Privacy policy

Privacy statement of Entimo AG

As of: 25 May 2018

Below you will find details on the collection of personal data when you use this website. Personal data are all data that relate to you personally, that is e.g. name, address, email addresses, user behaviour.

Your data are collected, processed and used according to the provisions of the Telemediengesetz [Telemedia Act] (TMG) and data protection law, in particular the Bundesdatenschutzgesetz [Federal Data Protection Act] (BDSG) and the General Data Protection Regulation (GDPR). In the following privacy statement, we inform you about the collection of personal data from the data subject on and via our website pursuant to Art. 13 GDPR.

 

1. Collection of personal data during informational use

(1) If the website is used for purely informational purposes, that is, if you do not log in, register or otherwise transmit information to us when using the website, we do not collect personal data except those data transmitted by your browser. The purpose of this data collection is to enable you to visit the website and to ensure the functionality of the website. In addition, the data allow us to optimise the website and to ensure the security of our information technology systems. These data are:

– the IP address

– the date and time of the visit

– the content of the request (specific page visited)

– the data volume transmitted

– the browser used

– the operating system used

(2) In addition, cookies are stored on your computer when you use the website. Cookies are small text data that are stored on your hard drive and allocated to the browser you use. Through the cookies, certain data is sent to the entity that placed the cookie (in this case, us). A cookie typically includes the name of the domain from which the cookie was generated, the “lifetime” of the cookie and a value, as a rule a randomly-generated unique number. Cookies cannot execute any programmes or transmit viruses to your computer. The purpose of using cookies is to make our website more user-friendly and efficient. Some elements of our internet site require the accessing browser to be identifiable even after moving from one page to another.

This website uses transient cookies (session cookies) only. The cookies store a so-called session ID which allows various requests from your browser to be matched to the shared session. In this way, your computer can be recognised when you return to the website. Session cookies are deleted when you log out or close the browser.

You can configure your browser setting in accordance with your preferences and e.g. refuse to accept any third-party cookies, or all cookies. Information on managing and deleting cookies and instructions as to how to do this for standard browsers is available under www.meine-cookies.org. Please note, however, that in this case you may not be able to use all the functions of this website.

(3) This stored information is stored separately from any other data that may have been provided to us. In particular, cookie data are not linked with your other data, insofar as these other data have been transmitted to us.

 

2. Collection of personal data when you make contact

(1) If you get in touch with us as the website operator by using the contact option that is provided, your data are stored so that they can be used to process and answer your request. For this purpose, you must as a rule provide additional personal data which we use to perform the relevant service. We collect, process and use only those personal data that are necessary to deal with a request and/or to perform a contract concluded with us, or that you provide yourself. In particular, this includes the following inventory data and usage data:

- given and family name (consisting of form of address, title, given name and family name)

- telephone number

- email address

(2) Inventory data and usage data are used by us to deal with your request, where applicable to enter into a contract with you, to create the content of the contract and to amend or terminate it, to perform our contractual obligations, for user log-in on the website, and to contact you where you wish this or where it is necessary or legally permissible in the context of the contractual relationship.

Personal data are stored and processed within the European Union, except the data collected by the third-party providers named below.


3. Web Analysis Service

Google Analytics

If you have given your consent, Google Analytics, a web analysis service of Google Ireland Limited ("Google") is used on this website. The use includes the "Universal Analytics" operating mode. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thus analyze a user's activities across devices. This data protection notice is provided by www.intersoft-consulting.de.

Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users interact with the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, Google will reduce your IP address within Member States of the European Union or in other states party to the Agreement on the European Economic Area beforehand. We would like to point out that on this website Google Analytics has been extended to include IP anonymisation in order to ensure anonymous collection of IP addresses (so-called IP masking). The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. For more information on terms of use and data protection, please visit https://www.google.com/analytics/terms/gb.html or https://policies.google.com/?hl=en.

Purposes of the Processing
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services related to website and Internet use.

Legal Basis
The legal basis for the use of Google Analytics is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

Recipients or Categories of Recipients
The recipient of the collected data is Google.

Transfer to Third Countries
Personal data will be transferred to the USA under the EU-US Privacy Shield on the basis of the European Commission's adequacy decision. You can download the certificate here.

Duration of Data Storage
The data sent by us and linked to cookies, user-identifiers (e.g. User-IDs) or advertising-identifiers are automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month.

Rights of the Persons affected
You can revoke your consent at any time with effect for the future by blocking the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functionalities of this website to their full extent.

