Pri­va­cy in the Sum­it­o­mo Elec­tric Group

Our par­ent com­pa­ny, the Sum­it­o­mo Elec­tric Group, has estab­lished a Glob­al Pri­va­cy Pol­i­cy, which is sup­ple­ment­ed by area-spe­cif­ic Local Pri­va­cy Poli­cies and if applic­a­ble Web­site Pri­va­cy Notices. The use of these policies/notices is to explain how and for what pur­pos­es we process per­son­al data of cus­tomers, sup­pli­ers, employ­ees, and oth­er third par­ties.

The Glob­al Pri­va­cy Pol­i­cy is avail­able at: https://sumitomoelectric.com/global-privacy-policy

The fol­low­ing Local Pri­va­cy Poli­cies apply in con­junc­tion with the Glob­al Pri­va­cy Pol­i­cy if you reside in one of the fol­low­ing areas:

- Japan: Japan Pri­va­cy Pol­i­cy
- Euro­pean Eco­nom­ic Area (EEA)/UK: EEA and UK Pri­va­cy Pol­i­cy
- Cal­i­for­nia: Adden­dum for Cal­i­for­nia Pri­va­cy Rights Act

 

The fol­low­ing Web­site Pri­va­cy Notice pro­vides more detailed infor­ma­tion regard­ing our data pro­cess­ing and should be read in con­junc­tion with the above poli­cies. In the event of any con­flict between the above poli­cies and the Web­site Pri­va­cy Notice, the lat­ter shall pre­vail.

Web­site Pri­va­cy Notice

Below you will find infor­ma­tion about which per­son­al data we process for what pur­pose, on what basis and for how long when you use our web­site pri­va­cy notice:

Overview / Table of con­tents

You will find the fol­low­ing infor­ma­tion in our web­site pri­va­cy notice:

A. Our con­tact details and gen­er­al infor­ma­tion on data pro­cess­ing by us

A.1 Name and con­tact details of the con­troller

A.2 Con­tact details of the data pro­tec­tion offi­cer

A.3 Gen­er­al infor­ma­tion on the legal basis for the pro­cess­ing of per­son­al data

A.4 Gen­er­al infor­ma­tion on data era­sure and reten­tion peri­ods

A.5 Gen­er­al infor­ma­tion on the sources of per­son­al data

A.6 Recip­i­ents or cat­e­gories of recip­i­ents of the per­son­al data

A.7 Con­tact via e‑mail, fax, and tele­phone call

B. Scope of the pro­cess­ing of per­son­al data via our web­site

B.1 Host provider, pro­vi­sion of the web­site and cre­ation of log files

B.2 Use of cook­ies by us and by third-par­ty providers

B.3 Use of the secu­ri­ty plu­g­in WP Cer­ber Secu­ri­ty

B.4 Use of the analy­sis tool Mato­mo

B.5 Use of the WPML lan­guage plug-in

B.6 Use of YouTube videos

B.7 Encryp­tion of the web­site and of the com­mu­ni­ca­tion

B.8 Trans­fer of per­son­al data to a third coun­try

C. Your rights as a data sub­ject

C.1 Right to infor­ma­tion

C.2 Right of rec­ti­fi­ca­tion

C.3 Right to era­sure

C.4 Right to restric­tion pro­cess­ing

C.5 Right to noti­fi­ca­tion

C.6 Right to data porta­bil­i­ty

C.7 Right to object to pro­cess­ing based on legit­i­mate inter­est, as well as to direct mail

C.8 Right of with­draw­al in the case of giv­en con­sent

C.9 Auto­mat­ed deci­sion-mak­ing includ­ing pro­fil­ing

C.10 Vol­un­tari­ness of the pro­vi­sion of data

C.11 Right to lodge a com­plaint with a super­vi­so­ry author­i­ty

A. Our con­tact details and gen­er­al infor­ma­tion on data pro­cess­ing by us

A.1 Name and con­tact details of the con­troller

Respon­si­ble in terms of data pro­tec­tion law for the col­lec­tion and use of per­son­al data is:

Sum­it­o­mo Elec­tric Bor­d­net­ze SE

Brandge­haege 11
D‑38444 Wolfs­burg-Hat­torf

Tel: 05308 400 400
Fax: 05308 400 419
info@sebn.com

Board of Direc­tors: Soichi­ro Nam­ba (CEO and Mem­ber of the Admin­is­tra­tive Board), Sohei Kanaza­wa, Carsten Schulze, Hen­ning von dem Hagen, Sven-Uwe Nie­mann

Chair­man of the Admin­is­tra­tive Board: Tomoyu­ki Miyake

Reg­is­tered office: Wolfs­burg

A.2 Con­tact details of the data pro­tec­tion offi­cer of the con­troller

You can reach our data pro­tec­tion offi­cer as fol­lows:

Sum­it­o­mo Elec­tric Bor­d­net­ze SE

Data Pro­tec­tion Offi­cer
Brandge­haege 11
D‑38444 Wolfs­burg

datenschutzbeauftragter@sebn.com

A.3 Gen­er­al infor­ma­tion on the legal basis for the pro­cess­ing of per­son­al data

In gen­er­al, the fol­low­ing applies to the pro­cess­ing of per­son­al data by us:

-Inso­far as we obtain your con­sent for the pro­cess­ing of per­son­al data, Arti­cle 6 (1) (a) of the EU Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR) serves as the legal basis for the pro­cess­ing of per­son­al data.

-When pro­cess­ing per­son­al data that is nec­es­sary to per­form a con­tract with you, Art. 6 (1) (b) GDPR serves as the legal basis. This also applies if the pro­cess­ing is nec­es­sary for the imple­men­ta­tion of pre-con­trac­tu­al mea­sures, e.g. orders, offers, con­tract nego­ti­a­tions.

-Inso­far as the pro­cess­ing of per­son­al data is nec­es­sary for com­pli­ance with a legal oblig­a­tion to which we are sub­ject, Art. 6 (1) © GDPR serves as the legal basis.

- In case that your vital inter­ests or those of anoth­er nat­ur­al per­son make it nec­es­sary to process per­son­al data, Art. 6 (1) (d) GDPR serves as the legal basis.

-If the pro­cess­ing of your per­son­al data is nec­es­sary for the per­for­mance of a task car­ried out in the pub­lic inter­est or in the exer­cise of offi­cial author­i­ty vest­ed in us, this is done on the legal basis of Art. 6 (1) (e) GDPR.

