Privacy Policy
The following text provides information on how we process your personal data within the context of our online presence.
RESPONSIBLE
Lübeck und Travemünde Marketing GmbH
Holstentorplatz 1
23552 Lübeck
Email: info@luebeck-tourismus.de
Amtsgericht HRB 4540
Managing Director: Christian Martin Lukas
CONTACT DATA PROTECTION OFFICER
datenschutz(at)luebeck-tourismus.de
WHEN AND WHICH PERSONAL DATA DO WE PROCESS
We process your personal data in the following circumstances:
1. When you visit our website, the browser in use on your end device automatically sends information to our website’s server. This information is stored temporarily in a so-called log file. The following information is collected without any action on your part and is then stored until it is deleted automatically:
• IP address of the requesting computer
• Date and time of access
• Name and URL of the requested file
• Website from which access is effected (referrer URL)
• The browser being used and if app. the operating system of your computer and the name of your Internet provider
We also use cookies and analysis services when you visit our website. You can find more information about this under “Analysis Tools”.
2. Please use the form provided on our website to make contact with us if you have any questions. To use this form, you must provide a valid e-mail address so that we are aware by whom the enquiry was sent and to whom we should address our response. You may volunteer additional information as well.
3. If you wish to send us your application for an advertised position or on an unsolicited basis, we will process the documents and personal data you send us.
Unsolicited applications must include your name, address and other contact details, date and place of birth, and nationality, and your qualification papers. You may also provide us with additional data if you feel it would benefit your application for employment.
4. When you register for our newsletter we record your email address and your full name. We process the data you provide.
PURPOSE OF DATA PROCESSING
We only use the personal details you actively provide for the agreed purpose in each instance and only to the extent necessary.
1. We process this data for the following purposes:
• To guarantee smooth connection to the website
• To guarantee convenient use of our website
• To evaluate system security and stability
• For other administrative purposes.
The legal foundation for data processing is set out in Article 6(1) sentence 1(f) GDPR (General Data Protection Regulation). Our legitimate interest is inferred from the purposes of data collection as listed above. On no account will we use the data we collect to draw conclusions about you personally.
2. When you contact us we process data in accordance with Article 6(1) sentence1(b) GDPR and on the basis of a pre-contractual measure. The data can be recorded in our customer service system once a contract is concluded. The data is not processed for any other purpose.
3. Data processing in the context of application situations is for the purposes of establishing and conducting an employment relationship pursuant to Article 88 GDPR in conjunction with § 26 BDSG (German Data Protection Act). In the event of a positive decision, the personal data goes into our personnel file and is used for the purposes of “staff management”.
4. Providing you have given your explicit consent pursuant to Article 6(1) sentence 1(a) GDPR, we will use your email address to send you our regular newsletters.
CATEGORIES OF RECIPIENTS OF PERSONAL DATA
We do not transfer your personal data to third parties for purposes other than those listed below.
We only transfer your data to third parties if:
1. You have provided your explicit consent in this regard pursuant to Article 6(1) sentence 1(a) GDPR.
2. It is necessary pursuant to Article 6(1) sentence 1(f) GDPR for the establishment, exercise or defence of legal claims, and there is no reason to assume that you have an overriding interest in your data not being transferred.
3. It is necessary for compliance with a legal obligation pursuant to Article 6(1) sentence 1(c) GDPR.
4. It is lawfully permitted and necessary for the performance of a contract with you pursuant to Article 6(1) sentence 1(b) GDPR.
We do not transmit your data to third countries unless you have given us your consent.
DURATION FOR WHICH PERSONAL DATA IS STORED
1. Cookies are stored on your browser as so-called session cookies, which means your browser deletes them automatically when you leave the website. The duration for which they are stored depends in this instance on the technical functionality of the browser you are using.
2. With regard to personal data that is sent to us in relation to a contact request on our website, we only store this while we process the request. If a contract is concluded, the data you provide may regularly be stored in our customer service system for 10 years, unless there is another legal obligation for us to store the data for longer.
