Privacy policy
1. information about the collection of personal data
(1) In the following, we provide information about the collection of personal data when using our website as well as our landing page www.ki-im-unternehmen.de. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behavior.
(2) The responsible party pursuant to Art. 4 (7) EU General Data Protection Regulation (DSGVO) is WOGRA AG, Hery-Park 3000, 86368 Gersthofen, Tel.: 0821-899492-0, Fax: 0821-899492-20, info@wogra.com (see our imprint). You can reach our data protection officer at datenschutz@wogra.com or our postal address with the addition of “the data protection officer”.
(3) When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, name and telephone number, if applicable) will be stored by us in order to answer your questions. We delete the data accruing in this context after the storage is no longer required or restrict the processing if there are legal retention obligations.
(4) If we use contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail about the respective processes below. In doing so, we also state the specified criteria for the storage period.
2. your rights
(1) You have the following rights against us regarding the personal data concerning you:
– Right to information,
– Right to rectification or deletion,
– Right to restriction of processing,
– Right to object to processing,
– Right to data portability.
(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
The competent data protection supervisory authority is the Bavarian State Office for Data Protection Supervision, Promenade 27 (Schloss), 91522 Ansbach, telephone: 0049 (0) 981 53 1300, fax: 0049 (0) 981 53 98 1300, e-mail: poststelle@lda.bayern.de.
3. collection of personal data when visiting our website
(1) In the case of mere informational use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 para. 1 p. 1 lit. f DSGVO):
– IP address
– Date and time of the request
– Time zone difference from Greenwich Mean Time (GMT)
– Content of the request (concrete page)
– Access status/HTTP status code
– Data volume transferred in each case
– Website from which the request comes
– Browser
– Operating system and its interface
– Language and version of the browser software.
(2) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive associated with the browser you are using and through which the entity that sets the cookie (in this case by us) receives certain information. Cookies cannot execute programs or transfer viruses to your computer. They serve to make the Internet offer as a whole more user-friendly and effective.
(3) Use of cookies:
a) This website uses the following types of cookies, the scope and functionality of which are explained below:
– Transient cookies (for this b)
– Persistent cookies (for this purpose c).
b) Transient cookies are automatically deleted when you close the browser. These include in particular the session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
c) Persistent cookies are automatically deleted after a predefined duration, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
d) You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all the features of this website.
4. further functions and offers of our website
(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. For this purpose, you will usually have to provide additional personal data that we use to provide the respective service and to which the aforementioned data processing principles apply.
(2) In some cases, we use external service providers to process your data. They have been carefully selected and commissioned by us, are bound by our instructions and are regularly inspected.
(3) Furthermore, we may pass on your personal data to third parties if promotional participations, competitions, contract conclusions or similar services are offered by us together with partners. You will receive more information about this when you provide your personal data or in the description of the offer below.
(4) If our service providers or partners are located in a country outside the European Economic Area (EEA), we will inform you about the consequences of this circumstance in the description of the offer.
5. objection or revocation against the processing of your data
(1) If you have given your consent to the processing of your data, you may revoke this consent at any time. Such revocation will affect the permissibility of processing your personal data after you have expressed it to us.
(2) Insofar as we base the processing of your personal data on the balance of interests, you may object to the processing. This is the case if the processing is not necessary, in particular, for the performance of a contract with you, which is shown by us in each case in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will review the merits of the case and either discontinue or adjust the data processing or show you our compelling legitimate grounds on the basis of which we will continue the processing.
(3) Of course, you can object to the processing of your personal data for purposes of advertising and data analysis at any time. You can inform us of your advertising objection using the following contact details:
WOGRA AG
Hery Park 3000
86368 Gersthofen
Fax: 0821-899492-20
Email: info@wogra.com
6. newsletter
(1) With your consent, you can subscribe to our newsletter, with which we inform you about our current interesting offers. The advertised goods and services are named in the consent form.