-If the pro­cess­ing is nec­es­sary to pro­tect a legit­i­mate inter­est of us or a third par­ty and your inter­ests, fun­da­men­tal rights and free­doms do not over­ride this inter­est, Art. 6 (1) (f) GDPR serves as the legal basis for the pro­cess­ing.

A.4 Gen­er­al infor­ma­tion on data era­sure and reten­tion peri­ods

We gen­er­al­ly erase or block the per­son­al data as soon as the pur­pose of the stor­age no longer applies. In addi­tion, stor­age may take place if this has been pro­vid­ed for by the Euro­pean or nation­al leg­is­la­tor in Union reg­u­la­tions, laws or oth­er pro­vi­sions to which we are sub­ject as the con­troller. Data will also be blocked or erased if a reten­tion peri­od pre­scribed by the men­tioned stan­dards expires, unless there is a neces­si­ty for the con­tin­ued reten­tion of the data for the con­clu­sion or per­for­mance of a con­tract.

Con­crete­ly that means:

If we process the per­son­al data on the basis of con­sent to data pro­cess­ing (Art. 6 (1) (a) GDPR), the pro­cess­ing ends with your with­draw­al, unless there is anoth­er legal basis for pro­cess­ing the data, which is the case, for exam­ple, if we are still legit­i­mat­ed to process your data for the pur­pose of per­form­ing a con­tract at the time of with­draw­al (cf. below in each case).

If we process the data on the basis of our legit­i­mate inter­ests (Art. 6 (1) (f) GDPR) with­in the frame­work of a pre­vi­ous­ly per­formed con­sid­er­a­tion, we store it until the legit­i­mate inter­est no longer exists, the con­sid­er­a­tion comes to a dif­fer­ent result or you have effec­tive­ly object­ed in accor­dance with Art. 21 GDPR (Cf. the visu­al­ly high­light­ed noti­fi­ca­tion to spe­cial right of objec­tion under C.).

If we process the data for the per­for­mance of a con­tract (Art. 6 (1) (b) GDPR), then we store the data until the con­tract has final­ly been per­formed and set­tled and no more claims can be made under the con­tract, i.e. until the statute of lim­i­ta­tions has expired. The gen­er­al lim­i­ta­tion peri­od accord­ing to § 195 BGB is three (3) years. How­ev­er, cer­tain claims, such as claims for dam­ages, only become time-barred after 30 years (cf. § 197 BGB). If there is rea­son­able cause to assume that this is rel­e­vant in an indi­vid­ual case, we store the per­son­al data for this peri­od. The men­tioned lim­i­ta­tion peri­ods begin at the end of the year (i.e. 31 Decem­ber) in which the claim arose and the cred­i­tor becomes aware of the cir­cum­stances giv­ing rise to the claim and the iden­ti­ty of the debtor or should have become aware with­out gross neg­li­gence.

We would like to point out that we are also sub­ject to statu­to­ry reten­tion oblig­a­tions for com­mer­cial, tax and account­ing rea­sons. These oblige us to retain cer­tain data, which may also include per­son­al data, for a peri­od of six (6) to ten (10) years as proof of our prop­er busi­ness activ­i­ty or account­ing. These reten­tion peri­ods take prece­dence over the era­sure oblig­a­tions men­tioned above. The reten­tion peri­ods also begin at the end of the respec­tive year, i.e. on 31 Decem­ber.

A.5 Gen­er­al infor­ma­tion on the sources of per­son­al data

The per­son­al data processed by us pri­mar­i­ly orig­i­nate from the data sub­jects them­selves, for exam­ple, when they, as users of our web­site, trans­mit infor­ma­tion, such as the IP address, to us or our web serv­er via the web brows­er and their end device (for exam­ple, a PC, a smart­phone, a tablet or a note­book).

Only excep­tion­al­ly may the per­son­al data we process also orig­i­nate from third par­ties, for exam­ple where a per­son is act­ing on behalf of a third par­ty.

A.6 Recip­i­ents or cat­e­gories of recip­i­ents of the per­son­al data

Your per­son­al data will only be passed on or trans­ferred to third par­ties if this is absolute­ly nec­es­sary and per­mis­si­ble for the respec­tive pur­pose. Whether and to whom we pass on data and for what pur­pose (also in the case of trans­fers to a third coun­try), we explain in each case in con­nec­tion with the data pro­cess­ing described below with­in the frame­work of this web­site pri­va­cy notice.

Cat­e­gories of recip­i­ents can in prin­ci­ple be:

  • - Ser­vice provider,
  • - Sup­pli­ers, busi­ness part­ners,
  • - Account­ing, tax con­sul­tant.
  •  

Depend­ing on the cat­e­go­ry of data involved, we process per­son­al data for the fol­low­ing pur­pos­es and based on the legal basis of the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR) men­tioned in each case:

User data

We col­lect and process data from users of our web­site on a non-per­son­al basis. It is not pos­si­ble for us to assign data to spe­cif­ic per­sons. The IP address is only processed anony­mous­ly. If, by way of excep­tion, per­son­al data is nev­er­the­less involved, we process it to safe­guard our legit­i­mate inter­ests based on Art. 6 (1) (f) GDPR. Our legit­i­mate inter­ests in this sense are our inter­est in the secu­ri­ty and integri­ty of our web­site and the data on our web serv­er (par­tic­u­lar­ly fault and error detec­tion, as well as track­ing unau­tho­rised access), as well as mar­ket­ing inter­ests and inter­ests in sta­tis­ti­cal sur­veys (to improve our web­site and our ser­vices and offers). With­in the frame­work of a con­sid­er­a­tion, we have come to the con­clu­sion that the data pro­cess­ing is nec­es­sary to safe­guard the men­tioned legit­i­mate inter­ests and that your inter­ests or fun­da­men­tal rights and free­doms, which require the pro­tec­tion of per­son­al data, do not over­ride these.

If we obtain the user’s con­sent for cer­tain data pro­cess­ing, we do so on the legal basis of Art. 6 (1) (a) GDPR.

