Data Privacy Statement

Name and contact person of the party responsible in accordance with Article 4 Para. 7 GDPR

DORNBACH GmbH

Name: Ms Lydia Schmidt, PR- and Marketing Consultant
Address: Anton-Jordan-Straße 1, 56070 Coblenz, Germany
Phone: +49(0)261 94 31 - 438
Fax: +49(0)261 94 31 - 260 
E-Mail: lschmidt@dornbach.de

Data Protection Officer

If you have any questions regarding the processing of your personal data, you can contact the Data Protection Officer for the relevant company in the DORNBACH Group who is available in cases of requests for information, comments or complaints. You can find them under the site information.

Safety and protection of your personal data

Ensuring the confidentiality of the personal data you provide and protecting it from unauthorised access is our priority. This is why we take extreme care and use the latest security standards to ensure the maximum protection of your personal data.

As a company under private law, we are subject to the provisions of the European General Data Protection Regulation (GDPR) and the regulations of the Federal Data Protection Act (BDSG). We have taken technical and organisational measures that ensure that both we and our external service providers observe data protection regulations.

Definitions

We are required by law to process personal data lawfully, in good faith and in a way that is transparent for the person concerned ("legality, processing in good faith, transparency"). To ensure this, we inform you about the individual statutory terms that are also used in this data privacy statement.

1. Personal data
"Personal data" means all information relating to an identified or identifiable natural person (hereinafter referred to as the "person concerned"); a natural person is considered identifiable if that person can be identified directly or indirectly, especially by means of allocation to an identification such as a name, an identity number, location data, an online ID, or to one or more special characteristics that are an expression of the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.

2. Processing
"Processing" means each operation executed with or without the help of automated procedures or any such series of operations in connection with personal data such as the collection, recording, organisation, arrangement, storage, modification or change, export, query, use, disclosure by means of transmission, dissemination or another form of provision, comparison or linking, restriction, deletion or destruction.

3. Restriction of processing
"Restriction of processing" means the marking of stored personal data with the objective of restricting its future processing.

4. Profiling
"Profiling" means any kind of automated processing of personal data that consists of this personal data being used to assess certain personal aspects relating to a natural person, in particular to analyse or predict aspects regarding their work performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or change of location of this natural person.

5. Pseudonymisation
"Pseudonymisation" means the processing of personal data in a way that the personal data can no longer be assigned to a specific person concerned without the addition of additional information, provided that this additional information is kept separate and is subject to technical and organizational measures that ensure that the personal data cannot be assigned to an identified or identifiable natural person.

6. File system
"File system" is each structured collection of personal data that is accessible according to certain criteria, regardless of whether this collection is maintained centrally, decentrally, or arranged according to functional or geographical factors.

7. Party responsible
"Party responsible" is a natural or legal person, authority, agency or other body which, alone or together with others, decides on the purpose and means of the processing of personal data; if the purpose and means of this processing are specified by European Union law or the law of the Member States, the party responsible or rather the specific conditions of its appointment in accordance with European Union law or the law of the Member States can be provided for.

8. Data processor
"Data processor" is a natural or legal person, authority, agency or other body that processes personal data on behalf of the party responsible.

9. Recipient
"Recipient" refers to a natural or legal person, public authority, agency or other body to whom person data is disclosed, regardless of whether or not this is a third party. Authorities who may receive personal data as part of a specific request for investigation according to European Union law or the law of the Member States do not count as a recipient, however; this data is processed by the named authorities in accordance with the applicable data protection regulations in accordance with the purposes of the processing.

10. Third party
"Third party" is a natural or legal person, authority, agency or other body apart from the person concerned, the party responsible, the data processor and the persons who are authorised to process the personal data under the direct responsibility of the party responsible or the data processor.

11. Consent
"Consent" granted by the person concerned means each statement of intent that is submitted for the specific case in an informed and unequivocal way in the form of a statement or another clearly confirming action, with which the person concerned intimates that he or she agrees to the processing of the personal data relating to that person.

