INTERNET DATA PROTECTION DECLARATION

Internet Privacy Policy

Introduction

The person responsible under Art. 4 Para.  7 of the EU General Data Protection Regulation (EUDATAP) shall be Erhardt+Leimer GmbH, Albert-Leimer-Platz 1 in 86391 Stadtbergen, e-mail: info@erhardt-leimer.com, represented by managing directors Dr. Michael Proeller and Tobias Merk, cf. our publication details https://www.erhardt-leimer.com/privacy/ .

If you have any questions about data protection, you can contact our external Data Protection Officer Stefan Haugg at: Telephone: +49 821 2435810, e-mail: datenschutz@erhardt-leimer.com, post: Erhardt+Leimer GmbH, Data Protection Officer, Albert-Leimer-Platz 1, 86391 Stadtbergen

(hereinafter referred to as "We") is, as the operator of this website, the responsible office for the personal data of users (hereinafter referred to as "You") of the website in the sense of the General Data Protection Regulations ("GDPR").

We protect your privacy and your private data. We collect, process and use your personal data in accordance with the contents of these data protection regulations, as well as the applicable data protection regulations, in particular the GDPR. These data protection regulations regulate which of your personal data we collect, process and use. We would therefore request that you read through the following information carefully.

1. Collection of personal data

1.1     Personal data in the sense of these data protection regulations shall be any information relating to an identified or identifiable natural person (hereinafter referred to as "affected person"). This shall particularly include your name, your e-mail address and possibly your address, your telephone number and your credit card and account data and your VAT information, if you are a registered trader or customer.

1.2     The personal data shall also include information on your use of our website. In this regard, we shall collect personal data from you as follows: Information on your visits to our website, such as the scope of data transferred, the location from which you recall the data from our website, as well as other connection data and sources that you recall. This shall usually take place through the use of logfiles and cookies. You can find further information on logfiles and cookies below.

1.3     We shall always save your personal data for the duration required to fulfil the query/the order. We shall always save data collected when visiting the website for the duration of the visit and 14 further days. If we collect your IP address, then this shall only be saved for the time you use the website, after which it shall be immediately deleted or anonymized through abbreviation. The remaining data shall be saved for a limited period of time, which shall be aligned to the following criteria:

  • Order-related personal data: 10 years
  • Application documents: Between 6 months and the period of a possible employment relationship, after which 10 years for relevant documents
  • Logfiles of the web server: 14 days
  • Queries by interested parties: For the period of contract negotiations; should the query be resolved, then the data shall be deleted immediately

2. Intended purpose and legal basis

2.1 Intended purposes

We shall use your personal data for the following purposes:

2.1.1  To provide the services you request: Online presentation of the E+L group, online shop, newsletter administration, making contact for support purposes, application management, visit to our virtual trade fair stand, participation in competitions and processing of orders;

2.1.2  To ensure that our website and, in particular, our online shop and virtual trade fair stand are presented to you in the most effective and interesting manner; automated tracking of created offers

2.1.3  To meet our obligations resulting from contracts agreed between you and us;

2.1.4  To allow you to participate in interactive offers, should you so wish;

2.1.5  To inform you of changes to our services.

2.1.6 Provision and follow-up of downloads made about online presences and shop

2.1.7 To inform you about additional interesting products from our portfolio to match the articles you orders and to provide you with e-mails with technical information or information that may be interesting to you.

2.1.8 To perform automated follow-up of created offers. For this, we shall contact you in periods suitable for the offers.

 

2.2 Legal basis

Your personal data shall be processed on the basis of the following legal basis:

2.2.1  The collection of the data listed in Point 1.2 (the information on your visits to the website, such as the scope of data transfer, the location from which you recall the data from our website, as well as other connection data) shall be based on Art. 6 Para. 1 Sentence 1 lit. b and a of the GDPR.

2.2.2  The collection of information about your computer as described in Nos. 1.2 and 3.1 (IP address, status and data volume of the inquiry) is supported by Art. 6 Para. 1 Sentence 1 lit. f of the GDPR.

