We, the Double E Company LLC., provide the Double E-website under the web address www.ee-co.com (“website”).
In context with the website and the services provided on the website, we process personal data.
The protection of personal data is important to us. We process personal data only in accordance with the applicable data protection requirements, in particular the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (Bundesdatenschutzgesetz - BDSG).
In Section A of this Data Protection Information we provide you with information about the controller responsible for the processing of your personal data.
In Section B you find information about the processing of your personal data.
In Section C you find more detailed information on the use of cookies or similar technologies.
In Section D you further find information on your rights regarding the processing of your personal data.
The technical terms relating to data protection used in this Data Protection Information have the meaning used in the General Data Protection Regulation.
A. Information on the controller
B. Information on the processing of personal data
C. Information on the use of cookies
D. Information on the rights of data subjects
E. Effective date of and changes to this Data Protection Information
A. Information on the controller
Double E Company, LLC
319 Manley Street
West Bridgewater, MA 02379 USA
Email: info@ee-co.com
Phone: +1 (508) 588-8099
B. Information on the processing of personal data
I. Informational use of the website
When the use of the website is purely informational, certain information, for example your IP address, is sent to our server by the browser used on your device for technical reasons. We process this information in order to provide the website content requested by you. To ensure the security of the IT infrastructure used to provide the website, this information is also stored temporarily in what is referred to as a so-called “web server log file”.
In order to provide the search functions of our website, data that you enter into our search functions is temporarily processed on our web server.
In order to provide the administrative functions for cookie consent for this website, data from strictly necessary cookies (→ Section C) is temporarily processed on our web server in order to determine whether you have already given your consent, the next time you visit the website.
In order to provide certain other functions of our website, data from strictly necessary cookies (→ Section C) are temporarily processed on our web server.
In order to enhance the performance of our website and in order to ensure that our website is ranked best possibly on search engines, we direct your browser to load some resources necessary for displaying the website from external providers which may therefore, for technical reasons, receive certain information, for example your IP address.
You receive more detailed information on this below:
1. Details on the personal data which are processed
Categories of personal data processed | Personal data included in the categories | Sources of the data | Obligation of the data subject to provide the data | Storage duration |
HTTP Data | Protocol data which accrue when visiting the website via the Hypertext Transfer Protocol (Secure) (HTTP(S)) for technical reasons: These include IP address, type and version of your internet browser, operating system used, last site accessed before visiting the site (referrer URL), date and time of visit. | User of the website | Provision is not a statutory or contractual requirement, or a requirement necessary to enter into a contract. There is no obligation of the data subject to provide the data. If the data is not provided, we cannot provide the requested website content. | Data are stored in server log files in a form allowing the identification of the data subject for a maximum period of 7 days, unless a security-relevant event occurs (e.g. a DDoS attack). If there is a security-relevant event, server log files are stored until the security-relevant event has been eliminated and completely resolved. |
Search Function Data | Data that you enter into the search functions of our website: These include all information that you enter as search terms in the respective search form on the website. | User of the website | Provision is not a statutory or contractual requirement, or a requirement necessary to enter into a contract. There is no obligation of the data subject to provide the data. If the data is not provided, we cannot take any cookie consents on this website into account. | Data are stored in server log files in a form allowing the identification of the data subject for a maximum period of 7 days, unless a security-relevant event occurs (e.g. a DDoS attack). If there is a security-relevant event, server log files are stored until the security-relevant event has been eliminated and completely resolved. |
Opt-In Data | Data that you provide for the management of cookie consents for this website and data that is assigned to your device, when using the function to manage the cookie consents: These include, in particular, your consent and, where applicable, your individual selection for the use of cookies on your device. (For the management of cookie consents we use strictly necessary cookies. You can find detailed information on the content of the cookies used in Section C.III.) | User of the website | Provision is not a statutory or contractual requirement, or a requirement necessary to enter into a contract. There is no obligation of the data subject to provide the data. If the data is not provided, we cannot take any cookie consents on this website into account. | We process the data only temporarily for the period our website is used. Beyond this, we do not store this data on our system. (The cookies used for the management of cookie consents are stored on the user’s device. You can find more information on the validity period of the cookies used in Section C.III.) |