Lawfulness of the processing

The processing of personal data is lawful only if a legal basis exists for its processing. The legal basis for the processing can be in accordance with Article 6 Para. 1
a. – f. GDPR in particular:

  1. the person concerned has given his or her consent to the processing of the personal data relating to him or her for one or more specific purposes;

  2. the processing is necessary for the fulfilment of a contract whose contractual party is the person concerned, or to perform pre-contractual measures that take place at the person concerned's request;

  3. the processing is necessary to fulfil a legal obligation to which the party responsible is subject;

  4. the processing is necessary to protect the vital interests of the person concerned or another natural person;

  5. the processing is necessary for the performance of a task that is in the public interest, or in the exercise of official authority that was vested in the party responsible;

  6. the processing is necessary for the performance of the legitimate interests of the party responsible or a third party, provided that the interests or fundamental rights and freedoms of the person concerned requesting the protection of personal data do not outweigh this, especially if the person concerned is a child.

Information relating to the collection of personal data

(1) The following information relates to the collection of personal data during the use of our website. Personal data can be a name, address, e-mail addresses or usage behaviour, for example.

(2) If you make contact with us via e-mail or by using a contact form, the data you provide (your e-mail address or your name and telephone number) is stored by us so that we can answer your questions. We will delete the data that is generated in this context once its storage is no longer necessary, or its processing is restricted if there is a legal obligation to retain the data.

Collection of personal data during visits to our website
If you use our website for purely informational purposes, that is, if you do not register with us or send us any other information, we will collect only the personal data that your browser sends to our server. If you would like to view our website, we collect the following data that is technically necessary for us to present our website to you and to ensure its stability and security (the legal basis is the first sentence of Art. 6 Para. 1 (f) GDPR):

  • IP-Adresse
  • Data and time of the query
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • The data volume transmitted
  • Website from which the request originated
  • Browser
  • Operating system and its interface
  • Language and version of the browser software

Use of cookies
(1) In addition to the above-mentioned data, cookies are stored on your computer when you use our website. Cookies are small text files which are stored on your hard drive assigned to the browser that you are using and certain information flows through the point that the cookie sets. Cookies cannot execute any programs or transfer viruses to your computer. They are used for making the Internet offering more user friendly and effective.

(2) This website uses the following types of cookies whose scope and functionality are explained below:

  • Transient cookies (also a.)
  • Persistent cookies (also b.)
  1. Transient cookies are automatically deleted when you close the browser. This includes session cookies in particular. These store what is called a session ID, with which various requests from your browser can be assigned to the same session. This enables your computer to be recognised when you return to our website. Session cookies are deleted when you sign out or close your browser.

  2. Persistent cookies are automatically deleted after a specified duration, which can vary depending on the cookie. You can delete the cookies at any time in the security settings for your browser.

  3. You can configure your browser setting as you prefer and reject the acceptance of third-party cookies or all cookies, for example. What are known as "third party cookies" are cookies that were set by a third party and therefore not by the actual website that is currently open. Please note that if you deactivate cookies, you may not be able to use all of the functions of this website.

Additional functions and offerings on our website
(1) In addition to the use of our website purely for information purposes, we offer various services that you may be interested in using. To do this, you usually have to specify personal data which we use for providing the relevant service and to which the previously mentioned principles for data processing apply.  

(2) We sometimes use external service providers for processing your data. These have been carefully selected and commissioned by us, are bound by our instructions, and are monitored on a regular basis.

(3) We can also forward your personal data to third parties if we offer sale campaigns, competitions, contract conclusions or similar services together with partners. You will receive more information about this when you provide your personal data or below in the description of the offer.

(4) If our service providers or partners are based in a country outside of the European Economic Area (EEA), we will inform you about the consequences of this in the description of the offer.

Newsletter

(1) With your consent, you can subscribe to our newsletter with which we inform you about our latest interesting offerings. The goods and services advertised in them are named in the declaration of consent.

(2) For registration to our newsletters, we use what is called the double opt-in procedure. This means that after your registration, we send an e-mail to the specified e-mail address in which we ask you to confirm that you would like to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after a month. Furthermore, we store the IP addresses that you are using as well as the times of your registration and confirmation. The purpose of this procedure is to prove your registration and, where applicable, to be able to clarify a possible misuse of your personal data.

