When using our website, personal data is collected by you. Personal data is all information with which you can be identified or which can be related to you personally.

In the following, you will find our comprehensive data protection notice in fulfilment of our duty to provide information, according to GDPR (EU General Data Protection Regulation) for the processing of your personal data when visiting our website.

1 Name and contact details of the Controller and the Data Protection Officer

The Controller according to Art. 4(7) GDPR is:

Carpus+Partner AG

represented by the CEO M.Re. Dipl.-Ing. Architect Tobias Ell
Forckenbeckstr. 61
52074 Aachen | Germany
Tel +49 (241) 88 75-0
E-mail info@carpus.de

The Data Protection Officer for Carpus+Partner AG can be contacted at the above address, for the attention of the Data Protection Officer or at datenschutz@carpus.de.

2 Server log data

When you visit our website, the following information is automatically sent to the server of our website by the browser used on your terminal device (so-called server log data):

  • IP address of the requesting computer,
  • date and time of the access,
  • time zone difference to Greenwich Mean Time (GMT),
  • name and URL of the retrieved file,
  • access status/HTTP status code,
  • respective transferred data volume,
  • website from which the access occurs (referrer URL),
  • browser used,
  • the operating system of your computer and its interface,
  • the name of your access provider and
  • language and version of the browser software.

This information is stored in a so-called logfile for the purpose of error analysis in the event of an error and automatically deleted after 7 days.

The legal basis for data processing is Art. 6(1) lit. f) GDPR. Our legitimate interest follows from the purposes listed below:

  • guaranteeing smooth-running connection establishment to the website,
  • guaranteeing convenient use of our website,
  • evaluation of the system security and stability, as well as
  • for additional administrative purposes.

In no event do we use the collected data for the purpose of drawing conclusions as to your personal details.

3 Cookies

We use cookies on our website. These are small files, which your browser creates automatically and are stored on your end device (laptop, tablet, smartphone or similar), if you visit our website. Cookies do not cause any damage on your end device, do not contain any viruses, Trojans or other malware.

Information is filed in the cookie, which arises in relation to the specifically used end device. However, this does not mean that we directly receive knowledge of your identity.

We use so-called session cookies, in order to make the use of our offer more pleasant for you. Session cookies store settings that you have made for the duration of the session. These cookies are automatically deleted after leaving our website.

For this, we also use permanent cookies to optimize the user friendliness, which are stored on your end device until their expiry date is reached or until they are deleted by the user. If you visit our website again, in order to use our services, it is automatically identified that you have already been with us and which entries and setting you have made, so you do not need to repeat them.

We have no influence on the duration of storage or deletion of cookies. The settings are made by the respective services or by the user himself.

When you visit our website for the first time – regardless of the page you land on – a cookie banner appears. The dialog box tells you what we use the cookies for and how long they are stored for. Some cookies are mandatory, while others help us to optimize our website design and analyze accesses to our website.

Mandatory Cookies
Individual setting options are not available to the visitor for mandatory cookies. The legal basis for the use of such cookies is Art. 6(1) lit. f) GDPR. Please see Section 4 for our legitimate interest.

Preferences, Statistics, Marketing
For all other cookies, you can decide for yourself which cookies can be set and select individual settings. Only cookies you have actively consented to in advance using the cookie banner will be set. The legal basis for using such cookies is Art. 6(1) lit. a) GDPR.

4 Cookiebot

As our website uses integrated third party services (e.g. Google) that process personal data, we are obligated to inform you of the use of these services and to ask for your consent before using them. All declarations of consent must be recorded as evidence.

On this website, we therefore use the “Cookiebot” service from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark for the following purposes:

  • To provide visitors with transparent information on the use of cookieS
  • Freedom of choice for visitors regarding the use of cookies
  • Storage of the user’s consent status regarding cookies

The legal basis for using Cookiebot is Art. 6(1) lit. f) GDPR. Our legitimate interests arise from the aforementioned purposes.