Data of inter­est­ed par­ties 

Inso­far as we process data from those inter­est­ed in our ser­vices, this only occurs if they them­selves trans­mit this data to us for the pur­pose of the enquiry. We then process this data exclu­sive­ly for the pur­pose of pro­cess­ing the enquiry to us. The pro­cess­ing of this data vol­un­tar­i­ly trans­mit­ted to us for the pur­pose of pro­vid­ing infor­ma­tion about our ser­vices is car­ried out as pre-con­trac­tu­al pro­cess­ing pur­suant Art. 6 (1) (b) GDPR and/or on the basis of your con­sent giv­en by trans­mis­sion pur­suant Art. 6 (1) (a) GDPR.

Sup­pli­er data/business part­ner data

We process the data of our sup­pli­ers and busi­ness part­ners for the pur­pose of con­tract pro­cess­ing pur­suant Art. 6 (1) (b) GDPR and/or on the basis of con­sent giv­en pur­suant Art. 6 (1) (a) GDPR. This also applies to pro­cess­ing oper­a­tions that are nec­es­sary for the imple­men­ta­tion of pre-con­trac­tu­al mea­sures (e.g. in the con­text of the prepa­ra­tion and nego­ti­a­tion of offers).

A.7 Con­tact via e‑mail

You can con­tact us by e‑mail if you wish. Even if you write us an e‑mail, we inevitably process per­son­al data from you. This is because at least the per­son­al data trans­mit­ted with the e‑mail is stored by us or our sys­tems.

Pur­pos­es of the data pro­cess­ing

The pro­cess­ing of per­son­al data when trans­mit­ted by e‑mail serves us to process your con­tact­ing and your request. We absolute­ly need your e‑mail address in order to be able to reply to you. This is also the legit­i­mate inter­est in pro­cess­ing the data. The data is used exclu­sive­ly for pro­cess­ing the con­ver­sa­tion.

Legal basis for data pro­cess­ing

The legal basis for the pro­cess­ing of the data is your con­sent accord­ing to Art. 6 (1) (a) GDPR, which you give to us by active­ly con­tact­ing us.

If the con­tact or your enquiry is aimed at the con­clu­sion of a con­tract, the legal basis for the pro­cess­ing is Art. 6 (1) (b) GDPR (imple­men­ta­tion of pre-con­trac­tu­al mea­sures).

Dura­tion of stor­age

The data is erased as soon as it is no longer required to achieve the pur­pose for which it was col­lect­ed. For per­son­al data sent by e‑mail, this is the case when the respec­tive con­ver­sa­tion with you has end­ed and we have then wait­ed a grace peri­od of up to 3 months to see whether we may need to refer to your request or the details of the com­mu­ni­ca­tion again. The con­ver­sa­tion is end­ed when it is clear from the cir­cum­stances that the mat­ter in ques­tion has been con­clu­sive­ly clar­i­fied.

The com­mu­ni­ca­tion may be sub­ject to a reten­tion oblig­a­tion under com­mer­cial or tax law, which then takes prece­dence (cf. the expla­na­tions above on “Data era­sure and reten­tion peri­ods”).

Pos­si­bil­i­ty of objec­tion and removal

You have the pos­si­bil­i­ty at any time to revoke a giv­en con­sent to the pro­cess­ing of per­son­al data or to object to fur­ther data pro­cess­ing due to legit­i­mate inter­est (Cf. the visu­al­ly high­light­ed noti­fi­ca­tion to spe­cial right of objec­tion under C.). In such a case, the con­ver­sa­tion can­not be con­tin­ued.

The with­draw­al of con­sent or the objec­tion to fur­ther data pro­cess­ing is made pos­si­ble by infor­mal com­mu­ni­ca­tion to us (e.g. by e‑mail). All per­son­al data stored in the course of con­tact­ing us will be erased in this case.

B. Scope of the pro­cess­ing of per­son­al data via our web­site

As a mat­ter of prin­ci­ple, we only col­lect and use per­son­al data of users with­in the scope of the mere use of our web­site inso­far as this is nec­es­sary for the pro­vi­sion of a func­tion­al web­site as well as our con­tents and ser­vices. The col­lec­tion and use of our users’ per­son­al data gen­er­al­ly only takes place with the user’s con­sent. An excep­tion applies in those cas­es in which obtain­ing pri­or con­sent is not pos­si­ble for actu­al rea­sons and/or the pro­cess­ing of the data is per­mit­ted by legal reg­u­la­tions.

The host provider host­ing the web­site on its serv­er is qwer­tiko GmbH, Wald­straße 41–43, D‑76133 Karl­sruhe, Ger­many.

We have con­clud­ed an order pro­cess­ing con­tract with the host provider.

B.1  Pro­vi­sion of the web­site and cre­ation of log files

For tech­ni­cal rea­sons, our sys­tem auto­mat­i­cal­ly col­lects data and infor­ma­tion each time the web­site is accessed. These are stored in the log files of the serv­er. These are:

- Date and time of access,

- URL (address) of the refer­ring web­site (refer­rer),

- Web pages that are called up by the user’s sys­tem via our web­site,

- Screen res­o­lu­tion of the user,

- retrieved file(s) and mes­sage about the suc­cess of the retrieval,

- Amount of data sent,

- the user’s inter­net ser­vice provider,

- Brows­er, brows­er type and brows­er ver­sion, brows­er engine and engine ver­sion,

- Oper­at­ing sys­tem, oper­at­ing sys­tem ver­sion, oper­at­ing sys­tem type, and

- the anonymised IP address and the user’s inter­net ser­vice provider.

This data is processed sep­a­rate­ly from oth­er data. This data is not processed togeth­er with oth­er per­son­al data of the user. It is not pos­si­ble for us to assign this data to a spe­cif­ic per­son.

Pur­pos­es of data pro­cess­ing

The tem­po­rary pro­cess­ing of data by the sys­tem is nec­es­sary to enable the deliv­ery of the con­tents of our web­site to the user’s com­put­er. For this pur­pose, the user’s IP address must remain stored for the dura­tion of the ses­sion.

The stor­age in log files is done to ensure the func­tion­al­i­ty of the web­site. In addi­tion, we use the data to ensure the secu­ri­ty of our infor­ma­tion tech­nol­o­gy sys­tems. An eval­u­a­tion of the data for mar­ket­ing pur­pos­es does not take place in this con­text.

Legal basis of the data pro­cess­ing

The tem­po­rary stor­age of the data and the log files is based on the legal basis of Art. 6 (1) (f) GDPR. Our over­rid­ing legit­i­mate inter­est in this data pro­cess­ing lies in the afore­men­tioned pur­pos­es.