(3) The only mandatory information for sending the newsletter is your e-mail address. The specification of additional, separately marked data is voluntary and is used so that we can address you personally. Following your confirmation, we store your e-mail address for the purpose of sending the newsletter. The legal basis is the first sentence of Art. 6 Para. 1 (a) GDPR.

(4) You can withdraw your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can unsubscribe from the newsletter by clicking on the link provided in every newsletter e-mail, by using this form on the website, by sending an e-mail to info@dornbach.de or by sending a message to the contact details provided in the imprint.

(5) Please note that we assess your usage behaviour when sending the newsletter. For this assessment, the e-mails that are sent contain what are called web beacons or tracking pixels, which represent single-pixel image files that are stored on our website. For the assessments we link the above-mentioned data and the web beacons to your e-mail address and an individual ID. The data is collected pseudonymised, which means that the IDs are thus not linked to your additional personal data, thereby eliminating any direct reference to persons. You can object to this tracking at any time by clicking on the separate link that is provided in every e-mail or by contacting us via a different channel. The information is saved for as long as you are subscribed to the newsletter. When you unsubscribe, we store the data on a purely statistical and anonymous basis.

(6) We use an external service provider for sending newsletters. A separate data processing contract was concluded with the service provider in order ensure the protection of your personal data. We currently work together with the following service provider:

CleverReach GmbH & Co. KG

Mühlenstr. 43
26180 Rastede, Germany
Phone: +49 (0) 4402 97390-00
E-Mail: info@cleverreach.com

The following data is transmitted to CleverReach for this purpose:

  • E-Mail adress
  • IP adress

For additional information, please refer to the CleverReach data protection statement at https://www.cleverreach.com/de/datenschutz/ 

Children

Our offering is intended for adults only. Persons under 18 years old should not pass personal data to us without the agreement of their parents or guardians.

Rights of the person concerned

(1) Withdrawal of consent
If the processing of personal data is based on consent that was granted, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of consent-based processing carried out up to the point of withdrawal.

You can contact us at any time to exercise your right of revocation.

(2) Right to obtain confirmation
You have the right to request confirmation from the party responsible regarding whether we process the personal data relating to you. You can request the confirmation at any time by using the contact details mentioned above. 

(3) Right to information
If personal data is processed, you can demand information about this personal data and the following information at any time:

  1. the purposes of the processing;

  2. the categories of personal data that is processed;

  3. the recipient or categories of recipients to whom the personal data has been disclosed or is being disclosed, especially in the case of recipients in third countries or with international organisations;

  4. if possible, the planned duration for which the personal data is stored or, if this is not possible, the criteria for defining this period;

  5. the existence of a right to correction or deletion of the personal data relating to you or to restrict its processing by the party responsible, or a right to object against this processing;

  6. you also have the right to complain to a supervisory authority;

  7. if the personal data is not collected from the person concerned, all available information about the origin of the data;

  8. the existence of automated decision-making including profiling in accordance with Article 22 Para. 1 and 4 GDPR and – at least in these cases – meaningful information about the logic involved and the extent and the desired effects of this type of processing for the person concerned.

If personal data is transmitted to a third country or to an international organisation, you have the right to be informed about the appropriate warranties in accordance with Article 46 GDPR in connection with the transmission. We provide a copy of the personal data that is the subject of the processing. For all other copies that you request, we can demand an appropriate charge based on administrative costs. If you make the request electronically, the information has to be provided in a common electronic format unless indicated otherwise. The right to receive a copy in accordance with Paragraph 3 must not affect the rights and freedoms of other persons.

(4) Right to correction
You have the right to request from us the immediate correction of incorrect personal data relating to you. Taking the purpose of the processing into account, you have the right to request the completion of incomplete personal data including by means of a supplementary statement. 

(5) Right to deletion ("right to being forgotten")
You have the right to request the party responsible to delete personal data relating to you with immediate effect and we are obligated to delete personal data with immediate effect if one of the following reasons applies:

  1. the personal data is no longer necessary for the purposes for which is was collected or otherwise processed.

