celver AG, Zirkusweg 1, D-20359 Hamburg, Germany
Email address: info(at)celver.com
Link to company and legal information: http://celver.com/impressum/
Contact details of the data protection officer: DSB-CelverAG(at)he-c.de
Nature of processed data
Categories of data subjects
Visitors and users of the online presence (hereinafter we refer to data subjects collectively as “users”).
Purpose of processing
“Personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or by one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The term is broad and covers virtually every aspect of dealing with data. “Pseudonymisation” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person. “Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements. “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. “Processor” means a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.
Relevant legal bases
Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk in accordance with Article 32 GDPR. The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, transmission, ensuring availability and its separation. We have also put in place procedures that ensure the exercise of data subject rights, erasure of data and response to data risks. Furthermore, we take into account the protection of personal data even during development, or in the selection of hardware, software and procedures, in accordance with the principle of data protection by design and by default (Article 25 GDPR).
Cooperation with processors and third parties
If, in the context of our processing, we disclose data to other persons or companies (processors or third parties), transmit the data to them or otherwise grant access to the data, this will only take place if we are permitted to so by law, (e.g. where the transmission of the data to third parties, e.g. payment service providers is necessary for the performance of a contract pursuant to Article 6 (1) (b) GDPR), you have given consent, the processing is necessary for compliance with a legal obligation or for the purpose of our legitimate interests (e.g. the use of agents, web hosting providers, etc.). Where we engage third parties to process data on the basis of a so-called “data processing agreement”, this is done on the basis of Article 28 GDPR.
Transmission to third countries
Where we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or in the context of the use of third-party services or disclosure or transmission of data to third parties, processing will only take place if it is necessary to meet our pre-contractual or contractual obligations, you have given consent to processing, for compliance with a legal obligation or for the purpose of our legitimate interests. Without prejudice to legal or contractual permits, we process the data or have the data processed in a third country only if the requirements of Article 44 et seq. GDPR have been met. This means that processing is carried out, for example, on the basis of special guarantees, such as the officially recognised assessment of the adequacy of the level of data protection (e.g. the “Privacy Shield” in the US) or in compliance with officially recognised contractual obligations (so-called “standard contractual clauses”). We transfer personal data to the following third countries:
Personal data collected by ClickDimensions is processed and stored exclusively on European servers in the Netherlands and remains within the EU.
Rights of data subjects
Under Article 15 GDPR, you have the right to obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and other information, as well as a copy of the personal data undergoing processing. Under Article 16 GDPR, you have the right to have inaccurate personal data rectified and incomplete personal data completed. You have the right to obtain the erasure of personal data concerning you without undue delay under Article 17 GDPR or, alternatively, you have the right to obtain restriction of processing under Article 18 GDPR. Under Article 20 GDPR, you have the right to receive the personal data concerning you, which you have provided to us and have the right to transmit those data to another controller. Under Article 77 GDPR, you have the right to lodge a complaint with the competent supervisory authority.
Right to withdraw
Under Article 7 (3) GDPR, you have the right to withdraw your consent with effect for the future Under Article 21 GDPR, you have the right to object to the future processing of data concerning you at any time. Users have, in particular, the right to object to the processing of their data for direct marketing purposes.
