Your trust, your data and your satisfaction is important to us! Please take a moment to read the following Data Protection Statement and make the desired changes to your settings, if required!
1. Data protection – an overview
The following data protection statement is intended to explain the type, scope and purpose of the processing of personal data (hereinafter referred to as “data”) within the framework of our online offer as well as the websites and functions associated with it (hereinafter referred to as “online offer”). In terms of the terminology used in our data protection statement, such as “processing” or “responsible party”, we refer to the definitions in the General Data Protection Regulation, GDPR (see Art. 4, GDPR). Furthermore, we would like to inform you about your entitled rights.
The use of our Internet platform is generally possible without providing any personal data. However, we would like to point out that a processing of personal data may be possible if a person concerned would like to use certain functions and services of our website.
As the party responsible for the data processing, we have implemented numerous technical and organizational measures in order to ensure the seamless protection of the personal data that may be processed via this website. However, Internet-based data transfer can generally have security gaps, i.e., therefore we can also not guarantee 100% protection. For this reason, each person concerned can decide if they want to transfer their personal data to us through another channel, e.g., by phone.
Responsible for data processing
Party responsible for data processing pursuant to GDPR and the Federal Data Protection Act (BDSG, new) is:
CO-Improve GmbH & Co. KG
Düsseldorfer Str. 13
Tel.: +49 (0) 6196 / 96754-0
Fax: +49 (0) 6196 / 96754-11
Contact person for data protection at CO-Improve
CO-Improve GmbH & Co. KG
Applicable legal basis
The processing of personal data, e.g., name, address, e-mail or phone number of the person concerned is only performed by us in accordance with the requirements of the General Data Protection Requirement (GDPR) as well as in accordance with the federal data laws applicable to Germany.
Based on the stipulations of Art. 13 GDPR, we herewith inform you of the legal basis in our data processing: The legal framework for the collection of contents is Art. 6, Sec. 1 Letter (a) and Art. 7 GDPR; the legal framework for the processing in terms of the fulfilment of our contractual obligations as well as responding to queries is Art. 6 Sec. 1 Letter (b) GDPR; the legal framework for the processing in terms of the fulfilment of our legal obligations is Art. 6 Sec. 1 Letter (c) GDPR; and the legal framework for the processing in terms of our justifiable interests is Art. 6 Sec. 1 Letter (f) GDPR. If the vital interests of the person concerned or another individual make the processing of personalized data necessary, then Art. 6 Sec. 1 Letter (d) GDPR provides the legal framework.
Deletion and blocking of data
We adhere to the principles of data avoidance and data efficiency. The personal data processed by us is deleted or limited in its scope of usage pursuant to Art. 17 and 18 GDPR. Insofar as not specifically outlined in this data protection statement, the data stored by us is deleted as soon as it is no longer required for the intended purpose, and the deletion of the data is not subject to any statutory retention periods. Insofar as the data is not deleted because it is required for other and legally permissible purposes, the processing of this data will be limited. That means that the data is blocked and not processed for any other purposes. This applies to data that must be retained due to commercial or tax-related reasons. Based on the statutory requirements in Germany, the period of retention is 6 years in accordance with Art. 257, Sec. 1 German Commercial Code (HGB) as well as 10 years in accordance with Art. 147, Sec. 1 Federal tax filing regulations (AO).
Forwarding of personal data
We will only forward your personal data to third parties within the scope of the intended purpose for processing. Our employees and suppliers/commercial partners have been obligated by us to confidentiality and non-disclosure as well as obliged by law to maintain data secrecy.
SSL and/or TLS encryption
For security reasons, and in order to protect the transmission of confidential content, our website uses an SSL and/or a TLS encryption. An encrypted connection can be recognized when the “http://” in the address/search bar changes to “https://” and the padlock symbol appears in your browser’s search bar. If the SSL or TLS encryption is active, then the data you transfer to us cannot be read or accessed by third parties.
