Privacy
policy

1. Introduction

With the following information, we wish to provide you as a “data subject” with an overview of the processing of your personal data by us and your rights under data protection legislation. It is possible to use our website without entering personal data. However, if you wish to use specific services offered by our company on our website, processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain consent from you in advance.

The processing of personal data such as your name, address or email address is always in line with the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to “Kontext E GmbH”. By means of this privacy policy, we wish to inform you about the scope and purpose of the personal data collected, used and processed by us.

As the data controller, we have implemented numerous technical and organizational measures in order to ensure the most complete protection of personal data processed through this website. In spite of this, Internet-based data transmissions can always have security gaps, so that absolute protection cannot be guaranteed. For this reason, you are free to submit personal data to us by alternative means, for example by telephone or by post.

2. Data controller

The data controller within the meaning of the GDPR is:

Kontext E GmbH, Dr.-Külz-Ring 15, 01067 Dresden, Germany

The data controller’s authorized representative: Jens Homann

3. Data Protection Officer

You can contact our data protection officer here:

Ingo Krause Email: datenschutz@kontext-e.de

You can contact our data protection officer directly at any time with all your questions and suggestions regarding data protection.

Cookie settings

4. Definition of terms

Our privacy policy is based on the terms used by the legislators of the European Union in the adoption of the General Data Protection Regulation (GDPR). Our privacy policy must be easy to read and understand by the public as well as by our customers and business associates. In order to ensure this, we would like to explain the terms used in advance.

In this privacy policy we use the following terms, among others:

1. Personal data

Personal data is any information relating to an identified or identifiable natural person. An identifiable natural person is defined as someone who can be identified directly or indirectly, in particular by reference to an identifier such as a name, an ID number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2. Data subject

A data subject is any identified or identifiable natural person whose personal data is processed by the data controller (our company).

3. Processing

Processing is any operation or set of operations that is performed on personal data, whether or not by automatic means, such as its collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, deletion or destruction.

4. Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

5. Profiling

Profiling is any form of automated processing of personal data that consists of using such personal data to evaluate specific personal aspects relating to a natural person, in particular, to analyze or predict aspects relating to that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location.

6. Pseudonymization

Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

7. Processor

A processor is a natural or legal entity, public authority, institution or other body that processes personal data on behalf of the controller.

8. Recipient

A recipient is a natural or legal entity, public authority, institution or other body to which personal data is disclosed, whether or not it is a third party. However, authorities that may receive personal data in the context of a specific investigation under EU or member state law are not regarded as recipients.

9. Third party

A third party is a natural or legal entity, public authority, institution or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.

10. Consent

Consent means any freely given and informed indication of the data subject’s wishes in the form of a statement or other clear affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.

5. Legal basis of the processing

Art. 6 Section 1 a of the GDPR serves as the legal basis for our company regarding processing operations in which we obtain consent for a specific processing purpose.

If the processing of personal data is necessary for the performance of a contract to which you are a party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of another service or counter-service, the processing is based on Art. 6 Section 1 b of the GDPR. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in the case of inquiries about our products or services.

If our company is subject to a legal obligation that requires the processing of personal data, such as for the fulfillment of tax obligations, the processing is based on Art. 6 Section 1 c of the GDPR.

In rare cases, the processing of personal data may become necessary in order to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were to be injured on our premises and as a result their name, age, health insurance details or other vital information needed to be passed on to a doctor, hospital or other third party. Then the processing would be based on Section 1 c of the GDPR.

Finally, processing operations could be based on Art. 6 Section 1 f of the GDPR. Processing operations that are not covered by any of the above cases will be based on this legal basis if the processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail. We are permitted to carry out such processing operations in particular because they have been specifically mentioned by the EU legislature. In this respect, it took the view that a legitimate interest can be assumed if you are a customer of our company (Recital 47, Sentence 2 of the GDPR).

6. Technology

6.1 SSL/TLS encryption

This site uses SSL or TLS encryption to ensure the security of data processing and to protect the transmission of confidential content, such as orders, login data or contact requests that you send to us as the website operators. You can recognize an encrypted connection by the fact that there is an “https://” instead of an “http://” in the address line of the browser and by the padlock symbol in your browser line.

We use this technology to protect the data you provide.

6.2 Data recording when you visit the website

When you use our website for information purposes only, i.e. if you do not register or otherwise transmit information to us, we only record and collect data that your browser transmits to our server (in so-called “server log files”). Every time you or an automated system accesses a page on our website, we collect specific general data and information. These general data and information are stored in the server’s log files. The following may be recorded:

1. browser types and versions used,
2. the operating system used by the accessing system,
3. the website from which an accessing system reaches our website (so-called ‘referrer’),
4. the pages of our website that are accessed by an accessing system,
5. the date and time of the access to the website,
6. an abbreviated Internet protocol address (anonymized IP address),
7. the Internet service provider of the accessing system.

