanation

We have no control over the use of any such tools by the platform operator and would not expect to be informed about any potential use of the same. If tools of this kind are used by the platform operator on our fanpage, we have neither commissioned nor condoned them, nor do we support their use in any way. Neither do we have access to the resultant data analysis. Furthermore, it is not possible for us to prevent the use of such tools on our fanpage, turn them off or otherwise effectively control their usage.

Data origins:

We receive data either directly from the data subjects or from the platform operator.

Legal basis for processing data

We process data on the following legal bases:

• Art. 6 (1) a) GDPR: Consent of the data subjects

• where applicable Art. 6 (1) b) GDPR: Performance of a contract with the data subject or implementation of pre-contractual measures at the request of the data subject

• Art. 6 (1) f) GDPR legitimate interest
  • To optimize our fanpage
  • To promote the sales of our products and services or drive demand
  • To simplify communication and the exchange of data

We only process special categories of personal data, if at all, on the following legal bases:

• Art. 9 (2) a) GDPR: Consent of the data subject
• Art. 9 (2) e) GDPR: The data subject has manifestly made the personal data public

The legal bases used by the platform operator for the processing of data can be found using the following link:

https://www.facebook.com/about/privacy/legal_bases If the data subjects can be tracked through the collection of their data, be that through the use of cookies or similar techniques, or through the storing of IP addresses, the platform operator should obtain the prior consent of the data subjects.

In particular, the platform operator is obligated to inform the data subjects for what purpose and on what legal basis the first visit to a fanpage, even by non-registered visitors, is being recorded in so-called local storage and whether the personal data of non-registered visitors (e.g. IP addresses or other such data, that is consolidated as personal data) is used to create profiles.

We have no influence or control over whether the collection of data by the platform operator is lawful.

Purpose of data processing:

The data is being processed for the following purposes:

• Public image and advertising

• Communication and data exchange

• Event management
• Contract initiation and processing, where applicable

We have no influence over the purposes for which the platform operator uses data. We also have no effective methods for controlling this.

Storage period

The storage and deletion of data is the responsibility of the platform operator in line with the agreement within the meaning of Art. 26 (1) GDPR. Information about this can be found using the following link:

https://www.facebook.com/privacy/explanation

We have no influence over whether the platform operator adheres to the legal deletion deadlines nor over the way in which they delete the data. We also have no effective methods for controlling this.

Categories of receiver

Only our employees and service providers that look after our fanpage and require data for the above mentioned purposes have access to data we process. If the data subjects have posted their data publicly on our fanpage, then it will be accessible by our registered and, where applicable, non-registered users.

The categories of receivers that the platform operator discloses information to or that registered users disclose their data to, and information about internal corporate data exchanges can be found using the following link: https://www.facebook.com/privacy/explanation

We have no influence on the disclosure of data to individual receivers (categories) by the platform operator. We also have no effective methods for controlling this.

Data transfer to third countries

If the data subjects have posted their data publicly on our fanpage, then it will be accessible by our registered and, where applicable, non-registered users across the world.

As part of the operation of our fanpage, data will also be transferred to third countries by the platform operator.

Data transfers to third countries related hereto are covered by a European Commission adequacy decision as per Art. 45 GDPR or through appropriate safeguards as per Art. 46 GDPR:

Facebook Inc. is Privacy Shield certified: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

Due to the EU-US Privacy Shield understanding, Facebook must also afford the data subjects different rights, which are then asserted directly towards Facebook.

We have no influence over data transfers to third countries undertaken by the platform operator. We also have no effective methods for controlling this.

Logic involved and significance of profiling and/or automated decision-making based on the collected data

If the data subjects can be tracked through the collection of their data, be that through the use of cookies or similar techniques, or through the storing of IP addresses, the platform operator is obligated to inform them of this, as per the agreement within the meaning of Art. 26 (1) GDPR. In particular, the platform operator is obligated to advise the data subjects of the purposes and legal bases, if, after visiting a subpage of our fanpage, a session cookie and three cookies with a length of between four months and two years have been stored.

Information about this can be found using the following link:

https://www.facebook.com/privacy/explanation

https://www.facebook.com/policies/cookies/

We have no control over the use of any such tools by the platform operator and would not expect to be informed about any potential use of the same. If tools of this kind are used by the platform operator on our fanpage, we have neither commissioned nor condoned them, nor do we support their use in any way. Neither do we have access to the resultant data analysis. Furthermore, it is not possible for us to prevent the use of such tools on our fanpage, turn them off or otherwise effectively control their usage.

Rights of the data subjects:

Those with joint responsibility must afford the data subjects different rights with regards to the processing of their data, which are, based on the agreement within in the meaning of Art. 26 (1) GDPR asserted directly towards the platform operator:

https://www.facebook.com/privacy/explanation

As per Art. 15 to Art. 18 GDPR, in certain circumstances, the data subject has the right to access, correction or deletion of their respective personal data or the right to restrict data processing by controllers. Data subjects also have the right to withdraw any consent they have given relating to the processing of their personal data at any time with effect for the future (Art. 7 (3) GDPR). They can object (Art. 21 (1) GDPR) to the further processing of their data, with the exception of in the legitimate interests of the controller as per Art. 6 (1) f) GDPR, if there are compelling legitimate grounds relating to their particular personal situation and the controller has no compelling legitimate grounds for processing the data. If personal data is processed for the purpose of direct marketing, the data subject has the right to object to this processing at any time with effect for the future (Art. 21 (2) GDPR). If data is processed with the consent of the data subject in accordance with Art. 6 (1) a), Art. 9 (1) a) GDPR or in accordance with Art. 6 (1) b) GDPR based on a contract with the data subject, and is processed with the assistance of automated systems, the data subject can, as per Art. 20 (1) GDPR, request to receive the personal data concerning them in a structured, commonly used and machine-readable format and to have said data transmitted to a third party nominated by the data subject.