2.2.3  The provision of the personal data by you is legally and contractually required by Article 6 Para. 1 Sentence 1 lit. b).

2.2.4  Should the permission have formed the legal basis for the data collection/data processing, then you may revoke it at any time. The legality of the processing undertaken on the basis of the permission until the revocation shall not be affected by this. To exert your right of revocation, please contact us at el-privacy@erhardt-leimer.com.

3. Information about your computer, cookies and targeting

3.1     Every time you access our website, we collect the following information about your computer: The IP address of your computer, the inquiry from your browser and the time of this inquiry. In addition. the status and transferred data volume of this inquiry are recorded. In so doing, the IP address of your computer shall only be saved for the time you use the website, after which it shall be immediately deleted or anonymized through abbreviation. We shall use this data for the operation of our website, in particular to determine and eliminate errors in the website, to determine the utilization of the website and to make adjustments or improvements.

3.2     Under certain circumstances, we shall also collect information about your use of our website through the use of so-called browser cookies. These are small text files saved on your data medium and which save certain settings and data about your browser to be exchanged with our system. A cookie usually contains the name of the domain from which the cookie data was sent, as well as information about the age of the cookie and an alphanumeric identification character. Cookies allow our systems to recognize the device of the user and to make any presettings available immediately. As soon as a user accesses the platform, a cookie is transferred to the hard drive of the computer of the appropriate user. Cookies help us to improve our website and to offer you an improved service, tailor-made to you. They allows us to recognize your computer when you return to our website and therefore:

  • To save information about your preferred activities on the website, thus allowing us to align our website to your individual interests. This contains, for example, advertising, corresponding to your personal interests,
  • allowing us to accelerate the speed of the processing of your inquiries.

3.3     The cookies we use only save the data listed above about your use of the website. This is not done by an assignment to you personally, but through the assignment of an identification number to the cookie ("Cookie ID"). There is no combination of the Cookie ID with your name, your IP address or similar data that would allow an assignment of the cookie to you. If you wish to prevent the use of browser cookies, please refer to Point 3.6 to find out how.

3.4     Our website uses so-called tracking technologies. We use these technologies to make the Internet offer more interesting to you. This technology makes it possible for us to contact Internet users, who have already been interested in our website, through advertising on the websites of our partners. These advertising media on the websites of our partners are shown based on a cookie technology and an analysis of previous use behavior. We only make use of this technology if you have permitted us to do so, it is necessary to complete or fulfil a contract with you or other legal requirements permit it.

3.5     We work together with business partners, who support us in making the Internet presence and the website more interesting to you. For this reason, cookies are also saved by these partner companies on your hard drive when you visit their websites. These are cookies which delete themselves automatically after a prespecified time. The cookies of our partner companies also only collect data under a Cookie ID, making it possible for our advertising partners to contact you with advertising which might actually interest you. The parties using cookies on this website are listed below. Wherever possible, you can choose whether you wish to permit specific cookies on this website.

3.6     We use the following analysis tools Adobe Analytics, Adobe Target and the Adobe Experience Cloud, which allow us to compile use profiles and optimize our Internet presence. To this end, the service providers process cookies saved on your terminal, whereby a link to other public sources can be created. Appropriate methods are used to abbreviate the IP address so that there is no relationship between you and your IP address. If personal data is sent to external servers in a third country, then we have concluded agreements regarding order processing with the appropriate order processor, who offer guarantees that the data protection law specifications are complied with. The legal basis is Art. 6 Para.  1 lit. a of the GDPR. You can revoke the collection of data by analytics tools at any time. The scope of this website uses the following individual cookie-based tools: 

 

3.7 On the website, technologies from Bing Ads (bingads.microsoft.com) are used, which are provided and operated by the Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA ("Microsoft"). In so doing, the service provider Microsoft shall place a cookie on your terminal, should you have reached our website via a Microsoft Bing advertisement. In this way, both we and Microsoft can detect that someone clicked on an advertisement which forwarded them to our website and has reached a defined target page. Here, we only find out the total number of users who have reacted to an advertisement and were thus forwarded to our web presence. Microsoft shall collect, process and use the cookie information to compile use profiles, making use of pseudonyms. These use profiles are used to analyses the visitor behavior and are used to play out advertisements. No personal information on the identity of the user is processed.

