Data protection
DATA PROTECTION
Responsible for compliance with the provisions of applicable data protection laws, particularly of the EU General Data Protection Regulation (GDPR), is:
DANGO & DIENENTHAL Management GmbH
Hagener Straße 103
57072 Siegen
Germany
+ 49 271 401-0
contact [at] dango-dienenthal [dot] de
DATA SUBJECT RIGHTS
As a data subject, you shall have the right to contact our data protection officer via the indicated contact data to exercise at any time the right to:
- Confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, the right to access the personal data (Article 15 GDPR),
- Rectification of inaccurate personal data (Article 16 GDPR),
- Erasure of personal data concerning him or her (“right to be forgotten”) (Article 17 GPDR),
- Restriction of processing where the data subject’s personal data must not be erased for legal grounds (Article 18 GDPR),
- Object to processing of the data subject’s personal data (Article 21 GPDR)
- Data portability: the data subject shall have the right to receive the personal data concerning him or her, where the processing is based on consent or on a contract (Article 20 GDPR).
As a data subject, you shall have the right to withdraw your consent at any time with effect for the future.
Every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence or with the supervisory authority responsible for us.
A list of the supervisory authorities (for the non-public sector) including their addresses is available at:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
RECORDING OF GENERAL INFORMATION DURING A VISIT OF OUR WEBSITE
Nature and purpose of the processing
Whenever you access our website, i.e. even when you have not registered or are not transmitting any other type of information, information of general nature of your visit will still be recorded automatically. The data contained in log files contain information on the web browser and the operating system you are using, the domain name of your Internet service provider, your IP address and the like.
This information is processed for the following purposes:
- Securing trouble-free linking to and running of the website,
- Securing trouble-free use of our website,
- Evaluation of system security and stability, and
- Optimization of our website.
From this data no conclusions shall be drawn as to your personal identity. This data may solely be used in an anonymized way for statistical evaluations with the aim to enhance our website and the underlying technology.
Legal basis & legitimate interest
Processing shall be performed on the ground of our legitimate interest to enhance the stability and functionality of our website pursuant to point (f) of Article 6 (1) GDPR.
Recipients
If applicable, this data may be received by technical service providers active as subcontractors for the operation and maintenance of our website.
Storage period
The data shall be erased as soon as the purpose for the collection no longer exists. For data serving the purpose of operating the website this is generally the case when the respective session has been closed.
For data stored in log files this happens at the latest after 14 days. Storage beyond this period is ruled out. Likewise any relating of data to the visitor of the website is ruled out due to the fact that the users’ IP addresses are anonymized.
Provision of data required by law or where necessary
Provision of the above mentioned personal data is neither required by law nor by contract. But without knowledge of the IP address, operation and functionality of our website cannot be guaranteed. In addition, certain services may not be available at all or only to a limited extent. For this reason, objection to the use of this data shall be ruled out.
COOKIES
Our websites and pages use what the industry refers to as “cookies.” Cookies are small data packages that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain archived on your device until you actively delete them, or they are automatically eradicated by your web browser.
Cookies can be issued by us (first-party cookies) or by third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services of third-party companies into websites (e.g., cookies for handling payment services).
Cookies have a variety of functions. Many cookies are technically essential since certain website functions would not work in the absence of these cookies (e.g., the shopping cart function or the display of videos). Other cookies may be used to analyze user behavior or for promotional purposes.
Cookies, which are required for the performance of electronic communication transactions, for the provision of certain functions you want to use (e.g., for the shopping cart function) or those that are necessary for the optimization (required cookies) of the website (e.g., cookies that provide measurable insights into the web audience), shall be stored on the basis of Art. 6(1)(f) GDPR, unless a different legal basis is cited. The operator of the website has a legitimate interest in the storage of required cookies to ensure the technically error-free and optimized provision of the operator’s services. If your consent to the storage of the cookies and similar recognition technologies has been requested, the processing occurs exclusively on the basis of the consent obtained (Art. 6(1)(a) GDPR and § 25 (1) TDDDG); this consent may be revoked at any time.
You have the option to set up your browser in such a manner that you will be notified any time cookies are placed and to permit the acceptance of cookies only in specific cases. You may also exclude the acceptance of cookies in certain cases or in general or activate the delete-function for the automatic eradication of cookies when the browser closes. If cookies are deactivated, the functions of this website may be limited.