In principle, data subjects have the right not to be subject to a decision based solely on automated processing as per Art. 22 (1) GDPR. If such an automated decision is permitted as per Art. 22 (2) a) to c) GDPR, the data subject is afforded the following rights as per Art. 22 (3) GDPR: the right to express their point of view, the right to obtain human intervention on the part of the controller, the right to contest the automated decision (right of appeal).

Furthermore, the data subject has the right to lodge a complaint with a supervisory authority if they are of the view that the processing of their personal data violates the General Data Protection Act, Art. 77 GDPR. The supervisory authority responsible for the platform operator is:

Data Protection Commission

21 Fitzwilliam Square, Dublin 2
D02 RD28, Ireland

Website: http://gdprandyou.ie/contact-us/

Instagram: 

social network:

Instagram

Please be advised that Instagram is just one of a number of ways of getting in touch with us and receiving information from us.

This fanpage is operated jointly with (‘platform operator’):

Facebook Inc.
Menlo Park
CA 512374
USA

Responsible for the processing of data for persons resident in the European Union:

Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2 Ireland

An agreement in line with Art. 26 (1) GDPR has been drawn up between those with joint responsibility to determine who is responsible for what in relation to GDPR             

The agreement within the meaning of Art. 26 (1) GDPR can be found using the following link

Currently no link available!

The platform operator will make the main contents of this agreement available to the data subjects.

Data privacy contact information:

Data privacy contact information can be found in our privacy statement linked to here and the platform operator’s data protection officer can be contacted here:

https://www.facebook.com/help/contact/540977946302970

Categories of data subjects:

fanpage visitors that are registered with the social network and those that are not

Categories of personal data:

Data that we process from registered visitors to our fanpage:

User name that they have registered with, freely available profile information (gender, selected country, preferences, interests), data arising from the sharing of content, exchanging messages and communication, data required as part of processing the contract to become a registered user; in other respects we only process pseudonymized data such as statistics and insights about how users interact with posts, pages, videos and other content made available on the fanpage (page activity, page views, “likes” data, reach, general demographics, location and interest related data by age, gender, state, city, language), evaluations of the success and background of our adverts.

We are unable to match the pseudonymized data with the corresponding identifying features (e.g. name). We are, therefore, unable to identify individual visitors that remain anonymous to us.

Data that we process from non-registered visitors to our fanpage:

pseudonymized data such as statistics and insights about how users interact with posts, pages, videos and other content made available on the fanpage (page activity, page views, “likes” data, reach, general demographics, location and interest related data by age, gender, state, city, language), evaluations of the success and background of our adverts.

We are unable to match the pseudonymized data with the corresponding identifying features (e.g. name). We are, therefore, unable to identify individual visitors that remain anonymous to us.

The following link gives details of the data that the platform operator processes concerning registered and non-registered visitors to our fanpage:

https://help.instagram.com/519522125107875

Data origins

We receive data either directly from the data subjects or from the platform operator.

We have no influence or control over whether the collection of data by the platform operator is lawful.

Legal basis for processing data

We process data on the following legal bases:

• Art. 6 (1) a) GDPR: Consent of the data subjects

• where applicable Art. 6 (1) b) GDPR: Performance of a contract with the data subject or implementation of pre-contractual measures at the request of the data subject

• Art. 6 (1) f) GDPR legitimate interest
  • To optimize our fanpage
  • To promote the sales of our products and services or drive demand
  • To simplify communication and the exchange of data

We only process special categories of personal data, if at all, on the following legal bases:

• Art. 9 (2) a) GDPR: Consent of the data subject
• Art. 9 (2) e) GDPR: The data subject has manifestly made the personal data public

The legal bases used by the platform operator for the processing of data can be found using the following link:

https://help.instagram.com/519522125107875 If the data subjects can be tracked through the collection of their data, be that through the use of cookies or similar techniques, or through the storing of IP addresses, the platform operator should obtain the prior consent of the data subjects.

In particular, the platform operator is obligated to inform the data subjects for what purpose and on what legal basis the first visit to a fanpage, even by non-registered visitors, is being recorded in so-called local storage and whether the personal data of non-registered visitors (e.g. IP addresses or other such data, that is consolidated as personal data) is used to create profiles.

We have no influence or control over whether the collection of data by the platform operator is lawful.

Purpose of data processing

The data is being processed for the following purposes:

• Public image and advertising
• Communication and data exchange
• Event management
• Contract initiation and processing, where applicable

We have no influence over the purposes for which the platform operator uses data. We also have no effective methods for controlling this.

Storage period:

The storage and deletion of data is the responsibility of the platform operator in line with the agreement within the meaning of Art. 26 (1) GDPR. Information about this can be found using the following link:

https://help.instagram.com/519522125107875

We have no influence over whether the platform operator adheres to the legal deletion deadlines nor over the way in which they delete the data. We also have no effective methods for controlling this.

Categories of receiver

Only our employees and service providers that look after our fanpage and require data for the above mentioned purposes have access to data we process. If the data subjects have posted their data publicly on our fanpage, then it will be accessible by our registered and, where applicable, non-registered users.

The categories of receivers that the platform operator discloses information to or that registered users disclose their data to, and information about internal corporate data exchanges can be found using the following link:https://help.instagram.com/519522125107875

We have no influence on the disclosure of data to individual receivers (categories) by the platform operator. We also have no effective methods for controlling this.

Data transfer to third countries

If the data subjects have posted their data publicly on our fanpage, then it will be accessible by our registered and, where applicable, non-registered users across the world.

As part of the operation of our fanpage, data will also be transferred to third countries by the platform operator.

