DATA PRIVACY STATEMENT OF THE EKATO Group

The protection of your personal data is important to the EKATO Group. Therefore. we process your data exclusively on the basis of the legal regulations and in compliance with the relevant data protection regulations. In this data privacy statement, we inform you about the data processing in the context of our Internet presence under: www.ekato.com/de and www.ekato.com

1.  Data controller

Party responsible in terms of data protection laws is:

EKATO Holding GmbH
represented by the Management Board, Dr. Ing. Erich Kurt Todtenhaupt and Mr Philipp
Todtenhaupt
Am Predigertor 1
79098 Freiburg
Tel.: +49 7622 29 0
Email: info@ekato.com

 

2.  Data Protection Officer

The data protection officer of the EKATO Group can be reached as follows:

EKATO Holding GmbH
for the attention of Data Protection Officer
Am Predigertor 1
79098 Freiburg
Email: datenschutz@ekato.com
Tel.: +49 351 2820 51 75

 

3.  Processing the data

3.1 General, deletion

Personal data are any data that identify you as a person, such as name, address, email addresses and online identifiers.

The personal data of our users are used as follows:

1. the execution of our services,
2. the guarantee of technical support.
3. tracking and marketing, as far as your consent is available (see below in detail).

We will only transfer the personal information to third parties, if this is based on your consent, the delivery of goods (delivery by postal service) or otherwise necessary to fulfill our contractual obligations to you. This includes the exchange of data within the EKATO Group and to our sales representatives (see below in details).

Personal data will be deleted as soon as they have fulfilled their purpose and deletion does not conflict with any retention requirements.

3.2 Informative use of our website

In the case of merely informative use of the website, i.e. if you do not use our contact form, we do not collect any personal data, with the exception of the data transmitted by your browser, in order to enable you to visit the website. These are:
– IP address possibly company name
– Date and time of the request
– Time Zone Difference to Greenwich Mean Time (GMT)
– Content of the requirement (concrete page)
– Access Status / HTTP status code
– amount of data transmitted in each case
– Website from which the request comes
– Browser
– Operating system and its interface
– Language and version of the browser software.

These data are used to provide the content of our websites, to ensure the functionality of our information technology systems and to optimise our website. The data may be used anonymously for statistical purposes (see below) as well as for data security purposes, in particular to ward off attempts to attack our web server (Art. 6 para.1 lit. f GDPR). Access data are neither used for the creation of individual user profiles nor passed on to third parties and are deleted after 7 days at the latest.

Due to the nature of the Internet, this data is inevitably processed on a variety of servers until your request arrives on our web server; therefore a collection and use is also possible in «third countries» (for example the USA). Our company has no influence on this process. Apart from these technical constraints, the provider of this website does not transmit any personal data to states outside the scope of the EU data protection regulation or without an adequate level of data protection.

In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do this, you will usually need to provide additional personal information that we use to provide the respective service. If additional voluntary information is possible, this is marked accordingly.

3.3  Contact form

If you contact us via the form on the website or by email, your email address, name and other information voluntarily provided by you (company, phone number, text) will be saved by us to answer your questions. The following communication with you will be carried out by unencrypted email. We delete the data arising in this context after processing your enquiries, as long as there is no need for longer storage. Insofar as statutory retention periods exist, the data will be blocked for other purposes.

Data processing is based on the statutory provisions of Art. 6 para 1 lit a (consent) of the GDPR. The processing of the data is lawful as long as you have given your consent to the processing. You can revoke your consent for the future at any time.

 

3.4  Signing up for seminars

You can sign up for seminars on our website. For this purpose we collect your name, your email address, your telephone number, city and country as well as other voluntary information. The legal basis for this is Article 6 para. 1. litt. b and f GDPR. After the seminars, your data will be saved and used for the transmission of further topic-related information. The legal basis for this is our legitimate interest (Art. 6 para. 1 lit. f GDPR). You can object to this storage and use at any time.

You can revoke this consent at any time with effect for the future. If you consent, EKATO can forward your name, company name and email to other seminar participants in order to enable an exchange of information or ideas. Our confirmation email and further communication takes place via unencrypted email. If you do not wish this, you can provide us with a secure communication channel.