  2. the person concerned revokes their consent on which processing was based in accordance with Article 6 Paragraph 1 (a) or Article 9 Paragraph 2 (a) GDPR and there is no other legal basis for the processing.

  3. the person concerned objects to the processing in accordance with Article 21 Paragraph 1 GDPR and there are no legitimate reasons for the processing that take priority, or the person concerned objects to the processing in accordance with Article 21 Paragraph 2 GDPR.

  4. the personal data was processed unlawfully.

  5. the deletion of the personal data is required to fulfil a legal obligation in accordance with European Union law or the law of the Member States to which the party responsible is subject.

  6. the personal data was collected with regard to services offered by the information society in accordance with Article 8 Paragraph 1 GDPR.

If the party responsible has disclosed the personal data and if the party responsible is obligated to its deletion in accordance with Paragraph 1, then taking into account the available technology and the implementation costs, the party responsible takes appropriate measures for informing the party responsible for data processing who processes the personal data that a person concerned has requested them to delete all links to this personal data, or copies or replications of this personal data.

The right to deletion ("right to being forgotten") does not exist if the processing is required:

  • to exercise the right to free expression and information;
  • to fulfil a legal obligation requesting the processing in accordance with the law of the European Union or the Member States, to which the party responsible is subject, or for the performance of a task that lies in the public interest or in the exercise of official authority that was vested in the party responsible;
  • for reasons of public interest in the field of public health in accordance with Article 9 Paragraph 2 (h) and (i) as well as Article 9 Paragraph 3 GDPR;
  • for archive purposes in the public interest, for scientific or historic research purposes, or for statistical purposes in accordance with Article 89 Paragraph 1 GDPR, provided this does not make the realisation of the objectives of this processing named in Paragraph 1 impossible or seriously affect them, or
  • for the assertion, exercise or defence of legal claims.

(6)  Right to restriction of processing
You have the right to request the restriction of the processing of your personal data if one of the following prerequisites applies:

  1. the accuracy of the personal data is disputed by the person concerned and indeed for a period that enables the party responsible to verify the accuracy of the personal data,

  2. the processing is unlawful and the person concerned rejects the deletion of the personal data and instead requests the restriction of the use of the personal data;

  3. the party responsible no longer requires the personal data for the purposes of processing, yet the person concerned requires it for asserting, exercising or defending legal claims, or

  4. the relevant person has objected to the processing in accordance with Article 21 Paragraph 1 GDPR for as long as it has not been determined whether legitimate reasons of the party responsible outweigh those of the person concerned.

If the processing was restricted in accordance with the prerequisites named above, then this personal data – apart from its storage – is processed only with the consent of the person concerned or to assert, exercise or defend legal claims, or to protect the rights of another natural or legal person, or for reasons of important public interest of the European Union or a Member State.

To assert the right to restriction of processing, the relevant person can contact us at any time by using the contact details specified above. 

(7) Right to portability
You have the right to obtain the personal data relating to you that you have provided to us in a structured, common and machine-readable format, and you have the right to transfer this data to a different party responsible without any obstacle from the party responsible to whom the personal data was provided, if:

  1. the processing is based on consent in accordance with Article 6 Paragraph 1 (a) or Article 9 Paragraph 2 (a) or on a contract in accordance with Article 6 Paragraph 1 (b) GDPR and

  2. the data was processed by means of automated processes.

When exercising the right to data portability in accordance with Paragraph 1, you have the right to effect the direct transfer of personal data from one party responsible to another if this is technically feasible. The exercise of this right to data portability does not affect the right to deletion ("right to be forgotten"). This right does not apply to processing that is necessary for the performance of a task that is in the public interest, or in the exercise of official authority that was vested in the party responsible.

(8) Right to object
You have the right to object at any time to the processing of personal data relating to you resulting from your personal situation, which is based on Article 6 Paragraph 1 (e) or (f) GDPR; this also applies to profiling based on these provisions. The party responsible will no longer process your personal data unless it can demonstrate compelling legitimate reasons that are worth protecting for the processing that the interests, rights and freedoms of the person concerned, or the processing serves to establish, exercise or defend legal claims.