Function Data | Data that you provide for the provision of certain functions of the website and data that is assigned to your device, when using certain functions of the website. For providing such functions, we use strictly necessary cookies. You can find detailed information on the content of the cookies used in Section C.III. | User of the website | Provision is not a statutory or contractual requirement, or a requirement necessary to enter into a contract. There is no obligation of the data subject to provide the data. If the data is not provided, we cannot provide the requested function. | We process the data only temporarily for the period our website is used. Beyond this, we do not store this data on our system. (The cookies used for providing the functions are stored on the user’s device. You can find more information on the validity period of the cookies used in Section C.III.) |
2. Details on the processing of the personal data
Purpose of processing the personal data | Categories of personal data processed | Automated decision-making | Legal basis and, where applicable, legitimate interests | Recipient |
Provision of the website content requested by the user: For this purpose, data are temporarily processed on our web server. | HTTP Data | No automated decision-making takes place. | Article 6 paragraph 1 point (f) of the General Data Protection Regulation (pursuing legitimate interests under balancing of interests): Our legitimate interest is the provision of the website content requested by the user. | Hosting Provider |
Providing the search functions of our website: For this purpose, data that you enter into our search functions is temporarily processed on our web server. | Search Function Data | No automated decision-making takes place. | Article 6 paragraph 1 point (f) of the General Data Protection Regulation (pursuing legitimate interests under balancing of interests): Our legitimate interest is the provision of the search function of the website requested by the user. | Hosting Provider |
Providing the cookie consent management function for this website as well documenting cookie consents: When the site is visited again, we determine whether you have already given consent and activate the cookies as well as associated analysis and web tracking technologies based on your consent. (For this purpose, data from strictly necessary cookies are processed temporarily on our web server. You can find detailed information on the content and the purposes of the cookies used in Section C.III.) | Opt-In Data | No automated decision-making takes place. | Article 6 paragraph 1 point (f) of the General Data Protection Regulation (pursuing legitimate interests under balancing of interests): Our legitimate interest is the management of the cookie consents given by the user for this website. | Consent Management Provider |
Provision of certain functions of our website: For providing certain functions of our website, which are not described in more detail in this Section B, data from strictly necessary cookies are processed temporarily on our web server. You can find detailed information on the content and the purposes of the cookies used in Section C.III. | Function Data | No automated decision-making takes place. | Article 6 paragraph 1 point (f) of the General Data Protection Regulation (pursuing legitimate interests under balancing of interests): Our legitimate interest is the provision of the relevant function requested by the user. | Hosting Provider |
Ensuring the security of the IT infrastructure used for the provision of the website, in particular for the detection, elimination and conclusive documentation of incidents (e.g. DDoS attacks): For this purpose, data are temporarily stored and evaluated in log files on our web server. | HTTP Data Search Function Data | No automated decision-making takes place. | Article 6 paragraph 1 point (f) of the General Data Protection Regulation (pursuing legitimate interests under balancing of interests): Our legitimate interest is ensuring the security of the IT infrastructure used for the provision of the website, in particular for the detection, elimination and conclusive documentation of incidents (e.g. DDoS attacks). | Hosting Provider |
Enhancing the performance of our website and ensuring that our website is ranked best possibly on search engines: For this purpose, we direct your browser to load special fonts which we use on our website (Google Fonts) as well as a script library necessary for enabling certain functions of our website (jQuery) directly from the provider Google. Therefore, for technical reasons, Google may receive HTTP Data, including your IP address and the URL of our website as a referrer. In order to enhance site performance, these public resources will be cached by your browser so that your browser will typically only establish one connection per day to Google in order to verify whether fonts or script libraries were updated and need to be re-downloaded to your browser. This one connection per day will originate from your use of our website in case our website is the first website which includes Google Fonts/jQuery and which you visit on that day. Should you have previously (on the same day) visited another website which includes Google Fonts/jQuery (hosted by Google), no further request will be sent to Google on that day when using our website. | HTTP Data | No automated decision-making takes place. | Article 6 paragraph 1 point (f) of the General Data Protection Regulation (pursuing legitimate interests under balancing of interests): Our legitimate interest is enhancing the performance of our website and ensuring that our website is ranked best possibly on search engines. |
3. Details on the recipients of personal data and the transfer of personal data to third countries and/or international organisations
Recipient | Recipient’s role | Recipient’s location | Adequacy decision or appropriate or suitable safeguards for transfers to third countries and/or international organisations |
Hosting Provider (currently: Nexcess.net, L.L.C., Corporate Office & Southfield Data Center [MEL01], 21700 Melrose Avenue, Southfield, MI 48075, United States) | Processor | USA | There is no adequacy decision by the EU Commission for transfers to the USA. Nexcess is certified under the EU-U.S. Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt00000008VFzAAM&status=Active |
