Privacy-Policy

1. Contact

GTB Global Trade Berlin GmbH
Sponholzstraße 30
12159 Berlin, Germany

Tel.: +49 30 889 428 45
E-Mail: info@global-trade-berlin.com
Web: www.blackrock-mobile.com

Sitz der Gesellschaft – 12159 Berlin, Sponholzstraße 30
Handelsregister – HRG Berlin-Charlottenburg HRB 112824 B
Geschäftsführer: Thomas Kopp

2. General information on data processing

1. General information on data processing

We only process our users’ personal data to the extent necessary for the provision of a functionalwebsite as well as the provision of our content and services. In general, we only process our users’ personal data with the users’ consent. One exception is in cases when it is not possible to obtain the user’s consent in advance for practical reasons and the company is permitted to process this data within the scope of the law.

2. Legal basis for the processing of personal data

When consent has been obtained from the data subject for the processing operations for the processing of personal data, point (a) of Article 6(1) of the EC General Data Protection Regulation (GDPR) serves as the legal basis.
When the processing of personal data is necessary for the performance of a contract to which the data subject is party, point (b) of Article 6(1) of the GDPR serves as the legal basis. This also applies for processing operations that are required in order to take the necessary steps prior to entering into a contract.
When the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, point (c) of Article 6(1) of the GDPR serves as the legal basis.
When processing of personal data is necessary in order to protect the vital interests of the data subject or of another natural person, point (d) of Article 6(1) of the GDPR serves as the legal basis.
If the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, and such interests are not overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, then point (f) of Article 6(1) of the GDPR serves as the legal basis for the processing.

3. Deletion of data and storage period

The personal data of the data subject is deleted or made unavailable to users once the purpose of the storage of the data no longer applies. Furthermore, data may also be stored if this storage is permitted by the European or national legislative authorities in EU regulations, laws or other guidelines that the controller is subject to. Data is also deleted or made unavailable to users once the storage period defined by the specified norms elapses as long as continued storage of the data is not required in order to conclude or perform a contract.

3. Provision of the website and the creation of log files

1. Description and scope of data processing

Every time our website is accessed, our system automatically records data and information from the system of the computer that is being used to access the website.
We use our website to collect personal data, e.g. your name and address or e-mail address, that you voluntarily provide us with in the form of entries made in contact forms or data entered for newsletter subscriptions. We store and use this data in order to process your requests and orders, maintain your customer account, or to provide you with access to specific information. We do not share this confidentialinformation with third parties.
Furthermore, information is automatically collected that is not assigned to a specific person (e.g. the IP address currently being used by your end device, the browser and operating system used to access the website, the date and time the website was accessed, the number of visits, average time spent on the website, pages accessed). We use this information to determine the appeal of our website and improve its functions and content.
This data is also stored in our system’s log files. This data is not stored together with the user’s other personal data.

2. Legal basis for data processing

The legal basis for the temporary storage of data and log files is point (f) of Article 6(1) of the GDPR.

3. Purpose of data processing

The system must temporarily store the IP address so that it can transmit the website to the user’s computer. In order to do this, the user’s IP address must be stored during the entire session.
The IP address is then saved in a log file in order to ensure that the website works properly. Furthermore, we use this information to optimise our website and ensure that our information technology systems are secure. The data saved for these reasons is not used for marketing purposes.
These purposes also constitute legitimate interests within the scope of point (f) of Article 6(1) of the GDPR.

4.Storage period

Data is deleted as soon as it is no longer required for the purpose for which it was obtained. In terms of the data recorded for the provision of the website, this is the case as soon as the session in question ends.
Data saved in the log files is deleted after 30 days. It is possible that data could be stored for longer than 30 days. In this case, the IP address of the user is deleted or anonymised so that it is no longer possible to associate it with the client that accessed the website.

5. Opt-out and disposal options

The collection of data required for the provision of the website and the storage of data in log files is essential in order to operate the website. For this reason, the user cannot opt out.