If personal data is processed for the purpose of direct advertising, then you have the right to object at any time to the processing of personal data relating to you for the purpose of this type of advertising; this also applies to profiling if it is related to such direct advertising. If you object to the processing for purposes of direct advertising, the personal data will no longer be processed for these purposes.

In connection with the use of the services of the information society, regardless of Guideline 2002/58/EC, you can exercise your right to object by means of automated processes with which technical specifications are used.

You have the right to object for reasons resulting from your particular situation to the relevant processing of personal data relating to you that takes place for scientific or historic research purposes, or for statistical purposes in accordance with Article 89 Paragraph 1, unless the processing is required to fulfil a task in the public interest.

You can exercise your right to object at any time by contacting the respective party responsible.

(9) Automated decisions in individual cases including profiling
You have the right not to be subject to a decision that was based exclusively on automated processing – including profiling – that has a legal effect on you or similarly impairs you considerably. This does not apply if the decision:

  1. is required for the conclusion or fulfilment of a contract between the person concerned and the party responsible,

  2. is permissible based on legal provisions of the European Union or the Member States to which the party responsible is subject and these provisions contain appropriate measures for protecting the rights and freedom and the legitimate interests of the person concerned or

  3. is made with the express consent of the person concerned.

The party responsible takes appropriate measures to protect the rights and freedom and the legitimate interests of the person concerned, to which at least the right to obtain intervention by a person on the part of the party responsible, to presenting their case, and the right to challenging the decision belongs.

The person concerned can execute this right at any time by contacting the respective party responsible.

(10) Right to complain to a supervisory authority
Irrespective of the provision of another administrative or legal judicial remedy, you also have the right to complain to a supervisory authority, especially in the Member State of your residence, your workplace or the location of the alleged infringement if the person concerned believes that the processing of the personal data relating to them violates this regulation. 

(11) Right to effective judicial remedy
Irrespective of an available administrative or non-judicial remedy, including the right to complain to a supervisory authority in accordance with Article 77 GDPR, you have the right to effective judicial remedy if you believe that your rights based on this regulation were violated as a result of the processing of your personal data that is not in line with these regulations.

Use of Google Analytics

(1) This website uses Google Analytics, a web analysis service from Google Inc. ("Google"). Google Analytics uses what is termed "cookies". These are text files saved to your computer. These cookies allow for analysis of the way in which you use our website. The information created by the cookie on your use of the website is as a rule transferred to a Google server in the USA and stored there. If the IP anonymisation is activated on this website, your IP address will however be shortened beforehand by Google within the member states of the European Union or in other member states of the Treaty on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activities, and to provide other services associated with the use of the website and the Internet to the website operator. 

(2) The IP address provided to Google Analytics by your browser will not be merged with any other data from Google.

(3) You can prevent the storage of cookies by selecting the relevant settings in your browser software; please note, however, that you may not be able to use all functions of this website in full in this case. Furthermore, you can prevent the transmission of the data that is created by the cookie relating to your use of the website (including your IP address) to Google, and the processing of this data by Google, by downloading and installing the browser plug-in that is available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de

(4) This website uses Google Analytics with the extension "_anonymizeIp()". This means that abbreviated IP addresses are further processed to eliminate direct reference to persons. If the data relating to you that was collected gives rise to a reference to persons, this is immediately excluded and the personal data is deleted immediately.

(5) We use Google Analytics so that we can analyse the use of our website and improve it on a regular basis. We use the statistics obtained to improve our offering and make it more interesting to you as a user. For exceptional cases in which personal data is transmitted to the USA, Google is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. The legal basis for the use of Google Analytics is the first sentence of Art. 6 Para. 1 (f) GDPR.

(6) Information about third-party providers: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436?1001. Terms of use:

http://www.google.com/analytics/terms/de.html, overview of privacy policy: http://www.google.com/intl/de/analytics/learn/privacy.html, and the data privacy statement: http://www.google.de/intl/de/policies/privacy.

(7) This website also uses Google Analytics for the cross-device analysis of visitor traffic which is carried out by using user IDs. You can deactivate the cross-device analysis of your use in your customer account under "My Data", "Personal Data".