Dura­tion of stor­age

The data is erased as soon as it is no longer required to achieve the pur­pose for which it was col­lect­ed. In the case of the col­lec­tion of data for the pro­vi­sion of the web­site, this is the case when the respec­tive ses­sion has end­ed.

Pos­si­bil­i­ty of objec­tion and removal

The col­lec­tion of data for the pro­vi­sion of the web­site and the stor­age of the data in log files is absolute­ly nec­es­sary for the oper­a­tion of the web­site. Con­se­quent­ly, the user does not have the option to object. How­ev­er, the user can stop using the web­site at any time and thus pre­vent the fur­ther col­lec­tion of the men­tioned data.

B.2  Use of cook­ies by us and by third-par­ty providers

So-called cook­ies are used when using our web­site. These are small text files that are stored on your end device (PC, smart­phone, tablet, etc.). When you access a web­site, a cook­ie may be stored by your brows­er. This cook­ie con­tains a char­ac­ter­is­tic string of char­ac­ters that enables the brows­er to be unique­ly iden­ti­fied when the web­site is accessed again.

Cook­ies are used to make our web­site usable at all, to ensure the secu­ri­ty and integri­ty of the web­site, to com­ply with legal require­ments (cook­ie con­sent), to pro­vide a ser­vice express­ly request­ed by the user (essen­tial cook­ies) or to make the web­site more user-friend­ly (non-essen­tial cook­ies).

Our con­tent man­age­ment sys­tem Word­Press uses tech­ni­cal­ly nec­es­sary cook­ies. The con­tent man­age­ment sys­tem would not func­tion oth­er­wise. Only sys­tem-rel­e­vant cook­ies are used. Word­Press uses so-called ses­sion cook­ies by default (with one excep­tion, see below). These are not intend­ed for track­ing or sim­i­lar pur­pos­es, but ensure the cor­rect func­tion­al­i­ty of the sys­tem. As the name sug­gests, these cook­ies are only stored per ses­sion and expire after­wards.

Word­Press ses­sion cook­ies are:

- wordpress_[hash]
When log­ging in, Word­Press uses this cook­ie to store the authen­ti­ca­tion data of Word­Press users. Its use is restrict­ed to the admin­is­tra­tion screen area, /wp-admin/.

- wordpress_logged_in_[hash]
After login, Word­Press sets the WordPress_logged_in_[hash] cook­ie, which indi­cates that the user is logged in — and who the user is. The lat­ter infor­ma­tion is rel­e­vant for some inter­face appli­ca­tions.

- wordpress_test_cookie
This cook­ie is set when nav­i­gat­ing to the login page. This can be used to check whether the brows­er is set to allow cook­ies.

Word­Press cook­ies with a stor­age peri­od of one year:

- wp-settings-[UID] & wp-settings-{time}-[UID].
Word­Press also sets sev­er­al wp-settings-{time}-[UID] cook­ies. The num­ber at the end is the indi­vid­ual user ID from the data­base table “users”. This is used to cus­tomise the view of the admin inter­face and pos­si­bly also the main page inter­face.

All these cook­ies thus do not affect the users of the web­site, but only those who main­tain our web­site in the back­end (i.e. the admin­is­tra­tion inter­face of Word­Press) accord­ing to the order.

Essen­tial cook­ies that affect users of the web­site are set by our con­sent tool Cook­ie-Nav­i­ga­tor for the pur­pose of remem­ber­ing whether or not you have con­sent­ed to the set­ting of non-essen­tial cook­ies.

In addi­tion, cook­ies from third-par­ty providers may be used. These cook­ies could also enable an analy­sis of the user’s surf­ing behav­iour. If this is the case, we will inform you about this sep­a­rate­ly in this or spe­cif­ic pri­va­cy notices direct­ly at the infor­ma­tion about the respec­tive third-par­ty tools (such as analy­sis tools, plu­g­ins or sim­i­lar). For exam­ple, analy­sis tools set their own cook­ies for analy­sis pur­pos­es.

When you access our web­site, you will be informed about the use of cook­ies that are not strict­ly nec­es­sary and your con­sent to the pro­cess­ing of per­son­al data used in this con­text will be obtained.

Pur­pose of data pro­cess­ing

The pur­pose of using strict­ly nec­es­sary cook­ies is to enable the use of desired or explic­it­ly request­ed func­tions of the web­site for users. Some func­tions can­not be offered with­out the use of cook­ies. For these, it is nec­es­sary that the brows­er is recog­nised even after a change of site. User data col­lect­ed through strict­ly nec­es­sary cook­ies is not used to cre­ate user pro­files.
The use of non-essen­tial cook­ies is gen­er­al­ly for the pur­pose of improv­ing the qual­i­ty of our web­site and its con­tent. Through analy­sis cook­ies, we learn, for exam­ple, how the web­site is used and can thus con­stant­ly opti­mise our offer.

Legal basis for data pro­cess­ing

In the case of absolute­ly nec­es­sary cook­ies, the fol­low­ing applies: The legal basis for stor­ing absolute­ly nec­es­sary cook­ies in your end device and access­ing them is § 25 (2) (2) TTDSG. The legal basis for the fur­ther pro­cess­ing of per­son­al data using the infor­ma­tion stored in the cook­ie is Art. 6 (1) (f) GDPR, i.e. an over­rid­ing legit­i­mate inter­est on our part. Our legit­i­mate inter­est lies in the above-men­tioned pur­pos­es.
In the case of cook­ies that are not absolute­ly nec­es­sary, the fol­low­ing applies: The legal basis for stor­ing cook­ies that are not absolute­ly nec­es­sary in your end device and access­ing them is your con­sent pur­suant § 25 (1) TTDSG. The legal basis for the fur­ther pro­cess­ing of per­son­al data using non-essen­tial cook­ies is the con­sent giv­en at the same time in accor­dance with Art. 6 (1) (a) GDPR.