4. Cookies

This website uses two different types of cookies:

  • Persistent cookies are stored on your computer and stay there until they expire or are deleted. Closing your browser does not delete these cookies.

  • Session cookies are generated every time you visit one of our website pages. A session cookie is automatically deleted when you close your browser. All of the information saved in the cookie file is also deleted then.

1.Use of cookies

  • Tracking cookies collect data about how the user uses the websites that he or she accesses.

  • Cookies store information about the way the website is used in terms of the history, favourite content and personal settings.

  • Third-party cookies make it possible to exchange data with third-party websites.

  • Advertising cookies make it possible to show the user personalised advertising.

2. Consent to the storage of cookies and retrieval of the information stored within those cookies

The user must give their consent to allow cookies to store information on their computer and allow the information stored in those cookies to be retrieved. This consent is given via the cookie settings in the user’s installed browser. Every Internet browser automatically has cookies enabled as standard. To this effect, we ask that our customers check their browser settings and, if necessary, change the settings to enable cookies.
Furthermore, we allow you to choose to agree to the use of cookies directly on our website. If you use this opportunity to agree to the use of cookies, you will automatically deactivate the do-not-track function.

3. Legal basis for data processing

The legal basis for the processing of personal data using the technically required cookies is point (f) of Article 6(1) of the GDPR.

The legal basis for the processing of personal data using cookies for analysis purposes with the consent of the user is point (a) of Article 6(1) of the GDPR.

 

4. Purpose of data processing

The purpose of the use of technically required cookies is to make it easier for the user to use the website. A number of functions on our website cannot be offered without the use of cookies. For these functions, it is necessary that the browser is still recognised when the user moves from one page to another.
The user data recorded by technically required cookies is not used to create user profiles. Analysis cookies are used for the purpose of improving the quality of our website and its content. The analysis cookies tell us how the website is used. These purposes also constitute legitimate interests for the processing personal data within the scope of point (f) of Article 6(1) of the GDPR

5. Storage period, opt-out and disposal options

Cookies are stored on the user’s computer and transmitted to our website from there. For that reason you, as the user, have total control over the use of cookies. By changing the settings in your browser, you can disable or limit the use of cookies. Cookies that have already been saved to your computer can be deleted at any time. You can also change your settings so they are deleted automatically. If you disable cookies for our website, you may not be able to fully utilise all of the functions of the website.

5. Contact form and e-mail addresses

1. Description and scope of data processing

Our website contains contact forms that can be used to contact us electronically. If a user takes advantage of this opportunity, we will record and store the data that they enter into the fields of the form. The personal data that is transmitted in this way is determined by the fields in the form.
Furthermore, when the user sends a message, the following data is also saved:

  • The user’s IP address; however this information is masked by a byte

  • The date and time the user registered

Alternatively, the user can also contact us by writing an e-mail to the e-mail address provided. In this case, the user’s personal data that is transmitted with the e-mail will be saved.

The data collected in this way is not passed on to third parties. The data is only used to process the user’s e-mail.

 

2. Legal basis for data processing

The legal basis for the processing of data with the consent of the user is point (a) of Article 6(1) of the GDPR.
The legal basis for the processing of the data that is transmitted when the user sends an e-mail is point (f) of Article 6(1) of the GDPR. If the purpose of the e-mail is to conclude a contract, then the additional legal basis for the processing is point (b) of Article 6(1) of the GDPR.

3. Purpose of data processing

We only process the personal data included in the contact form to process the user’s message. If the user contacts us via e-mail, this also constitutes a legitimate interest in the processing of the data. Any other personal data processed during the sending operation is used to prevent third parties from misusing the contact form and to ensure the security of our information technology systems.

4. Storage period

Data is deleted as soon as it is no longer required for the purpose for which it was obtained. In terms of the personal data from the fields in the contact form and the personal data that is sent via e-mail, this is the case when the conversation in question with the user comes to an end. The conversation ends when it is clear from the circumstances that the issue in question has been clarified conclusively.