Consent Management Provider (currently: OneTrust, LLC., 1200 Abernathy Road, Atlanta, Georgia 30328, USA) | Processor | USA | There is no adequacy decision by the EU Commission for transfers to the USA. OneTrust is certified under the EU-U.S. Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnPeAAK&status=Active |
Google: Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA | Controller | USA | There is no adequacy decision by the EU Commission for transfers to the USA. Google is certified under the EU-U.S. Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active |
II. Use of web analysis technologies (Google Analytics)
Upon your consent, we will use web analysis technologies to record and analyse the usage behaviour on our website with the purpose of improving the website and of better achieving the website’s objectives (e.g. increase in number of page visits).
For this purpose we use cookies (→ Section C).
You will find more detailed information on this in the following:
1. Details on personal information which are processed
Categories of personal data processed | Personal data included in the categories | Sources of data | Obligation of the data subject to provide the data | Storage duration |
Google Analytics HTTP Data | Protocol data which accrue via the Hypertext Transfer Protocol (Secure) (HTTP(S)) for technical reasons when the web analysis tool Google Analytics is used: These include IP address, type and version of your internet browser, operating system used, site accessed before visiting the site (referrer URL), date and time of the visit. | User of the website | Provision is not a statutory or contractual requirement, or a requirement necessary to enter into a contract. There is no obligation of the data subject to provide the data. If the data is not provided, we cannot carry out a web analysis by means of Google Analytics. | IP anonymisation is used on this website for the use of the web analysis tool Google Analytics. This means that the IP address transmitted via the browser for technical reasons is anonymised before being stored by shortening the IP address (by deleting the last octet of the IP address). We store the other protocol data for 26 months. |
Google Analytics Device Data | Data that is assigned to your device by the web analysis tool Google Analytics: These include a unique visitor ID for recognising returning visitors. (For the web analysis tool Google Analytics we use cookies. You can find detailed information on the content of the cookies used in Section C.III.) | User of the website | Provision is not a statutory or contractual requirement, or a requirement necessary to enter into a contract. There is no obligation of the data subject to provide the data. If the data is not provided, we cannot carry out a web analysis by means of Google Analytics. | We process the data only temporarily for the period the website is used. (The cookies used for the web analysis tool Google Analytics are stored on the user’s device. You can find more information on the validity period of the cookies used in Section C.III.) |
Google Analytics Profile Data | Data generated by the web analysis tool Google Analytics and stored in pseudonym usage profiles: These include data about the use of the website, in particular page visits, frequency of visits and time spent on the pages visited, which is matched with the unique visitor ID of the respective visitor, stored in the Google Analytics Device Data. | Generated by us | - | 26 months |
2. Details on the processing of personal data
Purpose of the processing of personal data | Categories of personal data processed | Automated decision-making | Legal basis and, where applicable, legitimate interests | Recipient |
Improvement of the website and further achievement of the objectives of the website (e.g. increase in number of page visits): For this purpose, the behaviour of users on our website is recorded and analysed in pseudonymised form. Users of the website are marked in pseudonymised form so that they can be recognised again on the website. Pseudonymised usage profiles are created from this information. The pseudonymised usage profiles are not combined with data regarding the bearer of the pseudonym. The objective of this process is to examine where users come from, which areas of the website they visit and how often and how long which subpages and categories are looked at. For these purposes we use the web analysis tool Google Analytics provided by Google. (For this purpose, data from cookies are processed temporarily on our web server. You can find detailed information on the content and the purposes of the cookies used in Section C.III.) | Google Analytics HTTP Data Google Analytics Device Data Google Analytics Profile Data | No automated decision-making takes place. | Article 6 paragraph 1 point (a) of the General Data Protection Regulation (Consent) |
3. Details on the recipients of personal data and the transfer of personal data to third countries and/or international organisations
Recipient | Recipient’s role | Recipient’s location | Adequacy decision or appropriate or suitable safeguards for transfers to third countries and/or international organisations |
Google: Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA | Processor | USA | There is no adequacy decision by the EU Commission for transfers to the USA. Google is certified under the EU-U.S. Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active |
III. Use of the personalised email newsletter
We offer you the possibility on the website to subscribe to our personalised email newsletter. Certain information, for example your email address, is collected when you register for the email newsletter. We process this information to confirm the subscription and for the provision of the personalised email newsletter. We also store the information for evidence purposes for any assertion, exercise or defence of legal claims.
