Pri­vacy Policy

We are very de­lighted that you have shown in­terest in our en­ter­prise. Data pro­tec­tion is of a par­tic­u­larly high pri­or­ity for the man­age­ment of the CoIn­vest Cor­por­ate Fin­ance GmbH. The use of the In­ter­net pages of the CoIn­vest Cor­por­ate Fin­ance GmbH is pos­sible without any in­dic­a­tion of per­son­al data; how­ever, if a data sub­ject wants to use spe­cial en­ter­prise ser­vices via our web­site, pro­cessing of per­son­al data could be­come ne­ces­sary. If the pro­cessing of per­son­al data is ne­ces­sary and there is no stat­utory basis for such pro­cessing, we gen­er­ally ob­tain con­sent from the data sub­ject.

The pro­cessing of per­son­al data, such as the name, ad­dress, e‑mail ad­dress, or tele­phone num­ber of a data sub­ject shall al­ways be in line with the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR), and in ac­cord­ance with the coun­try-spe­cif­ic data pro­tec­tion reg­u­la­tions ap­plic­able to the CoIn­vest Cor­por­ate Fin­ance GmbH. By means of this data pro­tec­tion de­clar­a­tion, our en­ter­prise would like to in­form the gen­er­al pub­lic of the nature, scope, and pur­pose of the per­son­al data we col­lect, use and pro­cess. Fur­ther­more, data sub­jects are in­formed, by means of this data pro­tec­tion de­clar­a­tion, of the rights to which they are en­titled.

As the con­trol­ler, the CoIn­vest Cor­por­ate Fin­ance GmbH has im­ple­men­ted nu­mer­ous tech­nic­al and or­gan­iz­a­tion­al meas­ures to en­sure the most com­plete pro­tec­tion of per­son­al data pro­cessed through this web­site. How­ever, In­ter­net-based data trans­mis­sions may in prin­ciple have se­cur­ity gaps, so ab­so­lute pro­tec­tion may not be guar­an­teed. For this reas­on, every data sub­ject is free to trans­fer per­son­al data to us via al­tern­at­ive means, e.g. by tele­phone.

1. Defin­i­tions

The data pro­tec­tion de­clar­a­tion of the CoIn­vest Cor­por­ate Fin­ance GmbH is based on the terms used by the European le­gis­lat­or for the ad­op­tion of the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR). Our data pro­tec­tion de­clar­a­tion should be legible and un­der­stand­able for the gen­er­al pub­lic, as well as our cus­tom­ers and busi­ness part­ners. To en­sure this, we would like to first ex­plain the ter­min­o­logy used.

In this data pro­tec­tion de­clar­a­tion, we use, inter alia, the fol­low­ing terms:

  • a) Per­son­al data

    Per­son­al data means any in­form­a­tion re­lat­ing to an iden­ti­fied or iden­ti­fi­able nat­ur­al per­son (“data sub­ject”). An iden­ti­fi­able nat­ur­al per­son is one who can be iden­ti­fied, dir­ectly or in­dir­ectly, in par­tic­u­lar by ref­er­ence to an iden­ti­fi­er such as a name, an iden­ti­fic­a­tion num­ber, loc­a­tion data, an on­line iden­ti­fi­er or to one or more factors spe­cif­ic to the phys­ic­al, physiolo­gic­al, ge­net­ic, men­tal, eco­nom­ic, cul­tur­al or so­cial iden­tity of that nat­ur­al per­son.

  • b) Data sub­ject

    Data sub­ject is any iden­ti­fied or iden­ti­fi­able nat­ur­al per­son, whose per­son­al data is pro­cessed by the con­trol­ler re­spons­ible for the pro­cessing.

  • c) Pro­cessing

    Pro­cessing is any op­er­a­tion or set of op­er­a­tions which is per­formed on per­son­al data or on sets of per­son­al data, wheth­er or not by auto­mated means, such as col­lec­tion, re­cord­ing, or­gan­isa­tion, struc­tur­ing, stor­age, ad­apt­a­tion or al­ter­a­tion, re­triev­al, con­sulta­tion, use, dis­clos­ure by trans­mis­sion, dis­sem­in­a­tion or oth­er­wise mak­ing avail­able, align­ment or com­bin­a­tion, re­stric­tion, eras­ure or de­struc­tion.

  • d) Re­stric­tion of pro­cessing

    Re­stric­tion of pro­cessing is the mark­ing of stored per­son­al data with the aim of lim­it­ing their pro­cessing in the fu­ture.

  • e) Pro­fil­ing

    Pro­fil­ing means any form of auto­mated pro­cessing of per­son­al data con­sist­ing of the use of per­son­al data to eval­u­ate cer­tain per­son­al as­pects re­lat­ing to a nat­ur­al per­son, in par­tic­u­lar to ana­lyse or pre­dict as­pects con­cern­ing that nat­ur­al per­son’s per­form­ance at work, eco­nom­ic situ­ation, health, per­son­al pref­er­ences, in­terests, re­li­ab­il­ity, be­ha­viour, loc­a­tion or move­ments.

  • f) Pseud­onymisa­tion

    Pseud­onymisa­tion is the pro­cessing of per­son­al data in such a man­ner that the per­son­al data can no longer be at­trib­uted to a spe­cif­ic data sub­ject without the use of ad­di­tion­al in­form­a­tion, provided that such ad­di­tion­al in­form­a­tion is kept sep­ar­ately and is sub­ject to tech­nic­al and or­gan­isa­tion­al meas­ures to en­sure that the per­son­al data are not at­trib­uted to an iden­ti­fied or iden­ti­fi­able nat­ur­al per­son.

  • g) Con­trol­ler or con­trol­ler re­spons­ible for the pro­cessing

    Con­trol­ler or con­trol­ler re­spons­ible for the pro­cessing is the nat­ur­al or leg­al per­son, pub­lic au­thor­ity, agency or oth­er body which, alone or jointly with oth­ers, de­term­ines the pur­poses and means of the pro­cessing of per­son­al data; where the pur­poses and means of such pro­cessing are de­term­ined by Uni­on or Mem­ber State law, the con­trol­ler or the spe­cif­ic cri­ter­ia for its nom­in­a­tion may be provided for by Uni­on or Mem­ber State law.

  • h) Pro­cessor

    Pro­cessor is a nat­ur­al or leg­al per­son, pub­lic au­thor­ity, agency or oth­er body which pro­cesses per­son­al data on be­half of the con­trol­ler.

  • i) Re­cip­i­ent

    Re­cip­i­ent is a nat­ur­al or leg­al per­son, pub­lic au­thor­ity, agency or an­oth­er body, to which the per­son­al data are dis­closed, wheth­er a third party or not. How­ever, pub­lic au­thor­it­ies which may re­ceive per­son­al data in the frame­work of a par­tic­u­lar in­quiry in ac­cord­ance with Uni­on or Mem­ber State law shall not be re­garded as re­cip­i­ents; the pro­cessing of those data by those pub­lic au­thor­it­ies shall be in com­pli­ance with the ap­plic­able data pro­tec­tion rules ac­cord­ing to the pur­poses of the pro­cessing.