Use of Google Maps

(1) We use the Google Maps offering on this website. This enables us to display interactive maps directly on the website and therefore provide a convenient way for you to use the map function.

(2) When you visit the website, Google receives the information that you have called up the corresponding sub-site of our website. The data specified in Section 3 of this statement is also transmitted. This is done irrespective of whether Google provides a user account that you are signed in to, or whether no user account exists. If you are signed in to Google, your data is allocated directly to your account. If you do not want to allow the Google allocation to your profile, you have to sign out before you activate the button. Google stores your data as a usage profile and uses this for the purpose of advertising, market research and/or to design its website to meet the needs of users. Such an assessment is carried out especially to provide appropriate advertisements (even for users who are not signed in), in order to inform other users of the social network about your activities on our website. You have a right to object to the creation of this user profile, but you have to contact Google to exercise this right.

(3) Additional information regarding the purpose and scope of the data collection and its processing by the plug-in provider is available in the privacy policies of the providers as listed below. Here you also obtain additional information about your rights and settings options to protect your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Use of Google ReCaptcha 

(1) We use "Google reCAPTCHA" (hereinafter referred to as "reCAPTCHA") on our websites. It is provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

(2) reCAPTCHA checks whether the data entered on our websites (in a contact form, for example) is entered by a human being or by means of an automated program. reCAPTCHA analyses the website visitor's behaviour using different characteristics for this purpose. This analysis starts automatically as soon as the visitor accesses the website. reCAPTCHA assesses different information (such as IP address, the website visitor's dwell time on the website or mouse movements performed by the user). The data that is recorded during the analysis is forwarded to Google.

(3) reCAPTCHA analyses run entirely in the background. Website visitors are not informed that an analysis is taking place.

(4) The data is processed on the basis of Article 6 Para. 1 (f) GDPR. The website operator has a legitimate interest in protecting its web offering from improper, automated spying and from spam.

(5) For additional information about Google reCAPTCHA and Google's privacy policy, see the following links: 
Privacy policy: https://www.google.com/policies/privacy/
Opt-out: https://adssettings.google.com/authenticated.

Use of Social-Media-Plugins

(1) We currently use the following social media plug-ins: [Facebook, Google+, Xing, LinkedIn, Instagram]. In doing so, we use the two-click solution. In other words, when you visit our site, initially no personal data is forwarded to the provider of the plug-ins. You can identify the provider of the plug-in from the mark on the box above its initial letter or the logo. We give you the option of communicating directly with the provider of the plug-in by using the button. The plug-in provider receives the information that you have called up the corresponding website of our online offering only when you click on the selected field, thereby activating it. The data specified in Section 3 of this statement is also transmitted. In the case of Facebook and Xing, according to information from the respective providers in Germany, the IP address is immediately anonymised after it is collected. By activating the plug-in, personal data is transmitted by you to the respective plug-in provider where it is stored (in the USA in the case of US providers). Since the plug-in provider collects data via cookies in particular, we recommend that before clicking on the greyed out box, you delete all cookies by using your browser's security settings.

(2) We do not have any influence over the data that is collected and the data processing operations, nor are we aware of the full scope of the data collection, the purposes of the processing, or the storage periods. Nor do we have any information regarding the deletion of the data that is collected by the plug-in provider.

(3) The plug-in provider stores the data collected about you as a usage profile and uses this for the purpose of advertising, market research and/or to design its website to meet the needs of users. Such an assessment is carried out especially to display appropriate advertisements (even for users who are not signed in), in order to inform other users of the social network about your activities on our website. You have a right to object to the creation of this user profile, but you have to contact the respective plug-in provider to exercise this right. With the plug-ins we give you the opportunity to interact with the social networks and other users so that we can improve our offering and make it more interesting to you as a user. The legal basis for the use of the plug-ins is the first sentence of Art. 6 Par. 1 (f) GDPR.

(4) The data is forwarded regardless of whether you have an account with the plug-in provider and are signed in there. If you are signed in with the plug-in provider, your data that is collected by us is allocated directly to your account with the plug-in provider. If you press the activated button and link to the page, for example, the plug-in provider also stores this information in your user account and publicly shares it with your contacts. After using a social network, we recommend that you regularly sign out especially before you activate the button. In this way you can avoid the plug-in provider allocating this data to your profile.