Dura­tion of stor­age

Some of the cook­ies we use are delet­ed again after the end of the brows­er ses­sion, i.e. after you close your brows­er (so-called ses­sion cook­ies). Oth­er cook­ies remain on your end device and enable us or the third-par­ty providers to recog­nise your brows­er on your next vis­it (per­ma­nent or sta­t­ic cook­ies). If we have stored the cook­ies on the basis of your con­sent, we will end fur­ther data pro­cess­ing with your with­draw­al. Oth­er­wise, we store the data col­lect­ed on the basis of an over­rid­ing legit­i­mate inter­est until the legit­i­mate inter­est no longer exists, the con­sid­er­a­tion of inter­ests comes to a dif­fer­ent result or you have effec­tive­ly object­ed in accor­dance with Art. 21 GDPR (Cf. the visu­al­ly high­light­ed noti­fi­ca­tion to spe­cial right of objec­tion under C.). It is reg­u­lar­ly checked whether the legit­i­mate inter­est still exists.

Pos­si­bil­i­ty of objec­tion and removal

Cook­ies are stored on your com­put­er and trans­mit­ted from it to our site. There­fore, you have full con­trol over the use of cook­ies. By chang­ing the set­tings in your inter­net brows­er, you can deac­ti­vate or restrict the trans­mis­sion of cook­ies. Cook­ies that have already been stored can be delet­ed at any time.
Note: If cook­ies are deac­ti­vat­ed for our web­site, it may no longer be pos­si­ble to use all the func­tions of the web­site to their full extent.

If you do not give your con­sent or with­draw the con­sent you have giv­en, you can also pre­vent the use of cook­ies that are not absolute­ly nec­es­sary.

B.3  Use of the secu­ri­ty plu­g­in WP Cer­ber Secu­ri­ty

On our web­site we use the plu­g­in WP Cer­ber Secu­ri­ty, which is offered by Cer­ber Tech Inc. New York, NY, 1732 1st Ave, 10128, USA.

WP Cer­ber Secu­ri­ty is a pop­u­lar secu­ri­ty plu­g­in for Word­Press web­sites. The plu­g­in sets a num­ber of cook­ies in the visitor’s brows­er that are used to detect and pre­vent var­i­ous types of mali­cious behav­iour.

The plu­g­in sets sev­er­al absolute­ly nec­es­sary cook­ies. Accord­ing to the provider, no data is col­lect­ed or processed in this con­text — nei­ther by the ser­vices nor by the soft­ware offered.

The col­lect­ed IP address­es are imme­di­ate­ly anonymised by the plu­g­in WP H‑Data Pro­tec­tion — unless they doc­u­ment intru­sion attempts.

For more infor­ma­tion on the col­lec­tion and use of data by WP Cer­ber Secu­ri­ty, please refer to the pri­va­cy pol­i­cy of the provider Cer­ber at https://wpcerber.com/privacy-policy/

Pur­pose of the data pro­cess­ing

The use of this secu­ri­ty plu­g­in is sole­ly for the secu­ri­ty and integri­ty of our web­site and our infor­ma­tion tech­nol­o­gy sys­tems. It is also used for fraud pre­ven­tion (anti-spam). The plu­g­in blocks unwant­ed intrud­er via IP or sub­net and pro­tects against fur­ther attempts of intru­sion when a set lim­it of retries is reached. This makes brute force attacks or dis­trib­uted brute force attacks by bot­nets impos­si­ble. In addi­tion, by cre­at­ing an IP black­list or whitelist, it is pos­si­ble to block or allow logins from cer­tain IP address­es. (More infor­ma­tion about the func­tions at: https://wpcerber.com/).

Legal basis of the data pro­cess­ing

We have an over­rid­ing legit­i­mate inter­est in the secu­ri­ty and integri­ty of our web­site and our infor­ma­tion tech­nol­o­gy sys­tems, so that the legal basis here is Art. 6 (1) (f) GDPR. The set­ting and read­ing of cook­ies is also car­ried out on the basis of § 25 (2) (2) TTDSG.

Dura­tion of stor­age

The IP address­es are anonymised imme­di­ate­ly. Only those that are imme­di­ate­ly recog­nised as intru­sion or attack attempts are not anonymised in order to be able to block them in the future.

Pos­si­bil­i­ty of objec­tion and removal

There is no pos­si­bil­i­ty for the user to object to or remove this, oth­er than to refrain from using our web­site alto­geth­er or to ter­mi­nate it.

B.4  Use of the analy­sis tool Mato­mo

This web­site uses Mato­mo, an open-source web analy­sis tool from InnoCraft Ltd, 150 Willis St, 6011 Welling­ton, New Zealand (https://matomo.org), to col­lect and store data for mar­ket­ing and opti­mi­sa­tion pur­pos­es. The data col­lect­ed with Mato­mo is not used by us to per­son­al­ly iden­ti­fy the vis­i­tor to the web­site and is also not merged with per­son­al data.

Stan­dard: Use of Mato­mo with­out cook­ies

If you do not give us con­sent to analy­sis mea­sures dur­ing your web­site vis­it, we use the Mato­mo
tool with­out cook­ies. This means the fol­low­ing:

We have made all data pro­tec­tion set­tings to achieve the widest pos­si­ble pseu­do­nymi­sa­tion and anonymi­sa­tion of data. This is because we are not inter­est­ed in who is behind a web­site vis­it, but only in how the web­site is used. There­fore, all IP address­es are only stored in such a way that the last 6 dig­its are replaced by an “X” (e.g. 192.168.xxx.xxx) and a user ID is auto­mat­i­cal­ly replaced by the sys­tem with a pseu­do­nym. Only the data alien­at­ed / pseu­do­nymised / anonymised in this way is stored and used for sta­tis­tics. Fur­ther­more, we have set Mato­mo in such a way that any cook­ies are pre­vent­ed. This means that no data is stored on your end device. And: We have set up Mato­mo in such a way that a “do-not-track” mes­sage from your brows­er is auto­mat­i­cal­ly respect­ed.

All Mato­mo data is processed by us exclu­sive­ly on our own web serv­er. No third par­ty receives this data. This is there­fore data that is eval­u­at­ed exclu­sive­ly by us.

By all these mea­sures, we are con­vinced that con­sent is not required here and that we can base this data pro­cess­ing on a legit­i­mate inter­est.

Pur­pose of the data pro­cess­ing

The analy­sis tool is used to improve the qual­i­ty of our web­site and its con­tent by deter­min­ing how the web­site is used through user behav­iour. In this way, we can con­stant­ly opti­mise our inter­net offer, which is also in the inter­est of the users.