When the subscription and unsubscription form for our newsletter on our website is used, certain information, for example your IP address, is sent to our server by the browser used on your device for technical reasons. We process this information in order to provide the subscription and unsubscription form for our newsletter on our website.
You receive more detailed information on this below:
1. Details on personal data which are processed
Categories of personal data processed | Personal data included in the categories | Sources of the data | Obligation of the data subject to provide the data | Storage duration |
Newsletter Form HTTP Data | Protocol data which accrue via the Hypertext Transfer Protocol (Secure) (HTTP(S)) for technical reasons when the subscription and unsubscription form for our newsletter on our website is accessed: These include IP address, type and version of your internet browser, operating system used, site accessed before visiting the site (referrer URL), date and time of the visit. | User of the website | Provision is not a statutory or contractual requirement, or a requirement necessary to enter into a contract. There is no obligation of the data subject to provide the data. If the data is not provided, we cannot provide the requested website content. | Data are stored in server log files in a form allowing the identification of the data subject for a maximum period of 7 days, unless a security-relevant event occurs (e.g. a DDoS attack). If there is a security-relevant event, server log files are stored until the security-relevant event has been eliminated and completely resolved. |
Newsletter Registration Data | Data we collect during the registration for the newsletter: These include the following mandatory information: Email address These include the following optional information: Company Name; Individual Contact, Address, Postal Code, City, Country, Telephone, question(s). | Newsletter subscribers | Provision is not a statutory or contractual requirement, or a requirement necessary to enter into a contract. There is no obligation of the data subject to provide the data. If the mandatory information is not provided, we cannot provide you with a newsletter. | We store these data as long as you are registered for our newsletter. In addition, we store these data for evidence purposes for the assertion, exercise or defence of any legal claims for an interim period of three years commencing at the end of the year in which you unsubscribed and in the event of any legal disputes until such have been concluded. |
Newsletter Opt-In Data | Protocol data which accrue for technical reasons during subscription and unsubscription of the newsletter: These include date and time of subscription to the newsletter, date and time when registration notification is sent in the double opt-in procedure, date and time of the confirmation of the registration in the double opt-in procedure as well as the IP address of the device used for the confirmation, date and time of any possible unsubscription from newsletter. | User of the website | Provision is not a statutory or contractual requirement, or a requirement necessary to enter into a contract. There is no obligation of the data subject to provide the data. If the data is not provided, we cannot provide you with a newsletter. | We store these data as long as you are registered for our newsletter. In addition, we store these data for evidence purposes for the assertion, exercise or defence of any legal claims for an interim period of three years commencing at the end of the year in which you unsubscribed and in the event of any legal disputes until such have been concluded. |
2. Details on the processing of personal data
Purpose of the processing of personal data | Categories of personal data processed | Automated decision-making | Legal basis and, where applicable, legitimate interests | Recipient |
Provision of the form for subscription and unsubscription of our newsletter: For this purpose, HTTP Data are processed temporarily on our web server. | Newsletter Form HTTP Data | No automated decision-making takes place. | Article 6 paragraph 1 point (f) of the General Data Protection Regulation (pursuing legitimate interests under balancing of interests): Our legitimate interest is the provision of the website content requested by the user. | Hosting Provider Email Newsletter Provider |
