Data protection information
The protection of your personal data is very important to us, which is why we would like to list all the information about the processing and storage of your data when you visit our website and in our company.
In order to be able to use all the functions and services of our website, it is necessary to collect your personal data. However, the processing and storage only takes place in accordance with the legal guidelines and requirements such as the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG).
RESPONSIBLE BODY
Bihter Kartheuser
Geranienweg 14
42549 Velbert
Contact: info@connectandbe.com
Further information can be found in the imprint.
COLLECTION AND PROCESSING OF PERSONAL DATA ON THIS WEBSITE
Note: In order to protect your data as comprehensively as possible from unwanted access, we take so-called technical and organisational measures and use an encryption process on our website. Your data is transmitted over the Internet from your computer to our computer and vice versa using what is known as TLS encryption. TLS stands for “Transport Layer Security” and is an encryption protocol for data transmission on the internet. You can usually recognise “TLS” by the fact that the lock symbol in the status bar of your browser is closed and the address begins with https://.
- COLLECTION OF ACCESS AND LOG DATA
This website automatically collects and stores server log file information that your browser transmits to us.
These are –
anonymised IP address;
– internet service provider of the user;
– date and time of the request;
– browser type;
– language and browser version;
– content of the request;
– time zone;
– access status/HTTP status code;
– data volume;
– websites from which the request comes (so-called referrer)
– operating system.
The legal basis for this data processing is the legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR. The legitimate interest lies in being able to identify indications of unlawful use of the website.
The legal basis for this data processing is the legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR. The legitimate interest lies in being able to identify indications of unlawful use of our website (e.g. defence against hacker attacks) and to ensure a smooth connection setup.
We have concluded an order processing contract with the provider of this website, RockingHoster Deutschland GmbH, based in Ahrensburg, Germany, in accordance with Art. 28 GDPR. This is a contract prescribed by data protection law, which ensures that RockingHoster Deutschland GmbH processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR. We have also concluded an order processing contract with Sichtbär GbR, our web agency.
The data collected is stored in server log files that your browser automatically transmits to us in encrypted form. We only store the server log files in the event of attacks on our server infrastructure or other legal violations. This longer storage period is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f) GDPR and serves only to preserve evidence.
- ENQUIRIES VIA THE CONTACT FORM , E-MAIL AND TELEPHONE
Any personal data that you provide to us on a voluntary basis will of course be treated confidentially. We use the personal data you provide exclusively to process and respond to your enquiry. The legal basis for data processing is our legitimate interest in accordance with Art. 6 para. 1 lit. f) GDPR. This arises from our interest in responding to enquiries from our customers, business partners and interested parties and in promoting and maintaining customer satisfaction. Another legal basis for natural persons is the initiation or fulfilment of a contract in accordance with Art. 6 para. 1 lit. b) GDPR.
All personal data that you send to us with your enquiry will be deleted or anonymised by us no later than 180 days after the final response to you, unless a contract is concluded. The retention period of 180 days is due to the fact that you may occasionally contact us again about the same matter after a reply and refer to the previous correspondence. In our experience, we have found that after 180 days there are no more queries in response to our replies.
We have integrated hCaptcha on our websites. hCaptcha is provided by Intuition Machines, Inc. based in the USA and enables us to distinguish whether a contact request comes from a natural person or is automated by means of a programme, often referred to as a bot. Captchas are displayed using this tool. These are small tasks that are easy for humans to solve but difficult for machines to master. These captchas help us to identify spam.
Protection from bots
The hCaptcha tool only processes technical information about the use of our website, such as mouse movements, scroll positions, buttons pressed, touch events on touch displays and any movements of your device (e.g. if you use our website with a smartphone). In addition, hCaptcha collects the answers to the small tasks you are asked. This data is processed by hCaptcha exclusively on our behalf in order to protect our website from bots and spam. Your non-personalised responses to the small tasks you are asked are used by hCaptcha to train its algorithms.
The use of hCaptcha takes place against the background of protection against bots and on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR. Data is transferred to Intuition Machines, Inc. on the basis of concluded standard contractual clauses.
Further information on hCaptcha can be found at https://hcaptcha.com/privacy/ and https://hcaptcha.com/terms.
- USE OF WEB ANALYSIS TOOLS AND COOKIES
We use cookies to facilitate and improve the use of our website. Cookies are small pieces of text information that can be stored on your computer or smartphone (end device) via the browser when you visit a website. Cookies can also provide us with information about how you use our website so that we can continuously improve the design of the website.
Cookies themselves do not contain any personal data about users, they are only used to uniquely identify what our customers find interesting and useful on our website. We also use so-called “web beacons” (small graphic images, also known as “pixel tags” or “clear GIFs”) on our website. They are used together with cookies to track general user behaviour on the website.
The legal basis for the processing of personal data using cookies and other technologies is your consent in accordance with Art. 6 para. 1 lit. a) GDPR, which you give us via the so-called “consent banner” as soon as you visit our website for the first time.
