Go to homepage
€0.00*

Menu

Privacy Policy of Profine eSolutions GmbH for Placing Orders in our Online Shop


Welcome to our website and our online shops. Thank you for your interest in our company and our products. We take the protection of your personal data very seriously and process your data in accordance with the applicable legal provisions for the protection of personal data, in particular the EU General Data Protection Regulation (GDPR) and the country-specific implementation laws applicable to us. This privacy policy provides you with comprehensive information about the processing of your personal data by profine eSolutions GmbH and the rights to which you are entitled.

The way in which we process personal data is similar for most of our offers. This privacy policy therefore applies to the services and features of our online shop.

Personal data is information that makes it possible to identify a natural person, possibly also in connection with other data. This includes, in particular, title, name, date of birth, address, telephone number, e-mail address, order number, customer number, details of the payment method, but also your IP address.

Data is anonymous if no personal reference to the user can be established.

 

1. Responsible body and data protection officer

 

profine eSolutions GmbH

Zweibrücker Straße 200

66954 Pirmasens

Phone: +49 6331 56-1139

E-mail: info@profine-esolutions.com

 

Contact of the data protection officer:

mip Consult GmbH

Lawyer Asmus Eggert

Data Protection Officer

datenschutz@profine-group.com

 

2. Sources and origin of the data

We process personal data that we receive from you as part of the use of our website, the use of our online shop, when you register there and open an account or place an order as a guest and, if applicable, our business relationship.

If you use the website or our online shop for purely informational purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. When you visit our website, we collect the following access data, which is technically necessary for us to display our website to you and to ensure stability and security. The access data includes the IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (i.e. name of the specific website accessed), access status/HTTP status code, amount of data transferred in each case, referrer URL (previously visited page), operating system and its interface, language and version and type of browser software, notification of successful access.

We also receive your personal data if you contact us, e.g. by contact form, telephone or e-mail. Personal data here includes, for example, your name, address, e-mail address, telephone number and, if applicable, the data that you send us as a message. Depending on the type of enquiry, it may be necessary to provide further data. Please note that when communicating by e-mail, we cannot guarantee complete data security for this transmission method, so we recommend that you send information requiring a high level of confidentiality by post.

If you register in the online shop and open an account or place an order as a guest, we process all data required to open an account or process the order. This includes in particular: Name, address, e-mail.

 

3. Purpose and legal basis of data processing

When processing your personal data, we comply with the provisions of the GDPR, the BDSG and all other applicable data protection regulations. The legal basis for data processing arises in particular from Art. 6 GDPR.

 

3.1. Data processing for the implementation of pre-contractual measures at the request of the person

When you contact us (e.g. by web form, telephone or e-mail), your details will be processed to process the contact enquiry for the implementation of pre-contractual measures in the context of business initiation.

 

3.2. Data processing for the fulfilment of contractual obligations

If you wish to place an order in our online shop, it is necessary for the fulfilment of our contractual obligations that you provide your personal data, which we require for the purpose of processing your order. Mandatory information required for the fulfilment of contracts is marked separately, other information is voluntary. You can make your payment via PayPal, whereby the aforementioned payment service provider is independently responsible for payment processing. The legal basis for this is Art. 6 para. 1 sentence 1 lit. b GDPR. If you wish, you can create a customer account through which we can save your data for future purchases or place orders as a guest, i.e. without opening a customer account. When you create an account, the data you provide will be stored on a revocable basis. You can change and delete all other data at any time in the customer area.

 

3.3. Data processing for the fulfilment of legal obligations

Insofar as the processing of your personal data is necessary to fulfil a legal obligation to which we are subject, the data processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit c GDPR.