Data transfers to third countries related hereto are covered by a European Commission adequacy decision as per Art. 45 GDPR or through appropriate safeguards as per Art. 46 GDPR:

Facebook Inc. is Privacy Shield certified: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

Due to the EU-US Privacy Shield understanding, Facebook must also grant the persons concerned other rights, which are then asserted directly towards Facebook.

Due to the EU-US Privacy Shield understanding, Facebook must also grant the persons concerned other rights, which are then asserted directly towards Facebook.

Logic involved and significance of profiling and/or automated decision-making based on the collected data

If the persons concerned can be tracked through the collection of their data, be that through the use of cookies or similar techniques, or through the storing of IP addresses, the platform operated is obligated to inform them of this, as per the agreement within the meaning of Art. 26 (1) GDPR. In particular, the platform operator is obligated to advise the data subjects of the purposes and legal bases, if, after visiting a subpage of our fanpage, a session cookie and three cookies with a length of between four months and two years have been stored.

Information about this can be found using the following link:

https://help.instagram.com/1896641480634370?ref=ig

We have no control over the use of any such tools by the platform operator and would not expect to be informed about any potential use of the same. If tools of this kind are used by the platform operator on our fanpage, we have neither commissioned nor condoned them, nor do we support their use in any way. Neither do we have access to the resultant data analysis. Furthermore, it is not possible for us to prevent the use of such tools on our fanpage, turn them off or otherwise effectively control their usage.

Rights of the data subjects:

Those with joint responsibility must afford the data subjects different rights with regards to the processing of their data, which are, based on the agreement within in the meaning of Art. 26 (1) GDPR asserted directly towards the platform operator:

https://help.instagram.com/519522125107875

As per Art. 15 to Art. 18 GDPR, in certain circumstances, the data subject has the right to access, correction or deletion of their respective personal data or the right to restrict data processing by controllers. Data subjects also have the right to withdraw any consent they have given relating to the processing of their personal data at any time with effect for the future (Art. 7 (3) GDPR). They can object (Art. 21 (1) GDPR) to the further processing of their data, with the exception of in the legitimate interests of the controller as per Art. 6 (1) f) GDPR, if there are compelling legitimate grounds relating to their particular personal situation and the controller has no compelling legitimate grounds for processing the data. If personal data is processed for the purpose of direct marketing, the data subject has the right to object to this processing at any time with effect for the future (Art. 21 (2) GDPR). If data is processed with the consent of the data subject in accordance with Art. 6 (1) a), Art. 9 (1) a) GDPR or in accordance with Art. 6 (1) b) GDPR based on a contract with the data subject, and is processed with the assistance of automated systems, the data subject can, as per Art. 20 (1) GDPR, request to receive the personal data concerning them in a structured, commonly used and machine-readable format and to have said data transmitted to a third party nominated by the data subject.

In principle, data subjects have the right not to be subject to a decision based solely on automated processing as per Art. 22 (1) GDPR. If such an automated decision is permitted as per Art. 22 (2) a) to c) GDPR, the data subject is afforded the following rights as per Art. 22 (3) GDPR: the right to express their point of view, the right to obtain human intervention on the part of the controller, the right to contest the automated decision (right of appeal).

Furthermore, the data subject has the right to lodge a complaint with a supervisory authority if they are of the view that the processing of their personal data violates the General Data Protection Act, Art. 77 GDPR. The supervisory authority responsible for the platform operator is:

Data Protection Commission

21 Fitzwilliam Square, Dublin 2
D02 RD28, Ireland

Webadresse: http://gdprandyou.ie/contact-us/

Twitter:

social network:

Twitter

Please be advised that our Twitter channel is just one of a number of ways of getting in touch with us and receiving information from us.

Our Twitter account (‘fanpage’) is operated jointly with (‘platform operator’):

Twitter Inc..
1355 Market Street #900
San Francisco
CA 94103, USA

Responsible for the processing of data for persons resident outside of the United States:

Twitter International Company
One Cumberland Place
Fenian Street
Dublin 2 D02 AX07
Irland

An agreement in line with Art. 26 (1) GDPR has been drawn up between those with joint responsibility to determine who is responsible for what in relation to GDPR

The platform operator will make the main contents of this agreement available to the data subjects: Not currently available.

Data privacy contact information:

Data privacy contact information can be found in our privacy statement linked to here.

The platform operator’s data protection officer can be contacted using the following online form

https://support.twitter.com/forms/privacy

https://twitter.ethicspointvp.com/custom/twitter/forms/data/form_data.asp

or at the following address:

Twitter International Company
Attn: Data Protection Officer
One Cumberland Place, Fenian Street
Dublin 2, D02 AX07 IRLAND　

Twitter, Inc.
Attn: Privacy Policy Inquiry
1355 Market Street, Suite 900
San Francisco, CA 94103

Furthermore, the data subjects can find more information here:

https://support.twitter.com/articles/20170320#

Categories of data subjects:

fanpage visitors that are registered with the social network and those that are not

Data subjects’ are hereby notified that they are responsible for their own use of Twitter’s short message service and its related functions. This applies, in particular, to the use of interactive functions (e.g. sharing, rating).

Categories of personal data:

Data that we process from registered visitors to our fanpage:

User ID or user name that the data subject has registered with, freely available profile information (name, email address, telephone number), data arising from the sharing of content, from re-tweeting tweets, from writing tweets linked to the data subject’s Twitter account, from exchanging messages and communication, data required as part of processing the contract to become a registered user, any data and content freely published and disseminated by the data subject on Twitter or via their Twitter account;

Apart from this we can only access specific, non-personal or pseudonymized data about Tweet activity, such as the number of profile and link clicks generated by a specific Tweet. We are unable to match the non-personal or pseudonymized data with the corresponding identifying features (e.g. name). We are, therefore, unable to identify individual visitors that remain anonymous to us.