Which cookies and services are used on this website can be found in this privacy policy.
CONSENT WITH USERCENTRICS
This website uses the consent technology of Usercentrics to obtain your consent to the storage of certain cookies on your device or for the use of specific technologies, and to document the former in a data protection compliant manner. The party offering this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 München, Germany, website: https://usercentrics.com/ (hereinafter referred to as “Usercentrics”).
Whenever you visit our website, the following personal data will be transferred to Usercentrics:
- Your declaration(s) of consent or your revocation of your declaration(s) of consent
- Your IP address
- Information about your browser
- Information about your device
- The date and time you visited our website
- Geolocation
Moreover, Usercentrics shall store a cookie in your browser to be able to allocate your declaration(s) of consent or any revocations of the former. The data that are recorded in this manner shall be stored until you ask us to eradicate them, delete the Usercentrics cookie or until the purpose for archiving the data no longer exists. This shall be without prejudice to any mandatory legal retention periods.
The Usercentrics banner on this website has been configured with the assistance of eRecht24. This can be identified by the eRecht24 logo. To display the eRecht24 logo in the banner, a connection to the image server of eRecht24 will be established. In conjunction with this, the IP address is also transferred; however, is only stored in anonymized form in the server logs. The image server of eRecht24 is located in Germany with a German provider. The banner as such is provided exclusively by Usercentrics.
Usercentrics uses cookies to obtain the declarations of consent mandated by law. The legal basis for the use of specific technologies is Art. 6(1)(c) GDPR.
CONTACT FORM
Nature and purpose of the processing
The entered data shall be stored solely for the purpose of communicating with the data subject. This requires the entry of a valid email address and the user's name. These data shall be used to relate the enquiry and the subsequent reply. Entry of any other data shall be optional.
Legal basis
Processing of data entered in the contact form shall be for the purposes of legitimate interests (point 1 of Article 6 (1) GDPR).
With the contact form we offer the users of our website a convenient way to get in contact with us. The data entered by the users shall be stored for the purpose of processing the enquiry and for any responses and replies.
In the case of a request for a quotation, the data entered in the contact form shall be used to take steps at the request of the user prior to entering into a contract (point 1 Article 6 (1) GDPR).
Recipients
Recipients of the data may be order processors, for example.
Storage period
The data shall be erased at the latest 6 months from the processing of the enquiry.
In the event that a contract results from the enquiry, storage periods shall be governed by the stipulations in the German Commercial Code and, after expiry of the applicable storage periods, the corresponding data shall be erased.
Provision of data required by law or where necessary:
The provision of personal data is voluntary. However, processing of an enquiry shall only be possible provided that the user of the contact form has entered his or her name, email address and the subject of the enquiry.
NEWSLETTER
Newsletter data
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only on a voluntary basis. For the handling of the newsletter, we use newsletter service providers, which are described below.
CleverReach
This website uses CleverReach for the sending of newsletters. The provider is the CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter “CleverReach”). CleverReach is a service that can be used to organize and analyze the sending of newsletters. The data you have entered for the purpose of subscribing to our newsletter (e.g., e-mail address) are stored on servers of CleverReach in Germany or in Ireland.
Newsletters we send out via CleverReach allow us to analyze the user patterns of our newsletter recipients. Among other things, in conjunction with this, it is possible how many recipients actually opened the newsletter e-mail and how often which link inside the newsletter has been clicked. With the assistance of a tool called Conversion Tracking, we can also determine whether an action that has been predefined in the newsletter actually occurred after the link was clicked (e.g., purchase of a product on this website). For more information on the data analysis services by CleverReach newsletters, please go to: https://www.cleverreach.com/en/features/reporting-tracking/.
The data is processed based on your consent (Art. 6(1)(a) GDPR). You may revoke any consent you have given at any time by unsubscribing from the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place prior to your revocation.
If you do not want to permit an analysis by CleverReach, you must unsubscribe from the newsletter. We provide a link for you to do this in every newsletter message.
The data deposited with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored for other purposes with us remain unaffected.
