Information in accordance with Articles 13, 14 and 21 of the General Data Protection Regulation (GDPR) and other data protection laws
1./ Who is responsible for data processing and who can I contact if I have any questions?
Our data controller is:
Name: Gerald Rackebrandt and Nicola Rackebrandt
Address: Waldweg 1-3, 22145 Braak
Fax: +49 40 737 500 – 50
Our data protection officer is:
Name: Andreas Frick
Company: Datenschutz Frick
Address: Diestelbarg 37, 21039 Börnsen
Fax: +49 40 697 026 50
2. / Why do we process your data and on what legal basis? / Is it possible to refuse data collection?
Our website collects a series of general data and information when you or an automated system accesses the website. This general data and information is stored in log files on our server. We may collect data about the browser types and versions used, the operating system used to access the website, information about the referring website, sub-websites used by the accessing system to access our website, the date and time of access to the website, an Internet protocol address (IP address), Internet service provider of the accessing system, and any other similar data and information that may be used in the event an attack on our IT systems. This general data and information cannot be used to identify the data subject. We need this information to render the content of our website correctly, to optimize the content of our website and to promote it, to ensure the ongoing functioning of our IT systems and the technology of our website, and to provide law enforcement authorities with the necessary information in the event of a cyberattack. We, therefore, analyse this anonymously collected data and information for statistical purposes and with the aim of increasing the data protection and data security of our company, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
2.1. To meet our contractual obligations
We use personal data (e.g. name and address), which you provide us voluntarily in connection with the conclusion of a contract or the initiation of a contract, on the basis of your associated consent (Article 6 (1) (a) GDPR). We then process this data in compliance with applicable laws and regulations (e.g. BDSG, TMG and GDPR).
We process the data required for performance of a contract or implementation of pre-contractual measures (e.g. to answer your questions) (Article 6 (1) (b) GDPR).
Without the provision of personal data, we cannot meet our contractual obligations (e.g. invoicing), or respond to your queries.
2.2 Other processing purposes (Article 6 (1) (f) GDPR)
If necessary, we process your data on the actual performance of the contract, to protect our legitimate interests or those of third parties (e.g.:
- consultation and exchange of data with credit agencies (e.g. SCHUFA) to determine credit or default risks and the need for a court order exemption or basic account;
- assessment and optimisation of procedures for needs analysis and direct marketing;
- advertising or market and opinion research, insofar as you have not objected to the use of your data for this purpose;
- assertion of legal claims and defence in legal disputes;
- measures to ensure IT security and to protect IT operations, hosting;
- prevention and investigation of criminal offences;
- measures to ensure building and plant security (e.g. access control);
- measures to safeguard property rights;
- measures for business management and further development of services and products.
3./ Who processes the data?
The personal information is used exclusively by the parties involved in executing the contract. This includes our processors that may receive data for the specified purposes (Article 28 GDPR. The legal basis for this is Article 6 (1) (a) and (b) GDPR). These are companies in the categories of IT services, logistics, printing services, telecommunications, debt collection, advice and consulting, as well as sales and marketing. We store the received data exclusively on our in-house servers, in part however also on servers of specialised service providers within Germany; these are:
- Revolutions Advertising GmbH, Paul-Dessau-Straße 3e, 22761 Hamburg
- Digital Dock GmbH, Haferweg 38, 22769 Hamburg
- STRATO AG, Pascalstraße 10, 10587 Berlin
At no time is data transferred to a third party that is not involved in executing the contract. Save for the distribution of our newsletter, personal data is not passed on to third countries or international organisations.
4./ How long will your data be stored?
If necessary, we process and store your personal data only for the period necessary to achieve the purpose of the storage or as provided by the European directives and regulations or other laws or regulations to which the controller is subject.It should be noted that our business relationship represents a long-term obligation.
If the data is no longer required for the purpose for which it was originally stored or if the storage period prescribed by the European directives and regulations or any other relevant laws expires, the personal data will be routinely deleted or blocked in accordance with the statutory provisions, so long as it is no longer required for the performance or initiation of a contract.