Data that we process from non-registered visitors to our fanpage:

We can only access specific, non-personal or pseudonymized data about Tweet activity, such as the number of profile and link clicks generated by a specific Tweet. We are unable to match the non-personal or pseudonymized data with the corresponding identifying features (e.g. IP address, name). We are, therefore, unable to identify individual visitors that remain anonymous to us.

Data that we process from visitors to our website:
The IP addresses of our website visitors are not transmitted to the platform operator via the embedded Twitter buttons (hard link) or Tweets on our webpage.

Data that the platform operator processes concerning registered and non-registered visitors to our fanpage:

Data submitted voluntarily such as user ID or user name that the visitor has registered with, freely available profile information (name, email address, telephone number), address book contacts if the data subject uploads or synchronizes their address book, payment information where applicable;

In addition, the platform operator analyses content shared by registered visitors, what subjects they are interested in, stores and processes private messages that are sent directly to other users and can determine their location from GPS data, information from wireless networks or via their IP address, in order to target their adverts and content.

Finally, the platform operator also receives information if visitors, for example, view content, even if they do not have a Twitter account. This so-called “log data” can include IP address, browser type, operating system, information about previously visited websites and pages, their location, their mobile phone provider, the device they are using (incl. device ID and application ID), search terms used and cookie information.

Through the use of Twitter buttons or widgets embedded in websites and the use of cookies, the platform operator can collect data about the websites that registered users visit and link this back to their Twitter profile. This data can be used to offer tailored content or adverts.

Further information about what data the platform operator processes can be found using the following link: https://twitter.com/de/privacy

The platform operator potentially uses analysis tools such as Twitter or Google Analytics to evaluate the data. We have no control over the use of any such tools by the platform operator and would not expect to be informed about any potential use of the same. If tools of this kind are used by the platform operator on our fanpage, we have neither commissioned nor condoned them, nor do we support their use in any way. Neither do we have access to the resultant data analysis. Furthermore, it is not possible for us to prevent the use of such tools on our fanpage, turn them off or otherwise effectively control their usage.

Data origins

We receive data either directly from the data subjects or from the platform operator.

The following link provides information on where the platform operator obtains data subject’s information: https://twitter.com/de/privacy

We have no influence or control over whether the collection of data by the platform operator is lawful.

Legal basis for processing data

We process data on the following legal bases:

• Art. 6 (1) a) GDPR: Consent of the data subjects

• where applicable Art. 6 (1) b) GDPR: Performance of a contract with the data subject or implementation of pre-contractual measures at the request of the data subject

• where applicable Art. 6 (1) b) GDPR: Performance of a contract with the data subject or implementation of pre-contractual measures at the request of the data subject
  • To simplify communication and the exchange of data, whereby the existing communication channels, such as web presence, press releases, print media and events, are usefully supplemented by the fanpage
  • To promote the sales of our products and services, drive demand or to recruit in a transparent way
  • To optimize our fanpage

We only process special categories of personal data, if at all, on the following legal bases:

• Art. 9 (2) a) GDPR: Consent of the data subject
• Art. 9 (2) e) GDPR: The data subject has manifestly made the personal data public

The legal bases used by the platform operator for the processing of data can be found using the following link:

https://twitter.com/de/privacy

We have no influence or control over whether the collection of data by the platform operator is lawful.

Purpose of data processing

We process data for the following purposes:

• Public image and advertising
• Communication and data exchange
• Event management
• Contract initiation and processing, where applicable

Information about the platform operator’s purposes for processing data can be found using the following link: https://twitter.com/de/privacy

We have no influence over the purposes for which the platform operator uses data. We also have no effective methods for controlling this.

Storage period

The storage and deletion of data is the responsibility of the platform operator. Information about this can be found using the following link: https://twitter.com/de/privacy

We have no influence over whether the platform operator adheres to the legal deletion deadlines nor over the way in which they delete the data. We also have no effective methods for controlling this.

Categories of receiver

Only our employees and service providers that look after our fanpage and require data for the above mentioned purposes have access to data we process. If the data subjects have posted their data publicly on our fanpage, freely published and disseminated via Twitter, then this data will be included in our fanpage offering and it will be accessible by our followers, other registered and, where applicable, non-registered users.

The categories of receivers that the platform operator discloses information to or that registered users disclose their data to, and information about internal corporate data exchanges can be found using the following link: https://twitter.com/de/privacy

We have no influence on the disclosure of data to individual receivers

(categories) by the platform operator. We also have no effective methods for controlling this.

Data transfer to third countries

If the data subjects have posted their data publicly on our fanpage, freely published and disseminated via Twitter, then it will be accessible by our followers, other registered and, where applicable, non-registered users across the world.

Data from Twitter, Inc. will be processed as part of the operation of our fanpage.

The related transfer of data to the USA as a third country without an adequate level of data privacy protection is safeguarded by Twitter, Inc.’s EU-US Privacy Shield certification: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active

Regardless of where the data subject resides, the platform operator will transfer data to the United states, Ireland and any other country where Twitter Inc. does business, store it there and process it in other ways.

Data transfers to third countries related hereto are covered by a European Commission adequacy decision as per Art. 45 GDPR or through appropriate safeguards as per Art. 46 GDPR: https://twitter.com/de/privacy

We have no influence over data transfers to third countries undertaken by the platform operator. We also have no effective methods for controlling this.

We have no influence over data transfers to third countries undertaken by the platform operator. We also have no effective methods for controlling this.

