When using our website, personal data is collected by you. Personal data is all information with which you can be identified or which can be related to you personally.
In the following, you will find our comprehensive data protection notice in fulfilment of our duty to provide information, according to GDPR (EU General Data Protection Regulation) for the processing of your personal data when visiting our website.
1 Name and contact details of the Controller and the Data Protection Officer
The Controller according to Art. 4(7) GDPR is:
represented by the CEO M.Re. Dipl.-Ing. Architect Tobias Ell
52074 Aachen | Germany
Tel +49 (241) 88 75-0
The Data Protection Officer for Carpus+Partner AG can be contacted at the above address, for the attention of the Data Protection Officer or at email@example.com.
2 Server log data
When you visit our website, the following information is automatically sent to the server of our website by the browser used on your terminal device (so-called server log data):
- IP address of the requesting computer,
- date and time of the access,
- time zone difference to Greenwich Mean Time (GMT),
- name and URL of the retrieved file,
- access status/HTTP status code,
- respective transferred data volume,
- website from which the access occurs (referrer URL),
- browser used,
- the operating system of your computer and its interface,
- the name of your access provider and
- language and version of the browser software.
This information is stored in a so-called logfile for the purpose of error analysis in the event of an error and automatically deleted after 7 days.
The legal basis for data processing is Art. 6(1) lit. f) GDPR. Our legitimate interest follows from the purposes listed below:
- guaranteeing smooth-running connection establishment to the website,
- guaranteeing convenient use of our website,
- evaluation of the system security and stability, as well as
- for additional administrative purposes.
In no event do we use the collected data for the purpose of drawing conclusions as to your personal details.
Information is filed in the cookie, which arises in relation to the specifically used end device. However, this does not mean that we directly receive knowledge of your identity.
We use so-called session cookies, in order to make the use of our offer more pleasant for you. Session cookies store settings that you have made for the duration of the session. These cookies are automatically deleted after leaving our website.
For this, we also use permanent cookies to optimize the user friendliness, which are stored on your end device until their expiry date is reached or until they are deleted by the user. If you visit our website again, in order to use our services, it is automatically identified that you have already been with us and which entries and setting you have made, so you do not need to repeat them.
We have no influence on the duration of storage or deletion of cookies. The settings are made by the respective services or by the user himself.
When you visit our website for the first time – regardless of the page you land on – a cookie banner appears. The dialog box tells you what we use the cookies for and how long they are stored for. Some cookies are mandatory, while others help us to optimize our website design and analyze accesses to our website.
Individual setting options are not available to the visitor for mandatory cookies. The legal basis for the use of such cookies is Art. 6(1) lit. f) GDPR. Please see Section 4 for our legitimate interest.
Preferences, Statistics, Marketing
For all other cookies, you can decide for yourself which cookies can be set and select individual settings. Only cookies you have actively consented to in advance using the cookie banner will be set. The legal basis for using such cookies is Art. 6(1) lit. a) GDPR.
As our website uses integrated third party services (e.g. Google) that process personal data, we are obligated to inform you of the use of these services and to ask for your consent before using them. All declarations of consent must be recorded as evidence.
On this website, we therefore use the “Cookiebot” service from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark for the following purposes:
- Storage of the user’s consent status regarding cookies
The legal basis for using Cookiebot is Art. 6(1) lit. f) GDPR. Our legitimate interests arise from the aforementioned purposes.
- By granting permission using the cookie banner, the following data are collected:
- The IP number of the end user in anonymized form (the last three digits are set to ‘0’) Date and time of consent
- User agent of the end user’s browser
- The URL from which the consent was sent
- An anonymous, random and encrypted key
- The permission status of the end user, which serves as evidence of consent
The data are stored for 12 months. After that, the banner opens again automatically for you to renew your permission.
On this website we use tools and plugins from Google (Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001). When using our website and the corresponding plug-ins, data is transferred to Google.
The data is generally transmitted to a Google server in the USA and stored there. Google is certified for the Privacy Shield EU-US data protection convention, which ensures compliance with the level of data protection applicable in the EU (see https://www.privacyshield.gov/EU-US-Framework).
a Google Analytics
On this website, we use Google Analytics, a web analytics service. If you have given your consent in accordance with Art. 6(1) lit. a) GDPR, the processing on this website is performed for the purpose of website analysis. Using the statistics gathered on usage behaviour, we can improve our offer and make it more interesting for you as a user.
We only use Google Analytics with active IP anonymization. This means that the user’s IP address is shortened by Google within member states of the European Union, or in other Contracting States to the Agreement on the European Economic Area, which prevents any direct reference to an individual.