Ensuring the security of the IT infrastructure used for the provision of the form, in particular for the detection, elimination and conclusive documentation of disruptions (e.g. DDoS attacks): For this purpose, Data are temporarily stored and evaluated in log files on our web server. | Newsletter Form HTTP Data | No automated decision-making takes place. | Article 6 paragraph 1 point (f) of the General Data Protection Regulation (pursuing legitimate interests under balancing of interests): Our legitimate interest is ensuring the security of the IT infrastructure used to provide the form, in particular to identify, eliminate and preserve evidence of disruptions (e.g. DDoS attacks). | Hosting Provider Email Newsletter Provider |
“Double opt-in” procedure to confirm the subscription: For this we send an email message requesting confirmation to the email address provided when registering for the newsletter. Any subscription only becomes effective when the subscriber has confirmed the email address by accessing the confirmation link in the email. | Newsletter Registration Data Newsletter Opt-In Data | No automated decision-making takes place. | Article 6 paragraph 1 point (f) of the General Data Protection Regulation (pursuing legitimate interests under balancing of interests): Our legitimate interest is the legally secure documentation of your consent to the newsletter. | Email Newsletter Provider |
Sending of the newsletter to the newsletter subscriber: We use the optional information provided during registration for personalising the newsletter and for a targeted selection of information relevant for the recipient. | Newsletter Registration Data Newsletter Opt-In Data | No automated decision-making takes place. | Article 6 paragraph 1 point (a) of the General Data Protection Regulation (Consent) | Email Newsletter Provider |
Storage and processing for evidence purposes for any assertion, exercise or defence of legal claims | Newsletter Registration Data Newsletter Opt-In Data | No automated decision-making takes place. | Article 6 paragraph 1 point (f) of the General Data Protection Regulation. (pursuing legitimate interests under balancing of interests): Our legitimate interest is the assertion, exercise or defence of legal claims. | Email Newsletter Provider |
3. Details on the recipients of personal data and the transfer of personal data to third countries and/or international organisations
Recipient | Recipient’s role | Recipient’s location | Adequacy decision or appropriate or suitable safeguards for transfers to third countries and/or international organisations |
Hosting Provider (currently: Nexcess.net, L.L.C., Corporate Office & Southfield Data Center [MEL01], 21700 Melrose Avenue, Southfield, MI 48075, United States) | Processor | USA | There is no adequacy decision by the EU Commission for transfers to the USA. Nexcess is certified under the EU-U.S. Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt00000008VFzAAM&status=Active |
Email Newsletter Provider | Processor | EU | - |
IV. Use of online contact forms
We offer you the possibility on the website to contact us using contact forms. We process the information provided by you in the contact forms to process your request. Where applicable, we also store the information for evidence purposes for any assertion, exercise or defence of legal claims or in order to meet statutory document retention obligations, in particular commercial and tax law document retention obligations.
When the contact forms on our website are used certain information, for example your IP address, is for technical reasons sent to our server by the browser used on your device. We process this information in order to provide the contact forms on our website and to ensure the security of the IT infrastructure used to provide the contact form.
In order to make the contact forms available to you on the website, we also use cookies (→ Section C).