Should you not want Microsoft to use information on your behavior in the manner described, then you can achieve this, for example, with a browser setting, that generally deactivated the automatic setting of cookies. In addition, you can prevent both the transmission to Microsoft of the data obtained by the cookie and relating to your use of the website and the processing of this data by Microsoft using the following link choice.microsoft.com/de-DE/opt-out.

You can find additional information on data protection and on the cookies set at Microsoft and Bing Ads on the Microsoft website https://privacy.microsoft.com/en-us/privacystatement

 

3.8       You can consent to subscription to our newsletter, with which we inform you about our current attractive offers. The legal basis is Art. 6 Para.  1 Sentence 1 lit. a of the GDPR.
For registration for our newsletter on the website or in the webshop, we use the so-called double opt-in process. This means that, after you have supplied your e-mail address, we send a confirmation e-mail to the e-mail address provided, in which we ask you to confirm that you wish to subscribe to the newsletter. If you do not confirm this, your registration will automatically be deleted. If you confirm that you wish to receive the newsletter, we will store your e-mail address until you unsubscribe from the newsletter. This storage serves solely for the purpose of being able to send you the newsletter. In addition, upon registration and confirmation, we store your IP addresses and the times to prevent any misuse of your personal data.

(2) The only compulsory information for subscription to the newsletter is your e-mail address. All other information is voluntary and is used solely for personalization of the newsletter. This data too is deleted in full when consent is withdrawn.

(3) You can withdraw your consent to subscription to the newsletter at any time. You can undertake withdrawal by clicking on the link provided in every newsletter e-mail, by sending an e-mail to el-privacy@erhardt-leimer.com or by sending a notification to the contact details provided under No. 1. The data you provide will not be disclosed to third parties.

(4) The newsletters contain so-called counter pixels. A counter pixel is a miniature graphic, which is embedded in such e-mails that are sent in HTML format, in order to allow a logfile recording and a logfile analysis. This allows a statistical evaluation of the success or failure or online marketing campaigns.

With the data obtained in this way, we compile a user profile, in order to tailor the newsletter to your individual interests. In so doing, we record when you read our newsletter, which links you click in it and thereby determine your personal interests. We link this data with the actions you performed on our website. The legal basis is Art. 6 Para. 1 S. 1 lit. a of the GDPR and Art. 6 Para . 1 S. 1 lit. f of the GDPR.

The order processor for newsletter dispatch is Brevo;

Brevo GmbH
Köpenicker Straße 126
10179 Berlin

GDPR: All Your Questions Answered - Brevo

3.9      Google Dynamic Remarketing Google Dynamic Remarketing is used on the website. As a result, users can, on the basis of their surfing behavior, be shown – on any arbitrary website – advertisements for products which they have accessed in the past. When a controller uses Google Remarketing, Google tools are included in the website source code which permit the placing of cookies on the respective end device of the visitor to the website. With the help of these cookies, Google is also able to recognize the visitor on other websites. Through implementation of the cross-device function by Google, advertising is possible on several end devices. The requirement for the cross-device function is that the relevant user has agreed to the linking of his or her app- or program-based browser actions to his or her Google account.

If a user logs in with their Google account at different times on several end devices, even if only for a logical second, Google is able to link the remarketing cookies placed on the end devices and then send advertising to the user on a cross-device basis. According to Google, Google-authenticated user IDs are temporarily collected for this purpose, which serve for cross-device target group formation.

In the settings for advertising, you can deactivate personalized advertising by Google. You can find more detailed information at https://support.google.com/ads/answer/2662922?hl=en&ref_topic=7048998. Alternatively, you can use a browser plug-in. Information on this is available at https://support.google.com/ads/answer/7395996?hl=en.