5. Opt-out and disposal options

The user has the option at any time to revoke his or her consent to the processing of his or her personal data. If the user writes us an e-mail, he or she can object to the storage of his or her personal data at any time. Furthermore, the user can contact one of our employees at any time. In this case, the conversation cannot be continued.
All personal data that is stored during the course of the user contacting us will be deleted in this case.

6. Analysis by Matomo

1. Scope of the processing of personal data

We use the open-source software tool Matomo (formerly PIWIK) on our website to analyse the surfing patterns of our users. The software saves a cookie in the user’s browser (for more information on cookies, see above). When a user accesses individual pages on our website, the following data is stored:

  • A byte of the IP address of the system the user is using to access the website

  • The website accessed

  • The website that referred the user to the website accessed (referrer)

  • The sub-pages that the user accesses from the accessed website

  • The amount of time spent on the website

  • The frequency with which the user accesses the website

The software runs solely on our website’s servers. The user’s personal data is not saved on these servers. The data is not passed on to third parties.
The software is set up so that IP addresses are not saved in full but rather one byte of the IP addresses are masked (e.g.: 192.168.001.xxx). This masking means it is no longer possible to allocate the abbreviated IP address to the computer that accessed the website.

2. Legal basis for the processing of personal data

The legal basis for the processing of the user’s personal data is point (f) of Article 6(1) of the GDPR.

3. Purpose of data processing

Processing the user’s personal data allows us to analyse the user’s surfing patterns and behaviour. By evaluating the data we obtain, we are able to compile information about the way the various components of our website are used. This helps us to continuously improve our website and make it more userfriendly. These purposes also constitute legitimate interests for the processing of personal data within the scope of point (f) of Article 6(1) of the GDPR. By anonymising the IP address, we sufficiently take into account the interests of the user regarding the protection of their personal data.

4. Storage period

The data is deleted as soon as it is no longer required for our purposes.

5. Opt-out and disposal options

Cookies are stored on the user’s computer and transmitted to our website from there. For that reason you, as the user, have total control over the use of cookies. By changing the settings in your browser, you can disable or limit the use of cookies. Cookies that have already been saved to your computer can be deleted at any time. You can also change your settings so they are deleted automatically. If you disable cookies for our website, you may not be able to fully utilise all of the functions of the website. For more information on Matomo software’s privacy settings, click here: https://matomo.org/docs/privacy/.

7. Analysis by Google Analytics

Our website uses the web analysis service Google Analytics by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). The processing of data serves to analyse this website and its visitors. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide other services to the website operator relating to website and internet use. The IP address communicated by your browser as part of Google Analytics is not associated with any other data held by Google. Google Analytics uses cookies, which make it possible to analyse your use of the website. The information generated by the cookie regarding your use of this website is usually transferred to a Google server in the USA and stored there. IP anonymisation is activated on this website.

Google uses this to shorten your IP address beforehand within Member States of the European Union or in other signatories to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. Your data may be transmitted to the USA. Transmission of data to the USA is covered by an adequacy decision by the European Commission. Processing is carried out on the basis of art. 6 (1) lit. f GDPR due to our justified interest in needs-based and targeted design of the website. You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR by contacting us, for reasons relating to your personal situation.You can prevent the storage of cookies by choosing corresponding technical settings in your internet browser; we would, however, like to point out that this may prevent you from making full use of all the functions of this website. You can also prevent collection of the data (including your IP address) generated by the cookies and related to your use of the website by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available at the following link [https://tools.google.com/dlpage/gaoptout?hl=en].

You can set an opt-out cookie to prevent collection by Google Analytics across devices. Opt-out cookies prevent the future collection of your data when you visit this website. You need to opt-out on all systems and devices in use for this to work comprehensively. If you click here, the opt-out cookie is set:

Deactivate Google Analytics

You can find more detailed information on the terms and conditions of use and data protection at https://www.google.com/analytics/terms/ and at https://policies.google.com/?hl=en.