Legal basis of the data pro­cess­ing

The legal basis for the pro­cess­ing of per­son­al data is Art. 6 (1) (f) GDPR, i.e. a legit­i­mate inter­est on our part. Our legit­i­mate inter­est lies in the above-men­tioned pur­pos­es. Our con­sid­er­a­tion has shown that we are pur­su­ing legit­i­mate pur­pos­es in analysing user behav­iour in order to improve and opti­mise our web­sites and that the rea­son­able expec­ta­tions of web­site vis­i­tors today are also direct­ed towards analysing user behav­iour. We also assume that the infor­ma­tion pro­vid­ed here will guide the expec­ta­tions of users of our web­site that an analy­sis will be car­ried out.

Dura­tion of stor­age

The IP address is anonymised before it is stored (see above). Cook­ies are not set. We only store data that no longer has any per­son­al ref­er­ence. In addi­tion, we store data col­lect­ed on the basis of a legit­i­mate inter­est until the legit­i­mate inter­est no longer exists, the con­sid­er­a­tion comes to a dif­fer­ent result or you have effec­tive­ly object­ed in accor­dance with Art. 21 GDPR (Cf. the visu­al­ly high­light­ed noti­fi­ca­tion to spe­cial right of objec­tion under C.). It will be reviewed reg­u­lar­ly, at least annu­al­ly, whether the legit­i­mate inter­est still exists. In par­tic­u­lar, our inter­est no longer exists if the data is no longer suf­fi­cient­ly rel­e­vant for us in terms of eval­u­a­tion and sta­tis­tics of web­site use due to the pas­sage of time, which we assume to be the case after three years at the lat­est and the data is then irre­triev­ably erased.

Pos­si­bil­i­ty of objec­tion and removal

We do not set cook­ies and do not process any per­son­al data when using Mato­mo.

The fol­low­ing gen­er­al­ly applies to cook­ies: You can deac­ti­vate or restrict the trans­mis­sion of cook­ies by chang­ing the set­tings in your inter­net brows­er. Cook­ies that have already been saved can be delet­ed at any time. This can also be done auto­mat­i­cal­ly. Such a “Do-Not-Track” set­ting of your brows­er is under­stood by us as an objec­tion to the fur­ther col­lec­tion and use of your per­son­al data and will of course be observed.

With con­sent: Use of Mato­mo with cook­ies

If you have giv­en us your con­sent for the use of analy­sis tools, we use Mato­mo with cook­ies. This means the fol­low­ing:

From the data col­lect­ed with the help of the tool, user pro­files can be cre­at­ed under a pseu­do­nym. Cook­ies can be used for this pur­pose. Cook­ies are small text files that are stored local­ly in the cache of the site visitor’s inter­net brows­er. The cook­ies enable the recog­ni­tion of the inter­net brows­er. The data col­lect­ed with Mato­mo will not be used to per­son­al­ly iden­ti­fy the vis­i­tor to this web­site with­out the sep­a­rate­ly grant­ed con­sent of the per­son con­cerned, nor will it be merged with per­son­al data about the bear­er of the pseu­do­nym.

We would like to point out that we process all Mato­mo data exclu­sive­ly on our own web serv­er and that no third par­ty receives this data. As a result, we are con­vinced that no con­sent is required here and that we can base this data pro­cess­ing on a legit­i­mate inter­est, since a third-par­ty ref­er­ence is exclud­ed. These are so-called first-par­ty cook­ies that are only set and eval­u­at­ed by us.

Pur­pose of the data pro­cess­ing

The analy­sis tool and the analy­sis cook­ies are used for the pur­pose of improv­ing the qual­i­ty of our web­site and its con­tent. In this way, we learn how the web­site is used and can thus con­tin­u­ous­ly opti­mise our offer.

Legal basis for data pro­cess­ing

The legal basis for the set­ting of cook­ies and the pro­cess­ing of per­son­al data is your con­sent accord­ing to § 25 (1) TTDSG, Art. 6 (1) (a) GDPR.

Dura­tion of stor­age

We store the col­lect­ed data until the pur­pose of its col­lec­tion has ceased to exist, at the longest, how­ev­er, until you with­draw the con­sent you have giv­en us.

Pos­si­bil­i­ty of objec­tion and removal

You may refuse the use of cook­ies by select­ing the appro­pri­ate set­tings on your brows­er. We would like to point out that in this case you may not be able to use all func­tions of this web­site to their full extent.

You can pre­vent fur­ther data pro­cess­ing by us with effect for the future by with­draw­ing the con­sent you have giv­en.

You can also pre­vent the col­lec­tion of data relat­ing to your use of the web­site (includ­ing your IP address) and the pro­cess­ing of this data by us by using the opt-out option:

B.5 Use of the WPML lan­guage plug-in

In order to be able to offer you dif­fer­ent lan­guage ver­sions of our site, we use the lan­guage plu­g­in WPML from the provider OnTheGoSys­tems Lim­it­ed, 22/F 3 Lock­hart Road, Wan­chai, Hong Kong.

Pur­pose of the data pro­cess­ing

We use the lan­guage plu­g­in to offer you dif­fer­ent lan­guage ver­sions of the web­site.

Legal basis of the data pro­cess­ing

We have an over­rid­ing legit­i­mate inter­est in pro­vid­ing dif­fer­ent lan­guage ver­sions, so that the legal basis here is Art. 6 (1) (f) GDPR. The set­ting and read­ing of cook­ies is also based on § 25 (2) (2) TTDSG. This is because the plu­g­in only sets a so-called first-par­ty cook­ie for the pur­pose of remem­ber­ing your lan­guage pref­er­ence, which is only stored by us on our web serv­er and is not received by any third par­ty, includ­ing the provider of the plu­g­in.

Dura­tion of stor­age

The cook­ies are stored on the user’s com­put­er and trans­mit­ted from it to our site. There­fore, you as a user have full con­trol over the use of cook­ies. By chang­ing the set­tings in your inter­net brows­er, you can deac­ti­vate or restrict the trans­mis­sion of cook­ies. Cook­ies that have already been saved can be delet­ed at any time. This can also be done auto­mat­i­cal­ly. If cook­ies are deac­ti­vat­ed for our web­site, it may no longer be pos­si­ble to use all func­tions of the web­site to their full extent.