We use cookies for the following purposes:
- Technically necessary: These are cookies and similar methods without which you cannot use our services, for example to display our website correctly or to use functions you have requested.
- Statistics: These techniques enable us to compile anonymous statistics on the use of our services. This allows us to determine, for example, how we can better customise our website to the habits of our users.
- Marketing: This allows us to show you advertising content tailored to you based on an analysis of your usage behaviour. Your usage behaviour can also be tracked across different websites, browsers or end devices using a user ID (unique identifier).
- External content or media is loaded from third-party providers.
The data processed by necessary cookies is required for the purposes listed below to protect our legitimate interests and those of third parties in accordance with Art. 6 para. 1 lit. f) GDPR.
Any use of cookies that is not absolutely technically necessary constitutes data processing that is only permitted with your express and active consent in accordance with Art. 6 para. 1 lit. a) GDPR. You can use our so-called “Cookie Consent Tool” to set which cookie categories you would like to consent to when visiting our website.
Any use of cookies that is not absolutely technically necessary constitutes data processing that is only permitted with your express and active consent in accordance with Art. 6 para. 1 lit. a) GDPR. You can use our so-called “Cookie Consent Tool” to set which cookie categories you would like to consent to when visiting our website.
Once cookies have been saved, you can delete them at any time via the settings of your web browser. You can also adjust the settings of your web browser so that no cookies are stored. In this case, not all functions of our website may be available.
As part of data processing (with the help of cookies and similar techniques for processing usage data), we may use specialised service providers, in particular from the online marketing sector. These process your data on our behalf as processors, are carefully selected and contractually bound in accordance with Article 28 GDPR. All companies listed as providers in our cookie notice act as so-called processors.
As part of data processing (with the help of cookies and similar techniques for processing usage data), we may use specialised service providers, in particular from the online marketing sector. These process your data on our behalf as processors, are carefully selected and contractually bound in accordance with Article 28 GDPR. All companies listed as providers in our cookie notice act as so-called processors.
Consent management via real cookie banner
Our website uses the consent technology of Real Cookie Banner to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document this in compliance with data protection regulations. The provider of this technology is devowl.io GmbH, Tannet 12, 94539 Grafling (hereinafter referred to as “Real Cookie Banner”).
Real Cookie Banner is installed locally on our servers so that no connection is established to the servers of the provider of Real Cookie Banner. Real Cookie Banner stores a cookie in your browser in order to be able to assign the consents given or their revocation to you. The data collected in this way is stored until you ask us to delete it, delete the Real Cookie Banner cookie yourself or the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected.
Real Cookie Banner is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.
Communication via Zoom video conferencing system
We use the Zoom tool from Zoom Video Communications Inc. to organise telephone conferences, online meetings and video conferences. You will receive access to the agreed appointments via a link provided by e-mail. You can enter my video room by clicking on the link. Before joining, you can decide for yourself whether you want to activate the transmission of your video. You are muted by default and you must manually enable your microphone if you wish. If you switch on your camera and/or microphone, this data will be processed during the meeting.
The following additional data may also be processed depending on the type and scope of the specific use:
- Personal details (e.g. first and last name, e-mail address, profile picture)
- Meeting metadata (e.g. date, time and duration of the communication, name of the meeting, participant IP address)
- Device/hardware data (e.g. IP addresses, MAC addresses, client version)
- Text, audio and video data (e.g. chat histories, video, audio and presentation recordings)
- Connection data (e.g. phone numbers, country names, start and end times, IP addresses)
Furthermore, your personal data may be processed. This also depends specifically on your use, such as use of the chat or the whiteboard. We explicitly draw your attention to the fact that any information you provide during the meeting will be processed at least for the duration of the meeting.
Legal basis
The legal basis for data processing for direct contractual partners is Art. 6 para. 1 lit. b) GDPR, for business partners or contact persons at external bodies the legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR. The legitimate interest lies in the organisation of virtual communication.
Receiver
The provider Zoom necessarily receives knowledge of the above-mentioned data insofar as this is contractually regulated within the framework of our order processing contract in accordance with Art. 28 GDPR. There are no other recipients.
We cannot rule out the possibility that data may also be routed via internet servers located outside the EU or the EEA. Zoom Voice Communications, Inc. has a valid certification under the Data Privacy Act as an adequacy decision for the USA.
You are not obliged to communicate with us via Zoom. Alternatively, you can also communicate by e-mail or telephone.
We generally delete personal data when there is no need for further storage.