In addition, we are subject to various statutory retention and documentation obligations, in accordance with the provisions of HGB*, AO*, KWG* and AMLA*.
5./ Do you process data automatically?
We process your personal data when you place an order (name, order number, date) using our in-house IT system. This is partially automated to the extent necessary to meet our contractual obligations (Article 6 (1) (b) GDPR, Article 22 (2) (a) GDPR). We store this automated processed data on our own servers in our offices.
6./ Confidentiality of applications and data protection during the recruitment process
We collect and process the personal data of applicants to process job applications (Article 6 (1) (a) and (b) GDPR). The processing can also be done by electronic means. This is particularly the case if an applicant sends corresponding application documents to the controller by electronic means, for example, by email or via a web form available on the website. If you enter into an employment relationship with us, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If no employment contract is concluded with the applicant, the application documents shall be automatically deleted within two (2) months of sending the rejection to the applicant, provided that no other legitimate interests of the controller stand in the way of deletion. Another legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Act on Equal Treatment (Allgemeinen Gleichbehandlungsgesetz, or AGG).
8./ Right to lodge a complaint
You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes this GDPR.
The competent supervisory authority for Schleswig Holstein is:
Independent Centre for Privacy Protection Schleswig-Holstein
Holstenstraße 98, 24103 Kiel
Tel.: 0431 9881200
Fax: 0431 988-1223
10./ Use of Google Analytics
Given the debate about the use of analytical tools with full IP addresses, we would like to point out that this website uses Google Analytics with the extension "_anonymizeIp ()" meaning that IP addresses are processed in truncated form only, to exclude a direct personal connection.
11./ Google Plus
12./ Google maps
On our website we use an interactive map from Google Maps, a service of Google. When you visit this website, Google receives the information that you have accessed a particular sub-page of our website. In addition, the data specified in Section 3 of this policy will be transmitted. This takes place irrespective of whether you have a Google account that you are logged into. When you are logged into Google, your data will be directly linked with your account. If you do not wish this to be linked to your profile on Google, you must log out before clicking on the button. Google stores your data as usage profiles and uses them for purposes of advertising, market research and /or customisation of its website. Such an evaluation is carried out in particular (even for non-logged-in users) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles. To exercise this right, please contact Google directly.
If you are a Facebook member and do not wish Facebook to link your membership data saved with Facebook with data collected about your use of our Internet presence, you must log out of Facebook before visiting our website.
Our website uses social plugins (“Xing plugins") of the social media platform xing.com ("Xing"), which is operated by XING AG, Hamburg. Xing plugins are identifiable by one of the Xing logos or the word "Xing”.
If you access a page on our website that contains this social plugin, your browser establishes a direct connection with Xing servers. The content of the plugin is transferred directly by Xing to your browser and integrated by your browser into the website. By integrating the Xing plugin, Xing receives the information that your browser has accessed a particular page on our website. If you are logged into Xing, Xing can link the visit to your Xing account. For more information on the purpose and scope of collection, further processing and the use of data by Xing as well as your rights and the options available to protect your privacy, please refer to https://www.xing.com/privacy.
If you are a Xing member and do not want Xing to link your membership data saved with Xing with data collected about your use of our Internet presence, you must log out of Xing before visiting our website.
15./ Google AdWords
We use the online advertising program "Google AdWords" and the conversion tracking feature of Google AdWords. Google Conversion Tracking is an analytics service provided by Google Inc. When you click on an ad placed by Google, a conversion tracking cookie is stored on your computer. These cookies expire after 30 days, contain no personal data and cannot be used to identify any particular individual.
When you visit specific pages of our website and the cookie has not yet expired, we and Google can see that you have clicked on the ad and have been directed to this website.
Every Google AdWords customer receives a different cookie. It is therefore impossible for cookies to be tracked through the websites of advertisers. The information obtained with the help of the conversion-cookie is used to create conversion-statistics for AdWords customers who have opted-in to conversion tracking. In this way, AdWords customers learn how many users have clicked on their advertisement and have been redirected to a website provided with a conversion tracking tag. However, they do not obtain any information that could be used to identify any particular user.