Cookies and the right to object to direct marketing
Erasure of data
We process our clients’ data as part of our contractual services, which include conceptual and strategic consulting, campaign planning, software and design development/consulting or maintenance, implementation of campaigns and processes/handling, server administration, data analysis/consulting services and training services. We process user data (e.g., customer master data, such as names or addresses), contact data (e.g., e-mail, telephone numbers), content data (e.g., text entries, photographs, videos), contract data (e.g., subject of the contract, term), payment data (e.g., bank details, payment history), usage and metadata (e.g. in the context of evaluating and measuring the effectiveness of marketing measures). In principle, we do not process special categories of personal data, unless their processing is required under the terms of a contract. Data subjects include our clients, prospective clients, as well as their customers, users, website visitors or employees, and third parties. The purpose of processing is to provide contractual services, billing and our customer service. The legal basis for processing is Article 6 (1) (b) GDPR (contractual services), Article 6 (1) (f) GDPR (analysis, statistics, optimisation, technical and organisational measures). We process data that are necessary for the establishment and performance of the contractual services, and we advise our contractual partners of the need to disclose this data. We only disclose data to third parties or companies if this is necessary under the terms of the contract. When we process data on behalf of a client, we process the data only on instructions of the client and compliance with the legal requirements set out in Article 28 GDPR, and we do not process the data for a purpose other than those set out in the data processing agreement. We will erase the data if the data is no longer necessary to comply with our warranty and similar obligations, whereby we review the necessity to store the data every three years; Where we are required to retain data by law, we will erase the data after the expiry of the statutory retention period (6 years under Article 257 (1) of the Commercial Code (HGB), 10 years under Article 147 (1) of the Tax Code (AO). In the case of data that was disclosed to us by a client under the terms of a contract, we will erase the data in accordance with the contract typically after the contract has been completed.
We process the data of our contractual partners and prospective customers as well as other customers, clients or contractual partners (hereinafter referred to collectively as “contractual partners”) in accordance with Article 6 (1) (b) GDPR where the processing is necessary for the performance of a contract or to take steps prior to entering into a contract. The type of data processed, the nature, scope, purpose and necessity of processing are determined by the underlying contractual relationship. The processed data includes the master data of our contractual partners (e.g. names and addresses), contact data (e.g. email addresses and telephone numbers) as well as contract data (e.g. services used, terms of the contracts, contractual communications, names of contact persons) and payment data (e.g. bank details, payment history). In principle, we do not process special categories of personal data, unless their processing is required and provided for under the terms of a contract. We process data that are necessary for the establishment and performance of the contractual services, and we advise our contractual partners of the need to disclose this data where this is not evident. We only disclose data to external persons or companies, if this is necessary under the contract. When processing the data provided to us under a contract, we act in accordance with the instructions of the client as well as the legal requirements. When users use our online services, we may store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the interests of the user in the protection against misuse and other unauthorised use. We do not, in principle, disclose this data to third parties, unless you have given your express consent in accordance with Article 6 (1) (a) GDPR, it is necessary to pursue our claims in accordance with Article 6 (1) (f) GDPR, or we are required to do so by law or the processing is necessary in accordance with Article 6 (1) (b) GDPR for the performance of a contract to which you are party or the processing is necessary for compliance with a legal obligation in accordance with Article 6 (1) (c) GDPR. We will erase the data if the data is no longer necessary to meet our contractual and/or statutory duty of care and to comply with our warranty and comparable obligations, whereby we review the necessity to store the data every three years; in all other respects, the statutory retention requirements apply.
Administration, financial accounting, office organisation, contact management
We process data for purposes of performing our administrative and business management tasks, financial accounting and compliance with legal obligations, such as archiving. In this regard we process the same data that we process as part of the performance of our contractual services. The legal basis for processing is Article 6 (1) (c) and (f) GDPR. Data subjects in this context are customers, prospective customers, business partners and website visitors. The purpose of and our interest in processing lies in the administration, financial accounting, office organisation, archiving of data, i.e. tasks, which serve to maintain our business activities, performance of our tasks and provision of our services. The erasure of data in relation to contractual performance and contractual communications reflects the data specified during these processing activities. In this regard, we disclose or transmit data to tax authorities, consultants, such as tax consultants or auditors, as well as other fee offices and payment service providers. Furthermore, we store information on suppliers, organisers and other business partners based on our business interests, e.g. to contact them later. In principle, we store this data, which is mainly company-related, on a long-term basis.
When users contact us (by email, post, in person, by telephone or through social media) we collect user information to process the contact request in accordance with Article 6 (1) (b) GDPR. User information can be stored in our customer relationship management system (“CRM system”) or a similar system. We will erase your queries, if the data are no longer necessary. We review this need every two years; in all other respects, the statutory retention requirements apply.