 

3.4. Data processing on the basis of your consent

If you have given us your consent to process personal data for specific purposes, in particular to contact you, e.g. to send newsletters or for the purpose of advertising by telephone, e-mail (direct advertising), the lawfulness of this processing is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

 

3.5. Processing to protect our legitimate interests or those of third parties

We may process your personal data to protect our legitimate interests or those of third parties. In particular, we pursue the following legitimate interests:

- Ensuring IT security, in particular the security of the website;

- Improvement of the website in terms of structure and content;

- Assertion of legal claims and defence in legal disputes;

 

3.6. Direct advertising to existing customers

If you have provided us with your e-mail address when purchasing goods, we reserve the right to regularly send you offers for similar goods or services, such as those already purchased, from our range by e-mail. In accordance with Section 7 (3) UWG, we do not need to obtain separate consent from you for this. In this respect, data processing is carried out on the basis of our legitimate interest in personalised direct advertising in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR in conjunction with. § Section 7 para. 3 UWG. If you have initially objected to the use of your email address for this purpose, we will not contact you by email. You have the option to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future, e.g. by clicking on the unsubscribe link at the end of our e-mails or by sending us a message using the contact options mentioned above. In the event of an objection, we will then no longer use your e-mail address for the purpose of direct advertising.

 

3.7. Storage of data on your end device or access to data located on your end device

We use cookies and similar technologies on our website. We store information on your end device because this is absolutely necessary in order to make our website available to you, Section 25 (2) No. 2 TDDDG. Data processing is carried out to safeguard our legitimate interest in the best possible functionality of the website in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

When you visit our website for the first time, you will also be asked whether you wish to consent to the setting of technically unnecessary cookies and the use of comparable technologies. The collection and storage of data, as well as any subsequent data processing associated with this, is only carried out on the basis of your express consent, § 25 para. 1 TDDDG, Art. 6 para. 1 sentence 1 lit. a GDPR.

If personal data is also processed by individual cookies or comparable technologies, the processing is usually carried out in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, to protect our legitimate interests, e.g. in the best possible functionality of the website and a customer-friendly and effective design of the page visit or in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR as a result of your consent.

 

4. Your rights as a data subject

Below we inform you about your rights as a data subject. These rights are standardised in Art. 15 - 22 GDPR. This includes:


The right to information (Art. 15 GDPR),

The right to erasure (Art. 17 GDPR),

The right to rectification (Art. 16 GDPR),

The right to data portability (Art. 20 GDPR),

The right to restrict data processing (Art. 18 GDPR),

The right to object to data processing (Art. 21 GDPR).


To assert these rights, please contact us using the contact details above:

You also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR in conjunction with Section 19 BDSG). You can find the supervisory authority responsible for you at https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

In addition, we have set up an effective complaints procedure and whistleblower system. You can find the link (https://profine-group.gt-wbs.com/sign-in).

 

Rights of objection:

You have the right to object at any time to the processing of personal data concerning you which is carried out on the basis of Art. 6 para. 1 sentence 1 lit. e GDPR (data processing in the public interest) and Art. 6 para. 1 sentence 1 lit. f GDPR (data processing on the basis of a balancing of interests); this also applies to profiling based on this provision within the meaning of Art. 4 No. 4 GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.

In individual cases, we process your personal data for direct marketing purposes. You have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

The objection can be sent to us informally using the contact details above.

 

5. Disclosure to third parties

We will only pass on your data to third parties within the framework of the statutory provisions or with the appropriate consent.

Service providers used by us may receive data for the above-mentioned purposes. These are companies in the categories: IT services, software, logistics, printing services, telecommunications, debt collection, advice and consulting as well as sales and marketing. These service providers may only process your data on our behalf under special conditions and only receive access to your data to the extent and for the period of time specified. Service providers are carefully selected and commissioned by us. If required by data protection law, a contract is concluded with these service providers to protect your data (so-called order processing contract in accordance with Art 28 GDPR). These processors are contractually bound by our instructions, have suitable technical and organisational measures in place to protect the rights of the data subjects, guarantee an appropriate level of data protection and are carefully monitored by us.

Otherwise, your data will not be passed on to third parties unless we are obliged to do so due to mandatory legal provisions (disclosure to external bodies such as supervisory authorities or law enforcement agencies).

 

Secure transfer of your data:

We use appropriate technical and organisational security measures to protect the data stored by us against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. The security levels are continuously reviewed in co-operation with security experts and adapted to new security standards.