You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the Browser Add-on. Opt-out cookies will prevent future collection of your data when you visit this website. To prevent Universal Analytics from collecting data across different devices, you must opt-out on all systems used. If you click here, the opt-out cookie will be set: Disable Google Analytics


4. Deletion periods

Unless not otherwise stated in this privacy statement, we store your data only as long as is necessary for the purposes for which they were collected or processed, unless statutory retention periods require storage for a longer period. Hence, your personal data will be deleted after processing of your enquiry, unless otherwise agreed or required by law.

Inventory data will be deleted two years after the end of the contractual relationship on expiry of the calendar year, unless storage for a longer period is necessary and is permissible by law.

 

5. Sub-contractors and recipients of personal data

In the context of processing personal data, we employ sub-contractors and conclude agreements with these contracted processors in conformity with the requirements of Article 28 GDPR.

As sub-contractor hosting the website we use DesignJoomla, Inhaber Darius Liss.

 

6. Protection of personal data

We take technical and organizational measures in accordance with the requirements of Article 32 GDPR to protect the user’s personal data. All our employees involved in the processing of personal data are committed to data secrecy. The user’s personal data are encrypted by means of HTTPS when transmitted to the website.

 

7. Legal basis

In accordance with Article 13 GDPR we are informing you about the legal basis of our data processing.

  • Insofar as we obtain the consent of the person concerned for processing activities, Article 6 (1) a) GDPR is the legal basis.
  • When processing personal data necessary for performance of a contract in which the data subject is the contract party, Article 6 (1) b) GDPR serves as the legal basis. This also applies to steps that are necessary prior to entering into a contract.
  • Insofar as processing of personal data is necessary for compliance with a legal obligation to which our company is subject, the legal basis is Article 6 (1) c) GDPR.
  • The legal basis for the temporary storage of data and logfiles is Article 6 (1) f) GDPR.
  • The legal basis for the processing of personal data using technically-necessary cookies is Article 6 (1) f) GDPR.
  • If processing is necessary to safeguard a legitimate interest of our company or a third party and the interests, basic rights and fundamental freedoms of the data subject  do not override such an interest, Article 6 (1) f) GDPR serves as the legal basis for the processing.

If the processing of personal data is based on Article 6 (I) f) GDPR, our legitimate interest is the execution of our business activity to the benefit of the wellbeing of all our staff members and shareholders.

 

8. No automated decision-making / no profiling

We do not conduct any automated decision-making or profiling.

 

9. Rights of data subjects

The user and other data subjects have the following rights against us with regard to their personal data:

  • right of access to the relevant personal data (Article 15 GDPR)
  • right to rectification (Article 16 GDPR)
  • right to erasure (Article 17 GDPR)
  • right to restriction of processing (Article 18 GDPR)
  • right to object to processing if the data processing is on the basis of Article 6 (1) e) or f) GDPR (Article 21 GDPR); see also in this regard the information below on the right to object under Article 21 GDPR
  • right to data portability (Art. 20 GDPR)
  • right to revoke consent which has been granted at any time without affecting the legality of the processing that occurred on the basis of the consent until it was revoked, if the data processing was based on consent under Article 6 (1) a) or Article 9 (2) a) GDPR.

You also have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data by us (Article 77 GDPR).


10. Information on the right to object under Article 21 GDPR

A. Right to object on grounds relating to your particular situation

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) (public security) or (f) (data processing based on a weighing of interests) of Article 6 (1) GDPR, including profiling based on those provisions. In this case we shall no longer process the personal data unless we demonstrate compelling legitimate grounds for the data processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims

B. Right to object in the case of direct marketing

If we process your personal data for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data will no longer be processed for such purposes.

C. Exercise of the right to object

You can exercise the right to object without regard to any particular form, e.g. by sending a letter or email to the contact details provided below.  



11. Service provider / controller / contact details / objection / revoking consent

Service provider in accordance with Section 13 Telemediengesetz (TMG) and controller in the definition of the GDPR, other data protection laws that apply in the member states of the European Union and other data protection regulations is:

Entimo AG

Stralauer Platz 33-34

10243 Berlin

Tel.: +49 (0)30 / 520 024 100

Fax.: +49 (0)30 / 520 024 101

datenschutz(at)entimo.com

 

All requests for access, rectification and erasure, objections or revocations of consent, the assertion of the right to restriction of processing or the right to data portability as well as user comments or queries relating to data protection should be sent to this address.

 

12. Update of this privacy statement

From time to time it is necessary to adapt the content of this privacy statement. We therefore reserve the right to alter this statement at any time. We shall publish the amended version of the privacy statement in the same place as this privacy statement.