  • j) Third party

    Third party is a nat­ur­al or leg­al per­son, pub­lic au­thor­ity, agency or body oth­er than the data sub­ject, con­trol­ler, pro­cessor and per­sons who, un­der the dir­ect au­thor­ity of the con­trol­ler or pro­cessor, are au­thor­ised to pro­cess per­son­al data.

  • k) Con­sent

    Con­sent of the data sub­ject is any freely giv­en, spe­cif­ic, in­formed and un­am­bigu­ous in­dic­a­tion of the data sub­ject’s wishes by which he or she, by a state­ment or by a clear af­firm­at­ive ac­tion, sig­ni­fies agree­ment to the pro­cessing of per­son­al data re­lat­ing to him or her.

2. Name and Ad­dress of the con­trol­ler

Con­trol­ler for the pur­poses of the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR), oth­er data pro­tec­tion laws ap­plic­able in Mem­ber states of the European Uni­on and oth­er pro­vi­sions re­lated to data pro­tec­tion is:

CoIn­vest Cor­por­ate Fin­ance GmbH
Bräuhausstrasse 4B
82152 Planegg
Deutsch­land
Phone: +49–89-89948860
Email: datens­chutz [at] coin­vest [dot] fin­ance
Web­site: www.coinvest.finance

3. Cook­ies

The In­ter­net pages of the CoIn­vest Cor­por­ate Fin­ance GmbH use cook­ies. Cook­ies are text files that are stored in a com­puter sys­tem via an In­ter­net browser.

Many In­ter­net sites and serv­ers use cook­ies. Many cook­ies con­tain a so-called cook­ie ID. A cook­ie ID is a unique iden­ti­fi­er of the cook­ie. It con­sists of a char­ac­ter string through which In­ter­net pages and serv­ers can be as­signed to the spe­cif­ic In­ter­net browser in which the cook­ie was stored. This al­lows vis­ited In­ter­net sites and serv­ers to dif­fer­en­ti­ate the in­di­vidu­al browser of the dats sub­ject from oth­er In­ter­net browsers that con­tain oth­er cook­ies. A spe­cif­ic In­ter­net browser can be re­cog­nized and iden­ti­fied us­ing the unique cook­ie ID.

Through the use of cook­ies, the CoIn­vest Cor­por­ate Fin­ance GmbH can provide the users of this web­site with more user-friendly ser­vices that would not be pos­sible without the cook­ie set­ting.

By means of a cook­ie, the in­form­a­tion and of­fers on our web­site can be op­tim­ized with the user in mind. Cook­ies al­low us, as pre­vi­ously men­tioned, to re­cog­nize our web­site users. The pur­pose of this re­cog­ni­tion is to make it easi­er for users to util­ize our web­site. The web­site user that uses cook­ies, e.g. does not have to enter ac­cess data each time the web­site is ac­cessed, be­cause this is taken over by the web­site, and the cook­ie is thus stored on the user­’s com­puter sys­tem. An­oth­er ex­ample is the cook­ie of a shop­ping cart in an on­line shop. The on­line store re­mem­bers the art­icles that a cus­tom­er has placed in the vir­tu­al shop­ping cart via a cook­ie.

The data sub­ject may, at any time, pre­vent the set­ting of cook­ies through our web­site by means of a cor­res­pond­ing set­ting of the In­ter­net browser used, and may thus per­man­ently deny the set­ting of cook­ies. Fur­ther­more, already set cook­ies may be de­leted at any time via an In­ter­net browser or oth­er soft­ware pro­grams. This is pos­sible in all pop­u­lar In­ter­net browsers. If the data sub­ject de­ac­tiv­ates the set­ting of cook­ies in the In­ter­net browser used, not all func­tions of our web­site may be en­tirely us­able.

4. Col­lec­tion of gen­er­al data and in­form­a­tion

The web­site of the CoIn­vest Cor­por­ate Fin­ance GmbH col­lects a series of gen­er­al data and in­form­a­tion when a data sub­ject or auto­mated sys­tem calls up the web­site. This gen­er­al data and in­form­a­tion are stored in the serv­er log files. Col­lec­ted may be (1) the browser types and ver­sions used, (2) the op­er­at­ing sys­tem used by the ac­cess­ing sys­tem, (3) the web­site from which an ac­cess­ing sys­tem reaches our web­site (so-called re­fer­rers), (4) the sub-web­sites, (5) the date and time of ac­cess to the In­ter­net site, (6) an In­ter­net pro­tocol ad­dress (IP ad­dress), (7) the In­ter­net ser­vice pro­vider of the ac­cess­ing sys­tem, and (8) any oth­er sim­il­ar data and in­form­a­tion that may be used in the event of at­tacks on our in­form­a­tion tech­no­logy sys­tems.

When us­ing these gen­er­al data and in­form­a­tion, the CoIn­vest Cor­por­ate Fin­ance GmbH does not draw any con­clu­sions about the data sub­ject. Rather, this in­form­a­tion is needed to (1) de­liv­er the con­tent of our web­site cor­rectly, (2) op­tim­ize the con­tent of our web­site as well as its ad­vert­ise­ment, (3) en­sure the long-term vi­ab­il­ity of our in­form­a­tion tech­no­logy sys­tems and web­site tech­no­logy, and (4) provide law en­force­ment au­thor­it­ies with the in­form­a­tion ne­ces­sary for crim­in­al pro­sec­u­tion in case of a cy­ber-at­tack. There­fore, the CoIn­vest Cor­por­ate Fin­ance GmbH ana­lyzes an­onym­ously col­lec­ted data and in­form­a­tion stat­ist­ic­ally, with the aim of in­creas­ing the data pro­tec­tion and data se­cur­ity of our en­ter­prise, and to en­sure an op­tim­al level of pro­tec­tion for the per­son­al data we pro­cess. The an­onym­ous data of the serv­er log files are stored sep­ar­ately from all per­son­al data provided by a data sub­ject.

5. Con­tact pos­sib­il­ity via the web­site

The web­site of the CoIn­vest Cor­por­ate Fin­ance GmbH con­tains in­form­a­tion that en­ables a quick elec­tron­ic con­tact to our en­ter­prise, as well as dir­ect com­mu­nic­a­tion with us, which also in­cludes a gen­er­al ad­dress of the so-called elec­tron­ic mail (e‑mail ad­dress). If a data sub­ject con­tacts the con­trol­ler by e‑mail or via a con­tact form, the per­son­al data trans­mit­ted by the data sub­ject are auto­mat­ic­ally stored. Such per­son­al data trans­mit­ted on a vol­un­tary basis by a data sub­ject to the data con­trol­ler are stored for the pur­pose of pro­cessing or con­tact­ing the data sub­ject. There is no trans­fer of this per­son­al data to third parties.

6. Routine eras­ure and block­ing of per­son­al data

The data con­trol­ler shall pro­cess and store the per­son­al data of the data sub­ject only for the peri­od ne­ces­sary to achieve the pur­pose of stor­age, or as far as this is gran­ted by the European le­gis­lat­or or oth­er le­gis­lat­ors in laws or reg­u­la­tions to which the con­trol­ler is sub­ject to.

If the stor­age pur­pose is not ap­plic­able, or if a stor­age peri­od pre­scribed by the European le­gis­lat­or or an­oth­er com­pet­ent le­gis­lat­or ex­pires, the per­son­al data are routinely blocked or erased in ac­cord­ance with leg­al re­quire­ments.