After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist, if such action is necessary to prevent future mailings. The data from the blacklist is used only for this purpose and not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6(1)(f) GDPR). The storage in the blacklist is indefinite. You may object to the storage if your interests outweigh our legitimate interest.
For more details, please consult the Data Protection Provisions of CleverReach at: https://www.cleverreach.com/en/privacy-policy/.
LEADINFO
We have integrated Leadinfo on this website. The provider is Leadinfo / Team.Blue GmbH, Bunsenstr. 19, 40215 Düsseldorf (hereinafter referred to as “Leadinfo”).
Leadinfo enables us to record visits to our website by members of other companies. For this purpose, the IP address of the website visitor is compared with the company IP addresses stored in Leadinfo’s company database. If this is the IP address of a company, this visit and the user behavior will be recorded. IP addresses that are not in Leadinfo’s database are deleted immediately, meaning that website visits by private individuals are ignored by Leadinfo.
Leadinfo is used on the basis of Art. 6 (1)(f) GDPR. The website operator has a legitimate interest in recording company visits to our website and their user behavior. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1)(a) GDPR and § 25 (1) TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.
Further details can be found in the provider's privacy policy at https://www.leadinfo.com/de/datenschutz/.
USE OF MATOMO
This website uses Matomo (previously Piwik), an open-source analytics platform for statistical analyses of website visits. Matomo is provided by InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand.
Matomo stores a cookie (a data file) on your terminal device enabling future recognition of your web browser. When visiting subpages of our website, the following information will be stored:
- The visitor’s IP address short of the last two bytes (anonymized)
- Designation of the visited subpage and time of access
- The website from which the visitor has connected to our website (referrer)
- The web browser, type of plug-ins, operating system and monitor resolution
- Time spent on the website
- The pages addressed from the activated subpage
We use Matomo in order to enhance the quality of our website and its content. This gives us insight in how our website is used and a basis to optimize our web offer on a continuous basis.
By anonymizing the IP address by six digits, we take due account of our website visitors’ concern about the protection of their personal data. No use shall be made of data to identify visitors of our website in person or to relate any such data with other data. None of the information generated by the cookie during your visit of this website shall be released to any third party.
Withdrawal of consent
The below link enables you to withdraw at any time your consent to the storage and analysis of your data by Matomo. Upon the withdrawal of your consent, an Opt-Out cookie, active for two years, will be stored on your device. While the Opt-Out cookie is active, Matomo will not collect any session data. Please note that, if you delete all cookies from your device, you will also delete the Opt-Out cookie.
More information on the privacy settings enabled by the Matomo software is available at: https://matomo.org/docs/privacy/.
You may also disable the use of cookies in your browser settings. However, please note that this may lead to restricted usability of the functions provided by this website.
GOOGLE SERVICES
Google Analytics 4
This website uses Google Analytics, a web analytics service provided by Google Ireland Ltd (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660.
Google Analytics uses cookies that enable us to analyze the use of our website. The information collected by the cookies about your use of this website is usually transferred to a Google server in the USA and stored there.
We use Google Signals. This collects additional information in Google Analytics about users who have activated personalized ads (interests and demographic data) and the ads can be delivered to these users in cross-device remarketing campaigns
In Google Analytics 4, the anonymization of IP addresses is activated by default. Due to IP anonymization, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
During your website visit, your user behavior is recorded in the form of “events”. Events can be:
- Page views
- First visit to the website
- Start of the session
- Visited web pages
- Your “click path”, interaction with the website
- Scrolls (whenever a user scrolls to the end of the page (90%))
- Clicks on external links
- Internal search queries
- Interaction with videos
- File downloads
- Viewed / clicked ads
- Language setting
Also recorded:
- Your approximate location (region)
- Date and time of your visit
- Your IP address (in abbreviated form)
- Technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
- Your internet provider
- The referrer URL (via which website/advertising medium you came to this website)
Google will use this information to evaluate your pseudonymous use of the website and to compile reports on website activity. The reports provided by Google Analytics are used to analyze the performance of our website and to improve our services for our customers.
Possible recipients of your data are Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor according to Art. 28 GDPR) as well as Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA and Alphabet Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
For the USA, the European Commission adopted its adequacy decision on July 10, 2023. Google LLC is certified under the EU-US Privacy Framework. Since Google servers are distributed worldwide and a transfer to third countries (for example to Singapore) cannot be completely ruled out, we have also concluded the EU standard contractual clauses with the provider.