The exchange of data to and from our website is always encrypted. We offer HTTPS as the transmission protocol for our website, using the latest encryption protocols. It is also possible to use alternative communication channels (e.g. by post).

 

6. Third country transfer

The data provided will be processed within the European Union and in the USA. When transferring data to the USA, we ensure that the recipients of the data are certified in accordance with the EU-U.S. Data Privacy Framework or that we agree EU standard data protection clauses with recipients without certification. If we base the data transfer on the EU standard data protection clauses, we will take additional security measures in order to protect your data and to achieve an appropriate level of protection for your personal data. You have the option of obtaining or viewing a copy of the EU standard data protection clauses. If necessary, we will obtain your express consent for the transfer of data to the USA.

 

7. Storage period of the data

We store your data for as long as it is required for the respective processing purpose. However, numerous retention periods mean that data must continue to be stored.

For security reasons (e.g. to investigate misuse or fraud), log file information is stored for a maximum of 30 days and then deleted. Data whose further storage is required for evidence purposes is excluded from deletion until the respective incident has been finally clarified.

Where necessary, we process your personal data for the duration of our business relationship, which also includes, for example, the initiation of a contract via a contact form or by email. Your data will be stored by us for as long as you maintain a customer account in one of our online shops.

In addition, we are subject to various retention and documentation obligations, including those arising from the German Commercial Code (HGB) and the German Fiscal Code (AO). The retention and documentation periods specified there are six to ten years.

In addition, we may retain data if you have given us your permission to do so or if legal disputes arise and we use evidence within the scope of statutory limitation periods, which can be up to thirty years; the regular limitation period is three years. If you assert your rights as a data subject, we will store the information provided to you in this regard until the expiry of the statutory limitation period in accordance with Section 31 (2) No. 1 OWiG, Section 41 (1) BDSG, Art. 83 (5) lit. b GDPR for 3 years. This period may be extended if the statutory limitation period is extended due to interruptions of the limitation period (e.g. in the context of enquiries by the supervisory authorities).

 

8. Obligation to provide the data

When you visit our website, you must provide the personal data that is required for technical or IT security reasons in order to use our website. If you do not provide this data, you will not be able to use our website.

When contacting us by form or e-mail, you only need to provide the personal data required to process your enquiry. Otherwise we will not be able to process your enquiry.

If your enquiry is aimed at concluding a contract or if the provision of data is necessary in the context of initiating a contract, failure to provide data may mean that we are unable to provide the intended service.

 

9. Cookies and comparable technologies


9.1 Cookies in general

We ourselves and the service providers we use process personal data on this website and use cookies and similar technologies, such as web storage or web beacons, in this context. These technologies can store information on your device or access information that is stored on your device (so-called client-based tracking).

Cookies are stored in the browser on the user's end device. They contain information that is stored about a visited page. The cookie is either sent to the browser by the web server or generated in the browser by a script (JavaScript). The web server can read this cookie information directly on subsequent visits to this page or transmit the cookie information to the server via a script on the website. If cookies are set, they generally collect and process certain user information such as browser and location data as well as IP address values to an individual extent. Some of these cookies are essential for the functioning of our website, while other cookies help us to improve our website by providing us with insights into how you use the website.

With web storage, information is stored locally in the cache of your browser. The stored information is either automatically deleted again after the browser window is closed ("session storage") or remains there so that it can be read again when you visit the website again ("local storage"), unless you delete your browser cache ("browser data").

Web beacons are 1×1 pixel-sized graphics that are integrated into websites or emails (newsletters) in various ways and are also used to collect and analyse user data.