Please note that only personalized advertising is deactivated by use of the above functions. Thus advertisements are no longer oriented to your interests. You can use a browser setting to prevent the placing of cookies.

Further information on the Google privacy policy can be obtained at https://policies.google.com/privacy?hl=en.

3.10      Google Ads

Google AdWords Conversion is used on the website. This is a tool to measure the interaction of Internet users with the advertisements we post. When a user clicks on our text advertisement in the Google Search or on the selected website in the Google display network or watches our video advertisement, a temporary cookie is stored on his or her computer. The cookie becomes invalid after 30 days and does not enable personal identification.

If a user completes a conversion on our website within this period, the cookie is read out via the tracking tag and sent back to AdWords with the conversion data. The information obtained with the help of cookies is used to draw up conversion statistics for us. For example, we learn the total number of users who have clicked on our advertisement. We are not able to identify users personally.

If you do not wish to participate in tracking, you can prevent the placing of cookies with a browser setting.

Information on Google data protection is available at https://policies.google.com/privacy?hl=en.

3.11   Any unessential processing of personal data shall require your permission. This particularly includes cookies for analysis, tracking or publicity purposes. The appropriate data shall only be processed with your express permission. This shall also apply in the case of the forwarding of personal data to business partners or third parties, Art. 6 Para. 1 Sentence 1 lit. a of the GDPR. The permission can be revoked at any time effective for the future.

3.12       LinkedIn Lead Ads

(1) We use the LinkedIn Lead Ads function and, in doing so, process the following information that you transmit via LinkedIn: work email address, first name, last name, city, country/region, job title, job function, company name and industry. We use this information to provide the desired information and to contact you.

(2) The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 letter a of the GDPR, i.e. the transmission takes place only after your consent. LinkedIn also processes your personal data in the USA and has set itself a standard that corresponds to the former EU-US Privacy Shield. We have also agreed to so-called standard data protection clauses with LinkedIn, the purpose of which is to maintain an appropriate level of data protection in third countries. We will delete your stored data on request if you revoke your consent, otherwise in accordance with the legal requirements.

(3) Additional information on data processing by LinkedIn is available from the provider, LinkedIn Ireland Unlimited Company, Attn: Legal Dept. (Privacy Policy and User Agreement), Wilton Plaza, Wilton Place, Dublin 2, Irland; information on LinkedIn Lead Ads: https://business.linkedin.com/marketing-solutions/native-advertising/lead-gen-ads

COOKIE-SETTINGS

4. Data security

All the information you transfer to us is saved on servers within the European Union. Unfortunately, the transmission of information across the Internet is not fully secure, which is why we cannot guarantee the security of the data transmitted to our website via the Internet. However, we secure our website and other systems using technical and organizational measures against the loss, destruction, access, modification or propagation of your data by unauthorized persons. In particular, we transmit your personal data in encrypted form. Here, we use the encoding systems SSL (Secure Socket Layer) and TLS (Transport Layer Security).

4.1 Cloudflare

We utilize the Content Delivery Network (CDN) operated by Cloudflare Inc. 101 Townsend Street, San Francisco, CA 94107 USA (Cloudflare), to increase the security and the speed of delivery of our web site. The legal basis for this processing activity is our legitimate interest (art. 6 para. 1 lit. f GDPR) in protecting our systems against cyber-attacks. Processing takes place on the basis of the standard contractual clauses concluded by the EU, Cloudflare acts as a processor for us https://www.cloudflare.com/cloudflare-customer-dpa/

We use exclusively the Cloudflare DNS service, you will find further information about this service at https://www.cloudflare.com/application-services/products/dns/

Information about exactly how your personal data are processed by Cloudflare is available here https://www.cloudflare.com/privacypolicy/ as well as https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/

Your personal data processed by Cloudflare are not saved permanently, not evaluated and not further used.

5. No forwarding of your personal data

We do not forward your personal data to third parties unless you have permitted the data forwarding or we are authorized or obliged to forward your data on account of a valid interest, legal requirements and/or the orders of authorities or courts to forward it. Here, this may particularly concern the provision of information for the purpose of law enforcement, risk aversion or the implementation of intellectual property rights.