CRM system from Microsoft
Marketing automation from ClickDimensions LCC
The purpose of this information is to provide you with details about the content of our newsletter, the subscription, distribution and statistical analysis procedures as well as your right to object. Content of the newsletter: We send newsletters, emails and other electronic communications containing promotional information (hereinafter referred to as the “newsletter”) only with the consent of the recipient or where we are permitted to do so by law. If subscription to the newsletter involves a concrete description of its content, then this description will form the basis on which the user agrees to receive the newsletter. Our newsletters also contain information about our services. Double opt-in and logging: The subscription to our newsletter takes place in a so-called double opt-in procedure. This means that upon subscription, you will receive an email requesting confirmation of the subscription. This confirmation is necessary to prevent anyone using third-party addresses to subscribe to the newsletter. In addition, the newsletter subscriptions are logged to provide documentary evidence of compliance with legal requirements. This includes storing the time of registration and confirmation, as well as the IP address. Changes to your data stored by the mailing provider are also logged. Subscription data To sign up for the newsletter, it is sufficient to provide your email address. Optionally, we ask you to provide a name in order to address you personally in the newsletter. The legal basis for sending the newsletter and the associated performance measurement is consent in accordance with Article 6 (1) (a) in conjunction with Article 7 GDPR and Article 7 (2) (3) of the Act against Unfair Competition (UWG), or if consent is not required, our legitimate interests in direct marketing in accordance with Article 6 (1) (f) GDPR in conjunction with Article 7 (3) UWG. The legal basis for logging the subscription process is our legitimate interest in accordance with Article 6 (1) (f) GDPR. Our objective is to use a user-friendly and secure newsletter system that serves both our business interests, meets the expectations of our users and can be used as evidence of consent. Cancellation/withdrawal – you can cancel your subscription, i.e. withdraw your consent, to our newsletter at any time. A subscription cancellation link is provided at the end of each newsletter. On the basis of our legitimate interests, we can save the unsubscribed email addresses for up to three years before we delete them as evidence of given consent. The processing of this data is limited to the purpose of a potential defence against claims. An individual request for erasure is possible at any time, provided that the former existence of a consent is confirmed at the same time.
Newsletter – mailing provider
Newsletter – performance measurement
The newsletters contain a “web beacon”, i.e. a pixel-sized file downloaded from our server or the server of a mailing provider, where applicable, when the newsletter is opened. As part of this download, technical information, such as data about the browser and your system, as well as your IP address and the time of download, are collected. This information is used to enhance the services technically based on the technical data or the target groups and their reading behaviour based on their download locations (which can be determined with the help of the IP address) or the access times. The statistical data collected also include information about whether the newsletters were opened, when they were opened and which links were clicked. The processing is based on our legitimate interests in accordance with Article 6 (1) (f) GDPR. Users have the right to object to this processing at any time. For technical reasons, it is possible to identify individual newsletter recipients using this information. However, neither we nor our mailing provider, where used, aim to monitor individual users. The purpose of these evaluations is simply to learn more about our users’ reading habits and to adapt our content accordingly and to send out different content tailored to our users’ interests.
Hosting and the sending of emails
We use hosting services to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, sending emails, security services and technical maintenance services that we use for the purpose of operating this website. In so doing, we or our hosting provider process user data, contact data, content data, contract data, usage data, metadata and communication data of customers, prospective customers or visitors of this website on the basis of our legitimate interests in an efficient and secure website provisioning in accordance with Article 6 (1) (f) GDPR in conjunction with Article 28 GDPR (conclusion of a data processing agreement).
Web analysis through ClickDimensions
ClickDimensions may also pass this information on to third parties if required by law or if third parties process the data on behalf of ClickDimensions. In our CRM, your data, in particular, your IP address, is compared with existing data. Please note that we can link you to an existing IP address if necessary. The legal basis for the processing is our legitimate interest in offering you a user-friendly and attractive website that is perfectly tailored to the wishes and needs of our clients and prospective clients, where your rights and freedoms do not override our legitimate interest in accordance with Article 6 (1) (f) GDPR. You can prevent the installation of cookies in your browser settings. We use a tracking script from ClickDimensions with an opt-out solution on our website. This means that if you disable the use of the tracking and web analysis service from ClickDimensions using a pop-up when you first visit our websites, an opt-out cookie will prevent any further information from being transmitted to ClickDimensions from this point onwards. If you visit one of our websites again, and you have deleted the relevant cookies in the meantime or disabled them completely for our websites, the pop-up will appear again.