You can prohibit the storage of cookies individually via the settings of your browser (you can find out how to set the cookie handling via the help page of the browser). You can find help on cookie management in the most common browsers at the following addresses:

 

- Mozilla Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox?redirectslug=cookies-loeschen-daten-von-websites-entfernen&redirectlocale=de 

- Internet Explorer: https://support.microsoft.com/en-gb/windows/manage-cookies-in-microsoft-edge-view-allow-block-delete-and-use-168dab11-0753-043d-7c16-ede5947fc64d

 

- Google Chrome: https://support.google.com/accounts/answer/61416?hl=en&sjid=5365290932663904308-EU


- Opera: https://www.opera.com/help


- Safari: https://support.apple.com/en-gb/guide/safari/sfri11471/mac

 

- Microsoft Edge:

https://support.microsoft.com/en-gb/windows/manage-cookies-in-microsoft-edge-view-allow-block-delete-and-use-168dab11-0753-043d-7c16-ede5947fc64d


Please note that disabling cookies may limit the functionality of this website.

Information about the specific use of the above-mentioned technologies, as well as the scope of the data collected in each case is provided in the following paragraphs.

 

9.2. Consent management with Usercentrics

To enable you to manage your consents conveniently, a consent banner is displayed when you first visit our website. For consent management, we use the consent management service of Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich ("Usercentrics"). You are given the opportunity to obtain information about the use of cookies and comparable technologies and the processing of personal data on our website and to give your consent to services requiring consent. Usercentrics processes the following data on our behalf to manage consents and to document the data protection-compliant obtaining of consents: Opt-in and opt-out data, referrer URL, user agent, user settings, a consent ID, as well as the time of consent and the consent type. This data is required in order to be able to allocate the consents granted to you or their revocation. Usercentrics stores this information in the web storage of your browser so that your individual settings are saved for further visits to our website and the banner is not displayed to you again each time. The consent data (consent and revocation of consent) is stored for three years.

Consent and device data is stored exclusively in the European Union (EU).

You can revoke your consent at any time with effect for the future by clicking the button on the right-hand side of the website.

 

Consent settings: 

Data is collected in accordance with Section 25 (2) no. 2 TDDDG, the subsequent data processing is carried out in accordance with Art. 6 (1) sentence 1 lit. c GDPR, as obtaining consent for the use of cookies and comparable technologies is required by law, and in accordance with Art. 6 (1) sentence 1 lit. f GDPR on the basis of our legitimate interest in providing a consent management service for our website visitors.

Further information on data processing can be found in Usercentrics' privacy policy at https://usercentrics.com/de/datenschutzerklaerung/.

 

10. Services

We use the services of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") on our website.

When using the following Google services, the data collected in this context is generally transmitted to a server in the USA.

Data is collected and stored in accordance with Section 25 (1) TDDDG and the subsequent data processing in accordance with Art. 6 (1) sentence 1 lit. a GDPR only on the basis of your express consent. You can revoke your consent at any time with effect for the future via the consent settings.

You can find more information on the processing of your data in the following paragraphs. Further information on the processing of your data by Google can be found in Google's data protection information at http://www.google.de/policies/privacy/.

 

a) Google Tag Manager

We use Google Tag Manager to integrate other third-party services, such as Google Ads or Google Analytics. The Google Tag Manager itself does not set any cookies, but Google receives your IP address when you use it.

Data processing is carried out in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR on the basis of our legitimate interest in effective tag management.

 

b) Google Ads Conversion Tracking

We use the online advertising programme "Google Ads" to place advertisements within the Google advertising network. In connection with this service, we use Google Ads Conversion Tracking to measure the success of our advertising campaigns and to achieve a fair calculation of advertising costs. We also aim to show you adverts that are of interest to you and to make our website more attractive to you.

With conversion tracking, Google sets a cookie when a user clicks on an ad placed by Google. If the user visits certain pages of this website, Google and we can recognise that the user has clicked on the ad and has been redirected to this page. The following data is processed as part of this service: the IP address, browser and device information, the referrer URL, the time of the visit, the cookie ID and general usage data, such as the adverts clicked on and the web request. The information collected using the conversion cookie is used to compile statistics. This tells us the total number of users who clicked on our advert and were redirected to our website. We do not receive any information with which users can be personally identified. The standard lifespan of Google Ads cookies is 30 days. The data is deleted as soon as it is no longer required for processing purposes.

You can find more information on the use of data for marketing purposes by Google on the overview page: https://www.google.com/policies/technologies/ads.