 

8. Rights of the data subject

When your personal data is processed, then you are a data subject as defined in the GDPR and you have the following rights vis-à-vis the controller:

1.Right of access

You have the right to obtain confirmation from the controller as to whether or not we are processing any personal data which concerns you.

Where this is the case, you also have the right to access the following information from the controller:

  • the purposes for which the personal data is being processed

  • the categories of personal data being processed

  • the recipients or categories of recipient to whom the personal data has been or will be disclosed

  • the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period

  • the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing

  • the right to lodge a complaint with a supervisory authority

  • where the personal data is not collected from the data subject, any available information as to the source

  • the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and – at least in those cases – meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

You have the right to be informed if your personal data is to be transferred to a third country or to an international organisation. Where this is the case, you also have the right to be informed of the appropriate safeguards pursuant to Article 46 of the GDPR relating to the transfer.

 

2. Right of rectification

You have the right to obtain the rectification of inaccurate personal data from the controller in the event that the personal data being processed that concerns you is incorrect or incomplete. The controller must rectify the data without undue delay.

3. Right to restriction of processing

You have the right to obtain restriction of processing of the personal data that concerns you where one of the following applies:

  • you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data

  • the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead

  • the controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims, or

  • you have objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether the legitimate grounds of the controller override your grounds.

Where the processing of your personal data has been restricted, such personal data shall – with the exception of storage – only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

If you have obtained restriction of processing pursuant to the grounds listed above, you will be informed by the controller before the restriction of processing is lifted.

 

4. Right to erasure

a. Erasure obligation

You have the right to obtain the erasure of personal data concerning you without undue delay, and the controller is obligated to erase this personal data without undue delay where one of the following grounds applies:

  • the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed

  • you withdraw the consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2) of the GDPR, and there is no other legal ground for the processing

  • you object to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) of the GDPR

  • the personal data concerning you has been unlawfully processed

  • the personal data concerning you has to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject

the personal data concerning you has been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.

b. Sharing information with third parties

Where the controller has made the personal data concerning you public and is obliged pursuant to Article 17(1) of the GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, must take reasonable steps, including technical measures, to inform the controllers who are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, that personal data.

c. Exceptions

The right to erasure does not apply to the extent that processing is necessary

  • for exercising the right of freedom of expression and information

  • for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller

  • for reasons of public interest in the area of public health in accordance with points (h) and (i) of Article 9(2) as well as Article 9(3) of the GDPR;

  • for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) of the GDPR in so far as the right referred to in Section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or

  • for the establishment, exercise or defence of legal claims.

5. Right to information

If you exercise your right of rectification, to erasure or to restriction of processing vis-à-vis the controller, the controller is obligated to communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data has been disclosed, unless this proves impossible or involves disproportionate effort.

You also have the right to be informed about those recipients by the controller upon request.

 

6. Right to data portability

You have the right to receive the personal data concerning you, which you have provided to a controller, in a structured, commonly used and machine-readable format. Furthermore, you have the right to transmit that data to another controller without hindrance from the controller to which the personal data has been provided, where:

  • the processing is based on consent pursuant to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR or on a contract pursuant to point (b) of Article 6(1) of the GDPR; and

  • the processing is carried out by automated means.

In exercising your right to data portability, you also have the right to have your personal data transmitted directly from one controller to another, where technically feasible. The freedoms and rights of others may not be affected by the exercise of this right.

The right of data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

 

7. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) of the GDPR, including profiling based on those provisions.

The controller will no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.

Where your personal data is processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

If you object to processing for direct marketing purposes, your personal data will no longer be processed for such purposes.

In the context of the use of information society services – and notwithstanding Directive 2002/58/EC – you may exercise your right to object by automated means using technical specifications.

8. Right to withdraw the declaration of consent under data protection law

You have the right to withdraw your declaration of consent under data protection law at any time. Withdrawing your consent does not affect the lawfulness of processing based on consent before its withdrawal.