The data sent by us and linked to cookies is deleted automatically. The maximum lifespan of Google Analytics cookies is 2 years. Data whose retention period has been reached is automatically deleted once a month.
The legal basis for this data processing is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR and Section 25 para. 1 sentence 1 TDDDG.
You can revoke your consent at any time with effect for the future by accessing the cookie settings [here (please insert the link to the consent tool)] and changing your selection there. This does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.
You can also prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to reject all cookies, this may restrict the functionality of this and other websites. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by clicking:
a. Do not give your consent to the setting of cookies or
b. download and install the browser add-on to deactivate Google Analytics here. https://tools.google.com/<wbr>dlpage/gaoptout?hl=de
You can find more information on the terms of use of Google Analytics and on data protection at Google at https://marketingplatform.<wbr>google.com/about/analytics/<wbr>terms/de/ and at https://policies.google.com/?<wbr>hl=de.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
Google Ads
Type and scope of processing
This website uses Google Ads. Ads is an online advertising program of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660, E-Mail: support-deutschlandnoSpam@googlenoSpam.com
Google Ads is a service for displaying targeted advertising to users. Google Ads uses cookies and other browser technologies to evaluate user behaviour and recognize users.
Google Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of advertising. Furthermore, Google Ads delivers targeted advertising based on behavioral profiles and geographical location. Your IP address and other identification features such as your user agent are transmitted to the provider.
If you are registered with a Google Ireland Limited service, Google Ads can assign the visit to your account. Even if you are not registered with Google Ireland Limited or have not logged in, it is possible that the provider will find out and store your IP address and other identification features.
In this case, your data will be passed on to the operator of Google Ads, Google Ireland Limited.
Purpose and legal basis
We process your data with the help of Google Ads for the purpose of optimizing our website and for marketing purposes on the basis of your consent pursuant to Art. 6 para. 1 lit. a. GDPR.
You can change your settings at any time via the cookie settings ((please link accordingly here))
You can find more information about Google Ads in Google's privacy policy:
https://www.google.de/<wbr>policies/privacy/
Storage period
The cookies lose their validity after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page
The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Ads: https://policies.google.com/<wbr>privacy.
Google Tag Manager
We use Google Tag Manager, a service provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Tag Manager is a technical tool with which we can centrally manage website tags. The Google Tag Manager itself does not process any personal data; it only ensures the loading of other components (e.g. analysis or marketing tags), which in turn can collect data. These components are described separately in our privacy policy.
The basis for the use of Google Tag Manager is our legitimate interest in the efficient management of website tags in accordance with Art. 6 para. 1 lit. f GDPR. However, if the Google Tag Manager loads tags that access data that is not technically necessary (e.g. marketing tags), this is done exclusively on the basis of your prior consent in accordance with Section 25 (1) TDDDG and Art. 6 (1) (a) GDPR.
We have concluded an order processing contract with Google in accordance with Art. 28 GDPR. Due to the use of Google services, it cannot be ruled out that technical information (e.g. IP address) will be transmitted to the USA. Google is certified in accordance with the EU-US Privacy Framework, which was recognized as appropriate by the European Commission on 10 July 2023. In addition, we have concluded the EU Standard Contractual Clauses (SCCs) with Google to ensure an adequate level of data protection.
Further information on Google Tag Manager can be found in Google's privacy policy: https://www.google.de/intl/de/<wbr>policies/privacy/.
LinkedIn Insight Tag
This website uses the Insight tag from LinkedIn. This service is provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
Data processing by LinkedIn Insight tag
We use the LinkedIn Insight tag to obtain information about visitors to our website. Once a website visitor is registered with LinkedIn, we can analyze the key occupational data (e.g., career level, company size, country, location, industry, job title) of our website visitors to help us better target our site to the relevant audience. We can also use LinkedIn Insight tags to measure whether visitors to our websites make a purchase or perform other actions (conversion measurement). Conversion measurement can also be carried out across devices (e.g. from PC to tablet). LinkedIn Insight Tag also features a retargeting function that allows us to display targeted advertising to visitors to our website outside of the website. According to LinkedIn, no identification of the advertising addressee takes place.