3. Personal data collected in relation to an application is subject to the following retention periods:
• Rejection: The data is stored for a minimum of three months. In turn, the longest the data may be stored is for a maximum of six months.
• Employment: Our retention periods apply. You will be provided with the information relevant to you when your application is accepted.
4. In any event, the personal data you provide will only be stored until you withdraw your consent.
Please be advised that we delete your data if we are not permitted to store it (especially if the data is incorrect and correction is not possible). Blocking may be used instead of deletion, providing there are no legal or factual obstacles (for example, special retention obligations due to requirements of commercial and fiscal law).
RIGHT OF OBJECTION
Insofar as your data is processed based on legitimate interests pursuant to Article 6(1) sentence 1(f) GDPR, you are entitled pursuant to Article 21 GDPR to object to the processing of your personal data, provided there are grounds relating to your particular situation or your personal data being processed for direct marketing purposes. You are always entitled to object in the latter case; we will comply with this objection without requiring that you provide particular circumstances.
To exercise your right to withdraw consent or object, please send an email to datenschutz(at)luebeck-tourismus.de.
RIGHT TO INFORMATION, CORRECTION, DELETION, RESTRICTION
You have the right to information about the personal data relating to you and to the correction or deletion thereof, or to a restriction on processing. You are also entitled to withdraw consent to processing.
RIGHT TO DATA PORTABILITY
You have a right to the portability of the personal data held about you.
RIGHT TO COMPLAIN TO THE REGULATORY AUTHORITY
You have a right to complain to the competent regulatory authority.
PROVISION OF PERSONAL DATA
You are under no legal obligation to provide personal data.
There is no contractual obligation to provide us with personal data in the course of our business activity (if this is feasible anonymously). You may anonymise the data or remove the personal references.
AUTOMATED DECISION-MAKING INCLUDING PROFILING
We do not undertake automated profiling.
However, automated profiling may be used under certain circumstances with the aim of evaluating personal aspects, as we are obliged to combat money laundering, terrorism financing and crimes that endanger assets in accordance with statutory and regulatory requirements. Data evaluations (incl. checking statutory prescribed lists) are also performed in this context.
USE OF COOKIES
We use cookies on our website. These are small files created automatically by your browser and stored on your end device (laptop, tablet, smartphone etc.) if you visit our site. Cookies cause no harm to your end device and contain no viruses, Trojans or other malware.
Information is stored on the cookie that is produced in each case in relation to the specific end device being used. However, this does not mean that we can use it to identify you directly.
We use cookies to make it more convenient to use our website. We use so-called session cookies, for example, to detect that you have visited individual pages of our website. They are automatically deleted when you leave our site.
We use temporary cookies to optimise user friendliness, which are stored on your end device for a specific, defined period. If you revisit our site to use our services, the system automatically detects that you have visited before and the inputs and settings you have used, which means you do not have to enter these again.
We also use cookies to collect statistics on the use of our website, which we analyse in order to optimise our services on your behalf. These cookies allow us to detect automatically if you have visited before when you revisit our site. These cookies are automatically deleted after a defined period. The data processed by the cookies is required for the stated purpose of protecting our legitimate interests and those of third parties pursuant to Article 6(1) sentence 1(f) GDPR.
Most browsers accept cookies automatically. However, you can configure your browser to prevent any cookies being stored on your computer or to display a warning before a new cookie is created. However, if you deactivate cookies entirely this may mean that you cannot use all the features of our website.
GOOGLE MAPS
To make it easier for you to find us, we have integrated maps from the Google Maps service from Google LLC into our website via an API. In order to display the content in your browser, Google must receive your IP address. Otherwise, Google cannot provide you with this integrated content. The legal basis for this data processing is Art. 6 Para. 1 (b) GDPR, since the IP address is required in order to be able to provide you with the contents. In this processing, our cooperation with Google is based on a joint responsibility agreement pursuant to Art. 26 GDPR, which can be retrieved here.
For more information about Google's data processing practices, please see Google's privacy policy at https://www.google.de/intl/de/policies/privacy/.