 

c) Google Ads Remarketing

We use Google Ads Remarketing as part of Google Ads. With the Google Ads remarketing function, we can target our customers within the Google advertising network.

Address users who have already interacted with our website.

The following data is processed: the IP address, browser and device information, the referrer URL, the time of the visit, the cookie ID, the web request and general usage data, such as the pages visited. Google uses this data to create pseudonymised user profiles. The data collected is stored for up to 13 months.

Any further data processing will only take place if you have consented to Google linking your internet and app browsing history to your Google account and using information from your Google account to personalise ads that you view on the web. In this case, if you are logged in to Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. You can opt out of personalised advertising at https://myadcenter.google.com/.

 

d) Google Analytics

We use the web analysis service Google Analytics. Google collects information on our behalf about the use of our website in order to analyse it and compile reports on the activities within this website. For these purposes, Google sets cookies on our website, which are stored on your end device.

The following data is processed as part of Google Analytics: the IP address and geographical location, browser and device information and the referrer URL. Information on the usage behaviour of our visitors on the website is also recorded. Google creates pseudonymised user profiles. The data collected is stored for 2 months.

For access originating from the EU, IP address data is only used to derive location data and then deleted immediately. They are not logged, are not accessible and are not used for other use cases. In Google Analytics 4, all data from devices located in the EU (based on the geographical location according to the IP address) is collected via domains and servers in the EU before the traffic is forwarded to Analytics servers for processing. Google's analytics servers are located in the USA.

 

e) Mouseflow

We use the web analytics tool "Mouseflow" from Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark on our website. Mouseflow helps us to analyse user behaviour on our website by recording mouse movements, scrolling and clicking behaviour.

Mouseflow collects various data to evaluate user behaviour on a website. This includes, among other things: Mouse movements, scrolling and clicks, browser type and version, operating system, language settings, device type (desktop, tablet, smartphone), screen resolution, IP address (only in anonymised form), visit duration (time spent on the website), visitor type (first visit or returning visitor), navigation (URLs visited), referrer URL, approximate location determination, anonymised keystrokes.

The collection and storage of this data is based on your consent (Section 25 (1) TDDDG).

We have concluded an order processing contract with Mouseflow in accordance with Art. 28 GDPR to ensure the protection of your data: https://mouseflow.com/legal/data-processing-agreement/

Detailed information on the processing of your data by Mouseflow can be found in Mouseflow's privacy policy: https://mouseflow.com/legal/privacy-policy/

 

10.3 Integration of YouTube videos

We have integrated YouTube videos into our online offering, which are stored on of Google Ireland Limited (registration number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) and can be played directly from our website. The legal basis for the use of YouTube is your consent to the collection and storage of data in accordance with Section 25 (1) TDDDG, as well as the subsequent data processing in accordance with Art. 6 (1) sentence 1 lit. a) and Art. 49 (1) sentence 1 lit. a GDPR.

The videos are integrated in such a way that data about you as a user is only transmitted to YouTube when you play the videos. We have no influence on the data transfer to Google that then takes place.

By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website and data on location (GPS data), IP address and devices used, including information about objects in the vicinity of your device, such as Wi-Fi access points, radio masts and Bluetooth-enabled devices as well as sensor data from your device (see YouTube data protection information from the provider). This takes place regardless of whether you are logged in to Google or YouTube. However, if you are logged in, your data may be assigned to your account. If you do not wish your data to be associated with your YouTube profile, you must log out before activating a video. If you are logged in, YouTube stores your data as user profiles and uses them for the purposes of providing the services, maintaining and improving the services, measuring performance, developing new services and providing personalised services, including content and advertisements. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

The data is also processed in the USA as part of this service. The information generated by the cookies about the use of our website is usually transferred to a Google server in the USA and stored there. There are corresponding risks associated with the processing of your data in the USA. By giving your consent via our cookie banner, you consent to the processing of your data in the USA despite potential access by US authorities, Art. 49 para. 1 sentence 1 lit. a GDPR.