 

4.  Analytics services

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited (Record Number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland («Google»), for marketing purposes and to optimize our offerings, if you agree to this. The legal basis for data processing is Art. 6 para. 1lit. a) GDPR. You can revoke your consent at any time with future effect. You can change your cookie settings at any time. However, we would like to point out that in this case you may not be able to use the full functionality of this website. Google Analytics uses so-called «cookies», text files that are stored on your computer and allow an analysis of the use of the website by you. The data mentioned in section 3.2 will be used. The information generated by the cookie about your use of this site is usually sent to a server of Google in the USA and stored there. In the case of activation of IP  anonymity on this site, your IP address is however abbreviated beforehand by Google within Member States of the European Union or other parties to the Agreement on the European Economic Area.

Only in exceptional cases is the full IP address sent to a Google server in the USA and abbreviated there. On behalf of the operator of this site Google will use this information to evaluate your use of the website, compile reports on website activity and provide other services to the site operator that are associated with use of the website and the Internet.
Please note that on this website Google Analytics has been extended by the code «anonymizeIp ();» in order to ensure an anonymous collection of IP addresses (so-called IP-Masking).

The IP address transmitted by your browser in conjunction with Google Analytics is not merged with other data held by Google.

For more information about Terms of Use and Privacy, please see www.google.com/analytics/terms/de.html or https://support.google.com/analytics/answer/6004245?hl=en.
5. Use of social media plug-ins

5.1 Integration of LinkedIn

We are currently providing the call to LinkedIn via a so-called social bookmark. In order for the full data control to be yours, LinkedIn is only included as a link. After clicking on the integrated graphic you will be redirected to the LinkedIn page and only then will user data be transferred to LinkedIn.

You will receive further information on the purpose and scope of the data collection and its processing by LinkedIn with their privacy policy:

LinkedIn Corporation, 2029 Stierlin Court, Mountain View, Californian 94043, USA; http://www.linkedin.com/legal/privacy-policy.

 

5.2 Integration of Facebook 

We are currently also providing the call from Facebook via so-called social bookmark. So that the full data control lies with you, Facebook is only integrated as a link. After clicking on the integrated graphic, you will be forwarded to the Facebook page and only then will user data be transferred to Facebook. For more information on the purpose and scope of data collection and processing by Facebook, please refer to their data protection information: Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland;

https://www.facebook.com/privacy/explanation.

 

5.3 Integration of YouTube

On the one hand, we’ve included the link to YouTube videos in our online offer. YouTube is a company of Google. After clicking on the graphic you will be redirected to YouTube and only then will user information be transmitted to YouTube.

Furthermore, we occasionally integrated videos that are stored on www.YouTube.com and can be played directly from our website. These are all integrated in the «extended data protection mode», which means that no data about you as a user will be transmitted to YouTube if you do not play the videos. Only when you click on the videos and play them, will the data mentioned in point 3.2 be transferred to YouTube. We have no influence on this data transmission.

When you visit the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned under section 3.2 of this declaration will be transmitted. This happens regardless of whether YouTube provides a user account that you are logged in to or whether there is no user account. If you are logged in to Google, your data will be assigned directly to your account. If you do not want your YouTube profile to be assigned, you must log out before activating the button. YouTube stores your data as user profiles and uses them for the purposes of advertising, market research and / or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles but you must contact YouTube to exercise this right.

For more information on the purpose and scope of the data collection and its processing, see: https://policies.google.com/privacy.

 

5.4 Facebook-Pixel

On our website, we use Facebook Pixel (Meta Pixel) for the purpose of measuring the effectiveness of our advertising campaigns (conversion measurement). For this purpose, the page from which you switch to our website is matched. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. The legal basis for this processing is your consent pursuant to Section 25 (1) TTDSG in conjunction with 6 (1) a) DSGVO. You can revoke your consent at any time.

Facebook matches your user data (customer data such as IP address, user ID) with the data of your Facebook account. This collected data is provided to us anonymously and made usable for the above-mentioned purpose. It is not possible for us to draw conclusions about the identity of the users.
Facebook stores and processes the data so that a connection to the respective user profile is possible and can thus be used for its own advertising purposes on the part of Facebook. Furthermore, a transfer of your personal data to the USA cannot be ruled out. There is no adequate level of data protection there. This use of the data cannot be influenced by us as site operator. The legal basis for the transfer of data to third countries is Art. 49 (1) a) DSGVO.