Logic involved and significance of profiling and/or automated decision-making based on the collected data

If the data subjects can be tracked through the collection of their data, be that through the use of cookies or similar techniques, or through the storing of IP addresses, the platform operator is obligated to inform them of this. Information about this can be found using the following link: https://twitter.com/de/privacy

The platform operator potentially uses analysis tools such as Twitter or Google Analytics to evaluate the data. We have no control over the use of any such tools by the platform operator and would not expect to be informed about any potential use of the same. If tools of this kind are used by the platform operator on our fanpage, we have neither commissioned nor condoned them, nor do we support their use in any way. Neither do we have access to the resultant data analysis. Furthermore, it is not possible for us to prevent the use of such tools on our fanpage, turn them off or otherwise effectively control their usage.

Rights of the data subjects

Those with joint responsibility must afford the data subjects different rights with regards to the processing of their data, which are then asserted directly towards the platform operator:

As per Art. 15 to Art. 18 GDPR, in certain circumstances, the data subject has the right to access, correction or deletion of their respective personal data or the right to restrict data processing by controllers. Data subjects also have the right to withdraw any consent they have given relating to the processing of their personal data at any time with effect for the future (Art. 7 (3) GDPR). They can object (Art. 21 (1) GDPR) to the further processing of their data, with the exception of in the legitimate interests of the controller as per Art. 6 (1) f) GDPR, if there are compelling legitimate grounds relating to their particular personal situation and the controller has no compelling legitimate grounds for processing the data. If personal data is processed for the purpose of direct marketing, the data subject has the right to object to this processing at any time with effect for the future (Art. 21 (2) GDPR). If data is processed with the consent of the data subject in accordance with Art. 6 (1) a), Art. 9 (1) a) GDPR or in accordance with Art. 6 (1) b) GDPR based on a contract with the data subject, and is processed with the assistance of automated systems, the data subject can, as per Art. 20 (1) GDPR, request to receive the personal data concerning them in a structured, commonly used and machine-readable format and to have said data transmitted to a third party nominated by the data subject.

In principle, data subjects have the right not to be subject to a decision based solely on automated processing as per Art. 22 (1) GDPR. If such an automated decision is permitted as per Art. 22 (2) a) to c) GDPR, the data subject is afforded the following rights as per Art. 22 (3) GDPR: the right to express their point of view, the right to obtain human intervention on the part of the controller, the right to contest the automated decision (right of appeal).

Data subjects have the option to restrict the processing of their data in the general settings of their Twitter account, in the ‘data protection and security’ section. Furthermore, the settings options on mobile devices (smartphones, tablets) can be used to restrict the platform operator’s access to contact and calendar information, photos, location data etc. This does, however, depend on the operating system being used.

Data subjects can obtain more information about what data platform operators can see here:

https://support.twitter.com/articles/20172711#

Data subjects can obtain information about the conclusions drawn by the platform operator here: https://twitter.com/your_twitter_data

Data subjects can find information about existing personalization and data protection settings options here (with additional references):  https://twitter.com/personalization

As Twitter Inc. is a non-European provider with a sole European subsidiary in Ireland, one interpretation is that it is not bound by German data protection regulations. This applies to, for example, the right to access, block or delete data or the option to object to the use of usage data for advertising purposes.

Due to the EU-US Privacy Shield understanding Twitter, Inc. must also afford the data subjects different rights, which are then asserted directly towards https://twitter.ethicspointvp.com/custom/twitter/forms/data/form_data.asp

Further information about this can be found using the following link: https://twitter.ethicspointvp.com/custom/twitter/forms/data/form_data.asp

Further information about this social network and other social network and how data subjects can protect their data, can be found here: https://www.youngdata.de/.

Furthermore, the data subject has the right to lodge a complaint with a supervisory authority if they are of the view that the processing of their personal data violates the General Data Protection Act, Art. 77 GDPR. The supervisory authority responsible for the platform operator is:

Data Protection Commission

21 Fitzwilliam Square, Dublin 2
D02 RD28, Ireland

https://www.dataprotection.ie/docs/Contact-us/b/11.htm

Webadresse: http://gdprandyou.ie/contact-us/

Youtube:

social network:

Youtube

Please be advised that Youtube is just one of a number of ways of getting in touch with us and receiving information from us.

This fanpage is operated jointly with (‘platform operator’):

Google LLC
1600 Amphitheatre Pkwy

Mountain View

CA, 94043 USA

An agreement in line with Art. 26 (1) GDPR has been drawn up between those with joint responsibility to determine who is responsible for what in relation to GDPR

The agreement within the meaning of Art. 26 (1) GDPR can be found using the following link:

Not available yet!

The platform operator will make the main contents of this agreement available to the data subjects.

Data privacy contact information:

Data privacy contact information can be found in our privacy statement linked to here and the platform operator’s data protection officer can be contacted using the following online form:

https://policies.google.com/privacy?hl=de&gl=de

Categories of data subjects:

fanpage visitors that are registered with the social network and those that are not

Categories of personal data:

Data that we process from registered visitors to our fanpage:

https://policies.google.com/privacy?hl=de&gl=de

User name that they have registered with, freely available profile information (e.g. names, occupation, addresses, contact information, and where applicable particular categories of personal data such as religious affiliation, health data etc.), data arising from the sharing of content, exchanging messages and communication, data required as part of processing the contract to become a registered user; in other respects we only process pseudonymized data such as statistics and insights about how users interact with posts, pages, videos and other content made available on the fanpage (page activity, page views, “likes” data, reach, general demographics, location and interest related data by age, gender, state, city, language), evaluations of the success and background of our adverts.

We are unable to match the pseudonymized data with the corresponding identifying features (e.g. name). We are, therefore, unable to identify individual visitors that remain anonymous to us.

                Data that we process from non-registered visitors to our fanpage:

pseudonymized data such as statistics and insights about how users interact with posts, pages, videos and other content made available on the fanpage (page activity, page views, “likes” data, reach, general demographics, location and interest related data by age, gender, state, city, language), evaluations of the success and background of our adverts.

We are unable to match the pseudonymized data with the corresponding identifying features (e.g. name). We are, therefore, unable to identify individual visitors that remain anonymous to us.