9. Automated individual decision-making, including profiling

You have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you. However, this does not apply if the decision:

  • is necessary for entering into or performance of a contract between you and the controller

  • is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or

  • is based on your express consent.

However, these decisions may not be based on special categories of personal data referred to in Article 9(1) of the GDPR, unless point (a) or (g) of Article 9(2) of the GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.

In the cases referred to above in points (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.

 

10. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you violates the GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.

9. Use of social media plugins

1. Facebook

Our website uses Facebook components. Facebook is a social network. Facebook is a service of Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, is responsible for the processing of personal data from persons in Europe. You can recognise the plugins by the use of the Facebook logo. For more information on all Facebook plugins, go to: https://developers.facebook.com/docs/plugins/. The plugin creates a direct connection between your browser and the Facebook servers. We have no influence on the nature and the scope of the data that the plugin transmits to the Facebook Inc. server. You can find more information on this here: https://www.facebook.com/help/186325668085084 The plugin informs Facebook Inc. that you are a user of our website. It is possible that the plugin will save your IP address. If you are logged in to your Facebook account while you visit the website, the information specified will be linked to your account. If you use the functions of the plugin – for example, by sharing or liking an entry – the corresponding information will also be transferred to Facebook Inc. If you would like to prevent Facebook Inc. from linking this data to your Facebook account, please log out of Facebook before visiting our website.

2. Facebook-Pixel

The Facebook pixel makes it possible for Facebook to define visitors to our website as a target audience for the display of ads (so-called ‘Facebook ads’). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us, on Facebook and within the services of Facebook partners (so-called ‘Audience Network’ https://www.facebook.com/audiencenetwork/ ), only to those users who have also shown an interest in our website or have particular characteristics (for example, interest in particular topics or products that appear when the web pages are visited), which we transmit to Facebook (so-called ‘Custom Audiences’). With the help of the Facebook pixel, we would also like to ensure that our Facebook ads are likely to be of interest to the users and are not annoying. Furthermore, the Facebook pixel enables us to track the effectiveness of the Facebook ads for statistical and market research purposes, as we can see whether users were redirected to our website after clicking a Facebook ad (so-called ‘conversion measurement’).

  • Types of data processed: Usage data (for example, web pages visited, interest in contents, access times), meta/communications data (for example, device information, IP addresses), location data (data that specifies the location of an end user’s device).
  • Affected persons: Users (for example, web page visitors, users of online services).
  • Purposes of the processing: Tracking (for example, interest-based/behavioural profiling, use of cookies), remarketing, conversion tracking, interest-based and behavioural marketing, profiling (creation of user profiles), conversion measurement (measurement of the effectiveness of marketing measures), target audience creation (definition of target audiences relevant for marketing purposes or other output of contents), cross-device tracking (cross-device processing of user data for marketing purposes).
  • Security measures: IP masking (IP address pseudonymisation).
  • Legal bases: Consent (Art. 6 para 1 page 1 lit. a GDPR), Legitimate interests (Art. 6 para 1 page 1 lit. f. GDPR).

Used services and service providers:

3. LinkedIn

Social network – service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Privacy policy: https://www.linkedin.com/legal/privacy-policy; Opt-out option: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Insights tag / Conversion measurement – Service provider: LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA; Website: https://www.linkedin.com; Privacy policy: https://www.linkedin.com/legal/privacy-policy, Cookie policy: https://www.linkedin.com/legal/cookie_policy; Opt-out option: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Plugins and content – These may include content such as images, videos or texts and buttons, for example, that allow users to share the content of this online service within LinkedIn. Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Privacy policy: https://www.linkedin.com/legal/privacy-policy; Opt-out option: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