ANALYSIS TOOLS
Tracking tools
The tracking measures we employ as listed below are performed on the basis of Article 6(1) sentence 1(f) GDPR. We use these tracking measures on the one hand to ensure a needs-based design and ongoing optimisation of our website. We also use tracking tools to collect statistics on the use of our website, which we analyse in order to optimise our services on your behalf. These interests are considered legitimate in the meaning of the regulation quoted above.
The data processing purposes and the data categories in each case can be inferred from the respective tracking tool.
1. Google Analytics
We use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”) for the purposes of needs/based design and ongoing optimisation of our website. This process includes the creation of usage profiles in pseudonymous form and the use of cookies. The information produced by the cookie about your use of this website, such as
• browser type/version
• operating system used
• referrer URL (the previously visited site)
• hostname of the accessing computer (IP address)
• time of the server request
is sent to a Google server in the USA and is stored there. This information is used to evaluate use of the website, to compile reports on website activities and to provide other services associated with use of the website and the Internet for the purposes of market research and needs-based design on these Internet pages. This information may also be passed on to third parties if this is legally required or if third parties process it on Google’s behalf. On no account will your IP address be associated with other Google data. The IP addresses are anonymised so that association is not possible (IP masking).
You can prevent the installation of cookies by adjusting the browser software accordingly. However, we must advise you that in such a case you may not be able to utilise all functions of this website to the full.
You can also prevent the capture of data produced by the cookie and related to your use of the website (incl. your IP address), as well as the processing of this data by Google, by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de)
Google also offers a deactivation option for the most common browsers, which gives you more control over which data Google records and processes. If you activate this option, no information on your website visit will be sent to Google Analytics. Activation does not prevent information being sent to us or to other web analysis services that we may choose to use. You will find more information on the deactivation option offered by Google and on how to activate this option via the following link: https://tools.google.com/dlpage/gaoptout?hl=de
As an alternative to the browser add-on, especially for browsers on mobile end devices, you can prevent recording by Google Analytics by clicking on the following link. This will create an opt-out cookie that will prevent your data being recorded when you visit this website in future. The opt-out cookie is only valid on this browser and only for our website and is stored on your device. If you have deleted all the cookies in your browser, you will need to reactivate the opt-out cookie.
2. Google AdWords Conversion Tracking
We also use Google Conversion Tracking to collect statistics on the use of our website, which we analyse in order to optimise your use of our website. A cookie is set by Google AdWords on your computer, if you accessed our website via a Google ad.
These cookies expire after 30 days and are not used for personal identification. If the user visits certain pages of the AdWords client’s website and the cookie has not yet expired, the client and Google will be able to tell that the user clicked the advert and was directed to this page.
Each AdWords client has a different cookie. Therefore, cookies cannot be tracked via the websites of AdWords clients. The information gathered using conversion cookies helps to generate conversion statistics for AdWords clients who have opted in to conversion tracking. AdWords clients can find out the total number of users who have clicked on their ad and were directed to a page provided with a conversion tracking tag. They do not, however, obtain any information that can be used to identify users personally.
If you do not want to be involved in the tracking process, you can also reject the setting of a cookie, e.g. by using the browser setting that disables the automatic setting of cookies in general. You can also disable cookies for conversion tracking by adjusting your browser settings to block cookies from the domain “googleadservices.com”. You can read Google’s data protection policy for conversion tracking here (https://services.google.com/sitestats/de.html).
3. Matomo (formerly Piwik)
We use the open-source software Matomo for analysis and statistical evaluation of the use of our website. Cookies are used in this context. The information produced by the cookie about website usage is sent to our server and collated into pseudonymous usage profiles. The information is used to evaluate use of the website and to facilitate a needs-based design of our website. The information is not passed to third parties.
On no account will the IP address be linked with any other data relating to the user. The IP addresses are anonymised so that association is not possible (IP masking). Your visit to this website is currently being recorded by Matomo Web Analytics. Click here (https://matamo.org/docs/privacy/) to prevent your visit being recorded.