                The following link gives details of the data that the platform operator processes concerning registered and non-registered visitors to our fanpage:

https://policies.google.com/privacy?hl=de&gl=de

Data origins

We receive data either directly from the data subjects or from the platform operator.

We have no influence or control over whether the collection of data by the platform operator is lawful.

Legal basis for processing data 

We process data on the following legal bases:

• Art. 6 (1) a) GDPR: Consent of the data subjects

• where applicable Art. 6 (1) b) GDPR: Performance of a contract with the data subject or implementation of pre-contractual measures at the request of the data subject

• Art. 6 (1) f) GDPR legitimate interest
  • To optimize our fanpage
  • To promote the sales of our products and services or drive demand
  • To simplify communication and the exchange of data

We only process special categories of personal data, if at all, on the following legal bases:

• Art. 9 (2) a) GDPR: Consent of the data subject
• Art. 9 (2) e) GDPR: The data subject has manifestly made the personal data public

The legal bases used by the platform operator for the processing of data can be found using the following link:

https://policies.google.com/privacy?hl=de&gl=de

If the data subjects can be tracked through the collection of their data, be that through the use of cookies or similar techniques, or through the storing of IP addresses, the platform operator should obtain the prior consent of the data subjects.

In particular, the platform operator is obligated to inform the data subjects for what purpose and on what legal basis the first visit to a fanpage, even by non-registered visitors, is being recorded in so-called local storage and whether the personal data of non-registered visitors (e.g. IP addresses or other such data, that is consolidated as personal data) is used to create profiles.

We have no influence or control over whether the collection of data by the platform operator is lawful.

Purpose of data processing

The data is being processed for the following purposes:

• Public image and advertising
• Communication and data exchange
• Event management
• Contract initiation and processing, where applicable

We have no influence over the purposes for which the platform operator uses data. We also have no effective methods for controlling this

Storage period

The storage and deletion of data is the responsibility of the platform operator in line with the agreement within the meaning of Art. 26 (1) GDPR. Information about this can be found using the following link:

https://policies.google.com/privacy?hl=de&gl=de

We have no influence over whether the platform operator adheres to the legal deletion deadlines nor over the way in which they delete the data. We also have no effective methods for controlling this.

Categories of receiver

Only our employees and service providers that look after our fanpage and require data for the above mentioned purposes have access to data we process. If the data subjects have posted their data publicly on our fanpage, then it will be accessible by our registered and, where applicable, non-registered users.

The categories of receivers that the platform operator discloses information to or that registered users disclose their data to, and information about internal corporate data exchanges can be found using the following link: https://policies.google.com/privacy?hl=de&gl=de

We have no influence on the disclosure of data to individual receivers (categories) by the platform operator. We also have no effective methods for controlling this.

Data transfer to third countries

If the data subjects have posted their data publicly on our fanpage, then it will be accessible by our registered and, where applicable, non-registered users across the world.

As part of the operation of our fanpage, data will also be transferred to third countries by the platform operator.

Data transfers to third countries related hereto are covered by a European Commission adequacy decision as per Art. 45 GDPR or through appropriate safeguards as per Art. 46 GDPR:

https://policies.google.com/privacy?hl=de&gl=de

Google Inc. is Privacy Shield certified: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

Due to the EU-US Privacy Shield understanding, Google must also afford the data subjects different rights, which are then asserted directly towards Google.

We have no influence over data transfers to third countries undertaken by the platform operator. We also have no effective methods for controlling this.

Logic involved and significance of profiling and/or automated decision-making based on the collected data

If the persons concerned can be tracked through the collection of their data, be that through the use of cookies or similar techniques, or through the storing of IP addresses, the platform operated is obligated to inform them of this, as per the agreement within the meaning of Art. 26 (1) GDPR. In particular, the platform operator is obligated to advise the data subjects of the purposes and legal bases, if, after visiting a subpage of our fanpage, a session cookie and three cookies with a length of between four months and two years have been stored.

Information about this can be found using the following link:

https://policies.google.com/privacy?hl=de&gl=de

We have no control over the use of any such tools by the platform operator and would not expect to be informed about any potential use of the same. If tools of this kind are used by the platform operator on our fanpage, we have neither commissioned nor condoned them, nor do we support their use in any way. Neither do we have access to the resultant data analysis. Furthermore, it is not possible for us to prevent the use of such tools on our fanpage, turn them off or otherwise effectively control their usage.

Rights of the data subjects

Those with joint responsibility must grant the persons concerned different rights with regards to the processing of their data, which are, based on the agreement within in the meaning of Art. 26 (1) GDPR asserted directly towards the platform operator:

https://policies.google.com/privacy?hl=de&gl=de

As per Art. 15 to Art. 18 GDPR, in certain circumstances, the data subject has the right to access, correction or deletion of their respective personal data or the right to restrict data processing by controllers. Data subjects also have the right to withdraw any consent they have given relating to the processing of their personal data at any time with effect for the future (Art. 7 (3) GDPR). They can object (Art. 21 (1) GDPR) to the further processing of their data, with the exception of in the legitimate interests of the controller as per Art. 6 (1) f) GDPR, if there are compelling legitimate grounds relating to their particular personal situation and the controller has no compelling legitimate grounds for processing the data. If personal data is processed for the purpose of direct marketing, the data subject has the right to object to this processing at any time with effect for the future (Art. 21 (2) GDPR). If data is processed with the consent of the data subject in accordance with Art. 6 (1) a), Art. 9 (1) a) GDPR or in accordance with Art. 6 (1) b) GDPR based on a contract with the data subject, and is processed with the assistance of automated systems, the data subject can, as per Art. 20 (1) GDPR, request to receive the personal data concerning them in a structured, commonly used and machine-readable format and to have said data transmitted to a third party nominated by the data subject.