  • By granting permission using the cookie banner, the following data are collected:
  • The IP number of the end user in anonymized form (the last three digits are set to ‘0’) Date and time of consent
  • User agent of the end user’s browser
  • The URL from which the consent was sent
  • An anonymous, random and encrypted key
  • The permission status of the end user, which serves as evidence of consent

The data are stored for 12 months. After that, the banner opens again automatically for you to renew your permission.

Details on the security of the processing of data collected by Cybot can be found in the Cybot privacy policy at: https://www.cookiebot.com/de/privacy-policy/.

5 Matomo (formerly Piwik)

On this website, we use Matomo (formerly “Piwik”). Matomo is an open source software for the statistical analysis of visitor access. We use the Matomo software to optimize the quality of our website and the content presented on it. Using the statistics gathered on usage behaviour, we can improve our offer and make it more interesting for you as a user.

Matomo uses cookies which are saved on your computer and that enable an anonymous analysis of your website usage. It is not possible to infer a specific person because your IP address is anonymized immediately after processing and before it is saved. Processing of personal data for the above-mentioned purpose only takles place if you have given your consent in accordance with Art. 6(1) lit. a) GDPR.

We have concluded a contract with Matomo for commission data processing. More information about the data processing by Matomo can be found here: https://matomo.org/matomo-cloud-privacy-policy.

 

6 Google

On this website we use tools and plugins from Google (Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001). When using our website and the corresponding plug-ins, data is transferred to Google.

Please note that by calling up and using Google a transmission of data to third party countries (e.g. USA) can be implied. Due to the current legal position an adequate level of data protection concerning this data transfer cannot be guaranteed.

a Google Maps

We link to Google Maps on this website. This enables us to show our company location on interactive maps and make it easy for you to use our website. The legal basis for the use of Google Maps is in accordance with the aforementioned justified interests Art. 6(1) lit. f) GDPR.

Google Maps is only integrated on our website as a link to the respective service. After clicking the integrated text or image link, you will be redirected to the Google Maps site. User information is only transmitted to Google Maps after you have been redirected.

The IP address must be processed by Google in order for the map to be displayed. By visiting the website, Google also receives the information that you have accessed the corresponding sub-site on our website. If you have a Google account and are logged in, your data are allocated directly to your account. If you do not want the allocation to your profile with Google, you must log out before activating the map.

Google is responsible for the use of data by Google. Basic information about data processing by Google as well as about your rights in this regard and setting options for the protection of your privacy can be found in the privacy policies of Google and YouTube.

Please contact Google to assert rights as a person affected.

c YouTube

On this website we use plugins of the YouTube website operated by Google. This way, we can display videos directly on the website and allows you to conveniently use the video play function. The legal basis for the use of YouTube is your consent in accordance with Art. 6(1) lit. a) GDPR.

By visiting the website, YouTube receives the information that you have accessed the corresponding sub-site on our website. If you have a YouTube account and are logged in, your data are allocated directly to your account. If you do not want the allocation to your profile with YouTube, you must log out before activating the video.

Google is responsible for the use of data by Google. Basic information about data processing by Google as well as about your rights in this regard and setting options for the protection of your privacy can be found in Google’s privacy policy.Please contact Google to assert rights as a person affected.

 

7 Social media pages

We run a company page on each of the following platforms:
Xing
LinkedIn
Facebook
YouTube
Twitter

We run different company accounts on the platform instagram.

Social networks are only integrated on our website as links to the respective services. After clicking the integrated text or image link, you will be redirected to the site of the respective provider. User information is only transmitted to the respective provider after you have been redirected.

The data you enter on our social media pages, such as videos, images, comments, likes, public messages, etc., are published by the respective social media platform and never used or processed by us for other purposes. We only reserve the right to delete content if this should be necessary. If necessary, we share your content on our site and communicate with you via the social media platform. The legal basis is Art. 6(1) lit. f) GDPR. Data processing is carried out in the interest of our public relations work as well as communication and networking.