2. Data recording, types of processed data, categories of affected parties, processing purposes
We use hosting services in order to provision the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services as well as technical maintenance services that we use for purposes of operating this website. In doing so, we – or rather our hosting provider – process inventory data, contact data, content data, contract data, user data, meta and communication data from our customers, prospective customers and visitors to this website in order to pursue our justified interests in an efficient and secure availability of this offer in accordance with Art. 6, Sec. 1, Letter (f) and Art. 28 GDPR.
Recording of access data
Every time the user or an automated system accesses our website, our website will collect a range of general data and information for the purposes of serving our justified interests in accordance with Art. 6, Sec. 1, Letter (f) GDPR. This general data and information is stored in the server’s log files. The following is recorded: (1) type of browser and version used, (2) the user’s operating system, (3) the referring URL, (4) the sub-websites which route users to our website via an accessing system, (5) the data and the time of the website access, (6) the IP address, (7) the Internet service provider of the accessing system, (8) protocols, status code and volume of data, (9) the directory protection used as well as (10) all similar data and information that serve to block strikes against our IT systems.
IP addresses are stored anonymously. To do so, the last three digits are truncated. IPv6-addresses are also made anonymous. Details about the directory protection user are made anonymous after one day. Error logs, which log erroneous access to pages, are deleted after seven days. Aside from the error messages, these include the accessing IP address and, depending on the error, the website accessed. Access via FTP is made anonymous, written to protocol, and retained for a period of 60 days. The e-mail logs for sending of web-based e-mails are made anonymous after one day and then retained for a period of 60 days. All data regarding the sender/receiver, etc. is deleting during the process of anonymization. The only data that is retained is the data at the time of transmission as well as the information pertaining to how the e-mail was processed (queue ID or “not sent”). Mail logs for the sending via our mail server are deleted after a period of four weeks. The longer hold-back time is required for securing the functionality of the mail services and combating spam. An individual determination of the storage period is not possible.
All data, whose further retention is required for purposes of proof, is exempt from deletion until the issue or issues have been resolved.
In the use of this general data and information, no conclusions are drawn about the person concerned. This information is required in order to (1) correctly supply the content of our website, (2) to optimize the content of our website as well as the advertising for it, (3) to ensure the ongoing functionality of our IT systems and the technology of our website and to enable communication with users, (4) to respond to contact requests and to enable the communication with users, as well as (5) to provision the required information to the law enforcement authorities in case of criminal prosecution. This anonymously collected data and information is therefore statistically analysed by us with the goal of increasing data protection and data security in order to ensure an optimal level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all the personal data provided by the person concerned.
Data processing during service fulfilment
In addition, we process our customers’ data within the scope of our contractual services, which also include conception and strategic consulting, training, etc.
We process inventory data, contact data, content data, contract data, payment data, user and Meta data. We generally do not process any special categories of personal data. The parties concerned include customers, prospective customers (as well their customers), users, website visitors, employees and third parties. The purpose of the processing is related to the provision of contractual services, billing and customer services on the basis of Art. 6, Sec. 1, Letter (b) GDPR. We process data that is required for the verification and fulfilment of the contractual services. This data is only provided to third parties if this is required within the scope of order fulfilment. In the processing of the data provided to us within this scope, we act in accordance with the directives of the purchaser as well as the legal requirements of an order processing in accordance with Art. 28 GDPR. The data is not used for any other purpose other than for purposes of order fulfilment. The data is deleted upon conclusion of the statutory warranty obligation period or similar obligatory periods, whereby the requirement for storage is reviewed every three years. If statutory retention periods exist, then this data is correspondingly blocked.
Data processing within the scope of the company organization
Within the scope of the company’s organization, internal administrative tasks, financial accounting and the fulfilment of statutory obligations, we generally process the same data that we also process within the scope of our contractual services in accordance with Art. 6, Sec. 1, Letters (c) and (f) GDPR. Customers, potential customers, business partners and website visitors are all affected by this. The purpose of the processing is administration, financial accounting, organization, archiving, business continuity, performing our tasks and provision of contractually owed services. In the process, we divulge information to the fiscal administration authorities, tax advisers, business consultants, fee offices and payment service providers. In addition, we store information pertaining to suppliers, event organizers, and other business partners on the basis of our commercial business interests. As a matter of course, this company-related data is stored permanently.