Further information on the purpose and scope of data collection and its processing by YouTube can be found in the data protection information. There you will also find further information on your rights and setting options to protect your privacy:

You can find the YouTube data protection information at https://policies.google.com/privacy and you can opt out of personalised advertising at https://adssettings.google.com/authenticated.

 

11. Newsletter

If you subscribe to our e-mail newsletter, we will inform you regularly about our products. You will also receive exciting updates with the latest information and news about fashion at Kömmerling.

The only mandatory information for sending the newsletter is your e-mail address. In addition, you have the option of entering a name and your company for the purpose of addressing you personally in the newsletter. When you register for the newsletter, we store your IP address entered by the Internet Service Provider (ISP), as well as the date and time of registration, in order to be able to trace any possible misuse of your e-mail address at a later date.

Our email newsletters are sent via the newsletter tool "Brevo" from Sendinblue GmbH Köpenicker Straße 126, 10179 Berlin. Sendinblue processes the information provided when registering for the newsletter to send and statistically analyse the newsletter on our behalf. The emails sent contain so-called web beacons for statistical analysis. This makes it possible to determine whether a newsletter message has been opened and which links have been clicked on. Technical information is also recorded (e.g. the time of access, the IP address and browser and device information (e.g. the operating system). This data is used exclusively for the statistical analysis of newsletter campaigns and is not used to personalise the newsletter.

If you wish to withdraw your consent to data processing for statistical analysis purposes, you must unsubscribe from the newsletter. Data collection is carried out in accordance with Section 25 (1) TDDDG, downstream data processing in accordance with Art. 6 (1) sentence 1 lit. a GDPR, provided that you have expressly consented to the delivery of our newsletter by double opt-in procedure (DOI). This means that we will only send you an email newsletter if you have expressly confirmed to us that you consent to the sending of newsletters. We will then send you a confirmation e-mail asking you to confirm that you wish to receive future newsletters by clicking on a corresponding link. You can unsubscribe from the newsletter at any time by clicking on the link provided in the newsletter or by sending us a corresponding message via our contact options mentioned above. Once you have cancelled your subscription, your e-mail address will be deleted from our newsletter mailing list immediately.

Further information on data processing can be found in Sendinblue GmbH's privacy policy at https://www.brevo.com/de/legal/privacypolicy/.

 

12. Whistleblower System

Compliance with laws and internal regulations is a top priority for our company. With this in mind, we have added a whistleblower system to our compliance system. Employees, business partners and third parties have the opportunity to report irregular behaviour anonymously at any time.

We use the "INVENSITY" whistleblowing system from Invensity GmbH, Mainzer Straße 19, 65185 Wiesbaden. As part of our reporting procedure, information can be provided anonymously. To submit a report via our whistleblower portal, it is sufficient to provide information about the place, time and circumstances of the reportable circumstance in the description of the facts. Your report will be transmitted in encrypted form and, according to the information provided by the provider, in pseudonymised form, i.e. without attribution to a user and with your metadata removed. However, you can voluntarily disclose personal data about yourself as part of the reporting process. If you do not disclose any personal data, the recipients of the message will not be able to establish a personal reference to you.

The following data may (optionally) be processed as part of the whistleblower system in order to receive and clarify serious suspected cases of breaches of regulations: Details of the accused person (e.g. surname, first name, position and employment details), details of the suspected breaches of conduct. We ask the reporting persons to refrain from providing sensitive information about the accused persons, unless this is necessary for the description of your concern. However, we cannot rule out the receipt and thus the processing of special category personal data within the meaning of Art. 9 GDPR.

The establishment of the whistleblower portal serves to fulfil our legal obligations pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR in conjunction with. § 12 ff. HinSchG. In addition, we base the processing of personal data on our legitimate interest in preventing and combating corruption in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. By submitting the reporting form, the reporting persons consent to the processing of data concerning them, provided that they provide their personal data in the report (Art. 6 para. 1 sentence 1 lit. a GDPR). This consent can be revoked at any time with effect for the future.