If you do not want to participate in the tracking, you can object to this use by preventing the installation of cookies by changing the relevant setting of your browser software (deactivation option). As a result, you will not be included in the conversion tracking statistics.
This website also uses the social plugins from the social media platform Instagram ("Instagram plugins") operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram").
If you do not want Instagram to link the data collected on our website directly with your Instagram account, you must log out of Instagram before visiting our website.
Our website uses social plugins ("LinkedIn plugins") from the social media platform linkedin.com ("LinkedIn"), which is operated by the LinkedIn Ireland Unlimited Company, Ireland. The LinkedIn plug-ins are identified by one of the LinkedIn logos or the word "LinkedIn". If you access a page on our website that contains such a LinkedIn plugin, your browser establishes a direct connection with the LinkedIn servers. The content of the plugin is then transmitted by LinkedIn directly to your browser and integrated by your browser into the page. By integrating the LinkedIn plugin, LinkedIn receives the information that your browser has accessed a particular page on our website. If you are logged into LinkedIn, LinkedIn can link the visit to your LinkedIn account. For more information on the purpose and scope of collection, further processing and the use of data by LinkedIn as well as your rights and the options available to protect your privacy, please refer to https://www.linkedin.com/legal/privacy-policy.
If you are a LinkedIn member and you do not want LinkedIn to collect data about you through our website and link it to your saved LinkedIn membership data, you must log out of LinkedIn before visiting our website.
Our website uses social plugins ("YouTube plugins") from YouTube operated by Google Inc., San Bruno, California, USA.
If you access a page on our website that contains a YouTube plugin, your browser establishes a direct connection with YouTube servers. The content of the YouTube plugin is then transmitted by YouTube directly to your browser and embedded into the page. In this way, YouTube will receive information about the concrete pages of the website you have viewed even if you do not have a YouTube profile or you are not logged into YouTube. This information (including your IP address) is transmitted by your browser directly to a YouTube server in the US and stored there. If you are logged into YouTube, YouTube can link your visit to our website to your YouTube account. If you are also logged into your YouTube account, you will allow YouTube to link your browsing history directly with your personal profile.
If you are a YouTube member and you do not want YouTube to collect data about you through our website and link it to your saved YouTube membership data, you must log out of YouTube before visiting our website.
Our website also uses social plugins from the social media platform Twitter. Twitter is operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103. If you access a page on our website that contains a Twitter plugin, your browser establishes a direct connection with Twitter servers through which data is transmitted to Twitter. If you have a Twitter account, this data can be linked to it. If you want to prevent this information from being linked to your Twitter account, please log out of Twitter before visiting our website. Interactions, especially by clicking on the "Retweet" button, will also be shared with Twitter. For more information, please refer to https://twitter.com/privacy .
We use the "Campaign Monitor" service, a platform of the provider Campaign Monitor Pty Ltd, Sutherland, NSW, Australia, to send our newsletter. The email addresses used are stored on the servers of Campaign Monitor in the US and, if applicable, Germany and Australia. Campaign Monitor uses this information to send and evaluate the newsletters on our behalf. Furthermore, Campaign Monitor may use this data to optimise or improve their own services, e.g. technical optimisation of the dispatch and the appearance of the newsletter, or for commercial purposes, to determine the countries of origin of the recipients. However, Campaign Monitor will not use your email address to contact you. Campaign Monitor has undertaken to comply with the provisions of the GDPR and has taken extensive internal measures to make this happen. For more information on securing your data when using Campaign Monitor, please refer to https://www.campaignmonitor.com/trust/security/ .
You can cancel the subscription to this newsletter at any time. Details can be found in the confirmation email as well as in each individual newsletter.
21./ Chat and video chat
*Acronyms and abbreviations
General Data Protection Regulation
Bundesdatenschutzgesetz/ Federal Data Protection Act
Telemediengesetz/ German Telemedia Act
German Anti-Money Laundering Act
Handelsgesetzbuch/ German Commercial Code
Kreditwesengesetz/ German Banking Act
Abgabenordnung/ German Tax Code
Gesetz gegen den unlauteren Wettbewerb/ German Act against Unfair Competition