We analyse the provided data related to the business processes, contracts, inquiries, etc., in order to economically manage our company and to recognize market tendencies and customer wishes. In doing so, we process inventory data, communication data, contract data, payment data, usage data, and meta-data on the basis of Art. 6, Sec. 1, Letter (f) GDPR. Parties concerned are customers, prospective customers, business partners, visitors and users of our online offer. The analyses are not made public unless these are anonymous analyses containing aggregated values.
When contacting us (either via contact form, e-mail, phone or social media platform), the user’s information for the processing of the contact request must be handled in accordance with Art. 6, Sec. 1, Letter (b) GDPR. The user's information can be stored in a CRM system or in a comparable query organization. The data entered is not forwarded without the consent of the party concerned.
We will delete the queries and the data immediately if we are asked to do so, or if the party concerned revokes its consent to saving the data, or if the purpose for saving the data no longer exists, i.e., if the data is no longer required. Every two years we will review the requirement of data retention. In all other cases, the general legal storage obligations shall apply.
Collaboration with order processors and third parties
Insofar as we divulge data towards other persons or companies within the scope of our processing (order processors or third parties), transfer data to them, or otherwise give them access to the data, this will only be conducted on the basis of a legal permission to do so (e.g., if a transfer of data to third parties, such as a payment service provider, is required for contract fulfilment as per Art. 6 Sec. 1 Letter (b) GDPR), they have consented this, a legal stipulation demands this, or due to our justifiable business interests (e.g., use of agents, web hosting companies).
Insofar as we have commissioned a third party for the processing of our data on the basis of a so-called “order processing contract”, then this is based on Art. 28 GDPR.
Transfer of data to third-party countries
Insofar as we process data in a third-party country (outside of the European Union (EU) or the European Economic Area (EEA)), or if this is performed within the scope of third-party services or the disclosure or data to third-parties, then this only occurs if it is required for the fulfilment of our contractual obligations, on the basis of your consent, based on a legal obligation, or on the basis of our justified interests. Subject to legal or contractual permissions, we only process or allow data to be processed in third party countries upon presentation of special requirements in accordance with Art. 44 and seq. GDPR. That means, the processing is conducted on the basis of special guarantees, such as the officially recognized determination of an EU-relevant data protection level or consideration of an officially recognized special contractual obligation (so called “standard contract clauses”).
3. Rights of the affected parties
The GDPR provides a number of stakeholder rights. We would like to inform you about them and provide further explanation.
Right to confirmation
You have the right to demand an explanation of whether personal data about you has been processed. In order to exercise this right, please contact our above-mentioned data protection officer.
Right to information
Furthermore, you have the right – at no charge – to receive information about your personal data that has been stored by us as well as additional information and a copy of the data pursuant to Art. 15 GDPR. Furthermore, you also have the right to receive the following information:
- The processing purposes
- The categories of the personal data being processed
- The recipients or categories of recipients towards which the personal data was disclosed or will be disclosed, in particular for recipients in third-party countries or with international organisations
- If possible, the planned duration for which the personal data is stored or, if this is not possible, the criteria for the determination of this duration
- The existence of a right to correction or deletion of your related personal data or pertaining to the limitation of the processing or a right to appeal against this processing
- The existence of a right of appeal to a supervisory authority
- If the personal data is not collected from you as the party concerned: all available information about the origin of the data
- The existence of an automated decision-making process, including profiling as per Art. 22, Sec. 1 and 4 GDPR and – at least in these cases – conclusive information about the logic involved as well as the scope and the intended effect of such processing on the data subject
Furthermore, you also have a right to information regarding if whether or not any personal data has been forwarded to a third-party country or to an international organisation. If this is the case, you have the right to receive information about the suitable guarantees in connection with the transferring of the data. Insofar as you want to utilise this right to information, please contact our above-mentioned data protection officer.