(2) For the registration to our newsletter we use the so-called double-opt-in procedure. This means that after your registration, we will send you an e-mail to the e-mail address you provided, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 72 hours, your information will be blocked and automatically deleted after one month. In addition, we store your IP addresses and times of registration and confirmation. The purpose of the procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.
(3) The only mandatory information for sending the newsletter is your e-mail address. The provision of further, separately marked data is voluntary and will be used to address you personally. After your confirmation, we store your e-mail address for the purpose of sending you the newsletter. The legal basis is Art. 6 para. 1 p. 1 lit. a GDPR.
(4) You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in every newsletter e-mail or by sending a message to the contact details provided in the imprint.
(5) We would like to point out that we evaluate your user behavior when sending the newsletter. For this evaluation, the emails sent contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website. For the evaluations, we link the data mentioned in § 3 and the web beacons with your e-mail address and an individual ID. Links received in the newsletter also contain this ID. With the data obtained in this way, we create a user profile in order to tailor the newsletter to your individual interests. In doing so, we record when you read our newsletters, which links you click on in them and infer your personal interests from this. We link this data to actions you take on our website.
You can object to this tracking at any time by clicking on the separate link provided in each email or by informing us via another contact channel. The information is stored for as long as you are subscribed to the newsletter. After unsubscribing, we store the data purely statistically and anonymously.
7. use of Google Analytics
(1) This website uses Google Analytics, a web analytics service provided by Google Dublin, Google Ireland Limited. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. In the event that IP anonymization is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.
(2) The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.
(3) You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
(4) This website uses Google Analytics with the extension “_anonymizeIp()”. This means that IP addresses are processed in abbreviated form, thus excluding the possibility of personal references. Insofar as the data collected about you has a personal reference, this is therefore immediately excluded and the personal data is thus immediately deleted.
(5) We use Google Analytics to analyze and regularly improve the use of our website. The statistics obtained enable us to improve our offer and make it more interesting for you as a user. An appropriate level of protection for the transfer of data is ensured by concluding the EU standard data protection clauses (available at https://eur-lex.europa.eu/legal-content/DE/TXT/?qid=1487055654356&uri=CELEX:32010D0087).
(6) Third-party information: Google Dublin, Google Ireland Limited, Gordon House, Barrow Street,
Dublin 4, Ireland, Fax: +353 (1) 436 1001. User Terms: https://marketingplatform.google.com/about/analytics/terms/de/ and at https://policies.google.com/?hl=de/ https://policies.google.com/?hl=de. Overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html, as well as the privacy policy: http://www.google.de/intl/de/policies/privacy.
(7) This website also uses Google Analytics for a cross-device analysis of visitor flows, which is carried out via a user ID. You can deactivate the cross-device analysis of your usage in your customer account under “My data”, “Personal data”.
8. use of Google Recaptcha
Our primary goal is to secure and protect our website in the best possible way for you and for us. To ensure this, we use Google reCAPTCHA from Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. With reCAPTCHA we can verify that you are a real flesh and blood human being and not a robot or some other spam software. By spam we mean any unsolicited information sent to us electronically. In the classic CAPTCHAS, you usually had to solve text or picture puzzles for review. With reCAPTCHA from Google, we usually don’t have to bother you with such riddles. Here, in most cases, it is enough to simply check a box to confirm that you are not a bot. With the new Invisible reCAPTCHA version, you don’t even have to check a box. You will find out exactly how this works and, above all, which data is used for this purpose in the course of this privacy policy.