Operation of social media presences
The following social media presences are operated by me:
Instagram: https://www.instagram.com/bihter_kartheuser/
LinkedIn: https://www.linkedin.com/company/connectandbe/
YouTube: https://www.youtube.com/@bihterkartheuser
Instagram is a product of Meta Platforms Inc. (formerly Facebook Inc.): facebook.com/help/1561485474074139/?helpref=related
- Maintaining the above-mentioned social media pages and placing ads (“adverts”)
The personal data entered on social media pages such as comments, videos, images, likes, public messages, etc. are published by the respective social media platform. We reserve the right to delete content if necessary. We may share content on our site and contact you via the social media platform, for example via the messengers offered. In addition, we regularly place adverts via our social media pages. The legal basis for this data processing is the legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR, which is in the interest of our public relations and communication.
- Page Insights
The social media platforms provide anonymised statistics and insights that help us gain knowledge about the types of actions people take on our site (so-called “page insights”). These Page Insights are created based on certain information about people who have visited our site.
The legal basis for this data processing is our legitimate interest in accordance with Art. 6 para. 1 lit. f) GDPR, which is based on obtaining information about the actions and visitors to our website.
This processing of personal data is carried out by the social media platform and us as so-called joint controllers in accordance with Art. 26 GDPR. In the case of joint responsibility, a separate agreement must be concluded.
LinkedIn: https://legal.linkedin.com/pages-joint-controller-addendum
Instagram: https://www.facebook.com/legal/terms/page_controller_addendum
YouTube: https://business.safety.google/controllerterms/
If you wish to object to certain data processing over which we have an influence (e.g. deletion of comments), please contact us using the contact details given above.
Note: The provision of your data is neither legally nor contractually required or necessary for the conclusion of a contract. You are not obliged to provide your personal data. The consequence of not providing your data is that you will not be able to communicate with us via our social media pages, interact with us or take part in the competition. To contact us, please use the above e-mail address.
Data processing by the operator of the social media platform:
In addition to us, there is also the operator of the social media platforms themselves. From a data protection perspective, this is also regarded as another controller that carries out its own data processing. This means that the operator is also a separate controller under the GDPR. However, we only have limited influence on data processing by the operator. Where we can exert influence (e.g. through parameterisation), we work within the scope of our possibilities to ensure that the operator of the social media platform handles data in compliance with data protection regulations. In many places, however, we cannot influence the data processing by the operator of the social media platform and do not know exactly what data they process. The respective operator will inform you about the processing of personal data in its own privacy policy:
Instagram: help.instagram.com/519522125107875
YouTube: www.policies.google.com/privacy?hl=de
LinkedIn: https://de.linkedin.com/legal/privacy-policy?
When using the platform, your personal data is generally also processed by the respective platform operator on servers in third countries, in particular in the USA. Certain third countries are certified by the European Commission with a so-called adequacy decision. This means that the legal situation for the protection of privacy in these countries is comparable to that in the EU or the EEA. You can find more information on the current countries with an adequacy decision here. Certifications in accordance with the adequacy decision for the USA, the Data Privacy Framework, exist for Meta Platforms Inc (Facebook, Instagram) and Google (YouTube). In all other cases, we conclude so-called standard contractual clauses with the platform operators for the transfer of personal data to third countries.
Note: The operator of the social media platform uses web tracking methods. Web tracking can also take place regardless of whether you are logged in or registered with the social media platform. As already explained, we unfortunately have little influence on the web tracking methods of the social media platform. For example, we cannot switch it off. Please be aware of this: It cannot be ruled out that the provider of the social media platform may use your profile and behavioural data, for example to evaluate your habits or personal relationships and preferences, etc. We have no influence on the processing of your data by the provider of the social media platform.
Rights of data subjects
In accordance with Art. 15 para. 1 GDPR, you have the right to receive information about the personal data stored about you free of charge upon request. Furthermore, if the legal requirements are met, you have the right to rectification (Art. 16 GDPR), erasure (Art. 17 GDPR) and restriction of processing (Art. 18 GDPR) of your personal data. If you have provided the processed data yourself, you have the right to data portability in accordance with Art. 20 GDPR.
If the data processing is based on Art. 6 para. 1 e) or f) GDPR, you have the right to object in accordance with Art. 21 GDPR. If you object to data processing, this will not take place in future unless the controller can demonstrate compelling legitimate grounds for further processing which override the interests of the data subject in objecting.
You also have the right to lodge a complaint with a data protection supervisory authority. The complaint may in particular be lodged with a supervisory authority in the EU Member State of your habitual residence, place of work or place of the alleged infringement.
Contact details of the competent data protection authority:
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
Kavalleriestr. 2-4, 40213 Düsseldorf
Phone: 0211/38424-0
Fax: 0211/38424-999
E-mail: poststelle@ldi.nrw.de
No automated decision-making.
We do not carry out automated decision-making or profiling.
Provision
Unless otherwise stated in the previous sections, the provision of personal data is not required by law or contract or necessary for the conclusion of a contract. Failure to provide your personal data may mean that we are unable to respond to your enquiries, for example.
This data protection information was created in cooperation with the consulting firm SCALELINE Datenschutz. The legal texts are subject to copyright.