 

 13. Automated individual case decision

When you access our website or contact us by form or email, we generally do not use fully automated decision-making in accordance with Article 22 GDPR. If we use these procedures in individual cases, we will inform you of this separately if this is required by law.

 

14. Our social media presence

You can find us on social networks and platforms so that we can also communicate with you there and inform you about our services.

We would like to point out that your data may also be processed outside the European Union when using social media networks or platforms and that the providers of the social networks generally process the data for market research and advertising purposes. Usage profiles can be created from the usage behaviour and resulting interests of users. These user profiles can in turn be used, for example, to place adverts within and outside the platforms that presumably correspond to the interests of the users. For this purpose, cookies and similar technologies may be stored on the user's end device, in which the user's usage behaviour and interests are stored. Other data may also be stored in these user profiles, in particular if the users are members of the respective platforms and are logged in to them.

We only link from our website to our company profiles on the respective social networks. Please note, however, that when you click on a link to the social networks, data is transferred to their servers. If you are logged in to the respective social network with your user name and password at this time, the information that you have visited our company profile on the respective social network from our website will be transmitted there and the respective provider can save this information in your user account.

In principle, we have no significant influence on the data processing of social networks. However, we receive statistics from the providers about the use of and visits to our company profiles in the social networks (e.g. information about the number of views, interactions such as likes and comments as well as summarised demographic and other information or statistics). Further information on the data used by the providers can be found in the providers' data protection information linked below.

If we receive personal data from you via the social networks (e.g. as part of a message) and process it exclusively ourselves, we are responsible for the data processing. In this case, you are entitled to the rights mentioned above in this data protection information. You can address your enquiries regarding data processing in the context of our company profiles to us using the contact details above. Please check carefully which personal data you share with us via social networks.

Insofar as the data transmitted by you via the social network is also or exclusively processed by the provider of the social network (Insights data), the respective provider is also responsible for data processing within the meaning of the GDPR in addition to us. In this respect, data processing is carried out on the basis of an agreement between jointly responsible parties in accordance with Art. 26 GDPR.

If you wish to assert rights against the provider of the social network in this regard, the easiest way to do so is to contact the respective provider directly. The provider knows both the details of the technical operation of the platform and the associated data processing as well as the specific purposes of the data processing. The contact details can be found in the data protection information linked below. We are also happy to support you in asserting your rights, insofar as this is possible for us.

The processing of users' personal data is generally based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. The legal basis is also Art. 6 para. 1 sentence 1 lit. b GDPR if we receive and process your data as part of a contract-related enquiry via our social media presence. The legal basis for the linking and operation of our company profiles in social networks, including the receipt of statistics on the use of our company profiles, is Art. 6 para. 1 sentence 1 lit. f GDPR based on our legitimate interest in our corporate communication in the respective social networks.

For information about the respective processing and the respective objection options, we refer to the data protection information of the providers linked below:

 

Facebook (Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland), social network - data protection information: https://www.facebook.com/about/privacy/, opt-out: https://www.facebook.com/settings?tab=ads, joint responsibility agreement: https://www.facebook.com/legal/terms/page_controller_addendum.

 

Instagram (Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland), online service for sharing photos and videos - Data protection information: https://help.instagram.com/519522125107875/?helpref=hc_fnav.

 

LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland), social network for maintaining existing and making new business contacts - data protection information: https://www.linkedin.com/legal/privacy-policy, opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

 

TikTok video portal for short video clips (TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland), video portal for short video clips with social network functions, data protection information: https://www.tiktok.com/legal/privacy-policy.

 

X (Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland), microblogging service - data protection information: https://twitter.com/de/privacy, opt-out: https://twitter.com/personalization.

 

YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), video portal - data protection information: https://policies.google.com/privacy, opt-out: https://adssettings.google.com/authenticated.

 

Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany), social network for maintaining existing and making new business contacts - data protection information / opt-out: https://privacy.xing.com/de/datenschutzerklaerung.

 

Vimeo (Vimeo, Inc. 555 West 18th Street, New York, New York 10011, USA), video portal - data protection information:


Upload in progress, please be patient ...