4. Use of reCAPTCHA
To protect input forms on our site we use the “reCAPTCHA” service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter “Google”. Using this service enables the system to determine whether the corresponding information has been entered by a human or is the result of improper automated processing. To the best of our knowledge, Google receives information about the referrer URL, IP address, behaviour of the website visitor, the operating system, browser and length of visit, cookies, display settings and scripts, the user's input behaviour and mouse movements in the reCAPTCHA checkbox.
Google uses this information amongst other things to digitalise books and other print products and to optimise services like Google Street View and Google Maps (e.g. house number and road name recognition).
The IP address recorded by “reCAPTCHA” is not combined with other Google data, unless you are logged into your Google account when the reCAPTCHA plugin is used. If you wish to prevent data about you and your behaviour on our website being sent to and stored by Google, you must log out of Google before you visit our site and utilise the reCAPTCHA plugin.
Use of the information recorded by the reCAPTCHA service is subject to Google’s Conditions of Use (https://www.google.com/intl/de/policies/privacy/).
5. VG WORT
We use so-called tracking pixels on our site of the copyright collective VG WORT in the form of the scalable centralised measuring system (SZM) from provider INFOnline GmbH (INFOnline GmbH, Forum Bonn Nord, Brühler Str. 9, 53119 Bonn) to calculate statistics relating to the likelihood of texts being copied.
The data this produces is anonymised. To record the access numbers needed to recognise visitors, our website uses either a so-called session cookie or a signature, which is created from various pieces of information transmitted automatically by your browser. The IP address is only processed in this context in an anonymous form. Individual users are not identified at any point. This process is used to calculate the likelihood of individual texts being copied.
6. wordpress.com STATS
We use the Jetpack component on our website of Automattic Inc., 132 Hawthorne Street, San Francisco, CA 94107, USA, using the technology of Quantcast Corp., 201 Third Street, 2nd Floor, San Francisco, CA 94103, USA. Each time our site is accessed, data on web analysis is collected and stored in the USA using cookies. Cookies are small text files that are stored in the cache of the visitor’s Internet browser, enabling the visitor’s Internet browser to be recognised. However, the IP address is anonymised straight after processing before it is stored. You can prevent the installation of cookies and delete stored cookies by changing the settings on your browser software; but we must advise you that this may prevent you from enjoying the full functionality of our website.
You can prevent the Jetpack component from recording and using the data in the future by creating an opt-out cookie on your browser via www.quantcast.com/opt-out. You will need to repeat this process if you delete all the cookies on your browser.
7. Social media
We maintain an online presence on social networks and platforms in order to help us communicate with customers, potential customers and users who are active on them and to inform them there about our services.
We draw your attention to the fact that, in this process, your data as a user may be processed outside of the European Union. This may entail risks for users, as, for example, it may be more difficult to enforce the implementation of user rights. With regard to US providers certified under the Privacy Shield, we would like to point out that they have undertaken to meet the EU data protection standards.
Furthermore, the user data are usually processed for market research and advertising purposes. For example, user profiles can be created from user behaviour and the interests derived from them. Moreover, the user profiles can be used, for example, to run ads within and outside platforms which presumably match users' interests. For these purposes, cookies are usually stored on the computers of the users in which user behaviour and the interests of the users are saved. In addition, data may also be saved in the user profiles independently of the devices used by the users (particularly if the users are members of the relevant platform and are logged in there).
Furthermore, we use social plugins from the social networks Facebook, Twitter and Instagram on our website in order to make our company better known. We have embedded this plugin by means of the so-called two-click method in order to ensure the best possible protection for users of our website.
The processing of users' personal data is carried out on the basis of our legitimate interests in effective information for users and communication with users pursuant to Art. 6 Para. 1 point (f) GDPR. If the users are requested by the respective providers of the platforms to give their consent to the aforementioned data processing, the legal basis for the processing is Art. 6 Para. 1 point (a), Art. 7 GDPR.
Please refer to the providers' links below for a detailed description of the processing concerned and your options to object to it (opt-out).