4. Twitter

Our website uses the Twitter button. This button is operated by Twitter Inc. (795 Folsom St., Suite 600, San Francisco, CA 94107, USA). If you visit a page that has this button, it will create a direct connection between your browser and the Twitter servers. We have no influence on the nature or scope of the data that the plugin transfers to the Twitter Inc. servers. According to Twitter Inc., they will only collect and save your IP address. For more information on how Twitter Inc. uses your personal data, click here: https://twitter.com/privacy?lang=en

5. YouTube

Among other providers, we use YouTube to embed videos on our website. YouTube is operated by YouTube LLC, which is headquartered at 901 Cherry Avenue, San Bruno, CA 94066, USA. YouTube is represented by Google Inc., which is headquartered at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. We use plugins provided by YouTube on our website. If you access a page of our website on which one of these plugins is installed, the plugin will create a connection to the YouTube servers in order to display the plugin. As a result, the plugin tells the YouTube server which of our pages you visited. If you are logged in to your YouTube account, YouTube will allocate this information to your personal account. If you use the plugin, e.g. by clicking the start button of a video, this information is also allocated to your YouTube account. If you would like to prevent this information from being connected to your account, log out of your YouTube account as well as other accounts connected to the companies YouTube LLC and Google Inc. and delete the associated cookies before accessing our website. For more information about data processing and how YouTube (Google) protects your privacy, click here: https://policies.google.com/privacy?hl=en&gl=de.

6. Pinterest

Our website includes the Pinterest button from Pinterest Inc., 808 Brannan St, San Francisco, CA 94103, USA. This button transmits your IP address to Pinterest. If you are logged in to Pinterest in the same browser that you use to access our website, this information can be linked to your account. When you click the “Pin It” plugin, this information is also transmitted to Pinterest and published to your account. You can adjust your Pinterest privacy settings at http://pinterest.com/about/privacy/. If you do not consent to having your data sent to Pinterest, log out of Pinterest in the browser that you are using to visit our website.

7. AddThis

Our website uses social plugins (“plugins”) from the bookmarking service AddThis, which is operated by AddThis LLC, Inc. 8000 Westpark Drive, Suite 625, McLean, VA 2210, USA “AddThis”). These plugins generally feature an AddThis logo, for example in the form of a white plus sign on an orange background. For an overview of the AddThis plugin and its appearance, click here: www.addthis.com/get/sharing When you access a page on our website that contains one of these plugins, the browser connects directly to the AddThis servers. The content of the plugin is directly communicated to your browser and integrated into the page by AddThis. This integration provides AddThis with information that your browser has accessed the corresponding page of our website and saves a cookie on your end device to identify your browser. This information (including the IP address) is directly communicated from your browser to one of AddThis’ servers in the US and saved there. AddThis uses the data to create anonymised user profiles that serve as the basis for personalised, interest-based advertising for users who visit websites with AddThis plugins. For information on the purpose and scope of the data collection as well as further processing and use of the data by AddThis, please refer to AddThis’ data privacy policy: www.addthis.com/privacy/privacy-policy. If you object to AddThis collecting your data, you can set an opt-out cookie which you can download by clicking the following link: www.addthis.com/privacy/opt-out You can also use browser extensions to completely block the AddThis plugin from loading, e.g. with the NoScript script blocker (http://noscript.net/).

10. Hama dealer newsletter

1. Description of the data processing

If you would like to receive one of the newsletters offered on the website, we require an e-mail address from you, as well as information that allows us to verify that you are the owner of the e-mail address provided and agree to receive the newsletter. When you subscribe to the newsletter, your e-mail address will be used by us, for our own promotional purposes, until you unsubscribe. We use the e-mail marketing software Emarsys for e-mail marketing. The data is stored on both the Hama and Emarsys servers..

With the Hama dealer newsletter, you will receive several newsletters per month, informing you about our new products, current top themes and exclusive offers. In addition to the e-mail address, the user profile for the dealer newsletter is enhanced with additional known customer master data. Furthermore, your user behaviour on the website is analysed. The purpose is to provide you with a bespoke offer via the newsletter. If you do not agree with the analysis of user behaviour, you can object to it at any time and deactivate this functionality. For further information please refer to VII. Analysis of user behaviour by Web Extend.