LinkedIn itself also collects log files (URL, referrer URL, IP address, device and browser characteristics and time of access). The IP addresses are shortened or (if they are used to reach LinkedIn members across devices) hashed (pseudonymized). The direct identifiers of LinkedIn members are deleted by LinkedIn after seven days. The remaining pseudonymized data will then be deleted within 180 days.
The data collected by LinkedIn cannot be assigned by us as a website operator to specific individuals. LinkedIn will store the personal data collected from website visitors on its servers in the USA and use it for its own promotional activities. For details, please see LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy#choices-oblig.
Legal basis
If your approval (consent) has been obtained the use of the abovementioned service shall occur on the basis of Art. 6(1)(a) GDPR and § 25 TDDDG (German Telecommunications Act). Such consent may be revoked at any time. If your consent was not obtained, the use of the service will occur on the basis of Art. 6(1)(f) GDPR; the website operator has a legitimate interest in effective advertising promotions that include the utilization of social media.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/5448.
Objection to the use of LinkedIn Insight Tag
You can object to LinkedIn’s analysis of user behavior and targeted advertising at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
In addition, LinkedIn members can control the use of their personal information for promotional purposes in the account settings. To prevent LinkedIn from linking information collected on our site to your LinkedIn account, you must log out of your LinkedIn account before you visit our site.
USE OF TYPEKIT FONTS FROM ADOBE FONTS
We use Typekit web fonts from Adobe Fonts in our website. Adobe Fonts is a service of Adobe Systems Software Ireland Companies (4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland; hereinafter referred to as “Adobe”), which allows us access to their font library.
In order for your browser to be able to embed the fonts used in this website, your browser will have to link to one of the Adobe servers in the USA and download the fonts needed for this website. As a result, Adobe will receive the information that our website has been accessed from your IP address.
Further information about Adobe Fonts is available in Adobe Fonts’ Privacy Policy statements which can be accessed via this link: https://www.adobe.com/de/privacy/policies/adobe-fonts.html
In case your browser does not support web fonts, or you have not given your consent to this, your computer will use a standard font.
Withdrawal of consent
For the time being, the provider of this website does not provide the users the option to opt out or block the transfer of data via a direct feature. To stop the tracking of your activities on this website, you may, however, withdraw your consent in the cookie consent tool to reject certain or all cookie categories, unless those cookies and data transfers necessary for technical reasons. If you do so, this may result in your being no longer able to use our website at all, or to use only to a limited extent.
SOCIAL MEDIA / PLUGINS
YouTube
Our website uses plugins from the Google-operated YouTube site. The operator of the pages is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, phone: +353 1 543 1000, fax: +353 1 686 5660, e-mail: support-deutschland@google.com (‘Google’ or synonymously ‘YouTube’). We have integrated the service with a so-called two-click solution. A connection to the Google servers is only established when you click on the corresponding placeholder. When a video is accessed via YouTube, a connection to the YouTube servers is established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account. Further information on the handling of user data can be found in Google's privacy policy at www.google.de/intl/de/policies/privacy.
Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our website with your IP address. If you click on the LinkedIn ‘Recommend’ button and are logged into your LinkedIn account, LinkedIn is able to associate your visit to our website with you and your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by LinkedIn. Further information on this can be found in LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy.
Instagram ("meta")
This is an offer from Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland (‘Meta Platforms Ireland’).
As part of the use of our online presence on Instagram, data is generally also transmitted to the USA. For the USA, there is an adequacy decision by the European Commission for data processing by US companies that fall under the EU-U.S. Data Privacy Framework (DPF) with appropriate certification. Processing by Meta Platforms, Inc. is carried out on the basis of certification under the EU-U.S. Data Privacy Framework.
Meta offers the operators of Facebook and Instagram accounts the opportunity to obtain an overview of the use of the fan page or Instagram account and its users via the Page Insights functions. Page Insights can be used to access and analyse statistical data in particular. Data processing in the context of visiting our Instagram presence is based on an agreement on joint responsibility in accordance with Art. 26 GDPR.
Further information on data protection at Instagram can be found at: https://privacycenter.instagram.com/policy
SSL ENCRYPTION
To assure maximum possible security of your personal data during data transfers, we use state-of-the-art encryption methods (such as SSL) via HTTPS.