reCAPTCHA is a free captcha service from Google that protects websites from spam software and abuse by non-human visitors. Most often, this service is used when you fill out forms on the Internet. A captcha service is a kind of automatic Turing test designed to ensure that an action on the Internet is performed by a human and not a bot. In the classic Turing test (named after the computer scientist Alan Turing), a human establishes the distinction between a bot and a human. With captchas, the computer or a software program also takes care of this. Classic captchas work with small tasks that are easy for humans to solve, but present significant difficulties for machines. With reCAPTCHA, you no longer have to actively solve puzzles. The tool uses advanced risk techniques to distinguish humans from bots. Here you only need to check the “I am not a robot” text box, or with Invisible reCAPTCHA even that is no longer necessary. With reCAPTCHA, a JavaScript element is included in the source code and then the tool runs in the background and analyzes your user behavior. The software calculates a so-called captcha score from these user actions. Google uses this score to calculate how likely you are to be human even before you enter the captcha. reCAPTCHA or captchas in general are used whenever bots could manipulate or abuse certain actions (such as registrations, surveys, etc.).
Why do we use reCAPTCHA on our website?
We only want to welcome flesh and blood people to our side. Bots or spam software of various kinds can safely stay at home. That’s why we do everything we can to protect ourselves and provide the best possible user experience for you. For this reason, we use Google reCAPTCHA from the company Google. This way we can be pretty sure that we remain a “bot-free” website. By using reCAPTCHA, data is transmitted to Google to determine whether you are actually a human. reCAPTCHA therefore serves the security of our website and, by extension, your security. For example, without reCAPTCHA, it could happen that a bot registers as many e-mail addresses as possible during registration in order to subsequently “spam” forums or blogs with unwanted advertising content. With reCAPTCHA we can avoid such bot attacks.
What data is stored by reCAPTCHA?
reCAPTCHA collects personal data from users in order to determine whether actions on our website actually originate from people. Thus, the IP address and other data required by Google for the reCAPTCHA service can be sent to Google. IP addresses are almost always shortened beforehand within the member states of the EU or other contracting states to the Agreement on the European Economic Area before the data ends up on a server in the USA. The IP address is not combined with other data from Google unless you are logged in with your Google account while using reCAPTCHA. First, the reCAPTCHA algorithm checks if Google cookies from other Google services (YouTube. Gmail, etc.) are already placed on your browser. Then, reCAPTCHA sets an additional cookie in your browser and captures a snapshot of your browser window.
The following list of collected browser and user data, does not claim to be complete. Rather, they are examples of data that, to our knowledge, are processed by Google.
- Referrer URL (the address of the page from which the visitor comes)
- IP address (e.g. 256.123.123.1)
- Info about the operating system (the software that allows your computer to run. Known operating systems are Windows, Mac OS X or Linux).
- Cookies (small text files that store data in your browser)
- Mouse and keyboard behavior (every action you perform with the mouse or keyboard is saved)
- Date and language settings (which language or date you have preset on your PC will be saved)
- All JavaScript objects (JavaScript is a programming language that allows websites to adapt to the user. JavaScript objects can collect all kinds of data under one name).
- Screen resolution (shows how many pixels the image display consists of)
It is undisputed that Google uses and analyzes this data even before you click on the “I am not a robot” checkbox. With the Invisible reCAPTCHA version, there is even no checkboxing and the whole recognition process runs in the background. How much and which data Google stores exactly, one does not learn from Google in detail.
The following cookies are used by reCAPTCHA: Here we refer to the reCAPTCHA demo version from Google at.
https://www.google.com/recaptcha/api2/demo
. All these cookies require a unique identifier for tracking purposes.
9. use of Google Tag Manager
For our website we use the Google Tag Manager of the company Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. This tag manager is one of many helpful marketing products from Google. Google Tag Manager allows us to centrally incorporate and manage sections of code from various tracking tools we use on our website.
In this privacy policy, we want to explain in more detail what Google Tag Manager does, why we use it, and in what form data is processed.
Google Tag Manager is an organizational tool that allows us to include and manage website tags centrally and through a user interface. Tags are small sections of code that, for example, record (track) your activity on our website. For this purpose, JavaScript code sections are inserted into the source code of our page. The tags often come from Google’s own products such as Google Ads or Google Analytics, but tags from other companies can also be included and managed via the manager. Such tags perform different tasks. They can collect browser data, feed marketing tools with data, embed buttons, set cookies, and also track users across multiple websites.