If you require information or wish to assert your rights as a user, we would point out that here, too, such purposes can be most effectively pursued with the providers. Only the providers have access in each case to users' data and can intervene accordingly or provide information. If you still require any assistance, please do not hesitate to contact us.
Google/ YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) - Privacy Policy https://policies.google.com/privacyOpt-Out
https://adssettings.google.com/authenticated
Privacy Shield https://www.privacyshield.gov/participant?id=a2zt000000001L5AAItatus=Active.
Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) - Privacy Statement / Opt-Out instagram.com/about/legal/privacy/.
Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA) - Privacy Statement / Opt-Out https://about.pinterest.com/de/privacy-policy.
1. YouTube videos
We embed YouTube videos on some of our web pages. The corresponding plugin is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page with the YouTube plugin, a connection is established with the YouTube servers. Information about which of our pages you have visited is then sent to the YouTube server. If you are logged into your YouTube account, YouTube is able to attribute your surfing behaviour directly to you personally. You can prevent this by logging out of your YouTube account beforehand.
If a YouTube video is started, the provider uses cookies to gather information about user behaviour.
If you have deactivated cookie storage for the Google Ad program, you will not have to contend with such cookies when watching YouTube videos either. YouTube also records non-personal usage information in other cookies. If you would like to prevent this, you will need to block cookie storage on your browser.
More information on YouTube data protection is available in the provider’s privacy policy at www.google.de/intl/de/policies/privacy/
2. Facebook
Data controller with whom the service is operated jointly ('platform operator'):
Facebook Ireland Ltd.,
4 Grand Canal Square,
Grand Canal Harbour,
Dublin 2, Ireland.
In an agreement pursuant to Art. 26 (1) GDPR, the parties jointly responsible determined who fulfilled which obligation pursuant to the GDPR.
The agreement within the meaning of Art. 26 (1) GDPR can be found at the following link: www.facebook.com/legal/terms/page_controller_addendum The platform operator makes the essential contents of this agreement available to the persons concerned.
Contact details for data protection:
The contact details for data protection can be found in our data protection declaration linked here or the data protection officer of the platform operator can be contacted using the following web form:
https://www.facebook.com/help/contact/540977946302970
Categories of data subjects:
Registered and unregistered visitors of our fanpage in the social network.
Categories of personal data:
Data that we process from registered visitors to our fan page:
User ID under which you have registered, released profile data (e.g., name, profession, addresses, contact data, possibly also special categories of personal data such as religious affiliation, health data, etc.), data that is generated during content sharing, message exchange and communication, data that is required within the framework of contract processing at the request of registered visitors. Otherwise, we process only pseudonymised data such as statistics and insights on how our fan page, the articles, pages, videos and other content provided through it is interacted with (page activities, page views, "Like" information, reach, impressions, link click-throughs, purchases on our website, general demographic, location and interest-related information on age, gender, country, city, language, relationship status, education, family status, occupation, etc.), evaluations of the success and backgrounds of our advertisements, other analyses and measurements of "Like" information, comments and shared articles.
The pseudonymised data cannot be merged by us with the corresponding attribution feature (e.g., name details). This does not allow us to identify individual visitors, who therefore remain anonymous to us.
Data that we process from non-registered visitors to our fan page:
Pseudonymised data such as statistics and insights on how our fan page and advertisements, the articles, pages, videos and other content provided about it are interacted with (page activities, page views, "Like" information, reach, impressions, link click-throughs, purchases on our website, general demographic, location and interest-related information on age, gender, country, city, language, relationship status, education, family status, occupation, etc.), evaluations on the success and backgrounds of our advertisements, other analyses and measurements. The pseudonymised data cannot be merged by us with the corresponding attribution feature (e.g., name details). This does not allow us to identify individual visitors, who therefore remain anonymous to us.
Data that the platform operator processes about registered and unregistered visitors to our fan page can be found at the following link:
https://www.facebook.com/privacy/explanation
Origin of data
We receive the data from the persons concerned directly or from the platform operator.