Right to correction of data
As per Art. 16 GDPR, you have the right to demand that your data is completed or corrected. Furthermore, you have the right – under consideration of the purposes of processing – to demand the completion of any incomplete or missing personal data. If you would like to make use of this right to correction, please contact our above-mentioned data protection officer.
Right to deletion (right to be forgotten)
In accordance with Art. 17 GDPR, you also have the right to demand that the data related to your person is immediately deleted, or alternatively in accordance with Art. 18 GDPR, to demand a limitation of the processing of the data, insofar as one of the following reasons applies and insofar the processing is not required:
- The personal data was created for those purposes or for other reasons for which it is no longer required.
- The party concerned withdraws their consent upon which the processing as per Art. 6, Sec. 1, Letter (a) GDPR or Art. 9, Sec. 2, Letter (a) GDPR is based, and there is no other legal basis for processing.
- The party concerned files an objection against the processing and there are no other justified reasons for the processing, or the party concerned files an objection against the processing as per Art. 21, Sec. 2 GDPR.
- The personal data was not processed lawfully.
- The deletion of the personal data is required for the fulfilment of a legal obligation as per the European Union law or the law of the member states to which the responsible party is subject.
- The personal data was collected in terms of the offered services of the information society as per Art. 8, Sec. 1 GDPR.
Insofar as one of the above-noted grounds exists and you would like to initiate the deletion of personal data that is stored by us, please contact our data protection officer.
Right to limitation of processing
Furthermore, you have the right to demand the limitation of processing from us, if one of the following prerequisites exists:
- The correctness of the personal data is contested by you for the duration of time it takes to verify the correctness of the personal data
- The processing of the data is unlawful; however, you do not want the personal data to be deleted and instead demand the limitation of the use of the personal data
- We no longer need the personal data for the purposes of the processing, however you need it for the assertion, exercising or defending of legal claims
- You have raised objection to the processing of the data in accordance with Art. 21, Sec. 1 GDPR, but it remains uncertain if our justified grounds outweigh yours
Insofar as one of the above-noted prerequisites exists and you would like to initiate the limitation of personal data that is stored by us, please contact the above-noted data protection officer.
Right to data transferability
Furthermore, you have the right to receive your personal data from us – and which you have provided to us – in a structured, standard and machine-readable format. Furthermore, you have the right to demand that we transfer this data to another responsible party, insofar as the processing is based on the consent in accordance with Art. 6, Sec. 1, Letter (a) GDPR or Art. 9, Sec. 2, Letter (b) GDPR and the processing is carried out with the help of automated processes, and insofar as the processing is not required for the performance of a task that lies within the public interest or in the execution of official authority, which was transferred to us and therefore the rights and freedoms of other persons are not hampered. To assert the right to data transferability please contact our above-noted data protection officer.
Right to objection
You have the right to object to the processing of your personal data, which are processed in accordance with Art. 6, Sec. 1, Letter (e) or (f) GDPR, at any time. This also applies to profiling, which is based on this regulation.
In case of your objection, we will no longer process personal data, unless there are more compelling grounds for protection against the processing of the data that outweigh your interests, rights and freedoms, or the processing serves the assertion, exercising or defence of legal claims. If we process your personal data in order to conduct direct marketing/advertising measures, then you have the right to object to the processing of your personal data for these types of advertising purposes at any time. This also applies to profiling, insofar as it is related to this type of direct marketing/advertising measure. You also have the right to object to the processing of your personal data that we have collected for scientific or historical research measures or for statistical purposes as per Art. 89, Sec. 1 GDPR, unless this type of processing is required for the fulfilment of a task within the scope of the public interest. To exercise your right to objection, please contact our above-noted data protection officer.