In principle, data subjects have the right not to be subject to a decision based solely on automated processing as per Art. 22 (1) GDPR. If such an automated decision is permitted as per Art. 22 (2) a) to c) GDPR, the data subject is afforded the following rights as per Art. 22 (3) GDPR: the right to express their point of view, the right to obtain human intervention on the part of the controller, the right to contest the automated decision (right of appeal).

Furthermore, the data subject has the right to lodge a complaint with a supervisory authority if they are of the view that the processing of their personal data violates the General Data Protection Act, Art. 77 GDPR. The supervisory authority responsible for the platform operator is:

Data Protection Commission

21 Fitzwilliam Square, Dublin 2
D02 RD28, Ireland

https://www.dataprotection.ie/docs/Contact-us/b/11.htm

Webadresse: http://gdprandyou.ie/contact-us/

LinkedIn:

social network:

LinkedIn: https://de.linkedin.com/

Please be advised that LinkedIn is just one of a number of ways of getting in touch with us and receiving information from us.

Our LinkedIn account (‘fanpage’) is operated jointly with (‘platform operator’):

LinkedIn Corporation, 1000 W. Maude Avenue Sunnyvale, CA 94085 USA

Controller for processing the data of subjects living in the European Union (EU), the European Economic Area (EEA) and in Switzerland:

LinkedIn Ireland Unlimited Company
Wilton Place
Dublin 2
Ireland

An agreement in line with Art. 26 (1) GDPR has been drawn up between those with joint responsibility to determine who is responsible for what in relation to GDPR

The platform operator will make the main contents of this agreement available to the data subjects: Not currently available

Data privacy contact information:

Data privacy contact information can be found in our privacy statement linked to here.

The platform operator’s data protection officer can be contacted using the following online form https://www.linkedin.com/help/linkedin/ask/TSO-DPO or at the following address:

Jonathan Adams
Senior Privacy Counsel

LinkedIn Corporation
Legal Department - Privacy
1000 W. Maude Ave.
Sunnyvale, California 94085

Categories of data subjects:

fanpage visitors that are registered with the social network and those that are not

Data subjects’ are hereby notified that they are responsible for their own use of LinkedIn and its related functions. This applies, in particular, to the use of interactive functions (e.g. sharing, rating).

Categories of personal data:

Data that we process from registered visitors to our fanpage:

User ID or user name that the data subject has registered with, freely available profile information (name, email address, telephone number), ProFinder profile information, education, professional experience, salary expectations, photos, location data, skills and related certification, professional achievements (e.g. granting of a patent, professional recognition, projects), where applicable particular categories of personal data such as religious affiliation, health data etc., data arising from the sharing of content, exchanging messages and communication, data required as part of initiating and processing a contract requested by the registered user, any other freely available data or content published, made available, circulated, posted or uploaded by the data subject on LinkedIn or via their LinkedIn account.

Apart from this we only process pseudonymized data such as statistics and insights about how users interact with posts, pages, videos and other content made available on the fanpage (page activity, page views, “likes” data, reach, general demographics, location and interest related data by age, gender, state, city, language), evaluations of the success and background of our adverts as well as evaluations of the number of applications submitted via LinkedIn. 

We are unable to match the pseudonymized data with the corresponding identifying features (e.g. name). We are, therefore, unable to identify individual visitors that remain anonymous to us.

                Data that we process from non-registered visitors to our fanpage:

pseudonymized data such as statistics and insights about how users interact with posts, pages, videos and other content made available on the fanpage (page activity, page views, “likes” data, reach, general demographics, location and interest related data by age, gender, state, city, language), evaluations of the success and background of our adverts.

We are unable to match the pseudonymized data with the corresponding identifying features (e.g. name). We are, therefore, unable to identify individual visitors that remain anonymous to us.

                Data that we process from visitors to our website:

The IP addresses of our website visitors are not transmitted to the platform operator via the LinkedIn buttons (hard link) on our webpage.

                The following link gives details of the data that the platform operator processes concerning registered and non-registered visitors to our fanpage:

https://www.linkedin.com/legal/privacy-policy

The platform operator potentially uses various analysis tools.

We have no control over the use of any such tools by the platform operator and would not expect to be informed about any potential use of the same. If tools of this kind are used by the platform operator on our fanpage, we have neither commissioned nor condoned them, nor do we support their use in any way. Neither do we have access to the resultant data analysis. Furthermore, it is not possible for us to prevent the use of such tools on our fanpage, turn them off or otherwise effectively control their usage.

Data origins

We receive data either directly from the data subjects or from the platform operator.

The following link provides information on where the platform operator obtains data subject’s information: https://www.linkedin.com/legal/privacy-policy

We have no influence or control over whether the collection of data by the platform operator is lawful.

Legal basis for processing data

We process data on the following legal bases:

• Art. 6 (1) a) GDPR: Consent of the data subjects

• where applicable Art. 6 (1) b) GDPR: Performance of a contract with the data subject or implementation of pre-contractual measures at the request of the data subject
• Art. 6 (1) f) GDPR legitimate interest
  • To simplify communication and the exchange of data, whereby the existing communication channels, such as web presence, press releases, print media and events, are usefully supplemented by the fanpage
  • To promote the sales of our products and services, drive demand, to recruit in a transparent way and regular contributions
  • To optimize our fanpage

We only process special categories of personal data, if at all, on the following legal bases:

• Art. 9 (2) a) GDPR: Consent of the data subject
• Art. 9 (2) e) GDPR: The data subject has manifestly made the personal data public

The legal bases used by the platform operator for the processing of data can be found using the following link:

https://www.linkedin.com/legal/privacy-policy

We have no influence or control over whether the collection of data by the platform operator is lawful.