Why do we use Google Tag Manager for our website?
As the saying goes: organization is half the battle! And of course, this also applies to the maintenance of our website. In order to make our website as good as possible for you and all people interested in our products and services, we need various tracking tools such as Google Analytics. The data collected from these tools shows us what you are most interested in, where we can improve our services and which people we should still show our offers to. And for this tracking to work, we need to embed appropriate JavaScript codes into our website. In principle, we could include each code section of each tracking tool separately in our source code. However, this requires a relatively large amount of time and it is easy to lose track. That’s why we use Google Tag Manager. We can easily incorporate the necessary scripts and manage them from one place. Moreover, Google Tag Manager offers an easy-to-use interface and you don’t need any programming skills. This is how we manage to keep order in our daytime jungle.
What data is stored by Google Tag Manager?
The Tag Manager itself is a domain that does not set cookies or store data. It acts as a mere “manager” of the implemented tags. The data is collected by the individual tags of the different web analytics tools. The data is virtually passed through to the individual tracking tools in Google Tag Manager and is not stored. However, the situation is quite different with the embedded tags of the various web analytics tools, such as Google Analytics. Depending on the analysis tool, various data about your web behavior is usually collected, stored and processed with the help of cookies. For this, please read our privacy texts on the individual analysis and tracking tools that we use on our website. In the Tag Manager account settings, we have allowed Google to receive anonymized data from us. However, this is only the use and usage of our tag manager and not your data stored via the code sections. We allow Google and others to receive selected data in anonymized form. We thus consent to the anonymous disclosure of our website data. Despite extensive research, we were unable to find out exactly which summarized and anonymous data is forwarded. In any case, Google deletes all information that could identify our website. Google aggregates the data with hundreds of other anonymous website data and, as part of benchmarking measures, creates user trends. Benchmarking compares own results with those of competitors. Processes can be optimized on the basis of the information collected.
How long and where is the data stored?
When Google stores data, that data is stored on Google’s own servers. The servers are distributed all over the world. Most are located in America. At
https://www.google.com/about/datacenters/inside/locations/?hl=de
you can read exactly where the Google servers are located. How long the individual tracking tools store data from you can be found in our individual privacy texts for the individual tools.
How can I delete my data or prevent data storage?
Google Tag Manager itself does not set cookies, but manages tags from various tracking websites. In our privacy texts for the individual tracking tools, you will find detailed information on how to delete or manage your data. Please note that when using this tool, data from you may also be stored and processed outside the EU. Most third countries (including the USA) are not considered secure under current European data protection law. So data may not simply be transferred to, stored in, and processed in insecure third countries unless there are appropriate safeguards (such as EU standard contractual clauses) between us and the non-European service provider.
Legal basis
The use of Google Tag Manager requires your consent, which we have obtained with our cookie popup. This consent represents according to Art. 6 par. 1 lit. a GDPR (Consent) constitutes the legal basis for the processing of personal data as may occur during the collection by web analytics tools. In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors in order to improve our services technically and economically. With the help of Google Tag Managers can improve the profitability. The legal basis for this is Art. 6 par. 1 lit. f DSGVO (Legitimate Interests). Nevertheless, we only use the Google Tag Manager if you have given your consent. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. The data processing is essentially done by Google (if, for example, Google Analytics is used in Google Tag Manager). This may result in data not being processed and stored anonymously. In addition, U.S. government authorities may have access to individual data. It may also happen that this data is linked to data from other Google services where you have a user account.
If you want to learn more about the Google Tag Manager, we recommend the FAQs at
https://www.google.com/intl/de/tagmanager/faq.html
.