RIGHT TO OBJECT PURSUANT TO ARTICLE 21 GDPR
Right to object on grounds relating to the data subject’s particular situation
You shall have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you based on point (f) of Article 6 (1) GDPR (General Data Protection Regulation), including profiling as defined in Article 4 (4) GDPR.
We shall no longer process your personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedom or for the establishment, exercise or defence of legal claims.
Where to address the objection
DANGO & DIENENTHAL Management GmbH
Hagener Straße 103
57072 Siegen
Germany
AMENDMENT OF OUR PRIVACY POLICY
We reserve the right to adjust this data protection statement to changing legal requirements and to amendments to our services, as the introduction of new functionalities, for example. For any and all visits of our website the data protection statement valid from time to time shall apply.
QUESTIONS ON OUR PRIVACY POLICY
For any questions on our privacy policy, please send us an email, if you like directly to our Data Protection Officer:
GINDAT GmbH
Mr. Arndt Halbach
Wetterauer Straße 6
42897 Remscheid
datenschutz [at] dango-dienenthal [dot] de
The German version of this data protection statement was generated with support of activeMind AG, Data Protection Officer (Version #2020-09-30).
THIS PRIVACY POLICY APPLIES TO THE FOLLOWING SOCIAL MEDIA PRESENCE
- https://www.instagram.com/dango_dienenthal/
- https://www.linkedin.com/company/dango-dienenthal/
- https://www.youtube.com/@dangodienenthalmaschinenba9682
DATA PROCESSING THROUGH SOCIAL NETWORKS
We maintain publicly available profiles in social networks. The individual social networks we use can be found below.
Social networks such as Facebook, X etc. can generally analyze your user behavior comprehensively if you visit their website or a website with integrated social media content (e.g., like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail:
If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.
Using the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. This way you can see interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have logged in to.
Please also note that we cannot retrace all processing operations on the social media portals. Depending on the provider, additional processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and privacy policy of the respective social media portals.
LEGAL BASIS
Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g., consent within the meaning of Art. 6 (1) (a) GDPR).
RESPONSIBILITY AND ASSERTION OF RIGHTS
If you visit one of our social media sites (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g., Facebook).
Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.
STORAGE TIME
The data collected directly from us via the social media presence will be deleted from our systems as soon as you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory provisions - in particular, retention periods - remain unaffected.
We have no control over the storage duration of your data that are stored by the social network operators for their own purposes. For details, please contact the social network operators directly (e.g., in their privacy policy, see below).
YOUR RIGHTS
You have the right to receive information about the origin, recipient and purpose of your stored personal data at any time and free of charge. You also have the right to object, the right to data portability and the right to file a complaint with the responsible regulatory agency. Furthermore, you can request the correction, blocking, deletion and, under certain circumstances, the restriction of the processing of your personal data.
INDIVIDUAL SOCIAL NETWORKS
We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Irland.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
For details on how they handle your personal information, see the Instagram Privacy Policy: https://privacycenter.instagram.com/policy/.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/4452
Data protection information of our Instagram channel
We have a LinkedIn profile. The provider is the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you want to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.
For details on how they handle your personal information, please refer to LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/5448
Data protection information of our LinkedIn channel
YOUTUBE
We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on how they handle your personal data can be found in the YouTube privacy policy: https://policies.google.com/privacy?hl=en.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/5780
Data protection information of our youtube channel
DATA PROTECTION INFORMATION
PURSUANT TO ARTICLES 13 AND 14 OF THE GDPR
Applicable to customers, interested parties, suppliers, applicants, referees, as well as sales and cooperation partners of the DANGO & DIENENTHAL Group.
The following information provides an overview of how we process your personal data and your rights under the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). Which specific data is processed and how it is used depends largely on the products and services requested or ordered in each case.