You receive more detailed information on this below:
1. Details on personal data which are processed
Categories of personal data processed | Personal data included in the categories | Sources of the data | Obligation of the data subject to provide the data | Storage duration |
Contact Form HTTP Data | Protocol data which accrue via the Hypertext Transfer Protocol (Secure) (HTTP(S)) for technical reasons when the contact forms on our website are accessed: These include IP address, type and version of your internet browser, operating system used, site accessed before visiting the site (referrer URL), date and time of the visit. | User of the website | Provision is not a statutory or contractual requirement, or a requirement necessary to enter into a contract. There is no obligation of the data subject to provide the data. If the data is not provided, we cannot provide the requested website content. | Data are stored in server log files in a form allowing the identification of the data subject for a maximum period of 7 days, unless a security-relevant event occurs (e.g. a DDoS attack). If there is a security-relevant event, server log files are stored until the security-relevant event has been eliminated and completely resolved. |
Contact Form Device Data | Data that is assigned to your device when using the contract form. For contact forms on the website we use strictly necessary cookies. You can find detailed information on the content of the cookies used in Section C.III. | User of the website | Provision is not a statutory or contractual requirement, or a requirement necessary to enter into a contract. There is no obligation of the data subject to provide the data. If the data is not provided, we cannot provide the requested website content | We process the data only temporarily for the period the contact form on our website is used. (The cookies used for the contact form are stored on the user’s device. You can find more information on the validity period of the cookies used in Section C.III.) |
Contact Form Data | Data you provide us with in contact forms on the website: These include the information provided to us in the relevant website contact form, in particular your name, address, telephone number, email address and the content of your request. | User of the website | Provision is not a statutory or contractual requirement, or a requirement necessary to enter into a contract. There is no obligation of the data subject to provide the data. If the data is not provided, we cannot process your request. | Data are stored until your request has been dealt with. We store these data for evidence purposes for the assertion, exercise or defence of any legal claims and also for an interim period of three years commencing at the end of the year in which you provide the data to us and in the event of any legal disputes until such have been concluded. We also store this data to the extent that statutory obligations to do so, in particular commercial and tax law document retention obligations exist. |
2. Details on the processing of the personal data
Purpose of the processing of personal data | Categories of personal data processed | Automated decision-making | Legal basis and, where applicable, legitimate interests | Recipient |
Provision of the contact forms on the website: For this purpose data are processed temporarily on our web server. (For this purpose, data from strictly necessary cookies are processed temporarily on our web server. You can find detailed information on the content and the purposes of the cookies used in Section C.III.) | Contact Form HTTP Data Contact Form Device Data | No automated decision-making takes place. | Article 6 paragraph 1 point (f) of the General Data Protection Regulation (pursuing legitimate interests under balancing of interests): Our legitimate interest is the provision of the website content requested by the user. | Hosting Provider Contact Form Provider |
Ensuring the security of the IT infrastructure used for the provision of the contact forms, in particular for the detection, elimination and conclusive documentation of incidents (e.g. DDoS attacks): For this purpose, data are temporarily stored and evaluated in log files on our web server. (For this purpose, data from strictly necessary cookies are processed temporarily on our web server. You can find detailed information on the content and the purposes of the cookies used in Section C.III.) | Contact Form HTTP Data Contact Form Device Data | No automated decision-making takes place. | Article 6 paragraph 1 point (f) of the General Data Protection Regulation (pursuing legitimate interests under balancing of interests): Our legitimate interest is ensuring the security of the IT infrastructure used to provide the contact forms, in particular to identify, eliminate and preserve evidence of disruptions (e.g. DDoS attacks). | Hosting Provider Contact Form Provider |
Processing of your request | Contact Form Data | No automated decision-making takes place. | If your request concerns a contract to which you are party or the performance of pre-contractual measures: Article 6 paragraph 1 point (b) of the General Data Protection Regulation (performance of a contract to which the data subject is party or taking steps at the request of the data subject prior to entering into a contract). Otherwise: Article 6 paragraph 1 point (f) of the General Data Protection Regulation (pursuing legitimate interests under balancing of interests): In this case, our legitimate interest is the processing of your request. | - |
Storage and processing for evidence purposes for any assertion, exercise or defence of legal claims | Contact Form Data | No automated decision-making takes place. | Article 6 paragraph 1 point (f) of the General Data Protection Regulation (pursuing legitimate interests under balancing of interests): Our legitimate interest is assertion, exercise or defence of legal claims. | - |
Storage of data in order to meet statutory document retention obligations, in particular commercial and tax law document retention obligations | Contact Form Data | No automated decision-making takes place. | Article 6 paragraph 1 point (c) of the General Data Protection Regulation (Compliance with a legal obligation). | - |
3. Details on the recipients of persona data and the transfer of personal data to third countries and/or international organisations
Recipient | Recipient’s role | Recipient’s location | Adequacy decision or appropriate or suitable safeguards for transfers to third countries and/or international organisations |
Hosting Provider (currently: Nexcess.net, L.L.C., Corporate Office & Southfield Data Center [MEL01], 21700 Melrose Avenue, Southfield, MI 48075, United States) | Processor | USA | There is no adequacy decision by the EU Commission for transfers to the USA. Nexcess is certified under the EU-U.S. Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt00000008VFzAAM&status=Active |
Contact Form Provider (currently: JotForm Inc., 111 Pine St., Suite 1815, San Francisco, CA 94111, USA) | Processor | All data is stored and accessible by the Contact Form Provider only from within the EU | - |
V. Use of third-party provider plug-ins (e.g. social media plug-ins or online map service plug-ins)
So-called “third-party provider plug-ins” are embedded in the website, with which you can use functions on the website offered by third-party providers. The plug-ins are embedded in the website by way of a “2-click solution”. With this solution, the relevant plug-in is not activated directly when the website is accessed, but only once you click on the activation button provided for the relevant plug-in.