When using this general data and information, we do not draw any conclusions about your person. On the contrary, this information is needed:

1. to provide the contents of our website correctly,
2. to optimize the contents of our website and the advertising for it,
3. to ensure the permanent functionality of our IT systems and the technology of our website and
4. to provide the law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.

The data and information collected are therefore evaluated by us statistically on the one hand, and on the other with the aim of increasing the data protection and data security of our company, in order to ultimately ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from any personal data provided by a data subject.

The legal basis for the data processing is Art. 6 Section 1 Sentence 1 f of the GDPR. Our legitimate interest is derived from the data collection purposes listed above.

7. Content and website

Personal data is collected when you contact us (e.g. by contact form or email). The data collected in the case of a contact form can be seen from the individual contact form. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administrative work. The legal basis for the processing of the data is our legitimate interest in responding to your request in accordance with Art. 6 Section 1 f of the GDPR. If you contact us for the purpose of concluding a contract, the additional legal basis for the processing is Art. 6 Section 1 b of the GDPR. Your data will be deleted after final processing of your inquiry; this is the case if it can be inferred from the circumstances that the matter concerned has been conclusively resolved and provided that there are no conflicting statutory retention obligations.

8. Newsletter distribution

8.1 Newsletter distribution to existing customers

If you have provided us with your email address when purchasing goods or services, we may periodically email you offers for similar goods or services to those you have already purchased from our range. In accordance with Section 7 (3) of the German Unfair Competition Act (UWG), we do not need to obtain separate consent from you for this. In this respect, the data processing is carried out solely on the basis of our legitimate interest in personalized direct advertising in accordance with Art. 6 Section 1 f of the GDPR. If you have initially objected to the use of your email address for this purpose, we will not send you any emails. You are entitled to object to the use of your email address for the above-mentioned advertising purpose at any time with effect for the future by notifying the responsible person named at the beginning. You will only incur transmission costs for this in accordance with basic rates. After receipt of your objection, the use of your email address for advertising purposes will cease immediately.

8.2 Newsletter tracking

Our newsletters contain so-called tracking pixels. A tracking pixel is a thumbnail graphic that is embedded in emails that are sent in HTML format to enable log file recording and log file analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns. By means of the embedded tracking pixel, the company can recognize if and when an email was opened by you and which links located in the email were called up by you.

Such personal data collected via the tracking pixels contained in the newsletters are stored and evaluated by us in order to optimize the distribution of the newsletter and to better adapt the content of future newsletters to your interests. This personal data will not be passed on to third parties. Data subjects are entitled at any time to revoke the separate declaration of consent given in this regard via the double opt-in procedure. After a revocation, this personal data will be deleted by us. Unsubscribing from the newsletter is automatically interpreted as a revocation.

Such an evaluation is performed in particular in accordance with Art. 6 Section 1 f of the GDPR on the basis of our legitimate interests in the insertion of personalized advertising, market research and/or the needs-based design of our website.

8.3 Mailchimp

Our email newsletter is sent via the technical service provider The Rocket Science Group, LLC d/b/a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (https://www.mailchimp.com/), to whom we transfer the data you provided when subscribing to the newsletter. This transfer takes place within the framework of order processing by MailChimp. Please note that your data is usually transferred to a MailChimp server in the USA and stored there.

MailChimp uses this information to send and statistically evaluate the newsletters on our behalf. For the evaluation the emails contain web beacons or tracking pixels representing image files that are saved on our website. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked on. Technical information is also collected (e.g. time of access, IP address, browser type and operating system). The data is collected exclusively in pseudonymized form and is not linked to your other personal data; any direct personal reference is excluded. This data is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.

If you wish to object to data analysis for statistical evaluation purposes, you must unsubscribe from the newsletter.

You can revoke the consent you have given at any time. You can also prevent the processing at any time by unsubscribing from the newsletter. You can also prevent the storage of cookies by setting your web browser accordingly. By deactivating JavaScript in your web browser or installing a JavaScript blocker (e.g. https://noscript.net or https://www.ghostery.com), you can prevent the storage and transmission of personal data. We would like to point out that these measures may mean that not all the functions of our website are available.

In addition, in accordance with Art. 6 Section 1 f of the GDPR, MailChimp can itself use the data on the basis of its own legitimate interest in the needs-based design and optimization of its service as well as for market research purposes, for example, to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write to them itself or to pass information on to third parties.

To protect your data in the USA, we have concluded a data processing agreement (“Data Processing Agreement”) with MailChimp based on the standard contractual clauses of the European Commission to enable the transfer of your personal data to MailChimp. If you are interested, this data processing agreement can be viewed at the following Internet address: https://mailchimp.com/legal/forms/data-processing-agreement/.

