Thank you for visiting our website. Below we inform you about the handling of your data in accordance with Art. 13 of the General Data Protection Regulation (GDPR).
The office named in the imprint is responsible for the data processing described below.
When you visit our website, so-called usage data is temporarily processed on our web server in order to deliver the content of our website. In addition, we process the usage data for statistical purposes to ensure the quality of our websites. This data set consists of
- the name and address of the requested content
- the date and time of the request
- the amount of data transferred
- the access status (content transferred; content not found)
- the description of the web browser and operating system used
- the referral link, which indicates the page from which you came to our site
- the IP address of the requesting computer
Storage of the IP address for security purposes
In addition, we store the complete IP address transmitted by your web browser for a strictly limited period of four weeks in the interest of being able to recognise, limit and eliminate attacks on our websites. After this period, we delete the IP address. The legal basis is Art. 6 para. 1 lit. f GDPR.
In order to protect your data from unwanted access as comprehensively as possible, we take technical and organisational measures. We use an encryption process on our websites. Your data is transferred from your computer to our server and vice versa via the internet using TLS encryption. You can usually recognise this by the fact that the lock symbol is closed in the status bar of your browser and the address line begins with https://.
Visitor measurement (Google Analytics)
We use the web analysis tool "Google Analytics" to design our websites in line with requirements. Google Analytics creates usage profiles based on pseudonyms. For this purpose, permanent cookies are stored on your end device and read by us. In this way, we are able to recognise returning visitors and count them as such.
Google Analytics is provided to us by Google Ireland Limited and Google LLC (USA) as processors within the meaning of Art. 28 DSGVO. The data processing may also take place outside the EU or the EEA. With regard to Google LLC, an adequate level of data protection cannot be assumed due to processing in the USA. There is a risk that authorities may access the data for security and monitoring purposes without informing you or allowing you to seek redress. Please bear this in mind if you decide to give your consent to our use of Google Analytics.
Data processing is based on your consent, provided you have given your consent via our banner. The transfer to a third country takes place on the basis of Art. 49 para. 1 lit. a GDPR.
You can revoke your consent at any time. To do so, please follow this link and make the appropriate settings via our banner.
Necessary cookies may contain information about certain settings on the website. They may also be necessary to enable user navigation, security and implementation of the site. We use these cookies on the basis of Art. 6 (1) lit. f GDPR.
Third-party tracking technologies for advertising purposes.
We use cross-device tracking technologies so that you can be shown targeted advertising on other websites based on your visit to our websites and so that we can see how effective our advertising measures have been. The data processing is based on your consent, if you have given your consent via our banner. Your consent is voluntary and can be revoked at any time.
How does tracking work?
When you visit our websites, it is possible that the third-party providers mentioned below retrieve recognition features for your browser or terminal device (e.g. a so-called browser fingerprint), evaluate your IP address, store or read recognition features on your terminal device (e.g. cookies) or gain access to individual tracking pixels.
The individual characteristics can be used by the third-party providers to recognize your end device on other websites. We can order the placement of advertising from the relevant third-party providers, which is based on the pages visited on our site.
What does cross-device tracking mean?
If you log in to the third-party provider with your own user data, the respective recognition features of different browsers and end devices can be linked with each other. If, for example, the third-party provider has created a separate feature for the laptop, desktop PC or smartphone or tablet you use, these individual features can be assigned to each other as soon as you use a service of the third-party provider with your login data. In this way, the third-party provider can target our advertising campaigns across different end devices.
Which third-party providers do we use in this context?
Below, we list the third-party providers with whom we cooperate for advertising purposes. If the data is processed outside the EU or EEA in this context, please note that there is a risk that authorities may access the data for security and monitoring purposes without you being informed or being able to appeal. If we use providers in insecure third countries and you consent, the transfer to a third country will be based on Art. 49(1)(a) DSGVO.
Adequate level of data protection
Withdrawal of consent
|Doubleclick – Google Ireland Ltd||No adequate level of data protection. The transfer is made on the basis of Art. 49(1)(a) GDPR.||If you wish to withdraw your consent, please click below and make the appropriate setting via our banner.|
|Meta Platforms, Inc.
(formerly Facebook, Inc.)
|No adequate level of data protection. The transfer is made on the basis of Art. 49(1)(a) GDPR.||If you wish to withdraw your consent, please click below and make the appropriate setting via our banner.|
You have the option of contacting us via our contact form. To use our contact form, we first need the data marked as mandatory fields from you. We use this data on the basis of Art. 6 Para. 1 lit. f GDPR to answer your enquiry.
In addition, you can decide for yourself whether you would like to provide us with further information. This information is provided voluntarily and is not required for contacting us. We process your voluntary information on the basis of your consent.
Your data will only be processed to answer your enquiry. We delete your data if it is no longer required and there are no legal retention obligations to the contrary.