7. Rights of the data sub­ject

  • a) Right of con­firm­a­tion

    Each data sub­ject shall have the right gran­ted by the European le­gis­lat­or to ob­tain from the con­trol­ler the con­firm­a­tion as to wheth­er or not per­son­al data con­cern­ing him or her are be­ing pro­cessed. If a data sub­ject wishes to avail him­self of this right of con­firm­a­tion, he or she may, at any time, con­tact any em­ploy­ee of the con­trol­ler.

  • b) Right of ac­cess

    Each data sub­ject shall have the right gran­ted by the European le­gis­lat­or to ob­tain from the con­trol­ler free in­form­a­tion about his or her per­son­al data stored at any time and a copy of this in­form­a­tion. Fur­ther­more, the European dir­ect­ives and reg­u­la­tions grant the data sub­ject ac­cess to the fol­low­ing in­form­a­tion:

    • the pur­poses of the pro­cessing;
    • the cat­egor­ies of per­son­al data con­cerned;
    • the re­cip­i­ents or cat­egor­ies of re­cip­i­ents to whom the per­son­al data have been or will be dis­closed, in par­tic­u­lar re­cip­i­ents in third coun­tries or in­ter­na­tion­al or­gan­isa­tions;
    • where pos­sible, the en­vis­aged peri­od for which the per­son­al data will be stored, or, if not pos­sible, the cri­ter­ia used to de­term­ine that peri­od;
    • the ex­ist­ence of the right to re­quest from the con­trol­ler rec­ti­fic­a­tion or eras­ure of per­son­al data, or re­stric­tion of pro­cessing of per­son­al data con­cern­ing the data sub­ject, or to ob­ject to such pro­cessing;
    • the ex­ist­ence of the right to lodge a com­plaint with a su­per­vis­ory au­thor­ity;
    • where the per­son­al data are not col­lec­ted from the data sub­ject, any avail­able in­form­a­tion as to their source;
    • the ex­ist­ence of auto­mated de­cision-mak­ing, in­clud­ing pro­fil­ing, re­ferred to in Art­icle 22(1) and (4) of the GDPR and, at least in those cases, mean­ing­ful in­form­a­tion about the lo­gic in­volved, as well as the sig­ni­fic­ance and en­vis­aged con­sequences of such pro­cessing for the data sub­ject.

    Fur­ther­more, the data sub­ject shall have a right to ob­tain in­form­a­tion as to wheth­er per­son­al data are trans­ferred to a third coun­try or to an in­ter­na­tion­al or­gan­isa­tion. Where this is the case, the data sub­ject shall have the right to be in­formed of the ap­pro­pri­ate safe­guards re­lat­ing to the trans­fer.

    If a data sub­ject wishes to avail him­self of this right of ac­cess, he or she may, at any time, con­tact any em­ploy­ee of the con­trol­ler.

  • c) Right to rec­ti­fic­a­tion

    Each data sub­ject shall have the right gran­ted by the European le­gis­lat­or to ob­tain from the con­trol­ler without un­due delay the rec­ti­fic­a­tion of in­ac­cur­ate per­son­al data con­cern­ing him or her. Tak­ing in­to ac­count the pur­poses of the pro­cessing, the data sub­ject shall have the right to have in­com­plete per­son­al data com­pleted, in­clud­ing by means of provid­ing a sup­ple­ment­ary state­ment.

    If a data sub­ject wishes to ex­er­cise this right to rec­ti­fic­a­tion, he or she may, at any time, con­tact any em­ploy­ee of the con­trol­ler.

  • d) Right to eras­ure (Right to be for­got­ten)

    Each data sub­ject shall have the right gran­ted by the European le­gis­lat­or to ob­tain from the con­trol­ler the eras­ure of per­son­al data con­cern­ing him or her without un­due delay, and the con­trol­ler shall have the ob­lig­a­tion to erase per­son­al data without un­due delay where one of the fol­low­ing grounds ap­plies, as long as the pro­cessing is not ne­ces­sary:

    • The per­son­al data are no longer ne­ces­sary in re­la­tion to the pur­poses for which they were col­lec­ted or oth­er­wise pro­cessed.
    • The data sub­ject with­draws con­sent to which the pro­cessing is based ac­cord­ing to point (a) of Art­icle 6(1) of the GDPR, or point (a) of Art­icle 9(2) of the GDPR, and where there is no oth­er leg­al ground for the pro­cessing.
    • The data sub­ject ob­jects to the pro­cessing pur­su­ant to Art­icle 21(1) of the GDPR and there are no over­rid­ing le­git­im­ate grounds for the pro­cessing, or the data sub­ject ob­jects to the pro­cessing pur­su­ant to Art­icle 21(2) of the GDPR.
    • The per­son­al data have been un­law­fully pro­cessed.
    • The per­son­al data must be erased for com­pli­ance with a leg­al ob­lig­a­tion in Uni­on or Mem­ber State law to which the con­trol­ler is sub­ject.
    • The per­son­al data have been col­lec­ted in re­la­tion to the of­fer of in­form­a­tion so­ci­ety ser­vices re­ferred to in Art­icle 8(1) of the GDPR.

    If one of the afore­men­tioned reas­ons ap­plies, and a data sub­ject wishes to re­quest the eras­ure of per­son­al data stored by the CoIn­vest Cor­por­ate Fin­ance GmbH, he or she may, at any time, con­tact any em­ploy­ee of the con­trol­ler. An em­ploy­ee of CoIn­vest Cor­por­ate Fin­ance GmbH shall promptly en­sure that the eras­ure re­quest is com­plied with im­me­di­ately.

    Where the con­trol­ler has made per­son­al data pub­lic and is ob­liged pur­su­ant to Art­icle 17(1) to erase the per­son­al data, the con­trol­ler, tak­ing ac­count of avail­able tech­no­logy and the cost of im­ple­ment­a­tion, shall take reas­on­able steps, in­clud­ing tech­nic­al meas­ures, to in­form oth­er con­trol­lers pro­cessing the per­son­al data that the data sub­ject has re­ques­ted eras­ure by such con­trol­lers of any links to, or copy or rep­lic­a­tion of, those per­son­al data, as far as pro­cessing is not re­quired. An em­ploy­ees of the CoIn­vest Cor­por­ate Fin­ance GmbH will ar­range the ne­ces­sary meas­ures in in­di­vidu­al cases.

  • e) Right of re­stric­tion of pro­cessing

    Each data sub­ject shall have the right gran­ted by the European le­gis­lat­or to ob­tain from the con­trol­ler re­stric­tion of pro­cessing where one of the fol­low­ing ap­plies:

    • The ac­cur­acy of the per­son­al data is con­tested by the data sub­ject, for a peri­od en­abling the con­trol­ler to veri­fy the ac­cur­acy of the per­son­al data.
    • The pro­cessing is un­law­ful and the data sub­ject op­poses the eras­ure of the per­son­al data and re­quests in­stead the re­stric­tion of their use in­stead.
    • The con­trol­ler no longer needs the per­son­al data for the pur­poses of the pro­cessing, but they are re­quired by the data sub­ject for the es­tab­lish­ment, ex­er­cise or de­fence of leg­al claims.
    • The data sub­ject has ob­jec­ted to pro­cessing pur­su­ant to Art­icle 21(1) of the GDPR pending the veri­fic­a­tion wheth­er the le­git­im­ate grounds of the con­trol­ler over­ride those of the data sub­ject.