Facebook’s privacy policy can be found here: https://de-de.facebook.com/privacy/policy/

Likewise, Facebook bases the transfer of data to the USA on standard contractual clauses of the EU Commission: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

You can disable Facebook’s usage-based advertising in the Ads Settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook.

 

6. Use of SalesViewer® technology:

 

This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests  (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes.

In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally.

You can revoke your consent at any time with future effect. You can change your cookie settings at any time. However, please note that if you do this you may not be able to use the full functionality of this website.

 

7. Order via Amazon, Amazon Shop


On our website you have the possibility to order our products, in particular our manual. By clicking on the button “Order via Amazon”, you will be forwarded directly to Amazon Marketplace, Amazon Services Europe S.a.r.l, 38 abenue John F. Kennedy, L-1855 Luxembourg and data will be transmitted to Amazon.

If you order goods from EKATO via Amazon or ask us questions via Amazon, we will receive your personal data (name, delivery address) from Amazon, which are required for order processing.

Amazon sets cookies and processes your data for its own purposes. EKATO has no influence on this. Information on data protection on Amazon can be found here: https://www.amazon.de/gp/help/customer/display.html?ie=UTF8&nodeId=201909010&ref_=footer_privacy.

 

8.  Online – Advertising (Google Adwords)

We use the offer of Google Adwords to draw attention to our attractive offers with the help of advertising materials (so-called Google Adwords) on external websites, if you agree. The legal basis for data processing is Art. 6 Para. 1 lit. a) GDPR. You can revoke your consent at any time with future effect. You can change your cookie settings at any time. However, please note that if you do this you may not be able to use the full functionality of this website

In relation to the data of the advertising campaigns, we can determine how successful the individual advertising measures are. We are interested in showing you advertisements that are of interest to you, to make our website more interesting to you and to achieve a fair calculation of advertising costs.

These advertising materials are supplied by Google via so-called «ad servers». To do this, we use ad server cookies, which measure certain performance metrics such as ads impressions or user clicks. If you access our website through a Google ad, Google Adwords will store a cookie on your PC. These cookies usually lose their validity after 30 days and are not intended to identify you personally. For this cookie, the unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions), and opt-out information (note that the user does not want see this ad anymore) are typically saved as analysis values.

These cookies allow Google to recognise your Internet browser. If a user visits certain pages of an Adwords customer’s website and the cookie stored on their computer has not expired, Google and the customer will be able to detect that the user clicked on the ad and was redirected to that page. Each Adwords customer is assigned a different cookie. Cookies can not be tracked via the websites of Adwords customers. We ourselves do not collect and process any personal data in the aforementioned advertising measures. We receive only statistical evaluations provided by Google. On the basis of these evaluations, we can identify which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material. In particular, we can not identify the users on the basis of this information.

Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no control over the extent and the use of the data, which are collected by using this tool by Google. We will therefore inform you in accordance with what we know: By integrating AdWords, Google receives the information that you have accessed the relevant part of our website or have clicked on an ad from us. If you are registered with a service provided by Google, Google may associate the visit with your account. Even if you are not registered with Google or have not logged in, there is a chance that the provider will find and save your IP address.

You can also prevent participation in this tracking process in other ways: a) by adjusting your browser software accordingly, in particular, the suppression of third-party cookies will prevent you from receiving any third-party ads; b) by deactivating the cookies for tracking by changing your browser settings to block cookies from the domain «www.googleadservices.com«, https://www.google.com/settings/ads, whereby this setting will be deleted if you delete your cookies; c) by deactivating the interest-based advertisements of the providers that are part of the «About Ads» self-regulation campaign via the link http://www.aboutads.info/choices, this setting being deleted when you delete your cookies; d) by permanent deactivation in your browsers Firefox, Internet Explorer or Google Chrome under the link http://www.google.com/settings/ads/plugin. We point out that in this case you may not be able to use all the features of this offer in full.