If you have subscribed to one of our newsletters, the data you provided when registering will be used for the purpose of sending our newsletter to you. Your data will not be disclosed to third parties, except where such parties are partner companies that are responsible for the technical process of sending out the newsletter. In these cases, the scope of the transmitted data is, however, restricted to the required minimum. Our data protection regulations are compliant with the General Data Protection Regulation (GDPR) and the German Act to Adapt Data Protection Law to Regulation (EU) 2016/679 and to Implement Directive (EU) 2016/680 (in German: DSAnpUG-EU).

 

2. Legal basis for personal data processing

Art. 6 para 1 lit. a GDPR is the legal basis for processing of the data after the user has subscribed to the newsletter and where the user has given their consent.

3. Purpose of data processing

Hama dealer newsletter: we use the data we collect to create a user profile to provide you with a newsletter tailored to your interests. This is the only way for us to be able to offer you the newsletter in a targeted way that is in line with your interests.

4. Data storage period

The data is deleted as soon as it is no longer required for the purpose for which it was collected.

5. Objection and removal

Hama dealer newsletter: If you do not wish to receive personalised advertising, you can object at any time. Simply deactivate the Web Extend data collection script under My Account. Please note that this may lead to limited functionality. Furthermore, the newsletter subscription can be cancelled by the user at any time. You will find a corresponding link for this purpose at the end of the newsletter. You can also send a cancellation by e-mail to news@reply.hama.de.

11. Google Tag Manager

Google Tag Manager is a solution we use to manage website tags via an interface in order to be able to integrate Google Marketing services into our online presence. The Tag Manager itself (which implements the tags) does not process any of the user’s personal data. With regard to the processing of the user’s personal data, reference is made to the following information regarding Google services. Usage policy: https://www.google.com/intl/de/tagmanager/use-policy.html.

12. Google Maps

This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) sentence 1 lit. f GDPR. Further information about handling user data, can be found in the data protection declaration of Google at https://www.google.de/intl/de/policies/privacy/.

13. Google reCAPTCHA

Based on our legitimate interest in the prevention of spam and abuse, we also use the reCAPTCHA feature of Google on Jimdo websites. This function is primarily used to distinguish whether an input is made by a natural person or abusive by automated processing. The service includes the sending of the IP address and possibly other data required by Google for the reCAPTCHA service to Google. Additional information about Google reCAPTCHA and Google’s privacy policy can be found at: https://policies.google.com/privacy.

14. OpenStreetMap

This site uses the Open-Source-Mapping-Tool „OpenStreetMap“ (OSM) map service via an API. It is operated by the OpenStreetMap Foundation. To use „OpenStreetMap“ (OSM), it is necessary to save your IP address. This information is generally transmitted to an „OpenStreetMap“ (OSM) server and stored there. The provider of this site has no influence on this data transfer. The use of „OpenStreetMap“ (OSM) is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO. Further information about handling user data, can be found in the data protection declaration of OpenStreetMap or here http://wiki.openstreetmap.org/wiki/Legal_FAQ.

15. Use of WhatsApp Business

In order to improve our customer service, we use the service provider MessageBird, MessageBird B.V., Trompenburgstraat 2C, 1079 TX Amsterdam, The Netherlands, to provide and initiate communication through WhatsApp, a service of WhatsApp, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, privacy policy at https://www.whatsapp.com/legal/business-data-processing-terms/?lang=en. When you communicate with us through WhatsApp, we collect and store information such as your name and surname, telephone number and chat or message history. The legal basis for data processing is Art. 6 (1) (f) of the GDPR, whereby our legitimate interests are better customer service and the efficiency of processing customer enquiries.

16. Name and address of the data security officer

The data security officer of the controller is:

Data security officer
Hama GmbH & Co KG
Dresdner Str. 9
86653 Monheim
Deutschland
E-Mail: dpo@hama.com