For certain processing operations, we and the platform operator jointly serve as the data controller within the meaning of Art. 26 GDPR. However, we only have limited influence on data processing by the operators of social media platforms. At the points where we can exert influence, we work within the framework of the possibilities available to us to ensure that the operator of the social media platform treats the data in accordance with data protection regulations. However, there are many areas in which we cannot influence data processing by the operator of a social media platform and do not know exactly what data they process.

The platform operator operates the service’s entire IT infrastructure, determines its own privacy policy and maintains its own relationship with you as a user (if you are a registered user of the social media service). Furthermore, the operator alone is responsible for all questions pertaining to your user profile data, to which we have no access as a company.

Please note that by calling up and using social media platforms a transmission of data to third party countries (e.g. USA) can be implied. Due to the current legal position an adequate level of data protection concerning this data transfer cannot be guaranteed.

Basic information about data processing by the provider of the social media platform as well as about your rights in this regard can be found in privacy policy of the respective provider:
Data Privacy Xing
Data Privacy LinkedIn
Data Privacy Facebook
Data Privacy Instagram
Data Privacy YouTube
Data Privacy Twitter

Please contact the respective social media provider to assert rights as a person affected, insofar as this concerns data that comes under the area of responsibility of the respective provider.

8 Recipients / disclosure of data

If not already mentioned above, data will not be passed on to third parties. However, we use service providers for the operation of this website (IT service providers, digital agencies). In this context, it may happen that a service provider becomes aware of personal data. We ensure that the service providers are carefully selected – especially in regard to data protection and data security – and take all measures required under data protection law for permissible data processing.

9 Rights of data subjects

You have the right to information about the personal data concerning your person processed by us. In the case of a request for information that is not made in writing, please understand that we may then request information from you that proves that you are the person you claim to be. Furthermore, you have a right of correction or deletion or to restriction of the processing, insofar as you are legally entitled to this. Moreover, you have a right of objection to the processing within the context of the statutory provisions. The same applies for a right to data portability.

Please contact the Data Protection Officer (datenschutz@carpus.de) to assert your rights as a data subject.

10 Right of revocation and right of objection

Insofar as the data processing is based on consent in accordance with Art. 6(1) lit. a) GDPR, you have the right to revoke your consent at any time with effect for the future. Notice of revocation does not effect the legality of the processing carried out before the revocation notice. By deleting the stored cookies on our website, you can revoke your consent to data processing by the respective services.

If your personal data are processed on the basis of legitimate interests in accordance with Art. 6(1) lit. f) GDPR, you have the right to lodge an objection against the processing of your personal data, in accordance with Art. 21 GDPR, insofar as reasons exist for this, which arise from your specific situation or if the objection is aimed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us, without indicating a specific situation.

If you wish to assert your right of revocation or your right of objection, it is sufficient to send an e-mail to datenschutz@carpus.de.

11 Right of complaint

If you see any reason to be dissatisfied with the handling of your data by us or if you think that the data processing is not in accordance with the law, please contact the Data Protection Officer by email (datenschutz@carpus.de). The majority of questions and problems relating to data protection law can probably be resolved quickly and easily. If your request has not been dealt with satisfactorily, you have regardless to this the right to complain to a data protection supervisory authority about the processing of personal data by us.

12 Data security

Within the website visit, we use the widely prevalent SSL procedure (secure socket layer) in conjunction with the respective highest encryption level, which is supported by your browser. You can identify whether an individual page of our Internet presence has been transferred using encryption, you can recognize this by the closed illustration of the key/lock symbol in the bottom status bar of your browser.

We also use appropriate technical and organizational security measures, in order to protect your data from accidental or malicious manipulation, partial or complete loss, destruction of from unauthorized access by third parties. Our security measures are continuously improved in accordance with technological developments.

13 Currency of and amendments to this data protection notice

We reserve the right to amend and update this data protection notice as required in compliance with the applicable data protection regulations. The respective current version applied for your visit.

This data protection notice applies as of: November 2022