    If one of the afore­men­tioned con­di­tions is met, and a data sub­ject wishes to re­quest the re­stric­tion of the pro­cessing of per­son­al data stored by the CoIn­vest Cor­por­ate Fin­ance GmbH, he or she may at any time con­tact any em­ploy­ee of the con­trol­ler. The em­ploy­ee of the CoIn­vest Cor­por­ate Fin­ance GmbH will ar­range the re­stric­tion of the pro­cessing.

  • f) Right to data port­ab­il­ity

    Each data sub­ject shall have the right gran­ted by the European le­gis­lat­or, to re­ceive the per­son­al data con­cern­ing him or her, which was provided to a con­trol­ler, in a struc­tured, com­monly used and ma­chine-read­able format. He or she shall have the right to trans­mit those data to an­oth­er con­trol­ler without hindrance from the con­trol­ler to which the per­son­al data have been provided, as long as the pro­cessing is based on con­sent pur­su­ant to point (a) of Art­icle 6(1) of the GDPR or point (a) of Art­icle 9(2) of the GDPR, or on a con­tract pur­su­ant to point (b) of Art­icle 6(1) of the GDPR, and the pro­cessing is car­ried out by auto­mated means, as long as the pro­cessing is not ne­ces­sary for the per­form­ance of a task car­ried out in the pub­lic in­terest or in the ex­er­cise of of­fi­cial au­thor­ity ves­ted in the con­trol­ler.

    Fur­ther­more, in ex­er­cising his or her right to data port­ab­il­ity pur­su­ant to Art­icle 20(1) of the GDPR, the data sub­ject shall have the right to have per­son­al data trans­mit­ted dir­ectly from one con­trol­ler to an­oth­er, where tech­nic­ally feas­ible and when do­ing so does not ad­versely af­fect the rights and freedoms of oth­ers.

    In or­der to as­sert the right to data port­ab­il­ity, the data sub­ject may at any time con­tact any em­ploy­ee of the CoIn­vest Cor­por­ate Fin­ance GmbH.

  • g) Right to ob­ject

    Each data sub­ject shall have the right gran­ted by the European le­gis­lat­or to ob­ject, on grounds re­lat­ing to his or her par­tic­u­lar situ­ation, at any time, to pro­cessing of per­son­al data con­cern­ing him or her, which is based on point (e) or (f) of Art­icle 6(1) of the GDPR. This also ap­plies to pro­fil­ing based on these pro­vi­sions.

    The CoIn­vest Cor­por­ate Fin­ance GmbH shall no longer pro­cess the per­son­al data in the event of the ob­jec­tion, un­less we can demon­strate com­pel­ling le­git­im­ate grounds for the pro­cessing which over­ride the in­terests, rights and freedoms of the data sub­ject, or for the es­tab­lish­ment, ex­er­cise or de­fence of leg­al claims.

    If the CoIn­vest Cor­por­ate Fin­ance GmbH pro­cesses per­son­al data for dir­ect mar­ket­ing pur­poses, the data sub­ject shall have the right to ob­ject at any time to pro­cessing of per­son­al data con­cern­ing him or her for such mar­ket­ing. This ap­plies to pro­fil­ing to the ex­tent that it is re­lated to such dir­ect mar­ket­ing. If the data sub­ject ob­jects to the CoIn­vest Cor­por­ate Fin­ance GmbH to the pro­cessing for dir­ect mar­ket­ing pur­poses, the CoIn­vest Cor­por­ate Fin­ance GmbH will no longer pro­cess the per­son­al data for these pur­poses.

    In ad­di­tion, the data sub­ject has the right, on grounds re­lat­ing to his or her par­tic­u­lar situ­ation, to ob­ject to pro­cessing of per­son­al data con­cern­ing him or her by the CoIn­vest Cor­por­ate Fin­ance GmbH for sci­entif­ic or his­tor­ic­al re­search pur­poses, or for stat­ist­ic­al pur­poses pur­su­ant to Art­icle 89(1) of the GDPR, un­less the pro­cessing is ne­ces­sary for the per­form­ance of a task car­ried out for reas­ons of pub­lic in­terest.

    In or­der to ex­er­cise the right to ob­ject, the data sub­ject may con­tact any em­ploy­ee of the CoIn­vest Cor­por­ate Fin­ance GmbH. In ad­di­tion, the data sub­ject is free in the con­text of the use of in­form­a­tion so­ci­ety ser­vices, and not­with­stand­ing Dir­ect­ive 2002/58/EC, to use his or her right to ob­ject by auto­mated means us­ing tech­nic­al spe­cific­a­tions.

  • h) Auto­mated in­di­vidu­al de­cision-mak­ing, in­clud­ing pro­fil­ing

    Each data sub­ject shall have the right gran­ted by the European le­gis­lat­or not to be sub­ject to a de­cision based solely on auto­mated pro­cessing, in­clud­ing pro­fil­ing, which pro­duces leg­al ef­fects con­cern­ing him or her, or sim­il­arly sig­ni­fic­antly af­fects him or her, as long as the de­cision (1) is not is ne­ces­sary for en­ter­ing in­to, or the per­form­ance of, a con­tract between the data sub­ject and a data con­trol­ler, or (2) is not au­thor­ised by Uni­on or Mem­ber State law to which the con­trol­ler is sub­ject and which also lays down suit­able meas­ures to safe­guard the data sub­ject’s rights and freedoms and le­git­im­ate in­terests, or (3) is not based on the data sub­ject’s ex­pli­cit con­sent.

    If the de­cision (1) is ne­ces­sary for en­ter­ing in­to, or the per­form­ance of, a con­tract between the data sub­ject and a data con­trol­ler, or (2) it is based on the data sub­ject’s ex­pli­cit con­sent, the CoIn­vest Cor­por­ate Fin­ance GmbH shall im­ple­ment suit­able meas­ures to safe­guard the data sub­ject’s rights and freedoms and le­git­im­ate in­terests, at least the right to ob­tain hu­man in­ter­ven­tion on the part of the con­trol­ler, to ex­press his or her point of view and con­test the de­cision.

    If the data sub­ject wishes to ex­er­cise the rights con­cern­ing auto­mated in­di­vidu­al de­cision-mak­ing, he or she may, at any time, con­tact any em­ploy­ee of the CoIn­vest Cor­por­ate Fin­ance GmbH.

  • i) Right to with­draw data pro­tec­tion con­sent

    Each data sub­ject shall have the right gran­ted by the European le­gis­lat­or to with­draw his or her con­sent to pro­cessing of his or her per­son­al data at any time.

    f the data sub­ject wishes to ex­er­cise the right to with­draw the con­sent, he or she may, at any time, con­tact any em­ploy­ee of the CoIn­vest Cor­por­ate Fin­ance GmbH.

8. Data pro­tec­tion for ap­plic­a­tions and the ap­plic­a­tion pro­ced­ures

The data con­trol­ler shall col­lect and pro­cess the per­son­al data of ap­plic­ants for the pur­pose of the pro­cessing of the ap­plic­a­tion pro­ced­ure. The pro­cessing may also be car­ried out elec­tron­ic­ally. This is the case, in par­tic­u­lar, if an ap­plic­ant sub­mits cor­res­pond­ing ap­plic­a­tion doc­u­ments by e‑mail or by means of a web form on the web­site to the con­trol­ler. If the data con­trol­ler con­cludes an em­ploy­ment con­tract with an ap­plic­ant, the sub­mit­ted data will be stored for the pur­pose of pro­cessing the em­ploy­ment re­la­tion­ship in com­pli­ance with leg­al re­quire­ments. If no em­ploy­ment con­tract is con­cluded with the ap­plic­ant by the con­trol­ler, the ap­plic­a­tion doc­u­ments shall be auto­mat­ic­ally erased two months after no­ti­fic­a­tion of the re­fus­al de­cision, provided that no oth­er le­git­im­ate in­terests of the con­trol­ler are op­posed to the eras­ure. Oth­er le­git­im­ate in­terest in this re­la­tion is, e.g. a bur­den of proof in a pro­ced­ure un­der the Gen­er­al Equal Treat­ment Act (AGG).

9. Data pro­tec­tion pro­vi­sions about the ap­plic­a­tion and use of Google Ana­lyt­ics (with an­onym­iz­a­tion func­tion)

On this web­site, the con­trol­ler has in­teg­rated the com­pon­ent of Google Ana­lyt­ics (with the an­onym­izer func­tion). Google Ana­lyt­ics is a web ana­lyt­ics ser­vice. Web ana­lyt­ics is the col­lec­tion, gath­er­ing, and ana­lys­is of data about the be­ha­vi­or of vis­it­ors to web­sites. A web ana­lys­is ser­vice col­lects, inter alia, data about the web­site from which a per­son has come (the so-called re­fer­rer), which sub-pages were vis­ited, or how of­ten and for what dur­a­tion a sub-page was viewed. Web ana­lyt­ics are mainly used for the op­tim­iz­a­tion of a web­site and in or­der to carry out a cost-be­ne­fit ana­lys­is of In­ter­net ad­vert­ising.

The op­er­at­or of the Google Ana­lyt­ics com­pon­ent is Google Inc., 1600 Am­phi­theatre Pkwy, Moun­tain View, CA 94043–1351, United States.

For the web ana­lyt­ics through Google Ana­lyt­ics the con­trol­ler uses the ap­plic­a­tion “_gat. _anonymizeIp”. By means of this ap­plic­a­tion the IP ad­dress of the In­ter­net con­nec­tion of the data sub­ject is abridged by Google and an­onymised when ac­cess­ing our web­sites from a Mem­ber State of the European Uni­on or an­oth­er Con­tract­ing State to the Agree­ment on the European Eco­nom­ic Area.

The pur­pose of the Google Ana­lyt­ics com­pon­ent is to ana­lyze the traffic on our web­site. Google uses the col­lec­ted data and in­form­a­tion, inter alia, to eval­u­ate the use of our web­site and to provide on­line re­ports, which show the activ­it­ies on our web­sites, and to provide oth­er ser­vices con­cern­ing the use of our In­ter­net site for us.

Google Ana­lyt­ics places a cook­ie on the in­form­a­tion tech­no­logy sys­tem of the data sub­ject. The defin­i­tion of cook­ies is ex­plained above. With the set­ting of the cook­ie, Google is en­abled to ana­lyze the use of our web­site. With each call-up to one of the in­di­vidu­al pages of this In­ter­net site, which is op­er­ated by the con­trol­ler and in­to which a Google Ana­lyt­ics com­pon­ent was in­teg­rated, the In­ter­net browser on the in­form­a­tion tech­no­logy sys­tem of the data sub­ject will auto­mat­ic­ally sub­mit data through the Google Ana­lyt­ics com­pon­ent for the pur­pose of on­line ad­vert­ising and the set­tle­ment of com­mis­sions to Google. Dur­ing the course of this tech­nic­al pro­ced­ure, the en­ter­prise Google gains know­ledge of per­son­al in­form­a­tion, such as the IP ad­dress of the data sub­ject, which serves Google, inter alia, to un­der­stand the ori­gin of vis­it­ors and clicks, and sub­sequently cre­ate com­mis­sion set­tle­ments.

The cook­ie is used to store per­son­al in­form­a­tion, such as the ac­cess time, the loc­a­tion from which the ac­cess was made, and the fre­quency of vis­its of our web­site by the data sub­ject. With each vis­it to our In­ter­net site, such per­son­al data, in­clud­ing the IP ad­dress of the In­ter­net ac­cess used by the data sub­ject, will be trans­mit­ted to Google in the United States of Amer­ica. These per­son­al data are stored by Google in the United States of Amer­ica. Google may pass these per­son­al data col­lec­ted through the tech­nic­al pro­ced­ure to third parties.

The data sub­ject may, as stated above, pre­vent the set­ting of cook­ies through our web­site at any time by means of a cor­res­pond­ing ad­just­ment of the web browser used and thus per­man­ently deny the set­ting of cook­ies. Such an ad­just­ment to the In­ter­net browser used would also pre­vent Google Ana­lyt­ics from set­ting a cook­ie on the in­form­a­tion tech­no­logy sys­tem of the data sub­ject. In ad­di­tion, cook­ies already in use by Google Ana­lyt­ics may be de­leted at any time via a web browser or oth­er soft­ware pro­grams.

In ad­di­tion, the data sub­ject has the pos­sib­il­ity of ob­ject­ing to a col­lec­tion of data that are gen­er­ated by Google Ana­lyt­ics, which is re­lated to the use of this web­site, as well as the pro­cessing of this data by Google and the chance to pre­clude any such. For this pur­pose, the data sub­ject must down­load a browser add-on un­der the link https://tools.google.com/dlpage/gaoptout and in­stall it. This browser add-on tells Google Ana­lyt­ics through a JavaS­cript, that any data and in­form­a­tion about the vis­its of In­ter­net pages may not be trans­mit­ted to Google Ana­lyt­ics. The in­stall­a­tion of the browser add-ons is con­sidered an ob­jec­tion by Google. If the in­form­a­tion tech­no­logy sys­tem of the data sub­ject is later de­leted, format­ted, or newly in­stalled, then the data sub­ject must re­in­stall the browser add-ons to dis­able Google Ana­lyt­ics. If the browser add-on was un­in­stalled by the data sub­ject or any oth­er per­son who is at­trib­ut­able to their sphere of com­pet­ence, or is dis­abled, it is pos­sible to ex­ecute the re­in­stall­a­tion or re­act­iv­a­tion of the browser add-ons.

Fur­ther in­form­a­tion and the ap­plic­able data pro­tec­tion pro­vi­sions of Google may be re­trieved un­der https://www.google.com/intl/en/policies/privacy/ and un­der http://www.google.com/analytics/terms/us.html. Google Ana­lyt­ics is fur­ther ex­plained un­der the fol­low­ing Link https://www.google.com/analytics/.

10. Data pro­tec­tion pro­vi­sions about the ap­plic­a­tion and use of Linked­In

The con­trol­ler has in­teg­rated com­pon­ents of the Linked­In Cor­por­a­tion on this web­site. Linked­In is a web-based so­cial net­work that en­ables users with ex­ist­ing busi­ness con­tacts to con­nect and to make new busi­ness con­tacts. Over 400 mil­lion re­gistered people in more than 200 coun­tries use Linked­In. Thus, Linked­In is cur­rently the largest plat­form for busi­ness con­tacts and one of the most vis­ited web­sites in the world.

The op­er­at­ing com­pany of Linked­In is Linked­In Cor­por­a­tion, 2029 Sti­er­lin Court Moun­tain View, CA 94043, UNITED STATES. For pri­vacy mat­ters out­side of the UNITED STATES Linked­In Ire­land, Pri­vacy Policy Is­sues, Wilton Plaza, Wilton Place, Dub­lin 2, Ire­land, is re­spons­ible.

With each call-up to one of the in­di­vidu­al pages of this In­ter­net site, which is op­er­ated by the con­trol­ler and on which a Linked­In com­pon­ent (Linked­In plug-in) was in­teg­rated, the In­ter­net browser on the in­form­a­tion tech­no­logy sys­tem of the data sub­ject is auto­mat­ic­ally promp­ted to the down­load of a dis­play of the cor­res­pond­ing Linked­In com­pon­ent of Linked­In. Fur­ther in­form­a­tion about the Linked­In plug-in may be ac­cessed un­der https://developer.linkedin.com/plugins. Dur­ing the course of this tech­nic­al pro­ced­ure, Linked­In gains know­ledge of what spe­cif­ic sub-page of our web­site was vis­ited by the data sub­ject.

If the data sub­ject is logged in at the same time on Linked­In, Linked­In de­tects with every call-up to our web­site by the data subject—and for the en­tire dur­a­tion of their stay on our In­ter­net site—which spe­cif­ic sub-page of our In­ter­net page was vis­ited by the data sub­ject. This in­form­a­tion is col­lec­ted through the Linked­In com­pon­ent and as­so­ci­ated with the re­spect­ive Linked­In ac­count of the data sub­ject. If the data sub­ject clicks on one of the Linked­In but­tons in­teg­rated on our web­site, then Linked­In as­signs this in­form­a­tion to the per­son­al Linked­In user ac­count of the data sub­ject and stores the per­son­al data.

Linked­In re­ceives in­form­a­tion via the Linked­In com­pon­ent that the data sub­ject has vis­ited our web­site, provided that the data sub­ject is logged in at Linked­In at the time of the call-up to our web­site. This oc­curs re­gard­less of wheth­er the per­son clicks on the Linked­In but­ton or not. If such a trans­mis­sion of in­form­a­tion to Linked­In is not de­sir­able for the data sub­ject, then he or she may pre­vent this by log­ging off from their Linked­In ac­count be­fore a call-up to our web­site is made.

Linked­In provides un­der https://www.linkedin.com/psettings/guest-controls the pos­sib­il­ity to un­sub­scribe from e‑mail mes­sages, SMS mes­sages and tar­geted ads, as well as the abil­ity to man­age ad set­tings. Linked­In also uses af­fil­i­ates such as Ei­re, Google Ana­lyt­ics, BlueKai, Double­Click, Nielsen, Com­score, Elo­qua, and Lot­ame. The set­ting of such cook­ies may be denied un­der https://www.linkedin.com/legal/cookie-policy. The ap­plic­able pri­vacy policy for Linked­In is avail­able un­der https://www.linkedin.com/legal/privacy-policy. The Linked­In Cook­ie Policy is avail­able un­der https://www.linkedin.com/legal/cookie-policy.

11. Data pro­tec­tion pro­vi­sions about the ap­plic­a­tion and use of Slide­Share

On this web­site, the con­trol­ler has in­teg­rated Slide­Share com­pon­ents. Linked­In Slide­Share as a file host­ing ser­vice al­lows you to ex­change and archive present­a­tions and oth­er doc­u­ments, such as PDF files, videos, and we­binars. The file host­ing ser­vice al­lows users to up­load me­dia con­tent in all pop­u­lar formats, with the doc­u­ments either pub­licly-ac­cess­ible or private-labeled.

The op­er­at­ing com­pany of Slide­Share is Linked­In Cor­por­a­tion, 2029 Sti­er­lin Court Moun­tain View, CA 94043, United States. For pri­vacy mat­ters out­side of the United States the Linked­In Ire­land, Pri­vacy Policy Is­sues, Wilton Plaza, Wilton Place, Dub­lin 2, Ire­land, is re­spons­ible.

Linked­In Slide­Share provides so-called em­bed­ded codes for the me­dia con­tent (e.g. present­a­tions, PDF files, videos, pho­tos, etc.) stored there. Em­bed­ded codes are pro­gram codes that are em­bed­ded in the In­ter­net pages to dis­play ex­tern­al con­tent on their own web­site. Em­bed­ded codes al­low con­tent to be re­pro­duced on its own web­site without stor­ing it on its own serv­er, pos­sibly vi­ol­at­ing the right of re­pro­duc­tion of the re­spect­ive au­thor of the con­tent. A fur­ther ad­vant­age of the use of an em­bed­ded code is that the re­spect­ive op­er­at­or of a web­site does not use its own stor­age space and the own serv­er is thereby re­lieved. An em­bed­ded code may be in­teg­rated at any point on an­oth­er web­site so that an ex­tern­al con­tent may also be in­ser­ted with­in the own text. The pur­pose of us­ing Linked­In Slide­Share is to re­lieve our serv­er and to avoid copy­right in­fringe­ments, while at the same time us­ing third-party con­tent.

With each call-up to our In­ter­net site, which is equipped with a Slide­Share com­pon­ent (em­bed­ded code), this com­pon­ent prompts the browser that you are us­ing to down­load the ac­cord­ing em­bed­ded data from Slide­Share. Dur­ing the course of this tech­nic­al pro­ced­ure, Linked­In gains know­ledge of which spe­cif­ic sub-page of our web­site is vis­ited by the data sub­ject.

If the data sub­ject is logged in on Slide­Share at the same time, Slide­Share re­cog­nizes with each call-up to our web­site by the data sub­ject and for the en­tire dur­a­tion of their stay on our In­ter­net site which spe­cif­ic sub-page was vis­ited by the data sub­ject. This in­form­a­tion is col­lec­ted by Slide­Share and as­signed to the re­spect­ive Slide­Share ac­count of the data sub­ject through Linked­In.

Linked­In ob­tains in­form­a­tion via the Slide­Share com­pon­ent that the data sub­ject has vis­ited our web­site, provided that the data sub­ject is logged in at Slide­Share at the time of the call-up to our web­site. This oc­curs re­gard­less of wheth­er the per­son clicks on the em­bed­ded me­dia data or not. If such a trans­mis­sion of in­form­a­tion to Slide­Share is not de­sir­able for the data sub­ject, then he or she may pre­vent this by log­ging off from their Slide­Share ac­count be­fore a call-up to our web­site is made.