(5) Additional information regarding the purpose and scope of the data collection and its processing by the plug-in provider is available in the privacy policies of these providers as listed below. Here you also obtain additional information about your rights and settings options to protect your privacy.

(6) Addresses for the respective plug-in providers and URL with their privacy policies:

  1. Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; additional information relating to data collection: http://www.facebook.com/help/186325668085084http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook is subject to the EU-US-Privacy-Shield, https://www.privacyshield.gov/EU-US-Framework.

  2. Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.com/policies/privacy/partners/?hl=de. Google is subject to the EU-US-Privacy-Shield, https://www.privacyshield.gov/EU-US-Framework.

  3. Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; http://www.xing.com/privacy.

  4. LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. LinkedIn is subject to the EU-US-Privacy-Shield, https://www.privacyshield.gov/EU-US-Framework.

  5. Instagram, Instagram LLC, represented by Kevin Systrom and Mike Krieger,1601 Willow Rd, Menlo Park CA 94025, USA; https://help.instagram.com/155833707900388

YouTube integration

(1) Our website uses plug-ins from the YouTube site which is operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit one of our pages that has a YouTube plug-in, this creates a connection to the YouTube servers. The YouTube server is notified which of our pages you have visited.

(2) If you are signed in to your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. This can prevent you from signing out of your YouTube account.

(3) For additional information about handling user data, see YouTube's privacy policy at https://www.google.de/intl/de/policies/privacy 

XING

(1) We would like to inform you here about the processing of personal data when you use the XING Share Button function.

(2) The "XING Share Button" is used on this website. When this website is called, a short-term connection is made to the servers at XING AG ("XING") with which the "XING Share Button" functions (especially the calculation/display of the counter value) are provided. XING does not store any personal data about you when you call this website. In particular, XING does not store any IP addresses. Nor does it assess your usage behaviour regarding the use of cookies in connection with the "XING Share Button". To view the latest data protection information relating to "XING Share Button" and additional information, see: https://www.xing.com/app/share?op=data_protection; source: XING

Events by DORNBACH

If you have registered for an event by the DORNBACH Group, we will process the data that you entered during registration.

Data processing for eventsWe process your data for the purpose of fulfilling the contract or to perform pre-contractual measures prior to events. In particular, we process your e-mail address so that we can send you a registration confirmation or seminar documents and, if requested, a "participant certificate". We also notify you about possible changes relating to the date and content of the event. We will process your (company) name and your postal address for the purposes of invoicing and precisely allocating your registration to your company. The legal basis in terms of data that you have entered in mandatory fields is Art. 6 Para. 1 (b) GDPR and in terms of the data that you have submitted to us voluntarily, your consent (Art. 6 Par. 1 (a) GDPR).

We also use your data for sending advertisements by post or e-mail for our events if this is permitted by law. The legal basis is Art. 6 Para. 1 (f) GDPR. We have a legitimate interest in sending direct advertising. If you do not wish to receive any information about our events or you do not wish to assess our events, you can object to this use of your data when you register for an event and subsequently at any time.

For how long is your data stored?

Even after the event has been held, we may store your data at least until the event has been paid for. For the advertising purposes named above, we may store your data for up to 4 years as long as you have not objected to use of your data for advertising purposes. To assert or defend legal claims, we may store data within the regular limitation period of 3 years and in exceptional cases, up to the expiration of the maximum limitation period. If are obligated to retain certain data, we are entitled to store this data until the expiration of the periods named in Sections 257 German Commercial Code (HGB) and Section 147 tax code (AO). These periods are up to 10 years.

Do you have to provide your data?

Our events are a voluntary offer. However, for the registration we require you to provide at least your e-mail address, your (company) name and, in the event of chargeable events, your billing address; otherwise, we cannot send you a registration confirmation or an invoice. We need you to provide your name because otherwise, we cannot print out a name badge for the event and we cannot address you personally. Additional information is not required for participating in an event.

 

E-Mail: datenschutz@dornbach.de
As on: May 2018