10. use of borlabs
This website uses Borlabs cookie, which sets a technically necessary cookie(borlabs-cookie) to store your cookie consents. Borlabs Cookie does not process any personal data. The borlabs-cookie cookie stores the consent you gave when entering the website. If you wish to revoke these consents, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked again for your cookie consent.
Imprint: Borlabs, Rübenkamp 32, 22305 Hamburg. Privacy overview: https://de.borlabs.io/datenschutz/
11. use of social media plug-ins
(1) We currently use the following social media plug-ins: Facebook, LinkedIn, Xing. We use the so-called two-click solution. This means that when you visit our site, no personal data is initially passed on to the providers of the plug-ins. You can recognize the provider of the plug-in by the mark on the box above its initial letter or logo. We open the possibility for you to communicate directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it, the plug-in provider receives the information that you have called up the corresponding website of our online offer. In addition, the data mentioned under 3. of this declaration will be transmitted. In the case of Facebook, according to Facebook in Germany, the IP address is anonymized immediately after collection. By activating the plug-in, your personal data is transmitted to the respective plug-in provider and stored there (in the case of US providers, in the USA). Since the plug-in provider collects data in particular via cookies, we recommend that you delete all cookies via your browser’s security settings before clicking on the grayed-out box.
(2) We have neither influence on the collected data and data processing operations, nor are we aware of the full extent of the data collection, the purposes of the processing, the storage periods. We also have no information about the deletion of the collected data by the plug-in provider.
(3) The plug-in provider stores the data collected about you as usage profiles and uses them for purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (also for users who are not logged in) for the display of tailored advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. Through the plug-ins, we offer you the opportunity to interact with the social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 para. 1 p. 1 lit. f GDPR.
(4) The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in to the plug-in provider, the data we collect is directly assigned to your account with the plug-in provider. If you click the activated button and link to the page, for example, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this allows you to avoid an assignment to your profile with the plug-in provider.
(5) For further information on the purpose and scope of data collection and processing by the plug-in provider, please refer to the data protection declarations of these providers communicated below. There you will also receive further information about your rights in this regard and setting options for protecting your privacy.
(6) Addresses of the respective plug-in providers and URL with their privacy notices:
a) Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland;
For more information about the provider and its data processing, please visit: https://www.facebook.com/about/privacy
https://www.facebook.com/terms/
https://www.facebook.com/policies/cookies/
An adequate level of protection in the transfer of data is ensured by concluding the EU standard data protection clauses (available at https://eur-lex.europa.eu/legal-content/DE/TXT/?qid=1487055654356&uri=CELEX:32010D0087)
b) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. An adequate level of protection in the transfer of data is ensured by concluding the EU standard data protection clauses (available at https://eur-lex.europa.eu/legal-content/DE/TXT/?qid=1487055654356&uri=CELEX:32010D0087)
c) XING SE, Dammtorstraße 30, 20354 Hamburg, Germany, https://privacy.xing.com/de/datenschutzerklaerung
d) Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”); for more information on Google Analytics’ terms of use and Google’s privacy policy, please visit https://marketingplatform.google.com/about/analytics/terms/de/ and https://policies.google.com/?hl=de.
12. integration of YouTube videos
(1) We have integrated YouTube videos into our online offer, which are stored on http://www.YouTube.com and can be played directly from our website. These are all embedded in “enhanced privacy mode”, which means that no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos, the data mentioned in paragraph 2 are transferred. We have no influence on this data transmission.
(2) By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned under 3. of this declaration will be transmitted. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data is directly assigned to your account. If you do not want the assignment with your profile at YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) for the provision of tailored advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact YouTube to exercise this right.
(3) For more information on the purpose and scope of data collection and its processing by YouTube, please refer to the privacy policy. There you will also receive further information about your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy. An adequate level of protection in the transfer of data is ensured by concluding the EU standard data protection clauses (available at https://eur-lex.europa.eu/legal-content/DE/TXT/?qid=1487055654356&uri=CELEX:32010D0087)