Legal basis of data processing
We process the data on the basis of the following legal bases:
- Art. 6 para. 1 point (a) GDPR: Consent of the data subjects
- Art. 6 para. 1 point (b) GDPR, if applicable: Performance of a contract with the data subject or implementation of pre-contractual measures at the request of the data subject
- Art. 6 para. 1 point (f) GDPR legitimate interest
- Optimization of our fanpage and contributions
- Promoting sales of our products and services or demand
Simplification of communication and data exchange
We process special categories of personal data, if at all, only on the basis of the following legal bases:
- Art. 9 para. 2 point (a) GDPR: Consent of the data subject
Art. 9 para. 2 point (e) GDPR: The data subject has manifestly made the personal data public
The legal basis on which the platform operator bases data processing can be found at the following link:
https://www.facebook.com/about/privacy/legal_bases
If the persons concerned are tracked by collecting their data, whether through the use of cookies or comparable techniques, or by storing the IP address, the platform operator shall obtain the consent of the persons concerned in advance. In particular, the platform operator is obliged to inform the persons concerned for what purposes and on what legal basis the first call of a fan page generates entries in the so-called local storage even for non-registered visitors, and whether the personal data of non-registered visitors (e.g., IP address or other data that condenses into personal data) are also used to create profiles.
Purposes of data processing
The data will be processed for the following purposes:
- Public image and advertising
- Communication and data exchange
- Event management
Contract initiation and execution, where necessary
Storage period
Storage and deletion of the data is the duty of the platform operator according to the agreement within the meaning of Art. 26 para. 1 GDPR: The information in this regard can be found at the following link:
https://www.facebook.com/privacy/explanation
Categories of recipients
The data processed by us can be accessed only by our employees and service providers who maintain our fan page and require the data for the above-mentioned purposes. If the persons concerned publicly post their data on our fan page, these can be accessed by other registered and possibly also non-registered visitors.
The following link lists the recipient categories to which the platform operator discloses the data or enables registered visitors to disclose their data, as well as information on internal data exchange within the group:
https://www.facebook.com/privacy/explanation
Data transfers to third countries
If the data subjects publicly post their data on our fan page, these can be accessed by other registered and possibly also non-registered visitors worldwide.
Within the framework of the operation of our fan page, the data is also transmitted by the platform operator to third countries.
The associated data transfers to third countries are secured by an adequacy decision of the EU Commission pursuant to Art. 45 GDPR, or by suitable guarantees pursuant to Art. 46 GDPR:
https://www.facebook.com/privacy/explanation
Facebook Inc. is Privacy Shield certified:
https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
Due to the agreements on the EU-US Privacy Shield, Facebook must therefore also grant the persons concerned various rights, which they can then assert directly against Facebook.
Involved logic and scope of a profiling or an automated individual decision based on the collected data
If the persons concerned are tracked by collecting their data, whether through the use of cookies or comparable techniques, or through the storage of the IP address, the platform operator is obliged, in accordance with the agreement within the meaning of Art. 26 para. 1 GDPR, to inform about this. In particular, the platform operator is obliged to inform the persons concerned of the purposes and legal basis if a session cookie and three cookies with lifetimes between four months and two years are stored after a subpage within our fan page has been called up.
The information in this regard can be found at the following link:
https://www.facebook.com/privacy/explanation
https://www.facebook.com/policies/cookies/
Rights of data subjects
The joint controllers must grant the data subjects various rights with regard to the processing of their data, which these may assert pursuant to the agreement within the meaning of Art. 26 para. 1 GDPR, directly against the platform operator:
https://www.facebook.com/privacy/explanation
Data subjects have a right to access, rectify or delete personal data concerning them or a right to limit data processing by the data controller if certain conditions are met in accordance with Art. 15 to Art. 18 GDPR. Data subjects also have the right to revoke their consent to the processing of their personal data at any time with effect for the future (Art. 7 para. 3 GDPR). In addition, they may also object to the further processing of their data, which is based exclusively on the legitimate interest of the data controller in accordance with Art. 6 para. 1 point (f) GDPR (Art. 21 para. 1 GDPR), provided that their particular personal situation gives rise to legitimate interests in the exclusion of data processing and that there are no longer any compelling legitimate reasons for the data controller for further data processing. If personal data are processed for the purpose of direct marketing, data subjects have the right at any time to object to this processing with effect for the future (Art. 21 para. 2 GDPR). If the data processing is based on the consent of the data subject pursuant to Art. 6 para. 1 point (a), Art. 9 para. 1 point (a) GDPR or pursuant to Art. 6 para. 1 (b) GDPR on a contract with the data subject and is carried out using automated procedures, the data subjects may, pursuant to Art. 20 para. 1 GDPR, request that the personal data stored about them be retained in a structured, common and machine-readable format or that they be transmitted to a third party designated by the data subject.
In principle, data subjects have the right not to be subject to an automated individual decision pursuant to Art. 22 (1) GDPR. Where such an automated individual decision is permissible under Art. 22 para. 2 points (a) to (c) GDPR, data subjects are granted the following rights under Art. 22 para. 3 GDPR: The right to express one's point of view, the right of objection to obtain the intervention of a person on the part of the person responsible, the right to be able to contest the automated individual decision (right of appeal).
Furthermore, data subjects have the right to lodge a complaint with a supervisory authority if they are of the opinion that the processing of their personal data violates the General Data Protection Regulation, Art. 77 GDPR. The supervisory authority responsible for the platform operator is:
Data Protection Commission,
21 Fitzwilliam Square, Dublin 2,
D02 RD28, Ireland.
Web address gdprandyou.ie/contact-us/
3. Twitter
Plugins for the short messaging network of Twitter Inc. (Twitter) are integrated in our web pages. The Twitter plugins (tweet button) are indicated by the Twitter logo on our site. Click here for an overview about tweet buttons (https://about.twitter.com/resources/buttons).
When you access a page on our website that contains such a plugin, your browser establishes a direct connection with the Twitter server. Through this, Twitter is provided with information that you have accessed our website with your IP address. If you are logged into your Twitter account when you click on the Twitter “tweet” button, you can link the contents of our website to your Twitter profile. Through this, Twitter can attribute your visit to our website to your user account. Please note that as the provider of this website we have no knowledge of the contents of the data transmitted nor of its use by Twitter.
If you do not wish Twitter to be able to attribute the visit to our site to your Twitter user account, please log out of your Twitter user account. For more information on this, please see Twitter's privacy statement (https://twitter.com/privacy).
4. Instagram
Our website also uses so-called social plugins from Instagram, which is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). The plugins are indicated by an Instagram logo, in the form of an “Instagram Camera”, for example.
When you access a page on our website that contains such a plugin, your browser establishes a direct connection with the Instagram servers. The content of the plugin is transmitted directly to your browser by Instagram and embedded in the page. The embedded plugin informs Instagram that your browser has accessed the corresponding page of our website, even if you have no Instagram profile or are not logged in to Instagram at the time.
This information (including your IP address) is sent by your browser directly to an Instagram server in the USA and stored there. If you are logged into Instagram, Instagram can link the visit directly to your Instagram account. If you interact with the plugins, e.g. by clicking the “Instagram” button, this information is likewise sent directly to an Instagram server and stored there.
The information is also published on your Instagram account and is visible to your contacts.
If you do not wish Instagram to attribute the data collected about our web presence directly to your Instagram account, you must log out of Instagram before visiting our website.
For more information on this, please see Instagram’s privacy statement (https://help.instagram.com/155833707900388).
5. Pinterest
Our website uses plug-ins from the social network Pinterest, which is operated by Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA ("Pinterest").
You can view the different logos that contain the plug-in (e.g., "Pin It button") at the following link: https://business.pinterest.com/pin-it-button/
When you visit a relevant page of our website that contains such a plug-in, a link is established between your computer and Pinterest's servers and the plug-in is displayed on the page by notifying your browser. Your IP address, as well as information regarding which of our pages you have visited, are transmitted to the Pinterest server in the USA. This applies regardless of whether you are registered or logged in at Pinterest. Transmission also occurs with users who are not registered and/or not logged in.
In addition, if you are a member of Pinterest and logged into Pinterest during the time you use the plug-in, the information collected about your site visit will be linked to your Pinterest account and shared with other users. Furthermore, in the case of interactions that are possible with the various Pinterest plug-ins, the corresponding information about you is collected and transmitted to Pinterest and stored.
If you do not want Pinterest to link and merge the information with your Pinterest account information, you must log out of Pinterest before visiting our website. Further information on the collection and use of data by Pinterest can be found at https://about.pinterest.com/de/privacy-policy
6. Xing
We use components of the network XING.com on our website. These components are a service of XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany.
Each time you retrieve one of our web pages that is equipped with such a component, this component causes the browser you are using to download a corresponding representation of the XING component.
To the best of our knowledge, XING does not store any of the user’s personal data about the retrieval of our website. Nor does XING store any IP addresses. Likewise, there is no evaluation of usage behaviour concerning the use of cookies in relation to the “XING” button. Please see the data protection notices for the XING Share button for more information on this (https://www.xing.com/app/share?op=data_protection).
7. LinkedIn
We use components of the network LinkedIn on our website. LinkedIn is a service of the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time you retrieve one of our web pages that is equipped with such a component, this component causes the browser you are using to download a corresponding representation of the LinkedIn component.
This process also informs LinkedIn about the specific pages you have visited of our web presence. If you are logged into your LinkedIn account when you click on the LinkedIn “Recommend” button, you can link the contents of our website to your LinkedIn profile. This allows LinkedIn to attribute your visit to our website to your LinkedIn user account.
We have no influence over the data that LinkedIn collects in this context, nor over the scope of this data collected by LinkedIn. Likewise, we have no knowledge of the content of the data transmitted to LinkedIn. Please see the LinkedIn data protection notices for details on LinkedIn’s data collection and on your rights and settings options (http://www.linkedin.com/legal/privacy-policy).
8. WhatsApp
WhatsApp is an instant messaging service provided by WhatsApp Inc., 650 Castro Street, Suite 120-219, Mountain View, California, 94041; USA. If you contact us via WhatsApp, your telephone number is sent to us automatically. We are also able to see your WhatsApp user name.
Please remember that confidentiality and data security are not guaranteed when using instant messaging services. If you have installed WhatsApp on your smartphone or mobile device and use this service, you have consented to WhatsApp’s General Terms and Conditions, over which we have no influence. This includes granting WhatsApp Inc. access to your telephone number and the contacts stored on your mobile device. Data is also stored on WhatsApp servers, which are not subject to European data protection law. We are not liable for damages that arise from use of the corresponding platforms. We have no influence over the data that WhatsApp collects in this context, nor over the scope of this data collected by WhatsApp. Likewise, we have no knowledge of the content of the data transmitted to WhatsApp. Please see the WhatsApp data protection notices for details on WhatsApp’s data collection and on your rights and settings options (http://www.linkedin.com/legal/privacy-policy).
DATA SECURITY
When you visit our website, we use the standard SSL method (Secure Socket Layer) in connection with the highest encryption setting supported by your browser in each case. This will usually be 256-bit encryption. We revert to 128-bit v3 encryption if your browser does not support 256-bit technology. The closed key or lock icon in the lower task bar of your browser indicates whether the individual page in our website is transmitted in an encrypted form.
We otherwise use suitable technical and organisational security measures to protect your data from accidental or deliberate manipulation, partial or complete loss, destruction, and from unauthorised access by third parties. Our security measures are revised continuously according to the state of the art.
UPDATES AND CHANGES TO THIS PRIVACY STATEMENT
This privacy statement is currently valid and was last updated in November 2019.
It may become necessary to amend this privacy statement in light of the development of our website and offers or because of new statutory or regulatory requirements. The latest version of the privacy statement can always be retrieved and printed from our website.