In addi­tion, we store the data col­lect­ed on the basis of a legit­i­mate inter­est until the legit­i­mate inter­est no longer exists, the con­sid­er­a­tion comes to a dif­fer­ent result or you have effec­tive­ly object­ed in accor­dance with Art. 21 GDPR (Cf. the visu­al­ly high­light­ed noti­fi­ca­tion to spe­cial right of objec­tion under C.).

You may refuse the use of cook­ies by select­ing the appro­pri­ate set­tings on your brows­er, how­ev­er please note that if you do this you may not be able to use the full func­tion­al­i­ty of this web­site.

If your per­son­al data is processed on the basis of legit­i­mate inter­ests accord­ing to Art. 6 (1) (f) GDPR, you have the right to object to the pro­cess­ing of your per­son­al data accord­ing to Art. 21 GDPR, pro­vid­ed that there are grounds for doing so that arise from your par­tic­u­lar sit­u­a­tion.

B.6 Use of YouTube Videos

Our web­site offers the pos­si­bil­i­ty to watch YouTube videos (provider: YouTube LLC 901 Cher­ry Ave., 94066 San Bruno, CA, USA (here­inafter “YouTube”)).

Use of YouTube videos through spe­cif­ic click on the video

If you have not giv­en us con­sent to use YouTube and to set YouTube cook­ies as part of our con­sent request, the fol­low­ing applies:

We have embed­ded YouTube videos in such a way that the set­ting of YouTube cook­ies is blocked until there is an active click on the play­back. There­fore, you will not be able to imme­di­ate­ly see and click on the YouTube video on the web­site. Rather, you will first see a place­hold­er that allows you to either view the video direct­ly on the YouTube web­site (“Open video on YouTube”). In this case, your brows­er switch­es to YouTube and the data pro­cess­ing found in YouTube’s data pro­tec­tion infor­ma­tion takes place direct­ly on the YouTube site. Or you can watch the video direct­ly on our site (“Show video”), which then trig­gers the set­ting of cook­ies by YouTube so that the video can be played direct­ly on our web­site.

The videos are there­fore reloaded and YouTube cook­ies are set for you only if you give your con­sent to the set­ting of YouTube cook­ies by click­ing on “Watch video”. We have pro­vid­ed you with a cor­re­spond­ing infor­ma­tion text for each video.

With con­sent: Set­ting YouTube cook­ies from the begin­ning

If you have already giv­en us gen­er­al con­sent to use YouTube and set YouTube cook­ies as part of the con­sent request, the fol­low­ing applies:

With the grant­i­ng of con­sent, cook­ies are set by YouTube in your brows­er. YouTube there­by obtains knowl­edge of this page vis­it, at least in rela­tion to the IP address used by you at this time. This also applies if you have not clicked on or watched a video.

Inci­den­tal­ly, the fol­low­ing applies to both options

YouTube is a sub­sidiary of Alpa­ha­bet Inc., 1600 Amphithe­atre Park­way, Moun­tain View, CA 94043–1351, USA (here­inafter “Google”). YouTube and Google are always aware of which video is being accessed. If you are logged into YouTube at the same time, YouTube recog­nis­es this link. Such infor­ma­tion is col­lect­ed by YouTube and assigned to your YouTube account.

YouTube’s pri­va­cy pol­i­cy pro­vides infor­ma­tion on the col­lec­tion, pro­cess­ing and use of per­son­al data by YouTube and Google and can be accessed here: http://www.google.de/intl/de/policies/privacy.

Note: Please note that your data is usu­al­ly trans­ferred to a serv­er in the USA and stored there.  The USA is assessed by the Euro­pean Court of Jus­tice as a coun­try with an insuf­fi­cient lev­el of data pro­tec­tion accord­ing to EU stan­dards. In par­tic­u­lar, there is a risk that your data may be processed by US author­i­ties, for con­trol and mon­i­tor­ing pur­pos­es, pos­si­bly also with­out any legal rem­e­dy.

Pur­pose of data pro­cess­ing:

YouTube videos are embed­ded for the pur­pose of pre­sent­ing you with mul­ti­me­dia con­tent on the web­site and there­by enhanc­ing and improv­ing the user expe­ri­ence on the web­site. As this makes our web­site more attrac­tive, the use of YouTube also serves our mar­ket­ing and adver­tis­ing pur­pos­es.

Legal basis of data pro­cess­ing:

The legal basis for the pro­cess­ing of per­son­al data through the embed­ding of YouTube videos is your express­ly giv­en con­sent (Art. 6 (1) (a) GDPR), the set­ting and read­ing of cook­ies is addi­tion­al­ly based on your con­sent in accor­dance with § 25 (1) TTDSG.

Con­sent can be giv­en by you, as shown above, either gen­er­al­ly direct­ly in our con­sent query or for the video in ques­tion by click­ing on “Show video”.

Dura­tion of stor­age:

We do not store any per­son­al data con­cern­ing the use of YouTube videos. The access­es and retrievals of the indi­vid­ual videos are eval­u­at­ed by us, but with­out ref­er­ence to a spe­cif­ic per­son.

We have no influ­ence on the stor­age by YouTube. The exact cir­cum­stances of the data pro­cess­ing there can be found in the data pro­tec­tion infor­ma­tion at YouTube/Google  http://www.google.de/intl/de/policies/privacy.

Pos­si­bil­i­ty of objec­tion and removal:

YouTube always receives infor­ma­tion that the respec­tive user has vis­it­ed our web­site if con­sent has been giv­en. If the user is also logged into YouTube at the same time as vis­it­ing our web­site, YouTube also knows which spe­cif­ic user this is. This takes place regard­less of whether the data sub­ject clicks on a YouTube video or not. If you do not want this link between our web­site vis­it and your YouTube user account to be trans­mit­ted, you can pre­vent this by log­ging out of your YouTube account before access­ing the web­site. You will also find options for min­imis­ing data pro­cess­ing by YouTube in the YouTube account set­tings. Since the video por­tal belongs to Google, the set­tings can be found in the gen­er­al con­fig­u­ra­tion of the Google account. There, under the “Activ­i­ty set­tings” (https://myactivity.google.com/activitycontrols), you will find not only options for web and loca­tion his­to­ry, but also spe­cial func­tions for data pro­tec­tion on YouTube. On the one hand, you can pause the video search his­to­ry so that your search­es are no longer saved. On the oth­er hand, you can also turn off the video play­back his­to­ry so that all your viewed videos are not saved.

Oth­er­wise, you can avoid (fur­ther) data pro­cess­ing by not giv­ing con­sent or by with­draw­ing it.

B.7 Encryp­tion of the web­site and com­mu­ni­ca­tion

All pro­tect­ed areas and forms on the web­site and thus the data trans­mis­sions via them are encrypt­ed accord­ing to SSL, HTTPS.

B.8 Trans­fer of per­son­al data to a third coun­try

We do not intend for per­son­al data to be processed out­side the EU or EEA (Euro­pean Eco­nom­ic Area).

C. Data sub­ject rights

If per­son­al data relat­ing to you is processed, you are a “data sub­ject” and you have the fol­low­ing rights against us as the con­troller:

C.1 Right to infor­ma­tion

You have the right to obtain con­fir­ma­tion from us free of charge as to whether we are pro­cess­ing per­son­al data relat­ing to you. If this is the case, you have the right to infor­ma­tion about this per­son­al data and to fur­ther infor­ma­tion, which you can obtain from Art. 15 of the GDPR. You can con­tact us for this pur­pose by post or by e‑mail.

C.2 Right of rec­ti­fi­ca­tion

You have the right to request that we cor­rect any inac­cu­rate per­son­al data relat­ing to you with­out undue delay. You also have the right — tak­ing into account the above-men­tioned pur­pos­es of the pro­cess­ing — to request the com­ple­tion of incom­plete per­son­al data — also by means of a sup­ple­men­tary dec­la­ra­tion. You can con­tact us for this pur­pose by post or by e‑mail.

C.3 Right to era­sure

You have the right to demand the imme­di­ate dele­tion of per­son­al data con­cern­ing you if one of the con­di­tions of Art. 17 GDPR applies. You can con­tact us for this pur­pose by post or by e‑mail.

C.4 Right to restric­tion pro­cess­ing

You have the right to demand that we restrict pro­cess­ing if one of the con­di­tions of Art. 18 GDPR applies. You can con­tact us for this pur­pose by post or by e‑mail.

C.5 Right to noti­fi­ca­tion

If you have assert­ed the right to rec­ti­fi­ca­tion, era­sure or restric­tion of pro­cess­ing against the con­troller, the con­troller is oblig­ed to com­mu­ni­cate this rec­ti­fi­ca­tion or era­sure of the data or restric­tion of pro­cess­ing to all recip­i­ents to whom the per­son­al data con­cern­ing you have been dis­closed, unless this proves impos­si­ble or involves a dis­pro­por­tion­ate effort.

You have the right to be informed of these recip­i­ents by the con­troller.

C.6 Right to data porta­bil­i­ty

You have the right to receive the per­son­al data con­cern­ing you that you have pro­vid­ed to us in a struc­tured, com­mon and machine-read­able for­mat and you have the right to trans­fer this data to anoth­er con­troller with­out hin­drance from us if the require­ments of Art. 20 GDPR are met. You can con­tact us for this pur­pose by post or by e‑mail.

C.7 Right to object to pro­cess­ing based on legit­i­mate inter­est, as well as to direct mail

Inso­far as we excep­tion­al­ly process per­son­al data on the basis of Art. 6 (1) (f) GDPR (i.e. because of legit­i­mate inter­ests), you have the right to object to the pro­cess­ing of per­son­al data con­cern­ing you by us at any time for rea­sons aris­ing from your par­tic­u­lar sit­u­a­tion. If we can­not demon­strate com­pelling legit­i­mate grounds for fur­ther pro­cess­ing that over­ride your inter­ests, rights and free­doms, or if we process the data con­cerned from you for the pur­pose of direct mail, we will then no longer process your data (cf. Art. 21 GDPR). You can con­tact us for this pur­pose by post or by e‑mail.

If per­son­al data are processed for the pur­pose of direct mail, you have the right to object at any time to the pro­cess­ing of per­son­al data con­cern­ing you for the pur­pose of such mar­ket­ing; this also applies to pro­fil­ing inso­far as it is relat­ed to such direct mail.

C.8  Right of with­draw­al in the case of giv­en con­sent

You have the right to with­draw your con­sent to the col­lec­tion and use of per­son­al data at any time with effect for the future. You can con­tact us for this pur­pose by post or by e‑mail. This does not affect the law­ful­ness of the pro­cess­ing car­ried out on the basis of the con­sent until the revo­ca­tion.

C.9 Auto­mat­ed deci­sion-mak­ing includ­ing pro­fil­ing

You have the right not to be sub­ject to a deci­sion based sole­ly on auto­mat­ed pro­cess­ing, includ­ing pro­fil­ing, which pro­duces legal effects con­cern­ing you or sim­i­lar­ly sig­nif­i­cant­ly affects you. Unless the deci­sion is nec­es­sary for the con­clu­sion or per­for­mance of a con­tract between you and us, it is per­mis­si­ble under Union or Mem­ber State law to which we are sub­ject and that law con­tains ade­quate mea­sures to safe­guard your rights and free­doms and your legit­i­mate inter­ests, or the deci­sion is tak­en with your explic­it con­sent.

Such auto­mat­ed deci­sion-mak­ing does not take place through us.

C.10 Vol­un­tari­ness of the pro­vi­sion of data

If the pro­vi­sion of per­son­al data is required by law or con­tract, we will always point this out when col­lect­ing the data. In some cas­es, the data we col­lect is nec­es­sary for the con­clu­sion of a con­tract, name­ly if we would oth­er­wise not be able to ful­fil our con­trac­tu­al oblig­a­tion to you or would not be able to ful­fil it suf­fi­cient­ly. You are under no oblig­a­tion to pro­vide the per­son­al data. How­ev­er, fail­ure to pro­vide the data may mean that we are unable to per­form or offer a ser­vice, action, mea­sure or sim­i­lar request­ed by you or that it is not pos­si­ble to con­clude a con­tract with you.

C.11 Right to lodge a com­plaint with a super­vi­so­ry author­i­ty

With­out prej­u­dice to any oth­er rights, you have the right to lodge a com­plaint with a data pro­tec­tion super­vi­so­ry author­i­ty at any time, in par­tic­u­lar in the mem­ber state of your place of res­i­dence, place of work or place of the alleged infringe­ment, if you con­sid­er that the pro­cess­ing of per­son­al data con­cern­ing you infringes data pro­tec­tion law.

Sta­tus of this web­site pri­va­cy notice: 14.06.2023