We embed videos on our websites that are not stored on our servers. When you call up our pages with embedded videos, the content of the third-party provider that provides the videos is reloaded. This provides the third-party provider with the information that you have accessed our site as well as the usage data technically required in this context.
We have no influence on the further data processing by the third-party provider. However, when embedding the videos, we made sure to activate the extended data protection mode offered by the third-party provider. The extended data protection mode means that the third-party provider does not set any cookies.
The embedding is carried out on the basis of Art. 6 para. 1 lit. f GDPR in the interest of making our site as appealing and informative as possible.
|Provider||Adequate level of data protection||Withdrawal of consent|
|Google Ireland Limited, Google LLC (YouTube )||No adequate level of data protection||If you wish to object to the embedding, please stop using our site.|
You can order a newsletter on our website. Please note that we require certain data (at least your e-mail address) to subscribe to the newsletter.
The newsletter will only be sent if you have given us your express consent. After you have placed an order on our websites, you will receive a confirmation e-mail at the e-mail address you have provided (so-called double opt-in). You can revoke your consent at any time. You can easily revoke your consent, for example, by clicking on the unsubscribe link in every newsletter.
When you subscribe to our newsletter, we store further data in addition to the data already mentioned, insofar as this is necessary for us to be able to prove that you have subscribed to our newsletter. This may include storing the full IP address at the time of ordering or confirming the newsletter, as well as a copy of the confirmation email we send. This data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR in the interest of being able to account for the lawfulness of the newsletter dispatch.
We embed map services on our websites that are not stored on our servers. When you call up our pages with embedded map services, the content of the third-party provider that provides the map services is reloaded. This provides the third-party provider with the information that you have accessed our site as well as the usage data technically required in this context. We have no influence on the further data processing by the third-party provider.
The embedding is based on Art. 6 para. 1 lit. f GDPR in the interest of enabling you to use map services.
|Provider||Adequate level of data protection||Withdrawal of consent|
|OpenStreetMap||Processing within EU/EEA||If you wish to object to the processing, please stop using our site.|
Unless we have already informed you in detail about the storage period, we delete personal data when they are no longer required for the aforementioned processing purposes and legal retention obligations do not prevent deletion.
We pass on your data to service providers who support us in the operation of our websites and the associated processes as part of commissioned processing in accordance with Art. 28 DSGVO. These are, for example, hosting service providers. Our service providers are strictly bound by instructions to us and are contractually obligated accordingly.
In the following, we will name the processors with whom we work, if we have not already done so in the preceding text of the data protection notice. If data is transferred outside the EU or EEA in this context, we provide information on the appropriate level of data protection.
|Processor||Purpose||Adequate level of data protection|
|uvensys GmbH||Web hosting and support||Processing within EU/EEA|
|LOOM GmbH||Web development and support||Processing within EU/EEA|
Your rights as an affected person
When processing your personal data, the GDPR grants you certain rights as a data subject.
Right of access (Art. 15 GDPR)
You have the right to request confirmation as to whether personal data concerning you are being processed; if this is the case, you have the right to be informed about these personal data and to receive the information listed in detail in Article 15 of the GDPR.
Right of rectification (Art. 16 GDPR)
You have the right to request that inaccurate personal data concerning you be corrected without delay and, if necessary, that incomplete data be completed.
Right to erasure (Art. 17 GDPR)
You have the right to request that personal data concerning you be erased without delay, provided that one of the reasons listed in detail in Art. 17 GDPR applies.
Right to restriction of processing (Art. 18 GDPR)
You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR applies, e.g. if you have objected to the processing, for the duration of the review by the controller.
Right to data portability (Art. 20 GDPR)
In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to request the transfer of this data to a third party.
Right of withdrawal (Art. 7 GDPR)
If the processing of data is based on your consent, you are entitled to revoke your consent to the use of your personal data at any time in accordance with Art. 7 (3) GDPR. Please note that the revocation only takes effect for the future. Processing that took place before the revocation is not affected.
Right of objection (Art. 21 GDPR)
If data is collected on the basis of Art. 6 (1) sentence 1 lit. f GDPR (data processing for the protection of legitimate interests) or on the basis of Art. 6 (1) sentence 1 lit. e GDPR (data processing for the protection of public interest or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
Right to complain to a supervisory authority (Art. 77 GDPR)
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of data concerning you violates data protection provisions. In particular, the right of complaint may be asserted before a supervisory authority in the Member State of your habitual residence, your place of work or the place of the alleged infringement.
Assertion of your rights
Unless otherwise described above, please contact the office named in the imprint to assert your data subject rights.
Contact details of the data protection officer
Our external data protection officer will be happy to provide you with information on the subject of data protection under the following contact details:
datenschutz nord GmbH
If you contact our data protection officer, please indicate the responsible person named in the imprint.