6. Data protection and third-party websites

The website can contain hyperlinks to and websites of third parties. If you follow a hyperlink to one of these websites, please note that we cannot accept any responsibility or liability for third-party contents or data protection conditions. Please inform yourself regarding the appropriately valid data protection conditions before you give personal data to these websites.

7. Our activities in social networks

In the section below, we will inform you about the handling of your personal data, with particular reference to the use of our presences in social networks and offers.

Please check carefully which personal data you share with us via social networks. For example, for as long as you remain logged into your account and visit our profile operated by the providers, then the provider can directly assign it to your profile. You are therefore clearly recognizable to the provider.

The course of your visit can therefore be used to create a profile of you by the provider. We would specifically like to point out that the providers save the data of their users (e.g. personal information, IP address, etc.) and may use it for business purposes.

We always operate the pages and profiles in order to contact our customers, interested parties and employees, as well as potential employees, in a better and easier manner. The past has shown us that our activities beyond the online presence in the form of a website lead to considerably greater market penetration and thus contact options. For this reason, for us, the activities in the social networks are a key factor for our business success. With regard to use the of the services, we thus refer to an express, legitimate interest on our part (Art. 6 Para. 1 lit. f). Through the use of our profile pages in the corresponding social networks, in addition to the personal data you yourself have passed on to the provider through the creation of your access, use data is also collected. Normally, the corresponding provider uses it to create a personalized use profile. However, this is not within our sphere of influence. Our activity only allows the provider to record that you are interested in our company and that you may like our posts. Besides the tracking carried out by the provider, which is not carried out within our sphere of influence, there are no known factors which limit your basic rights and freedoms and which act against our legitimate interest in the use of the named services. In the case of tracking (recording and evaluation of your user behavior by the provider), we, of course, hope for timely clarification and procurement of legal certainty.

The following link allows you to configure your browser efficiently and to act against the unwanted recording of your user behavior, although most likely not entirely:

http://www.youronlinechoices.com

You can obtain more detailed information on data processing and on the provider's responsible office under the following links.

Facebook
Responsible office at Facebook: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Facebook pages based on a Agreement on joint processing of personal data
Data protection declaration: https://www.facebook.com/about/privacy/,
Opt-Out: https://www.facebook.com/settings?tab=ads

Google/ YouTube
Responsible office at Google: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)
Data protection declaration:  https://policies.google.com/privacy,
Opt-Out: https://adssettings.google.com/authenticated,

Instagram
Responsible office at Instagram: Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA)
Data protection declaration/ Opt-Out: http://instagram.com/about/legal/privacy/.

Twitter
Responsible office: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA)
Data protection declaration: https://twitter.com/en/privacy
Opt-Out: https://twitter.com/personalization,

LinkedIn
Responsible office at Linkedin: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)
Data protection declaration https://www.linkedin.com/legal/privacy-policy ,
Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

8. Handling of application documents

We process personal data which we receive from you as part of your job application, in accordance with Section 32 of the German Federal Data Protection Act [BDSG] old version, Section 26 BDSG new version. This is master data, such as information on name and address; data on knowledge and skills, such as qualification certificates, CV and assessments; communication data.

Your data will be used in connection with the filling of the vacant positions, i.e. for the purpose of storage, evaluation, allocation and internal forwarding of your application. In the course of the application process, your application data will be accessible to the appropriate personnel officer and to the managing directors and will be made available to the managers of the department with a vacant position. The data you provide will not otherwise be disclosed to third parties.

Documents submitted by rejected applicants will be deleted from our system 6 months after completion of the job application process.

Job applications for which consent has been given to storage for jobs possibly available at a later date will be stored for a maximum of 12 months and then deleted in full.