Collection of access data and log files
On the basis of our legitimate interests within the meaning of Article 6 (1) (f) GDPR, we or our hosting provider collects data about each access to its servers on which this service is located (so-called server log files). The access data include the name of the accessed website, file, date and time of access, amount of data transferred, notification on successful access, browser type plus version, the operating system of the user, referrer URL (previously visited page), IP address and the requesting provider. Log file information is stored for security reasons (e.g. to investigate abusive or fraudulent activities) for a maximum of 7 months and then erased. Data which needs to be stored for evidence purposes will be exempt from erasure until the relevant incident has been resolved.
Google AdWords and conversion measurement
Online presence on social media
Integration of services and content from third parties
Based on our legitimate interests (i.e. our interest in analysing, optimising and running our online presence in a commercially viable manner within the meaning of Article 6 (1) (f) GDPR), we make use of content or services offered by third-party providers to integrate the content and services such as videos or fonts (hereinafter collectively referred to as “content”). This always requires that the user IP addresses are visible to the third-party providers of such content, because they cannot send the content to users’ browsers without the IP address. In other words, the IP address is necessary to display this content. We make every reasonable effort to use content from providers who only use IP addresses to deliver content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as web beacons) for statistical or marketing purposes. These pixel tags are used to evaluate information such as traffic patterns of users as they navigate the pages of this website. The pseudonymous information can be stored in cookies on users’ devices and can include e.g. technical information about the browser and the operating system, referring websites, time spent on the website and further information on the use of our website and can be linked to such information from other sources.
Use of Facebook plugins
We want to show our services or products only to those people who are really interested in them. With the help of Facebook pixels, our advertising measures can be better tailored to your wishes and interests. Thus, Facebook users (if they have allowed personalized advertising) get to see suitable advertising. Furthermore, Facebook uses the collected data for analysis purposes and its own advertisements.
In the following, we show you those cookies that were set by embedding Facebook Pixel on a test page. Please note that these are only sample cookies. Different cookies are set depending on the interaction on our website.
Purpose: This cookie is used by Facebook to display promotional products.
Expiration date: after 3 months
Purpose: This cookie is used to make Facebook Pixel work properly.
Expiration date: after 3 months
Value: Name of the author
Purpose: This cookie stores the text and name of a user who leaves a comment, for example.
Expiration date: after 12 months
Value: https%3A%2F%2Fwww.testseite…%2F (author’s URL)
Purpose: This cookie stores the URL of the website that the user enters in a text field on our website.
Expiration date: after 12 months
Value: Author’s email address
Purpose: This cookie stores the user’s email address if he/she has provided it on the website.
Expiration date: after 12 months
Note: The above cookies refer to an individual user behavior. Especially when using cookies, Facebook changes can never be excluded.
Provided that you are logged in to Facebook, you can change your settings for advertisements yourself at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. If you are not a Facebook user, you can generally manage your usage-based online advertising at http://www.youronlinechoices.com/de/praferenzmanagement/. You can also change the settings for your ads on your own. There you have the option to deactivate or activate providers.
Source: Created with the privacy generator from firmenwebseiten.at
LinkedIn Insight Tag
The data is only collected if you have consented to this in our cookie banner. You can revoke this consent at any time in our individual cookie settings (at the very bottom of this page).
Use of SalesViewer® technology
On this website, data is collected and stored for marketing, market research and optimization purposes using the SalesViewer® technology of SalesViewer® GmbH on the basis of legitimate interests of the website operator (Art. 6 para.1 lit.f DSGVO).
The data stored as part of Salesviewer will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations.
You can object to the collection and storage of data at any time with effect for the future by clicking on this link https://www.salesviewer.com/opt-out to prevent the collection by SalesViewer® within this website in the future. In doing so, an opt-out cookie for this website will be placed on your device. If you delete your cookies in this browser, you must click this link again.
Individual cookie settings
If you wish to view, change or revoke your current cookie selection, simply click the button below: