The protection of your personal data is important to us
We strictly follow the provisions of the applicable data protection laws, particularly the EU General Data Protection Regulation (EU-GDPR) and the German Federal Protection Act (BDSG), as well as this data protection declaration. We only process our users’ personal data insofar as this is necessary for the provision of a functioning website as well as our content, services, offers, etc.
Personal data refers to any information relating to an identified or identifiable natural person.
The data protection declaration provides an overview of which personal data are processed and for what purposes: Furthermore, this data protection declaration describes how we ensure the security of your personal data.
1. Controller name and contact information
The data protection information applies to data processed by:
ETI experts GmbH
Amsterdamer Straße 133 b
50735 Cologne, Germany
Phone: +49 221 285401-0
Fax: +49 221 285401-70
2. Data protection officer contact information
Phone: +49 (0)221 474540
Fax: +49 (0)221 47454240
3. Collection and storage of personal data; type and purpose of use
a) When accessing our website
You can access our website www.eti-experts.de without having to share personal data (who you are).
When using our website for informational purposes only, i.e. without registering or otherwise transmitting information to us, we only collect the personal data transmitted to our server by your browser. When our website www.eti-experts.de is accessed, the browser used on your device automatically transmits information to our website server. This information is temporarily stored in a so-called log file. The following information is collected without intervention from you and stored until automatically erased:
- IP address of the enquiring computer,
- Date and time of access,
- Name and URL of the file retrieved,
- Website initiating the access (referrer URL),
- Browser used and, where applicable, the operating system of your computer and the name of your access provider, language, and browser version software
The data specified are processed by us for the following purposes:
- Ensuring smooth connection to the website,
- Ensuring convenient use of our website,
- Analysing system security and stability, as well as
- for additional administrative purposes.
The legal basis for data processing is Art. 6 Para. 1 S. 1 lit. f) EU-GDPR. Our legitimate interest arises from the above purposes of data collection. The data collected will never be used to draw conclusions about you.
b) When using our contact form
We provide a contact form on our website that enables you to submit questions, remarks, comments, etc. Using the form requires you to provide your email address and name to let us know who to respond to; any other information is disclosed voluntarily.
The legal basis for data processing is your voluntarily consent (Art. 6 Para. 1 S. 1 lit. a) EU-GDPR).
Personal data collected for use in the contact form are deleted after processing your enquiry.
4. Transmission of data to third parties
Your personal data will not be transmitted to third parties for purposes other than those specified below. Your personal data are especially not transferred to third-parties without your explicit consent, e.g. for advertising purposes.
We only share your personal data with third parties, if:
- We have your explicit consent according to Art. 6 Para. 1 S. 1 lit. a) EU-GDPR;
- it is lawful and necessary for the performance of our contract according to Art. 6 Para. 1 S. 1 lit. b) EU-GDPR, e.g. transfers to banks for handling contractually agreed payments, to logistics and shipping companies for purposes of transporting goods including tracking, for non-fulfillment of contractually agreed-upon payments for purposes of law enforcement to lawyers and legal services companies;
- in the event there is a statutory obligation for the transfer in accordance with Art. 6 Para. 1 S. 1 lit. c) EU-GDPR; and
- the transfer is necessary to assert, exercise, or defend legal claims in accordance with Art. 6 Para. 1 S. 1 lit. f) of the EU-GDPR and there is no reason to assume you have an overriding legitimate interest in not transferring your data.
Information related to the specific device used is saved to the cookie. However, this does not mean it provides us with direct knowledge concerning your identity.
One purpose of the cookies is to make our website easier for you to use. We use so-called session cookies to recognise that you have already visited individual pages on our website. These are automatically erased after leaving our website.
To optimise the user-friendliness of our website we also use temporary cookies, which are saved to your device for a specific period. If you revisit our website to use our services, the website will automatically recognise that you are a repeat visitor, as well as your input and settings, preventing you from having to re-enter them.
The data processed by cookies are required for the purposes specified and to protect our legitimate interests and those of others in accordance with Art. 6 Para. 1 S. 1 lit. f) EU-GDPR.
Most browsers accept cookies automatically. However, you can configure your browser to prevent cookies from being saved to your computer or to always be notified before a new cookie is added. However, blocking all cookies may prevent you from using all functions of our website.
6. Google Captcha
Our website uses “Google reCAPTCHA” (hereinafter “reCAPTCHA”). This service is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). With reCAPTCHA, we check whether the data were entered on our websites (e.g. in contact form) by an automated program or by a person. Through reCAPTCHA, the behaviour of website visitors is analysed through various characteristics. This analysis starts as soon as you have consented to our data protection declaration. For the analysis, reCAPTCHA evaluates different information (e.g. IP address, mouse activity made by the user or the lingering of the website visitor on the website). The data recorded in the context of the analysis are forwarded to Google. The reCAPTCHA analysis runs completely in the background. Website visitors are not notified that the analysis is ongoing. Data processing is based on saving “conversion cookies” is Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting his/her websites from SPAM, as well as from improper automatic spying. Additional information about Google reCAPTCHA and Google’s data protection declaration can be found under the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.
7. Retention period and data erasure
Your personal data are deleted once they are no longer required for the purposes for which they were collected or processed in another way. After this, the data are erased, unless retention is required to fulfill a legal obligation required by the law of the European Union or the Member States, or to enforce, exercise, or defend legal claims. These legal duties describe legal retention obligations, i.e. 10 years (for accounting data including order and payment information, wage statements, and pay slips) or 6 years (for trade correspondence). The data are locked for the duration of the retention obligation and deleted after it expires.
8. Rights of data subjects
You have the right:
- according to Art. 7 Para. 3 of the EU-GDPR, you can revoke your previously given consent at any time. As a result, we will no longer be able to process data based on this consent in the future. However, the legitimacy of the processing conducted based on the consent until your withdrawal is unaffected;
- according to Article 15 of the EU-GDPR, you can request information about your personal data processed by us. For this, you can request information regarding the purposes of processing, the category of personal data, the categories of recipients to whom your data will be or has been disclosed, the planned retention period, the existence of a right to rectification, erasure, limitation of processing or revocation, the existence of a right to lodge a complaint, the origin of your data, provided it was not collected by us, as well as the existence of an automated-decision making process including profiling and potentially meaningful information in regard to their details;
- according to Article 16 of the EU-GDPR, you can request the immediate rectification of incorrect or incomplete personal data stored by us;
- according to Article 17 of the EU-GDPR, you can request the erasure of your personal data stored with us, unless processing is required to exercise the right of free expression and information, to fulfil a legal obligation, for reasons of public interest, or to assert, exercise, or defend legal claims;
- according to Article 18 of the EU-GDPR, you can request the restriction of processing of your personal data, provided you contest the accuracy of the data, the processing is unlawful, however, you object to the erasure of said data and we no longer require the data but you require it to assert, exercise, or defend legal claims or you have objected to processing pursuant to Article 21 of the GDPR;
- according to Article 20 of the EU-GDPR, you can request to obtain the data you provided to us in a structured, prevalent, and machine-readable format or to have it transferred to another controller;
- according to Article 77 of the EU-GDPR, you have the right to lodge a complaint with a supervisory authority. The responsible supervisory authority is the Data Protection Commissioner for the federal state in which the company headquarters are located. An overview of Data Protection Commissioners and their contact information can be found at https://www.bfdi.bund.de/.
9. Right to object
If your personal data are processed on legitimate interest based on Art. 6 Para. 1 S. 1 lit. f) EU-GDPR, you have the right according to Art. 21 GDPR to object to the processing of your personal data on grounds relating to your particular situation. In the event of a legitimate objection, we examine the situation and either cease or adjust data processing, or provide you with obligatory rights to be protected due to which we continue processing.
To exercise your right to withdraw consent or to object, simply email us at firstname.lastname@example.org.
10. Data security
We take suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorised access by third parties. Our security measures are continuously improved in accordance with technological developments.
Further, we use SSL or TLS encryption (SSL = Secure Sockets Layer; TLS = Transport Layer Security; SSL is the previous descriptor of TLS) for your website access. You can see that individual pages of our website are encrypted if the address bar of the browser changes from “http://” to “https://” and by the closed padlock icon in the address bar of the browser. If SSL or TLS encryption is enabled, third parties cannot gain unauthorised access to the data you transmit to us.
11. Version and changes to this data protection declaration
This data protection declaration was last revised in November 2018.
Due to technical developments and/or changes in legal or official requirements, it may become necessary to make changes to this data protection declaration. You will know whether changes are made, if the “date” of the document in the first sentence of paragraph 10 has been updated.
You can access and print the latest version of the data protection declaration on our website at www.eti-experts.de/en/data-protection.