With the function “demographic characteristics” reports can be generated, which contain statements about age, gender and interests of the website visitors. These data originate from interest-based advertising of Google and from visitor data of third-party providers. These data cannot be allocated to a specific person. You can deactivate these functions at any time in your Google account.
b Google Maps
We link to Google Maps on this website. This enables us to show our company location on interactive maps and make it easy for you to use our website. The legal basis for the use of Google Maps is in accordance with the aforementioned justified interests Art. 6(1) lit. f) GDPR.
Google Maps is only integrated on our website as a link to the respective service. After clicking the integrated text or image link, you will be redirected to the Google Maps site. User information is only transmitted to Google Maps after you have been redirected.
The IP address must be processed by Google in order for the map to be displayed. By visiting the website, Google also receives the information that you have accessed the corresponding sub-site on our website. If you have a Google account and are logged in, your data are allocated directly to your account. If you do not want the allocation to your profile with Google, you must log out before activating the map.
On this website we use plugins of the YouTube website operated by Google (YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA). This way, we can display videos directly on the website and allows you to conveniently use the video play function. The legal basis for the use of YouTube is your consent in accordance with Art. 6(1) lit. a) GDPR.
By visiting the website, YouTube receives the information that you have accessed the corresponding sub-site on our website. If you have a YouTube account and are logged in, your data are allocated directly to your account. If you do not want the allocation to your profile with YouTube, you must log out before activating the video.
6 Social media pages
We run a company page on each of the following platforms:
Social networks are only integrated on our website as links to the respective services. After clicking the integrated text or image link, you will be redirected to the site of the respective provider. User information is only transmitted to the respective provider after you have been redirected.
The data you enter on our social media pages, such as videos, images, comments, likes, public messages, etc., are published by the respective social media platform and never used or processed by us for other purposes. We only reserve the right to delete content if this should be necessary. If necessary, we share your content on our site and communicate with you via the social media platform. The legal basis is Art. 6(1) lit. f) GDPR. Data processing is carried out in the interest of our public relations work as well as communication and networking.
For certain processing operations, we and the platform operator jointly serve as the data controller within the meaning of Art. 26 GDPR. However, we only have limited influence on data processing by the operators of social media platforms. At the points where we can exert influence, we work within the framework of the possibilities available to us to ensure that the operator of the social media platform treats the data in accordance with data protection regulations. However, there are many areas in which we cannot influence data processing by the operator of a social media platform and do not know exactly what data they process.
Please contact the respective social media provider to assert rights as a person affected, insofar as this concerns data that comes under the area of responsibility of the respective provider.
7 Recipients / disclosure of data
If not already mentioned above, data will not be passed on to third parties. However, we use service providers for the operation of this website (IT service providers, digital agencies). In this context, it may happen that a service provider becomes aware of personal data. We ensure that the service providers are carefully selected – especially in regard to data protection and data security – and take all measures required under data protection law for permissible data processing.
8 Rights of data subjects
You have the right to information about the personal data concerning your person processed by us. In the case of a request for information that is not made in writing, please understand that we may then request information from you that proves that you are the person you claim to be. Furthermore, you have a right of correction or deletion or to restriction of the processing, insofar as you are legally entitled to this. Moreover, you have a right of objection to the processing within the context of the statutory provisions. The same applies for a right to data portability.
9 Right of revocation and right of objection
Insofar as the data processing is based on consent in accordance with Art. 6(1) lit. a) GDPR, you have the right to revoke your consent at any time with effect for the future. Notice of revocation does not effect the legality of the processing carried out before the revocation notice. By deleting the stored cookies on our website, you can revoke your consent to data processing by the respective services.
If your personal data are processed on the basis of legitimate interests in accordance with Art. 6(1) lit. f) GDPR, you have the right to lodge an objection against the processing of your personal data, in accordance with Art. 21 GDPR, insofar as reasons exist for this, which arise from your specific situation or if the objection is aimed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us, without indicating a specific situation. If you wish to assert your right of objection, it is sufficient to send an e-mail to firstname.lastname@example.org.
10 Right of complaint
You have the right to complain to a data protection supervisory authority about the processing of personal data by us.
11 Data security
Within the website visit, we use the widely prevalent SSL procedure (secure socket layer) in conjunction with the respective highest encryption level, which is supported by your browser. You can identify whether an individual page of our Internet presence has been transferred using encryption, you can recognize this by the closed illustration of the key/lock symbol in the bottom status bar of your browser.
We also use appropriate technical and organizational security measures, in order to protect your data from accidental or malicious manipulation, partial or complete loss, destruction of from unauthorized access by third parties. Our security measures are continuously improved in accordance with technological developments.
12 Currency of and amendments to this data protection notice
We reserve the right to amend and update this data protection notice as required in compliance with the applicable data protection regulations. The respective current version applied for your visit.
This data protection notice applies as of: June 2020.