The organisation mentioned in the Legal notice is responsible for the data processing outlined below.
Whenever you visit our website, usage data are temporarily analysed for statistical purposes in the form of a log on our web server in order to improve the quality of our website. This data set comprises
The above mentioned log data are analysed in anonymised form only.
We also save the full IP address transmitted by your web browser for seven days. This is done strictly for the specific purpose of being able to identify, limit and eliminate attacks on our website. Once this period has elapsed, we erase or anonymise the IP address. The legal basis for this is Article 6 (1) lit. f)GDPR.
We use technical and organisational measures to protect your data from unauthorised access as comprehensively as possible. We use an encryption process on our web pages. TLS encryption is used to transmit your details from your computer to our server and back via the Internet. You will usually be able to identify this by the closed padlock icon in your browser’s status bar and the address line starting with https://.
On our website, we use cookies that are necessary for it to operate.
Cookies are small text files that are placed on your device and can be read. A distinction is made between session cookies (these are deleted again as soon as you close your browser) and permanent cookies (these may continue to be stored after the session in question has ended).
We do not use these essential cookies for analytical, tracking or advertising purposes.
Some of these cookies merely contain information about specific settings and cannot be connected to individuals. They may also be necessary in order to facilitate user navigation, to load the page in question and for security purposes.
We use these cookies on the basis of Art. 6 (1) lit. f) GDPR.
You can adjust your browser settings to inform you whether cookies are being used. This means you always know if cookies are being placed on your device. You can also erase the cookies and prevent new cookies from being stored at any time by adjusting the appropriate browser setting. Please note that in this case not all our website pages may be displayed and some technical functions may no longer be available.
| PROVIDER | PURPOSE | STORAGE DURATION | APPROPRIATE DATA PROTECTION LEVEL |
|---|---|---|---|
| Usercentrics A/S | Stores the user’s cookie consent status on the current domain. | 1 year | Processing within the EU/EEA |
| pidb.legamaster.com | Stores the user's consent status for cookies on the current domain. | 1 year | Processing within the EU/EEA |
| pidb.legamaster.com | This cookie is used to determine what type of device the visitor is using so that the website can be formatted accordingly. | 30 days | Processing within the EU/EEA |
We use web analysis tools and cross-device tracking technologies to enable us to design our web pages in a way that meets our needs as well as activate and analyse targeted advertising on other Internet pages.
User profiles are created by using pseudonyms. We do this by placing permanent cookies on your device and reading them. It is also possible for us to download recognition features for your browser or device (e.g. browser fingerprint or your unabbreviated IP address). This enables us to identify returning visitors and count them as such.
We also use the following functions to support our traffic measurement:
Whenever you visit our website, it is possible that the third-party providers mentioned below will download recognition features for your browser or device (e.g. browser fingerprint), analyse your IP address, store or read recognition features on your device (e.g. cookies) or gain access to individual tracking pixels.
The third-party provider can use the individual features to re-recognise your device on other websites. We can instruct the corresponding third-party providers to activate advertising that is geared to any of our pages you have visited.
As soon as you log on to the website of a third-party provider using your own user data, the respective recognition features for different browsers and devices can be linked. If the third-party provider has created a separate feature for each of the laptops, desktop PCs, smartphones or tablets that you use, for example, these separate features can be allocated to each other as soon as you use your log-in details to use one of the third-party provider’s services. This allows the third-party provider to target manage our advertising campaigns across various devices.
Below is a list of the third-party providers we work with for advertising purposes. If the data from these activities are processed outside the EU or the EEA, please be aware that there is a risk that authorities will access the data for security and monitoring purposes without your knowledge or without giving you the option to lodge an appeal. If we use providers in unsafe third countries and you consent to this, the data will be transmitted to a third country on the basis of Art. 49 (1) (a) GDPR.
Data are processed on the basis of your consent if you have given your consent via our banner. Your consent is voluntary and may be withdrawn at any time.
| PROVIDER | MAXIMUM STORAGE DURATION | APPROPRIATE DATA PROTECTION LEVEL |
|---|---|---|
| InnoCraft Limited | 1 year | Processing within the EU/EEA. |
| Youtube | Persistent | No appropriate data protection level. Transmission is on the basis of 49 (1) lit. a) GDPR. |
On our website we embed YouTube videos that are not stored on our servers. If you access our pages displaying embedded videos, you will reload the content from the third-party provider providing the videos. This tells the third-party provider that you have viewed the video on our site and gives it the technical usage data necessary.
We have no influence over any further processing of the data by the third party. When embedding the videos we have, however, made sure that we activate the enhanced data protection mode offered by the third-party provider. The enhanced data protection mode prevents the third-party provider from placing cookies.