MailChimp is also certified under the “Privacy Shield” US-EU data protection agreement, and thus undertakes to comply with EU data protection requirements.

You can view the privacy policy of MailChimp here: https://mailchimp.com/legal/privacy/

9. Our activities in social networks

So that we can also communicate with you on social networks and inform you about our services, we are represented there with our own pages. When you visit one of our social media pages, we are jointly responsible with the provider of the respective social media platform for the processing operations relating to personal data that are triggered as a result within the meaning of Art. 26 of the GDPR.

We are not the original provider of these platforms, but merely use them within the scope of the possibilities offered to us by the respective providers.
Therefore, as a precautionary measure, we would like to point out that your data may also be processed outside the European Union or the European Economic Area. Using our pages may therefore have data protection risks for you, as it may be more difficult to protect your rights, e.g. to information, deletion, objection, etc., and processing in the social networks is often carried out directly for advertising purposes or to analyze user behavior by the providers, without our being able to influence this. If usage profiles are created by the provider, cookies are often used or the usage behavior is directly assigned to your own member profile of the social networks (if you are logged in there).

The processing operations of personal data described are carried out in accordance with Art. 6 Section 1 f of the GDPR on the basis of our legitimate interest and the legitimate interest of the respective provider in order to communicate with you in a contemporary manner or to provide you with information about our services. If you have to give consent to data processing as a user with the respective providers, the legal basis refers to Art. 6 Section 1 a of the GDPR in conjunction with Art. 7 of the GDPR.

As we do not have access to the providers’ databases, we would like to point out that it is best to exercise your rights (e.g. to information, correction, deletion, etc.) directly with the respective provider. Further information on the processing of your data in the social networks and the possibility of making use of your right of objection or revocation (so-called opt-out) is listed below under the respective social network provider used by us:

9.1 Facebook

(Joint) controller for data processing in Europe:
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

Privacy policy (data policy):
https://www.facebook.com/about/privacy

Opt-out and advertising settings:
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

Facebook is part of the EU-US Privacy Shield agreement:
https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

https://de-de.facebook.com/about/privacy/

9.2 LinkedIn

(Joint) controller for data processing in Europe:
LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland

Privacy policy:
https://www.linkedin.com/legal/privacy-policy

Opt-out and advertising settings:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

LinkedIn is part of the EU-US Privacy Shield agreement:
https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active

9.3 Twitter

(Joint) controller for data processing in Europe:
Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland

Privacy policy:
https://twitter.com/de/privacy

Information about your data:
https://twitter.com/settings/your_twitter_data

Opt-out and advertising settings:

Twitter is part of the EU-US Privacy Shield agreement:
https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active

9.4 XING

(Joint) controller for data processing in Germany:
XING AG, Dammtorstr. 29-32, 20354 Hamburg, Germany

Privacy policy:
https://privacy.xing.com/de/datenschutzerklaerung

Requests for information by XING members:
https://www.xing.com/settings/privacy/data/disclosure

10. Web analysis

On this website, we have integrated the Matomo component from the provider InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand. Matomo is a software tool for web analysis, i.e. for collecting, collating and evaluating data on the behavior of visitors to websites. Among other things, data is collected about the website from which a data subject has accessed a website (the so-called ‘referrer’), which pages of the website have been accessed or how often and for how long a page has been viewed. This is used to optimize the website and for a cost-benefit analysis of Internet advertising.

The software is operated on the server of the data controller and the log files, which are sensitive in terms of data protection law, are stored exclusively on this server.

Matomo sets a cookie on your IT system. The setting of the cookie enables us to analyze the use of our website. Each time you access one of the individual pages of this website, the Internet browser on your IT system is automatically prompted by the Matomo component to transmit data to our server for the purpose of online analysis. As part of this technical process, we obtain knowledge of personal data, such as the IP address of the person concerned, which we use, among other things, to trace the origin of visitors and clicks.

By means of the cookie, we store personal information, for example, the access time, the place from which an access originated and the frequency of visits to our website. Each time you visit our website these personal data, including the IP address of the internet connection you are using, are transmitted to our server. This personal data is stored by us. We do not pass on these personal data to third parties.

You can prevent the setting of cookies by our website at any time by means of a corresponding setting of the Internet browser used and thus permanently object to the setting of cookies. Such a setting on the Internet browser used would also prevent Matomo from setting a cookie on your IT system. In addition, a cookie already set by Matomo can be deleted at any time via an Internet browser or other software programs.

Furthermore, you have the option of objecting to the collection of data generated by Matomo and related to your use of this website and of preventing such collection. For this purpose, you must set an opt-out cookie. If your IT system is deleted, formatted or reinstalled at a later date, the data subject must set an opt-out cookie again. With the setting of the opt-out cookie, however, there is the possibility that our Internet pages will no longer be fully usable by you.