Linked­In also uses af­fil­i­ates such as Ei­re, Google Ana­lyt­ics, BlueKai, Double­Click, Nielsen, Com­score, Elo­qua, and Lot­ame. The set­ting of such cook­ies may be denied un­der https://www.linkedin.com/legal/cookie-policy. The ap­plic­able data pro­tec­tion pro­vi­sions for Linked­In is avail­able un­der https://www.linkedin.com/legal/privacy-policy.

12. Data pro­tec­tion pro­vi­sions about the ap­plic­a­tion and use of Twit­ter

On this web­site, the con­trol­ler has in­teg­rated com­pon­ents of Twit­ter. Twit­ter is a mul­ti­lin­gual, pub­licly-ac­cess­ible mi­crob­log­ging ser­vice on which users may pub­lish and spread so-called ‘tweets,’ e.g. short mes­sages, which are lim­ited to 140 char­ac­ters. These short mes­sages are avail­able for every­one, in­clud­ing those who are not logged on to Twit­ter. The tweets are also dis­played to so-called fol­low­ers of the re­spect­ive user. Fol­low­ers are oth­er Twit­ter users who fol­low a user­’s tweets. Fur­ther­more, Twit­ter al­lows you to ad­dress a wide audi­ence via hasht­ags, links or retweets.

The op­er­at­ing com­pany of Twit­ter is Twit­ter, Inc., 1355 Mar­ket Street, Suite 900, San Fran­cisco, CA 94103, UNITED STATES.

With each call-up to one of the in­di­vidu­al pages of this In­ter­net site, which is op­er­ated by the con­trol­ler and on which a Twit­ter com­pon­ent (Twit­ter but­ton) was in­teg­rated, the In­ter­net browser on the in­form­a­tion tech­no­logy sys­tem of the data sub­ject is auto­mat­ic­ally promp­ted to down­load a dis­play of the cor­res­pond­ing Twit­ter com­pon­ent of Twit­ter. Fur­ther in­form­a­tion about the Twit­ter but­tons is avail­able un­der https://about.twitter.com/de/resources/buttons. Dur­ing the course of this tech­nic­al pro­ced­ure, Twit­ter gains know­ledge of what spe­cif­ic sub-page of our web­site was vis­ited by the data sub­ject. The pur­pose of the in­teg­ra­tion of the Twit­ter com­pon­ent is a re­trans­mis­sion of the con­tents of this web­site to al­low our users to in­tro­duce this web page to the di­git­al world and in­crease our vis­it­or num­bers.

If the data sub­ject is logged in at the same time on Twit­ter, Twit­ter de­tects with every call-up to our web­site by the data sub­ject and for the en­tire dur­a­tion of their stay on our In­ter­net site which spe­cif­ic sub-page of our In­ter­net page was vis­ited by the data sub­ject. This in­form­a­tion is col­lec­ted through the Twit­ter com­pon­ent and as­so­ci­ated with the re­spect­ive Twit­ter ac­count of the data sub­ject. If the data sub­ject clicks on one of the Twit­ter but­tons in­teg­rated on our web­site, then Twit­ter as­signs this in­form­a­tion to the per­son­al Twit­ter user ac­count of the data sub­ject and stores the per­son­al data.

Twit­ter re­ceives in­form­a­tion via the Twit­ter com­pon­ent that the data sub­ject has vis­ited our web­site, provided that the data sub­ject is logged in on Twit­ter at the time of the call-up to our web­site. This oc­curs re­gard­less of wheth­er the per­son clicks on the Twit­ter com­pon­ent or not. If such a trans­mis­sion of in­form­a­tion to Twit­ter is not de­sir­able for the data sub­ject, then he or she may pre­vent this by log­ging off from their Twit­ter ac­count be­fore a call-up to our web­site is made.

The ap­plic­able data pro­tec­tion pro­vi­sions of Twit­ter may be ac­cessed un­der https://twitter.com/privacy?lang=en.

13. Data pro­tec­tion pro­vi­sions about the ap­plic­a­tion and use of Xing

On this web­site, the con­trol­ler has in­teg­rated com­pon­ents of XING. XING is an In­ter­net-based so­cial net­work that en­ables users to con­nect with ex­ist­ing busi­ness con­tacts and to cre­ate new busi­ness con­tacts. The in­di­vidu­al users can cre­ate a per­son­al pro­file of them­selves at XING. Com­pan­ies may, e.g. cre­ate com­pany pro­files or pub­lish jobs on XING.

The op­er­at­ing com­pany of XING is XING SE, Dam­mt­or­straße 30, 20354 Ham­burg, Ger­many.

With each call-up to one of the in­di­vidu­al pages of this In­ter­net site, which is op­er­ated by the con­trol­ler and on which a XING com­pon­ent (XING plug-in) was in­teg­rated, the In­ter­net browser on the in­form­a­tion tech­no­logy sys­tem of the data sub­ject is auto­mat­ic­ally promp­ted to down­load a dis­play of the cor­res­pond­ing XING com­pon­ent of XING. Fur­ther in­form­a­tion about the XING plug-in the may be ac­cessed un­der https://dev.xing.com/plugins. Dur­ing the course of this tech­nic­al pro­ced­ure, XING gains know­ledge of what spe­cif­ic sub-page of our web­site was vis­ited by the data sub­ject.

If the data sub­ject is logged in at the same time on XING, XING de­tects with every call-up to our web­site by the data subject—and for the en­tire dur­a­tion of their stay on our In­ter­net site—which spe­cif­ic sub-page of our In­ter­net page was vis­ited by the data sub­ject. This in­form­a­tion is col­lec­ted through the XING com­pon­ent and as­so­ci­ated with the re­spect­ive XING ac­count of the data sub­ject. If the data sub­ject clicks on the XING but­ton in­teg­rated on our In­ter­net site, e.g. the “Share”-button, then XING as­signs this in­form­a­tion to the per­son­al XING user ac­count of the data sub­ject and stores the per­son­al data.

XING re­ceives in­form­a­tion via the XING com­pon­ent that the data sub­ject has vis­ited our web­site, provided that the data sub­ject is logged in at XING at the time of the call to our web­site. This oc­curs re­gard­less of wheth­er the per­son clicks on the XING com­pon­ent or not. If such a trans­mis­sion of in­form­a­tion to XING is not de­sir­able for the data sub­ject, then he or she can pre­vent this by log­ging off from their XING ac­count be­fore a call-up to our web­site is made.

The data pro­tec­tion pro­vi­sions pub­lished by XING, which is avail­able un­der https://www.xing.com/privacy, provide in­form­a­tion on the col­lec­tion, pro­cessing and use of per­son­al data by XING. In ad­di­tion, XING has pub­lished pri­vacy no­tices for the XING share but­ton un­der https://www.xing.com/app/share?op=data_protection.

14. Data pro­tec­tion pro­vi­sions about the ap­plic­a­tion and use of You­Tube

On this web­site, the con­trol­ler has in­teg­rated com­pon­ents of You­Tube. You­Tube is an In­ter­net video portal that en­ables video pub­lish­ers to set video clips and oth­er users free of charge, which also provides free view­ing, re­view and com­ment­ing on them. You­Tube al­lows you to pub­lish all kinds of videos, so you can ac­cess both full movies and TV broad­casts, as well as mu­sic videos, trail­ers, and videos made by users via the In­ter­net portal.