Purpose of data processing

We process data for the following purposes:

• Public image and advertising
• Communication and data exchange
• Event management
• Contract initiation and processing, where applicable

Information about the platform operator’s purposes for processing data can be found using the following link: https://www.linkedin.com/legal/privacy-policy

We have no influence over the purposes for which the platform operator actually uses data. We also have no effective methods for controlling this.

Storage period

The storage and deletion of data is the responsibility of the platform operator. Information about this can be found using the following link: https://www.linkedin.com/legal/privacy-policy

We have no influence over whether the platform operator adheres to the legal deletion deadlines nor over the way in which they delete the data. We also have no effective methods for controlling this.

Categories of receiver

Only our employees and service providers that look after our fanpage and require data for the above mentioned purposes have access to data we process. If the data subjects have posted their data publicly on our fanpage, then it will be accessible by our registered and, where applicable, non-registered users

The categories of receivers that the platform operator discloses information to or that registered users disclose their data to, and information about internal corporate data exchanges can be found using the following link: https://www.linkedin.com/legal/privacy-policy

We have no influence on the disclosure of data to individual receivers (categories) by the platform operator. We also have no effective methods for controlling this.

Data transfer to third countries

If the data subjects have posted their data publicly on our fanpage, then it will be accessible by our registered and, where applicable, non-registered users across the world.

Data from the LinkedIn Corporation will be processed as part of the operation of our fanpage. The related transfer of data to the USA as a third country without an adequate level of data privacy protection is safeguarded by LinkedIn Corporation’s EU-US Privacy Shield certification:

https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active

Regardless of where the data subject resides, the platform operator will transfer data to the United states, Ireland and any other country where the platform operator does business, store it there and process it in other ways.

Data transfers to third countries related hereto are covered by a European Commission adequacy decision as per Art. 45 GDPR or through appropriate safeguards as per Art. 46 GDPR:

https://www.linkedin.com/legal/privacy-policy

https://www.linkedin.com/help/linkedin/answer/62533?trk=microsites-frontend_legal_privacy-policy&lang=de

https://privacy.linkedin.com/de-de/dsgvo

We have no influence over data transfers to third countries undertaken by the platform operator. We also have no effective methods for controlling this.

Logic involved and significance of profiling and/or automated decision-making based on the collected data

If the data subjects can be tracked through the collection of their data, be that through the use of cookies or similar techniques, or through the storing of IP addresses, the platform operator is obligated to inform them of this. Information about this can be found using the following links:

https://www.linkedin.com/legal/privacy-policy

https://www.linkedin.com/legal/cookie-policy

https://www.linkedin.com/help/linkedin/answer/3566?trk=microsites-frontend_legal_privacy-policy&lang=de

https://www.linkedin.com/help/linkedin/answer/68763?trk=microsites-frontend_legal_privacy-policy&lang=de

The platform operator potentially uses various analysis tools.

We have no control over the use of any such tools by the platform operator and would not expect to be informed about any potential use of the same. If tools of this kind are used by the platform operator on our fanpage, we have neither commissioned nor condoned them, nor do we support their use in any way. Neither do we have access to the resultant data analysis. Furthermore, it is not possible for us to prevent the use of such tools on our fanpage, turn them off or otherwise effectively control their usage.

Rights of the data subjects

Those with joint responsibility must grant the persons concerned different rights with regards to the processing of their data, which are then asserted directly towards the platform operator:

As per Art. 15 to Art. 18 GDPR, in certain circumstances, the data subject has the right to access, correction or deletion of their respective personal data or the right to restrict data processing by controllers. Data subjects also have the right to withdraw any consent they have given relating to the processing of their personal data at any time with effect for the future (Art. 7 (3) GDPR). They can object (Art. 21 (1) GDPR) to the further processing of their data, with the exception of in the legitimate interests of the controller as per Art. 6 (1) f) GDPR, if there are compelling legitimate grounds relating to their particular personal situation and the controller has no compelling legitimate grounds for processing the data. If personal data is processed for the purpose of direct marketing, the data subject has the right to object to this processing at any time with effect for the future (Art. 21 (2) GDPR). If data is processed with the consent of the data subject in accordance with Art. 6 (1) a), Art. 9 (1) a) GDPR or in accordance with Art. 6 (1) b) GDPR based on a contract with the data subject, and is processed with the assistance of automated systems, the data subject can, as per Art. 20 (1) GDPR, request to receive the personal data concerning them in a structured, commonly used and machine-readable format and to have said data transmitted to a third party nominated by the data subject.

In principle, data subjects have the right not to be subject to a decision based solely on automated processing as per Art. 22 (1) GDPR. If such an automated decision is permitted as per Art. 22 (2) a) to c) GDPR, the data subject is afforded the following rights as per Art. 22 (3) GDPR: the right to express their point of view, the right to obtain human intervention on the part of the controller, the right to contest the automated decision (right of appeal).

• Data subjects can find information about existing personalization and data protection settings options here (with additional references):

https://privacy.linkedin.com/de-de/faq

https://privacy.linkedin.com/de-de/einstellungen

• Due to the EU-US Privacy Shield understanding LinkedIn Corporation Inc. must also afford the data subjects different rights, which are then asserted directly towards LinkedIn Corporation: privacyshield@linkedin.com
• Further information about this social network and other social network and how data subjects can protect their data, can be found here: https://www.youngdata.de/.

Furthermore, the data subject has the right to lodge a complaint with a supervisory authority if they are of the view that the processing of their personal data violates the General Data Protection Act, Art. 77 GDPR. The supervisory authority responsible for the platform operator is:

Data Protection Commission

21 Fitzwilliam Square, Dublin 2
D02 RD28, Ireland

Webadresse: https://www.dataprotection.ie/docs/Contact-us/b/11.htm

Webadresse: http://gdprandyou.ie/contact-us/