9. Hosting

Newsfactory
Curt-Frenzel-Str. 2
86167 Augsburg
https://www.newsfactory.de/privacy.html

Hosting

Adobe

Adobe Systems Software Ireland Limited, 4-6 Riverwalk, City West Business Campus, Saggart D24, Dublin, Ireland
https://www.adobe.com/privacy/policy.html

Hosting Online-Shop

Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Germany

https://www.hetzner.com/legal/privacy-policy

10. Online meetings and telephone conferences via "Lifesize"

In the following section, we would like to inform you about the processing of personal data in conjunction with the use of "Lifesize".

We use the "Lifesize" tool to carry out telephone conferences, online meetings, video conferences and/or webinars (hereinafter referred to as "online meetings").

The responsible office for data processing, directly connected with the execution of "online meetings", is Lifesize, Inc., 1601 South Mopac Expressway, Suite 100, Austin, Texas 78746, https://www.lifesize.com/en/legal-notices/privacy-policy/

Note: Should you open the "Lifesize" website, the provider of "Lifesize" shall be responsible for the data processing. However, it is only necessary to open the website to use "Lifesize" in order to download the software to use "Lifesize".

If you do not wish or are unable to use the "Lifesize" app, you can also use "Lifesize" via your browser. In such cases, the service shall then be provided via the "Lifesize" website.

Various data classes are processed when "Lifesize" is used. The scope of the data shall also be dependent upon the data you provide before or when participating in an "online meeting".

The following items of personal data are processed:

User information: e.g. "Display name", possibly the e-mail address, profile image (optional), preferred language

Meeting meta data: e.g. date, time, meeting ID, telephone numbers, location

Text, audio and video data: You may have the option of using the chat function in an "online meeting". Thus, any text entries you make shall be processed to display them in the "online meeting". Accordingly, to allow video to be displayed and audio to be played back, the data from the microphone of your terminal and any video camera on your terminal shall be processed for the duration of the meeting. You can switch off or mute the camera or the microphone at any time yourself using the "Lifesize" applications.

We use "Lifesize" to hold "online meetings". If we wish to record "online meetings", we shall inform you of this in a transparent manner in advance and - if required - ask for your permission.

If it is necessary for the purpose of logging events in an online meeting, we shall log the chat contents. However, this shall not usually be the case.

Automated decision-making in the sense of Art. 22 of the GDPR is not used.

Should employees process personal data, then the legal basis of the data processing shall be § 26 of the German Data Protection Law. Should personal data collated in conjunction with the use of "Lifesize" not be required to found, carry out or terminate the employment relationship, but be an elementary component for the use of "Lifesize", then Art. 6 Para. 1 lit f) of the GDPR shall form the legal basis for the data processing. In these cases, our interest is in the effective holding of "online meetings".

In addition, the legal basis for data processing when holding "online meetings" shall be Art. 6 Para. 1 lit b) of the GDPR, if the meetings are held in the context of contractual relations.

Should there be no contractual relationship, then the legal basis shall be Art. 6 Para. 1 lit. f) of the GDPR. Here too, our interest is in the effective holding of "online meetings".

Personal data processed in the context of participation in "online meetings" shall not be forwarded to third parties unless it is intended for forwarding. Please note that contents from "online meetings", as with personal meetings, are frequently used to communicate information with customers, interested parties or third parties, and are therefore intended for forwarding.

Other recipients: The provider of "Lifesize" shall necessarily obtain knowledge of the above data if intended in the scope of our order processing agreement with "Lifesize".

11. Changes to these data protection regulations

We reserve the right to change these data protection regulations at any time effective for the future. The current version can be found on the website. Please visit the website regularly and inform yourself about the valid data protection regulations.

12. Your rights and contact

You have comprehensive rights with regard to the processing of your personal data. Firstly, you have a comprehensive right of information and can, if necessary, demand the correction and/or deletion and/or blocking of your personal data. You can also demand a restriction of the processing and have a right of revocation as well as a right to data transmissibility. Should you with to apply one of your rights and/or wish to receive more detail information about it, please contact us at datenschutz@erhardt-leimer.com.

In addition, you have the right to complain to a supervisory authority. Should you have questions, comments or queries regarding the collection, processing and use of your personal data by us, you should please also contact us, using the stated contact data.