Automated decisions in individual cases including profiling
You have the right to not be subjected to a decision that is only based on automated processing – including profiling – which could pose legal consequences to you, or that can severely hamper you in any similar way, insofar as the decision (1) is not required for the conclusion or the fulfilment of a contract between you and us, or (2) is permissible based on legal regulations in the European Union or the member states, to which we are liable, and these legal requirements contain suitable measures for the protection of your rights and freedoms as well as your justified interests or (3) with your express consent. In order to assert your rights related to automated decisions, please contact our above-mentioned data protection officer.
Right to revoke consent under data protection law
In addition, you have the right to revoke your consent for the processing of your personal data at any time. In order to assert your rights related to revoking your consent, please consult our above-mentioned data protection officer.
Right of appeal to the competent supervisory authority
Furthermore, as per Art. 77 GDPR, you have the right to lodge a complaint to the competent supervisory authority. The State Data Protection Commissioner of the Federal State of Hesse is responsible for this. The contact data of the State Data Protection Freedom of Information Commissioner of Hesse is noted under the following link: www.bfdi.bund.de
There are different types of cookies: cookies that are deleted after the user leaves the website and closes the browser are referred to as temporary cookies, "session" cookies or "transient cookies". These cookies store, for example, the content of a shopping cart or the user's login status. Cookies that are referred to as "permanent" or "persistent" remain saved even after the browser session has been closed. For example, this enables the user's login status to be saved and the user can revisit this several days later. This type of cookie can also store the user's interests, which are then used for range measurement or marketing purposes.
Cookies that are required for the execution of electronic messaging or for the provisioning of certain functions requested by the user, are stored on the basis of Art. 6, Sec. 1, Letter (f) GDPR.
5. Use of website analysis tools
On our website, we have integrated the components of Google Analytics (with anonymization function). Google Analytics is a web analysis service. Web analysis is the survey, collection and analysis of data related to the behaviour of visitors on our website. A web analysis service records, among other things, data about such things as from what website someone visited before being referred to ours, what pages of the website were accessed, or how often and for how long a specific page was viewed. Web analysis is mainly used for the optimisation of an Internet page and for the cost-benefit analysis of online advertising. The operator of the Google Analytics Components is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
For web analysis via Google Analytics we use the add-on "_gat._anonymizeIp". With the help of this add-on, the IP address of the user's Internet connection is truncated and made anonymous by Google if accessing our website came from a member state of the European Union or another State party to the Agreement on the European Economic Area.
The purpose of the Google Analytics Components is the analysis of the visitor traffic on our website. Google uses the data and information to, among other things, analyse the use of the website and to compile online reports that show the activity on our website. This, in turn, is used to provide additional services in relation to the use of our website. Google Analytics sets a cookie on the user's IT system. What cookies are has been described in detail above. By employing cookies, Google is able to conduct an analysis of the user of our website. Through every access of any of this website's individual pages operated by the party responsible for the processing – and upon which Google Analytics Components have been integrated – the browser of the user's IT system is automatically induced to transfer data for the purposes of an online analysis to Google via the respective Google Analytics Components. Within the scope of this technical process, Google receives insight about personal data such as the user's IP address. This data serves Google to trace and track the origin of the users and the clicks in order to provide commission-based calculations based on this.
Our website also uses the "demographic characteristics function" from Google Analytics. This enables the compiling of reports that contain information about age, gender and interests of the website visitors. This data comes from Google's interest-specific advertising as well as from visitor data from third-party suppliers. This data cannot be allocated to any specific person. You can deactivate this function at any time using the advertising settings in your Google account or you can generally reject the collection of your data through Google Analytics as described above.
Google AdWords and Google Conversion Tracking
To pursue our legitimate business interests (Art. 6, Sec. 1, Letter (f) GDPR), our website uses the marketing and remarketing services (“Google Marketing Services”) provided by Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). As mentioned, Google is certified under the “Privacy Shield Agreement” and guarantees to adhere to the European Data Protection Regulations.
With the assistance of Google Marketing Services, we can display advertising to our users in a more targeted manner on our website in a manner that is potentially more aligned to their interests, because the user should only see products for which they have already displayed interest on other websites (so-called “remarketing”).