The op­er­at­ing com­pany of You­Tube is You­Tube, LLC, 901 Cherry Ave., San Bruno, CA 94066, UNITED STATES. The You­Tube, LLC is a sub­si­di­ary of Google Inc., 1600 Am­phi­theatre Pkwy, Moun­tain View, CA 94043–1351, UNITED STATES.

With each call-up to one of the in­di­vidu­al pages of this In­ter­net site, which is op­er­ated by the con­trol­ler and on which a You­Tube com­pon­ent (You­Tube video) was in­teg­rated, the In­ter­net browser on the in­form­a­tion tech­no­logy sys­tem of the data sub­ject is auto­mat­ic­ally promp­ted to down­load a dis­play of the cor­res­pond­ing You­Tube com­pon­ent. Fur­ther in­form­a­tion about You­Tube may be ob­tained un­der https://www.youtube.com/yt/about/en/. Dur­ing the course of this tech­nic­al pro­ced­ure, You­Tube and Google gain know­ledge of what spe­cif­ic sub-page of our web­site was vis­ited by the data sub­ject.

If the data sub­ject is logged in on You­Tube, You­Tube re­cog­nizes with each call-up to a sub-page that con­tains a You­Tube video, which spe­cif­ic sub-page of our In­ter­net site was vis­ited by the data sub­ject. This in­form­a­tion is col­lec­ted by You­Tube and Google and as­signed to the re­spect­ive You­Tube ac­count of the data sub­ject.

You­Tube and Google will re­ceive in­form­a­tion through the You­Tube com­pon­ent that the data sub­ject has vis­ited our web­site, if the data sub­ject at the time of the call to our web­site is logged in on You­Tube; this oc­curs re­gard­less of wheth­er the per­son clicks on a You­Tube video or not. If such a trans­mis­sion of this in­form­a­tion to You­Tube and Google is not de­sir­able for the data sub­ject, the de­liv­ery may be pre­ven­ted if the data sub­ject logs off from their own You­Tube ac­count be­fore a call-up to our web­site is made.

You­Tube’s data pro­tec­tion pro­vi­sions, avail­able at https://www.google.com/intl/en/policies/privacy/, provide in­form­a­tion about the col­lec­tion, pro­cessing and use of per­son­al data by You­Tube and Google.

15. Leg­al basis for the pro­cessing

Art. 6(1) lit. a GDPR serves as the leg­al basis for pro­cessing op­er­a­tions for which we ob­tain con­sent for a spe­cif­ic pro­cessing pur­pose. If the pro­cessing of per­son­al data is ne­ces­sary for the per­form­ance of a con­tract to which the data sub­ject is party, as is the case, for ex­ample, when pro­cessing op­er­a­tions are ne­ces­sary for the sup­ply of goods or to provide any oth­er ser­vice, the pro­cessing is based on Art­icle 6(1) lit. b GDPR. The same ap­plies to such pro­cessing op­er­a­tions which are ne­ces­sary for car­ry­ing out pre-con­trac­tu­al meas­ures, for ex­ample in the case of in­quir­ies con­cern­ing our products or ser­vices. Is our com­pany sub­ject to a leg­al ob­lig­a­tion by which pro­cessing of per­son­al data is re­quired, such as for the ful­fill­ment of tax ob­lig­a­tions, the pro­cessing is based on Art. 6(1) lit. c GDPR.
In rare cases, the pro­cessing of per­son­al data may be ne­ces­sary to pro­tect the vi­tal in­terests of the data sub­ject or of an­oth­er nat­ur­al per­son. This would be the case, for ex­ample, if a vis­it­or were in­jured in our com­pany and his name, age, health in­sur­ance data or oth­er vi­tal in­form­a­tion would have to be passed on to a doc­tor, hos­pit­al or oth­er third party. Then the pro­cessing would be based on Art. 6(1) lit. d GDPR.
Fi­nally, pro­cessing op­er­a­tions could be based on Art­icle 6(1) lit. f GDPR. This leg­al basis is used for pro­cessing op­er­a­tions which are not covered by any of the above­men­tioned leg­al grounds, if pro­cessing is ne­ces­sary for the pur­poses of the le­git­im­ate in­terests pur­sued by our com­pany or by a third party, ex­cept where such in­terests are over­rid­den by the in­terests or fun­da­ment­al rights and freedoms of the data sub­ject which re­quire pro­tec­tion of per­son­al data. Such pro­cessing op­er­a­tions are par­tic­u­larly per­miss­ible be­cause they have been spe­cific­ally men­tioned by the European le­gis­lat­or. He con­sidered that a le­git­im­ate in­terest could be as­sumed if the data sub­ject is a cli­ent of the con­trol­ler (Re­cit­al 47 Sen­tence 2 GDPR).

16. The le­git­im­ate in­terests pur­sued by the con­trol­ler or by a third party

Where the pro­cessing of per­son­al data is based on Art­icle 6(1) lit. f GDPR our le­git­im­ate in­terest is to carry out our busi­ness in fa­vor of the well-be­ing of all our em­ploy­ees and the share­hold­ers.

17. Peri­od for which the per­son­al data will be stored

The cri­ter­ia used to de­term­ine the peri­od of stor­age of per­son­al data is the re­spect­ive stat­utory re­ten­tion peri­od. After ex­pir­a­tion of that peri­od, the cor­res­pond­ing data is routinely de­leted, as long as it is no longer ne­ces­sary for the ful­fill­ment of the con­tract or the ini­ti­ation of a con­tract.

18. Pro­vi­sion of per­son­al data as stat­utory or con­trac­tu­al re­quire­ment; Re­quire­ment ne­ces­sary to enter in­to a con­tract; Ob­lig­a­tion of the data sub­ject to provide the per­son­al data; pos­sible con­sequences of fail­ure to provide such data

We cla­ri­fy that the pro­vi­sion of per­son­al data is partly re­quired by law (e.g. tax reg­u­la­tions) or can also res­ult from con­trac­tu­al pro­vi­sions (e.g. in­form­a­tion on the con­trac­tu­al part­ner).

Some­times it may be ne­ces­sary to con­clude a con­tract that the data sub­ject provides us with per­son­al data, which must sub­sequently be pro­cessed by us. The data sub­ject is, for ex­ample, ob­liged to provide us with per­son­al data when our com­pany signs a con­tract with him or her. The non-pro­vi­sion of the per­son­al data would have the con­sequence that the con­tract with the data sub­ject could not be con­cluded.

Be­fore per­son­al data is provided by the data sub­ject, the data sub­ject must con­tact any em­ploy­ee. The em­ploy­ee cla­ri­fies to the data sub­ject wheth­er the pro­vi­sion of the per­son­al data is re­quired by law or con­tract or is ne­ces­sary for the con­clu­sion of the con­tract, wheth­er there is an ob­lig­a­tion to provide the per­son­al data and the con­sequences of non-pro­vi­sion of the per­son­al data.

19. Ex­ist­ence of auto­mated de­cision-mak­ing

As a re­spons­ible com­pany, we do not use auto­mat­ic de­cision-mak­ing or pro­fil­ing.