If you activate a third-party provider plug-in, you use a function offered by the provider of the respective plug-in under their own responsibility, which is only visually embedded in the presentation of our website. When activating the respective plug-in, the provider of the respective plug-in may receive personal data from you. When activating the respective plug-in, the provider of the respective plug-in may also use cookies (→ Section C).
You receive more detailed information on this below:
1. Third-party provider plug-ins embedded in the website
The following third-party provider plug-ins are embedded in the website, with which you can use the functions on the website offered by third-party providers:
Plug-in | Third-party provider | Further information of the provider of the plug-in | Adequacy decision or suitable or appropriate safeguards for transfers to third countries and/or international organisations |
YouTube player | Google: Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA | More detailed information on the function can be found in the provider’s description: https://developers.google.com/youtube/iframe_api_reference Additional information on data processing by the provider can be found in the Data Protection Information of the provider: https://www.google.de/intl/de/policies/privacy/ | There is no adequacy decision by the EU Commission for transfers to the USA. Google is certified under the EU-U.S. Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active |
2. Processing of personal data by provider of the third-party provider plug-in
The third-party provider plug-ins are embedded in the website by means of a “2-click solution”. With this solution, the relevant plug-in is not activated directly when the website is accessed, but only once you click on the activation button provided for the relevant plug-in. The activation button contains the designation of the relevant plug-in and, if applicable, a logo of the third-party provider.
It is ensured with the 2-click solution that your internet browser does not initially connect to the servers of the provider of the relevant plug-in when you access the website. When you access the website, the provider of the relevant plug-in therefore initially cannot collect any personal data regarding you via the relevant plug-in. The relevant plug-in is only activated in case you click on the button provided for activating the relevant plug-in. Once activated, a connection is established to the servers of the provider of the relevant plug-in. The provider of the relevant plug-in can also receive personal data from you when the relevant plug-in is activated. The activation of the relevant plug-in can be compared technically with clicking on a link to an external website, with the difference that the content requested in the process does not appear in a new window/tab of your internet browser, but is visually embedded in our website. The data exchange initiated by you by activating and using the plug-in only takes place between your internet browser and the servers of the provider of the relevant plug-in. If you activate a third-party provider plug-in, you therefore use a function offered by the provider of the relevant plug-in under its responsibility, which is visually embedded in the layout of our website.
When the relevant plug-in is activated, the provider of the relevant plug-in can (comparable to accessing an external website via a link) in particular receive your IP address and the address (URL) of the website, from where you carried out the activation. The provider of the relevant activated plug-in can also receive information from any cookies of the relevant provider stored in your internet browser. The provider of the relevant plug-in can therefore, due to the activation of the relevant plug-in initiated by you, already receive at least the information that our website has been accessed from the IP address allocated to you at the time of access. If you are registered as a user with the relevant third-party provider, the provider of the relevant plug-in can also typically allocate the data it received to your user account. We advise you that we do not have any knowledge about the personal data the provider actually obtains. We also do not have any knowledge about specific purposes of the processing of data collected by the provider of the relevant plug-in or about any further details of the data processing of the relevant provider. In particular, we also do not know whether the relevant provider only processes the data collected to provide the function of the relevant plug-in (e.g. to share certain content or to make a comment) or, beyond this, for any other purposes (e.g. to create usage profiles or to personalise advertising).
