Thank you for visiting our website and for your interest in our company. We strive to offer you the best possible service; this also includes continuous optimizing of our Internet presence and, especially the protection of your personal data.
Please find below information about how we handle your personal data in accordance with Art. 13 of the General Data Protection Regulation (“GDPR”).
The entity stated in our legal notice is responsible for the data collection and processing described below.
We have implemented technical and organizational measures to ensure that your data are comprehensively protected against any undesired access. We use an encryption procedure on our sites. Your computer will use TLS encryption to transmit your data to our server via the Internet and vice versa. This is indicated by the locked padlock symbol in your browser status bar and the address line beginning with https:// .
Whenever you visit our websites, for statistical purposes our web server will temporarily store in a log so-called usage data” to allow us to improve the quality of our websites. This data set comprises:
- The name and address of the requested content,
- The date and time of the request,
- The data volume transmitted,
- The access status (file transmitted, file not found),
- The description of the type of web browser and operating system used,
- The referral-link, which shows from which site you accessed our website,
- The requesting computer’s IP address.
We will store the IP address transmitted by your web browser for a period of seven days strictly for the purpose of being able to recognize, limit and rectify any attacks on our websites. After expiry of this period, we will erase or anonymize the IP address. The legal basis for this is Art. 6 Para. 1 lit. f GDPR.
You can revoke your consent by clicking here and choosing the respective option.
The usage profile made by Matomo contains:
- Anonymized IP address by deleting the last 2 Bytes (e.g. 184.108.40.206 instead of 198.51.100.54)
- Pseudo-anonymized approximate location/region (based on the anonymized IP address)
- Date and time
- Title of the accessed site
- URL of the accessed site
- URL of the previously accessed site (if permitted)
- Screen resolution
- Local time
- Data clicked and downloaded
- External links
- Duration of the page load
- Country, region, city (with low accuracy due to IP addresses)
- Main language of the browser
- Used browser
- Interaction with forms (but not their content)
- Operating system
The mentioned usage profiles will only be stored pseudonymized. This way we are able to recognize returning visitors, to count them as such and measure the reach and interest in our website.
We are using the service of Google Maps on this website. A service of Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001 (“Google”). This allows us to show you interactive maps on the website and enable you to conveniently use the map function.
By accessing the website, Google will receive the information that you accessed the subpage of our website. Further, data named under usage data in this declaration will be transmitted. This happens irrespective of whether Google provides a user account which you are logged in to or if no user account exists. However, within our embedded configuration no consolidation of data with your Google account will take place, so that the data Google receives from you will be restricted to the minimum necessary in order to provide the maps.
Embedded YouTube videos
YouTube videos are embedded in a few subpages of our website. Accessing these subpages results in reloading contents from YouTube. YouTube will receive your IP address within this frame, which is technically necessary to access the content. We do not have any influence regarding the further processing of YouTube. However, when embedding the videos, we made sure to activate the extended data protection mode being offered by YouTube.
Data transfer to third parties
Within the framework of data processing on our behalf as defined by Art. 28 GDPR, we will transfer your data to service providers who assist us with the operation of our websites and the related processes. Our service providers are bound by strict instructions issued by us and subject to corresponding contractual obligations.
We may transfer personal data collected as part of the contractual relationship in connection with the sending and receiving of payments to Treasury Intelligence Solutions GmbH, Langer Anger 7, 69115 Heidelberg (TIS). Legal basis for the transfer is article 6 para 1 lit. b and article 6 para 1 lit. f GDPR.. The data exchange with TIS also serves to fulfill regulatory obligations from the SWIFT agreement, it may involve a transfer of data to the USA. TIS processes the data received and uses it for the purpose of providing Payee Community Screening to detect fraudulent Payees before the payment is executed (fraud prevention). Further information relating to the activities TIS can be found online: https://tispayments.com/privacy-policy/
In the context of know your customer checks in pre-contractual relationships as well as contractual relationships, we transmit personal data to Diligent Corporation, 1111 19th Street NW, 9th Floor, Washington DC 20036, USA (Diligent)). Legal basis for the transfer is article 6 para 1 lit. c, article 6 para 1 lit. e or article 6 para 1 lit. f GDPR. The data exchange with Diligent also serves to fulfill regulatory obligations (Money Laundering Prevention) , it may involve a transfer of data to the USA or other jurisdictions. Further information relating to the activities Diligent can be found online https://www.diligent.com/privacy/.
Your rights as a user
You, as a so-called data subject, have the following rights: the right to information according to Article 15 GDPR; the right to rectification according to Article 16 GDPR; the right to erasure according to Article 17 GDPR; the right to restriction of processing according to Article 18 GDPR; the right to object according to Article 21 GDPR and the right to data portability according to Article 20 GDPR. Your rights to information and erasure are subject to limitations in accordance with Sect. 34 and 35 BDSG (German Federal Data Protection Act). In addition, you have a right to lodge a complaint with a supervisory authority (Article 77 GDPR in conjunction with Sect. 19 BDSG).
Right to object (Art. 21 GDPR)
In case that data are gathered on the basis of Art. 6 Para. 1 lit. f (data processing for the purposes of legitimate interests) you have the right to object the processing at any time for reasons relating to your respective situation. If you do object, we will no longer process your personal data unless there are compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of any legal claims.
Right to lodge a complaint with a supervisory authority
According to Art. 77 GDPR you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of your personal data infringes data protection law regulations. You can assert this right in particular with a supervisory authority in the member state of your habitual residence; place of work or the place of the alleged infringement.
Data protection officer’s contact details
Our company Data Protection Officer will be pleased to provide you with further information or respond to any feedback concerning data protection:
Status: October 2020