These processing operations are carried out exclusively when explicit consent is given in accordance with Art. 6 Section 1 a of the GDPR.

Further information and the applicable privacy policy of Matomo can be found at https://matomo.org/privacy/ .

11. Plugins and other services

For the uniform display of fonts, our website uses so-called ‘Web Fonts’ that are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When you access a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

For this purpose, the browser you are using must connect to Google’s servers. This enables Google to know that our website has been accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our website.

Diese Verarbeitungsvorgänge erfolgen ausschließlich bei Erteilung der ausdrücklichen Einwilligung gemäß Art. 6 Abs. 1 lit. a DS-GVO..

Google Ireland Limited with its registered office in Ireland is certified for the US-EU data protection agreement “Privacy Shield”, which ensures compliance with the level of data protection applicable in the EU.

You can find more information about Google’s Web Fonts at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/

12. Your rights as the data subject

12.1 Right of confirmation

You have the right to request confirmation from us as to whether personal data relating to you is being processed.

12.2 Right to information in accordance with Art. 15 of the GDPR

You have the right to receive information from us at any time and free of charge about the personal data stored about you, as well as a copy of the data in accordance with statutory provisions.

12.3 Right to correction in accordance with Art. 16 of the GDPR

You have the right to request that inaccurate personal data concerning you should be corrected. You also have the right to request the completion of incomplete personal data, taking into account the purposes of the processing.

12.4 Right to deletion in accordance with Art. 17 of the GDPR

You have the right to demand that we delete the personal data concerning you without delay, provided that one of the reasons provided for by law applies, and insofar as the processing or storage of the data is not necessary.

12.5 Right to restriction of processing in accordance with Art. 18 of the GDPR

You have the right to demand that we restrict processing if one of the legal requirements for this is met.

12.6 Right to data portability in accordance with Art. 20 of the GDPR

You have the right to receive any personal data which you have provided to us in a structured, standard and machine-readable format. You also have the right to transmit such data to another controller without hindrance from us, provided that the relevant processing is based on consent in accordance with Art. 6 Section 1 a or Art. 9 Section 2 a of the GDPR or with a contract as specified by Art. 6 Section 1 b of the GDPR, and such processing is carried out with the aid of automated procedures unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority for which we are responsible.

In addition, when exercising your right to data portability in accordance with Art. 20 Section 1 of the GDPR, you have the right to have the personal data transferred directly from one controller to another controller, insofar as this is technically feasible and insofar as it does not adversely affect the rights and freedoms of other persons.

12.7 Right of objection in accordance with Art.21 of the GDPR

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6 Section 1 e of the GDPR (data processing in the public interest)or 1 f of the GDPR (data processing on the basis of a balancing of interests).

This also applies to profiling based on these provisions within the meaning of Art. 4 Section 4 f the GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing is for the purpose of asserting, exercising or defending legal claims.

In individual cases we process personal data in order to carry out direct advertising. You may object to the processing of personal data for the purpose of such advertising at any time. This also applies to profiling, insofar as it is connected with such direct advertising. If you object to our processing for direct marketing purposes, we will no longer process the personal data for these purposes.

In addition, in accordance with Art. 89 Section 1 of the GDPR, you have the right to object on grounds relating to your particular situation to the processing of personal data concerning you which is carried out by us for scientific or historical research purposes or for statistical purposes unless such processing is necessary for the performance of a task carried out in the public interest.

Notwithstanding Directive 2002/58/EC, you are free to exercise your right to object in relation to the use of information society services by means of automated procedures using technical specifications.

12.8 Revocation of consent under data protection law

You have the right to revoke consent to the processing of personal data at any time with effect for the future.

12.9 Complaint to a supervisory authority

You have the right to complain about our processing of personal data to a supervisory authority responsible for data protection.

13. Routine storage, deletion and blocking of personal data

We process and store your personal data only for the period of time necessary to achieve the purpose of storage, or if this is permitted by the legal provisions to which our company is subject.

If the purpose of storage no longer applies or if a prescribed storage period expires, the personal data will be routinely blocked or deleted in accordance with statutory provisions.

14. Duration of the storage of personal data

The criterion for the duration of the storage of personal data is the applicable statutory retention period. After expiry of this period, the corresponding data is routinely deleted if it is no longer required for the fulfillment or initiation of the contract.

15. Up-to-date status and amendment of the privacy policy

This privacy policy is currently valid and has applied since March 2020.

Due to the further development of our website and offers or due to changed legal or official requirements, it may become necessary to amend this privacy policy. You can access and print out our current privacy policy at any time on our website at “https://www.kontext-e.de/Datenschutz/”.

This privacy policy was created with the support of the data protection software: audatis MANAGER.

Thanks for your message.

We will be in touch with you
as soon as possible!