1. DATA CONTROLLER
DANGO & DIENENTHAL Management GmbH
Hagener Str. 103
57072 Siegen
Germany
+49 271 401-0
contact [at] dango-dienenthal [dot] de
www.dango-dienenthal.de
2. DATA PROTECTION OFFICER OF THE CONTROLLER
GINDAT GmbH
Mr. Arndt Halbach
Wetterauer Str. 6
42897 Remscheid
+49 2191 909–430
datenschutz [at] gindat [dot] de
datenschutz [at] dango-dienenthal [dot] de
3. DATA AND SERVICES
3.1. Sources
We process personal data that we receive from you in the course of our business relationship. In addition, we process (to the extent necessary for the provision of our products and services) personal data that we have received from other organizations of the DANGO & DIENENTHAL Group (https://www. dango-dienenthal.de) or from other third parties (e.g., to execute orders, fulfill contracts, or based on your consent). On the other hand, we process personal data that we have lawfully obtained from publicly accessible sources (e.g., commercial and association registers, press, media, Internet) and are permitted to process.
3.2. Categories of personal data
When initiating a business relationship or creating master data, the following personal data may be collected, processed, and stored:
Address and communication data (name, address, telephone number, email address, other contact details), personal master data (date/place of birth, gender, nationality, marital status, legal capacity, occupational group code, identification data (e.g., ID card details), authentication data (e.g., signature sample), tax ID)
When using products and services within the scope of contracts concluded with us, the following additional personal data may be collected, processed, and stored in addition to the aforementioned data:
Contract master data (order data, data from the fulfillment of our contractual obligations, information on any third-party beneficiaries), Billing, service, and payment data (direct debit data, tax information, other personal master data (occupation, employer), documentation data (e.g., logs), product data (e.g., requested or booked services and products), and the following business creditworthiness documents: income/surplus calculations, balance sheets, business evaluations, type and duration of self-employment.
3.3. Customer contact information
During the business initiation phase and during the business relationship, in particular through personal, telephone, or written contact initiated by you or by the DANGO & DIENENTHAL Group, further personal data is generated. This includes, for example, information about the contact channel, date, occasion, and result, (electronic) copies of correspondence, and information about participation in direct marketing measures.
3.4. Information society services
When processing data in the context of information society services, you will receive further information on data protection in connection with the respective service.
4. PURPOSE AND LEGAL BASIS OF PROCESSING
We process the personal data mentioned in section 3 in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG):
4.1. To fulfill contractual obligations (Article 6(1)(b) GDPR)
Personal data is processed for the establishment, execution, and termination of a contract for the provision of products or services, as well as for the implementation of precontractual measures for the preparation of offers, contracts, or other requests aimed at concluding a contract, which are made at your request.
The purposes of data processing are primarily based on the specific products and services and may include, among other things, needs analyses, consultations, and support. Further details on the purpose of data processing can be found in the respective (including pre-contractual) contract documents relating to our cooperation.
Prospective customers may be contacted during the contract initiation phase, taking into account any restrictions that may have been expressed, and customers, suppliers, and sales and cooperation partners may be contacted during the business relationship using the data they have provided.
4.2. Based on your consent (Art. 6 (1) (a) GDPR)
If you have given us your consent to process personal data for specific purposes (e.g., transfer of data within the group of companies), the lawfulness of this processing is based on your consent. Consent that has been given can be revoked at any time. This also applies to the revocation of declarations of consent that were given to us before the EU General Data Protection Regulation came into force, i.e. before May 25, 2018. Please note that the revocation only has effect for the future. Processing that took place before the revocation is not affected. You can request an overview of the status of your consent at any time.
4.3. Due to legal requirements (Article 6(1)(c) GDPR) or in the public interest (Article 6(1)(e) GDPR)
We are subject to various legal obligations and statutory requirements and process data for the following purposes, among others: Identity and age verification, fulfillment of tax control and reporting obligations, and the assessment and management of risks within the organizational group.
4.4. Within the scope of balancing interests (Article 6 (1) (f) GDPR)
Where necessary, we process your data beyond the actual fulfillment of the contract to protect our legitimate interests or those of third parties.
Examples
- Review and optimization of procedures for needs analysis and direct customer contact, including segmentation and calculation of closing probabilities
- Advertising or market and opinion research, provided you have not objected to the use of your data
- Assertion of legal claims and defense in legal disputes
- Ensuring IT security and IT operations
- Consultation with and exchange of data with credit agencies to determine creditworthiness and default risks
- Prevention of criminal offenses
- Video surveillance to protect property rights and collect evidence in the event of criminal offenses
- Measures for building and office security (e.g., access controls)
- Measures to ensure property rights
- Measures for business management and further development of services and products
- Risk management within the organization group
5. RECIPIENTS OF THE DATA
Within the DANGO & DIENENTHAL Group, those departments that need your data to fulfill our contractual and legal obligations will have access to it. Service providers employed by us may also receive data for these purposes if they comply with our written data protection instructions.