More information about privacy at Google can be found here:

http://www.google.com/intl/de/policies/privacy and
https://support.google.com/analytics/answer/6004245?hl=en. Alternatively, you can visit the Network Advertising Initiative (NAI) web site at http://www.networkadvertising.org. Google is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

 

9. Data transmission within the EKATO Group, data transmission to sales representatives

We transmit your data within the companies of the EKATO Group (please find the current list https://www.ekato.com/en/ekato-group/contact/contacts-worldwide/) for reasons of central internal administration purposes, such as central customer and website support and seminar planning. In particular, your name and contact details will be transmitted for this purpose. The legal basis for this is Art. 6 para. 1 lit. f GDPR. A change of purpose is not associated with this. Through technical and organisational measures, we ensure the security of processing during data transmission. Your data will be deleted as soon as they are no longer required for specified purposes and legal storage requirements do not preclude this. »

We may also transfer your data to our contractual partners / sales representatives abroad in order to be able to handle country-specific services. The legal basis for this is Art. 6 (1) let. b GDPR, possibly in conjunction with standard contractual clauses, insofar as transfer to third countries takes place without and adequate level of data protection.

 

10. Applications

The Ekato Group takes data privacy very seriously. If you submit your application documents and personal information to us, you consent to have your data collected, saved, and used in our IT systems within the framework of the application process. You also consent that we may communicate with you during the application process through unencrypted e-mail, and consent to the receipt of non-encrypted e-mails. Art. 6 para. 1 lit. a and lit. b GDPR serve as the legal basis for data processing.

You can revoke your consent at any time with future effect via e-mail to personal@ekato.compersonal-systems@ekato.compersonal-fluid@ekato.com.

Alternatively, you can send your application to the above addresses by mail.

Rights of data subjects

Under the GDPR and BDSG (German Federal Data Protection Act), you have the right to receive information and to correct, delete, and restrict data processing and data transmission for your personal data. If you want to assert your rights, you can contact our HR department directly.

Deletion

Your data is deleted 6 months after the conclusion of the application process unless there are statutory retention periods to the contrary or – if you are hired – transferred to EKATO HR management. Art. 6 para. 1 lit. b GDPR serves as the basis for this data processing.

Retaining your application in the applicant pool or transferring your application documents within the EKATO Group company will require separate consent from you.

 

11. Rights of persons concerned

You have the right

a) to request information on categories of processed data, processing purposes, potential recipients of the data, the planned storage period (Art. 15 GDPR);
b) to demand the correction or addition of incorrect or incomplete data (Art. 16 GDPR);
c) to revoke consent granted at any time with effect for the future (Article 7 para. 3 GDPR);
d) data which is to be processed on the basis of a legitimate interest, for reasons which arise from your particular situation (Article 21 para. 1 GDPR);
e) to request the deletion of data in certain cases in the context of Art. 17 GDPR – especially if the data is no longer necessary or improperly processed for the intended purpose, or you revoke your consent in accordance with (c) above or if you have declared a contradiction according to (d) above;
f) to require the restriction of data under certain conditions, as far as a deletion is not possible or the deletion is disputed (Art. 18 GDPR);
g) to data portability, i. e. You may receive your data provided to us in a common machine-readable format, such as CSV and, if necessary, transfer it to others (Art. 20 GDPR);
h) to complain to the competent supervisory authority about the data processing, which, in particular, means to the national commissioner for data protection Baden-Wuerttemberg (https://www.baden-wuerttemberg.datenschutz.de/).

If you have given consent to the use of data, you can revoke them at any time with future effect.

Please send all information, deletion and correction requests, requests for information, requests for data portability, objections to data processing, etc. via email toldatenschutz@ekato.com.

 

12. Data integrity

 

We maintain up-to-date technical and organisational measures to ensure the security of the processing, in particular to protect your personal data against dangers during data transfers as well as prior knowledge of third parties. These are adapted to the current state of the art, the protection requirements of personal data and to the risks to your rights and freedoms.

 

13. US-specific regulations, DO NOT SELL

 

As far as EKATO is subject to American data protection requirements, the following is additionally explained: We do not sell personal data to third parties. With your consent, we may make your data available to third parties for marketing purposes if you have consented to this (see Section 7). You can revoke your consent at any time with future effect; change your settings via cookie-settings. Please address further inquiries to our data protection officer. (datenschutz@ekato.com).

 

14. Changes to the data privacy statements

 

We reserve the right to change the data privacy statements in order to adapt it to the changed legal situation or changes to our offers.

 

Date: May 2020