For these purposes, when a website is accessed upon which Google Marketing Services are active, Google immediately executes a code and so-called “(re)marketing tags (invisible graphics or code, also known as “web beacons”) that are integrated into the website. These web beacons are stored on the user’s device as individual cookies, i.e., small files (instead of cookies, similar technologies can be used). This file records what websites the user has visited, which content was of interest to them, and what offers/adverts they clicked on. Furthermore, information about the browser and operating system, referring websites, time spent on the website, and other information regarding the use of the online offer is noted and the user’s truncated IP address is recorded. The IP address is not combined with user data from any other Google offers. This previously noted information can be combined by Google with information from different sources. If the user subsequently visits other websites, then certain adverts that relate to his/her interests may be displayed.
The user data is processed as an alias within the scope of Google Marketing Services; Google stores and processes the relevant, cookie-specific data within the alias-based user profile. From Google's perspective, the adverts are not administered and displayed for a specific identifiable person, but rather for the owner of the cookies regardless of who this cookie owner is. This does not apply if the user has specifically enabled Google to process the data without this alias. The information collected by Google Marketing Services about the user is transferred to Google and stored on Google servers located in the USA.
The online advertising program “Google AdWords” is among the Google Marketing Services used by us. Each AdWords customer receives a different “conversion cookie”. Cookies can therefore not be traced via the websites of AdWords customers. The information collected with the help of cookies only serves to compile conversion statistics for AdWords customers. The AdWords customers receive information such as the total volume of users that clicked on their adverts and that were forwarded to a website equipped with a conversion tracking tag. However, they do not receive any information with which users can be personally identified. You may object to the tracking and prohibit it by deactivating the Google Conversion Tracking cookie via your Internet browser under "user settings".
Further information pertaining to data usage for marketing purposes by Google is available on the following website: www.google.com, the Google data protection statement is accessible at: www.google.com/policies/privacy. In case you would like to object to the interest-specific advertising through Google Marketing Services, you can use the setting and opt-out possibilities provided by Google at: www.google.com/ads/preferences.
LinkedIn Insight Tag
Our website uses the Insight Tag from "LinkedIn". The provider of this service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
Data processing by LinkedIn Insight Tag
The use of LinkedIn Insight is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in effective advertising measures including social media. If a corresponding consent has been requested (e.g., consent to store cookies), the processing is carried out exclusively on the basis of Art. 6 (1) a DSGVO; the consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: www.linkedin.com/legal/l/dpa and www.linkedin.com/legal/l/eu-sccs.
Objection to the use of LinkedIn Insight Tag.
Object to the analysis of usage behavior as well as targeted advertising by LinkedIn at the following link: www.linkedin.com/psettings/guest-controls/retargeting-opt-out. Furthermore, members of LinkedIn can control the use of their personal data for advertising purposes in the account settings. To avoid a link between data collected on our website by LinkedIn and your LinkedIn account, you must log out of your LinkedIn account before visiting our website.
Within the scope of pursuing our legitimate interests as per Art. 6, Sec. 1, Letter (f) GDPR, we also provide links on our website to third-party content and service offers and their content and services. This, however, assumes that the providers of this content and these services recognise the IP address of the users since they would be unable to send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. Regardless of this fact, we strive to only use content whose respective providers use the IP address only for the delivery of the content; third parties can use so-called pixel tags (invisible graphics, "web beacons") for statistical or marketing purposes. Through the use of the pixel tags, information such as, e.g., the traffic of the sub-pages of this website can be analysed. Moreover, the alias information can be stored in cookies on the user's device and can contain, among other things, technical information about the browser and the information system, referring URL, visiting time and additional information regarding the use of our online offer. In addition, they can be combined with similar data from other sources.
7. Social media presence
You can find us on various social media networks and platforms. We communicate with prospective customers, customers and users and inform them about our services. When you access the respective social media network or platform, the Terms and Conditions of Business and the Data Privacy Policies of the respective platform operator apply. We only process the user's social media data insofar as the user contacts us within the network.