Videos are embedded on the basis of Art. 6 (1) lit. f) GDPR and in order to make our web pages as appealing and informative as possible.
We use the technical functions and content from third-party providers indicated below in order to display our website.
If you access our pages, you will reload the content from the third-party provider providing these functions and content. This tells the third-party provider that you have viewed our site and provides it with relevant technical usage data it needs.
We have no influence over the way data are processed by the third-party provider.
Data are processed the basis of your consent if you have previously given your consent via our banner.
Please note that the use of third-party content and functions can mean that your data are processed outside the EU or the EEA. In some countries, there is a risk that authorities will access the data for security and monitoring purposes without your being informed thereof or being able to file a legal appeal. If we use providers in insecure third countries and you consent to such, the data will be transmitted to an insecure third country on the basis of Art. 49 (1) lit. a) GDPR
If you wish to withdraw your consent, please change the appropriate setting via our banner
| PROVIDER | TECHNICAL FUNCTION OR CONTENT | MAXIMUM STORAGE DURATION | TRANSFER TO THIRD STATES ACCORDING TO PROVIDER’S INFORMATION AND SECURING OF AN APPROPRIATE LEVEL OF DATA PROTECTION |
|---|---|---|---|
| InnoCraft Limited | Analytics | 1 year | Processing within the EU/EEA. |
If we have not already provided detailed information about the duration of storage, we erase personal data if such data are no longer required for the abovementioned processing purposes and provided there are no statutory duties of retention that conflict with erasure.
When processing your data, we pass your data onto service providers who help us operate our website and any associated processes in accordance with Art. 28 GDPR. These include hosting providers. Our service providers are strictly bound by our instructions and contractually obligated accordingly.
Insofar as we have not already done so in the above privacy policy, we have listed below the data processors with whom we collaborate. Where data are being transferred outside the EU or EEA in this regard, we have provided information about the appropriate level of data protection.
| DATA PROCESSORS | PURPOSE | APPROPRIATE DATA PROTECTION LEVEL |
|---|---|---|
| TransIP B.V. (NL) | Web hosting and support | Processing within the EU/EEA |
When processing your personal data the GDPR grants you, as the data subject, specific rights:
Right of access (Art. 15 GDPR)
You have the right to request confirmation of whether your personal data are being processed; if so, you have a right to access these personal data and the information detailed in Art. 15 GDPR.
Right to rectification (Art. 16 GDPR)
You have the right to request immediate rectification of incorrect personal data about you and completion of incomplete data as applicable.
Right to erasure (Art. 17 GDPR)
You have the right to request that your personal data be erased without delay if one of the reasons detailed in Art. 17 GDPR applies.
Right to restriction of processing (Art. 18 GDPR)
You have the right to request that the processing of your personal data be restricted if one of the conditions set out in Art. 18 GDPR is fulfilled, for instance if you have objected to the processing, for a period enabling the controller to verify the accuracy of the personal data.
Right to data portability (Art. 20 GDPR)
In certain cases detailed in Art. 20 GDPR you have the right to receive the personal data relating to you in a structured, commonly-used and machine-readable format and the right to transmit those data to a third party.
Right to object (Art. 7 GDPR)
If the data is processed on the basis of your consent, according to Art. 7 (3) GDPR you are entitled to withdraw your consent to the use of your personal data at any time. Please note that withdrawal only takes effect in the future. Processing carried out before consent is withdrawn is not affected.
Right to object (Art. 21 GDPR)
If data are collected on the basis of Art. 6 (1) lit. f) GDPR (data processing to uphold a legitimate interest) or on the basis of Art. 6 (1) lit. e) GDPR (data processing for a task carried out in the public interest or in the exercise of official authority), you have the right to object to the processing at any time for reasons that arise from your particular situation. We will no longer process the personal data unless there are demonstrable, compelling, protectable reasons that outweigh your interests, rights and freedoms, or processing serves to assert, exercise or defend legal claims.
Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
According to Art. 77 GDPR, you have the right to complain to a supervisory authority if you are of the opinion that processing of your data violates data protection law provisions. In particular, the right to complain can be lodged with a supervisory authority in the member state where you habitually reside, the member state for your place of work or the place of the presumed violation.
Assertion of your rights
Unless described otherwise above, in order to assert your rights as a data subject please contact the organisation given in the Legal notice.
Our external data protection officer is available to provide information on the subject of data privacy and can be contacted at this address:
datenschutz nord GmbH
Sechslingspforte 2
22087 Hamburg
Internet: www.datenschutz-nord-gruppe.de
Email: office@datenschutz-nord.de
If you contact our data protection officer direct, please also state the responsible organisation named in the Legal notice.