With regard to the transfer of data to recipients outside the DANGO & DIENENTHAL Group, it should first be noted that we are obliged to maintain confidentiality regarding all customerrelated information that comes to our knowledge. We may only pass on information about you if required to do so by law, if you have given your consent, and/or if the processors commissioned by us guarantee compliance with the provisions of the EU GDPR and the BDSG.
Under these conditions, recipients of personal data may include, for example:
- Public authorities and institutions in the event of a legal or official obligation
- Processors to whom we transfer personal data in order to conduct our business relationship with you.
Specifically: Support/maintenance of IT applications, archiving, document processing, call center services, compliance services, controlling, data destruction, purchasing/procurement, space management, debt collection, customer management, lettershops, marketing, media technology, reporting, research, risk controlling, expense accounting, telephony, video identification, website management, auditing services, payment transactions.
Other data recipients may be those entities to which you have given your consent for data transfer.
6. DATA TRANSFER TO THIRD COUNTRIES OR INTERNATIONAL ORGANIZATIONS
Data will only be transferred to countries outside the EU or the EEA (so-called third countries) if this is necessary for the execution of your orders, is required by law (e.g., tax reporting obligations), you have given us your consent, or within the scope of order processing. If service providers in third countries are used, they are obliged to comply with the level of data protection in Europe in addition to written instructions by agreeing to the EU standard contractual clauses.
7. Duration of data storage
We process and store your personal data for as long as it is necessary to fulfill our contractual and legal obligations. If the data is no longer required for the fulfillment of contractual or legal obligations, it is regularly deleted, unless its (temporary) further processing is necessary for the following purposes:
- Compliance with commercial and tax law retention periods in accordance with § 257 HGB (German Commercial Code) and AO (German Fiscal Code) with the specified retention or documentation periods of two to ten years.
- Preservation of evidence within the framework of the statute of limitations. According to §§ 195 ff. of the German Civil Code (BGB), these limitation periods can be up to 30 years, with the regular limitation period being three years.
8. OBLIGATION TO PROVIDE DATA
Within the scope of our business relationship, you must provide the personal data that is necessary for the establishment and execution of a business relationship and the fulfillment of the associated contractual obligations, or that we are legally obliged to collect. Without this data, we will generally have to refuse to conclude the contract, provide products, and render services, or we will no longer be able to perform an existing contract and may have to terminate it.
9. AUTOMATED DECISION-MAKING (INCLUDING PROFILING)
As a matter of principle, we do not use fully automated decision-making (including profiling) in accordance with Art. 22 GDPR to establish and execute the business relationship. Should we use these procedures in individual cases, we will inform you separately if this is required by law.
10. PROFILING (ART. 22 GDPR)
We process your data in a partially automated manner with the aim of evaluating certain personal aspects (profiling). We use profiling, for example, to provide you with targeted information and advice on products with the help of evaluation tools. These enable needs-based communication and advertising, including market and opinion research.
11. YOUR RIGHTS
According to Art. 15-21 GDPR, you can assert the following rights with regard to the personal data we process if the conditions described therein are met.
You can request information about your personal data processed by us in accordance with Art. 15 GDPR.
If incorrect personal data is processed, you have the right to correction in accordance with Art. 16 GDPR.
If the legal requirements are met, you can request the deletion or restriction of processing (Articles 17 and 18 GDPR).
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.
Right to object pursuant to Art. 21 GDPR
The data subject has the right to object at any time, on grounds relating to their particular situation, to the processing of personal data concerning them which is based on Art. 6 (1) (e) or (f) GDPR; this also applies to profiling based on these provisions.
12. RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY
Pursuant to Art. 77 GDPR, every data subject has the right to lodge a complaint with a supervisory authority if they believe that the processing of personal data concerning them violates the GDPR. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our organization is based.
The State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia P.O.
Box 20 04 44
40102 Düsseldorf
+49 211 38424–0
+49 211 38424–999
poststelle [at] ldi.nrw [dot] de