On our website, we offer users the ability to register for our newsletter. Our newsletter informs users on a monthly basis about the latest news at Co-Improve as well as about our products, events and services, and interesting specialist topics. By subscribing to our newsletter, you provide your consent regarding its receipt as well as the process described in the following.
We send the newsletter, e-mails and other electronic information containing advertising information (hereinafter "newsletter") only with the express consent of the recipient or the legal permission to do so. Insofar as the newsletter's contents are specifically described within the scope of the newsletter registration, then they are decisive for the consent of the user. Moreover, our newsletters contain information about our services and about us.
In order to register for the newsletter, it is sufficient if you provide us with your e-mail address. As an option, you may provide us with a name so that we can personally address the newsletter to you.
The newsletter registration is logged in order to be able to document and verify that the registration process is in line with the legal requirements. This includes the saving of the registration and confirmation times as well as your IP address.
The processing of the registration data provided only follows on the basis of your consent (Art. 6, Sec. 1, Letter (a) GDPR). The provided consent for the saving of data, your e-mail address, as well as the use of your e-mail address for the mailing of the newsletter can be withdrawn at any point in time, for example by using the "unsubscribe" link contained in the newsletter. The legality of the data processing already conducted remains unaffected by the revocation.
The mailing of the newsletter and the related performance measurement as per Art. 6 Sec. 1 Letter (a), Art. 7 GDPR in connection with Art. 7 Sec. 2, No. 3 Unfair Competition Act (UWG) on the basis of your consent or on the basis of the legal permission as per Art. 7 Sec. 3 UWG.
As the newsletter subscriber, your data is stored by us until you unsubscribe to the newsletter and then deleted once you have completed the de-registration process. Data that we have stored for other purposes remain unaffected by this.
The logging of the registration process is completed on the basis of our legitimate business interests as per Art. 6, Sec. 1 Letter (f) GDPR. We are interested in providing a user-friendly as well as secure newsletter system that both serves our business interests as well as the expectations of the users and that also enables us provide proof of consent.
You can terminate the receipt of our newsletter at any time, i.e., you can revoke your consent at any time. A link for the termination of the newsletter can be found at the end of every newsletter. We can store the removed e-mail addresses for a period of up to three years on the basis of our legitimate business interests before we delete them for purposes of newsletter mailing, so that we can prove a previously given consent. The processing of this data is limited for the purposes of possible defence against claims. An individual request for deletion is possible at any time, provided, at the same time, that the former existence of consent is confirmed.
Use of the dispatch service provider Inxmail.
Our website uses "Inxmail" for the dispatch of newsletters, a newsletter dispatch platform of Inxmail GmbH, Wentzingerstr. 17,79106 Freiburg, Germany. We use this dispatch service provider for the dispatch of our newsletter because it ensures that the e-mails are sent reliably and with a high probability that they will not end up in your spam filter. Our dispatch service provider is used on the basis of a contract processing agreement pursuant to Art. 28 (3) p. 1 DSGVO. Your personal data is stored on the servers of Inxmail. Inxmail uses this information to send and evaluate the newsletters on our behalf. Furthermore, according to its own information, Inxmail may use this data to optimize or improve its own services, e.g. to technically optimize the dispatch and display of the newsletters or for economic purposes to determine which countries the recipients come from. However, Inxmail does not use the data of our newsletter recipients to address them itself or to pass them on to third parties. In addition, there are cases in which we direct newsletter recipients to Inxmail's websites. For example, our newsletters contain a link that our newsletter recipients can use to access the newsletters online (e.g. in the event of display problems in the email program). Furthermore, newsletter recipients can subsequently correct their data, such as the email address.
You can terminate the receipt of our newsletter at any time, i.e., you can revoke your consent at any time. By doing so, your consent and the statistical analyses will both no longer be valid. Unfortunately, a separate cancellation of the mailing or the statistical analysis is not possible. A link for the termination of the newsletter can be found at the end of every newsletter.
9. Your consent
By using our website, you agree to the collection and the use of this information by us.
Please let us know what you think