3. Data transfer to providers in third countries without an appropriate level of security
If the provider of a plug-in activated by you is not located in a Member State of the European Union (EU) or in a Signatory State of the European Economic Area (EEA), no adequacy decision of the EU Commission exists for the relevant third country and no suitable safeguards are provided for, there is the risk that the recipient does not have an appropriate level of security. This means that your personal data which the third-party provider receives from you may not be subject to a level of security comparable to the General Data Protection Regulation. This in particular means there may not be compliance with the principles for the processing of personal data laid down in Article 5 of the General Data Protection Regulation. It may also be the case that no enforceable rights or effective remedies are available to you with respect to the processing of personal data. We inform you when you activate the relevant plug-in about these risks which may exist for you regarding such data transfers without the existence of an adequacy decision or appropriate safeguards. If you click of the activation button provided for the relevant plug-in, you accept these possible risks in your own responsibility.
C. Information on the use of cookies
We use cookies in connection with the website and the offers made on the website. We use the processing and storage functions of your device’s browser and collect information from the memory of your device’s browser.
You will find more detailed information on this below.
I. General information on cookies
Cookies are small text files with information that can be placed on a user’s device through its browser when a website is visited. When the website is visited again with the same device, the cookie and the information it contains can be retrieved.
1. First-party and third-party cookies
Depending on where a cookie comes from, a distinction can be made between first-party cookies and third-party cookies:
First-party cookies | Cookies that are placed and accessed by the operator of the website as the controller or by a processor engaged by the controller |
Third-party cookies | Cookies that are placed and accessed by controllers other than the operator of the website that are not processors engaged by the operator of the website |
2. Transient and persistent cookies
A distinction can be made between transient and persistent cookies depending on how long they remain active:
Transient cookies (Session cookies) | Cookies that are automatically deleted when you close your browser |
Persistent cookies | Cookies that remain stored on your device for a certain period of time after the browser is closed |
3. Consent-free cookies and cookies requiring consent
Users’ consent is required for some cookies depending on their function and purpose of use. Thus, a distinction can be made between cookies that require users’ consent and those that do not:
Consent-free cookies | Cookies that are automatically deleted when you close your browser |
Cookies that are necessary so that the party offering a service that has been expressly requested by a participant or user can provide this service (“strictly necessary cookies”) | |
Cookies requiring consent | Cookies for all purposes of use other than the aforementioned |
II. Management of the cookies used on this website
1. Granting consent to the use of cookies and management of cookies using a consent management tool
If a user’s consent is necessary for the use of certain cookies, we only use these cookies when you use our website if you have previously granted your consent to this. You can find information as to whether the use of a particular cookie requires consent in the information on the cookies used on this website in Section C.III. of this Data Protection Information.
When you visit our website, we display a Consent Management Tool (or “cookie banner”) in which you can declare your consent to the use of cookies on this website by clicking on a button. When you click on the button, you have the option of giving your consent to the use of all of the cookies described in detail in Section C.III. of this cookie information. You also have the option to choose individual cookies. In our Consent Management Tool, you also have the option of changing your individual selections at a later point in time.
We also store your consent and any individual cookies you have selected in the form of a cookie (“opt-in cookie”) on your device in order to determine, when you visit the website again, whether you have granted your consent.
Strictly necessary cookies cannot be deactivated using the cookie management function of this website. However, you can deactivate these cookies in general at any time in your browser.
2. Managing cookies using browser settings
You can also manage the use of cookies in your browser’s settings. Different browsers have different ways to configure cookie settings. You can find more extensive information on this, for example at http://www.allaboutcookies.org/manage-cookies/.
However, we would like to point out that some functions of the website may not work properly or at all if you deactivate cookies in general in your browser.
III. Cookies used on this website
You can view details on all cookies used on our website and you can manage your cookie consent using our Consent Management Tool (click here www.ee-co.com/cookies).
D. Information on the rights of data subjects
As a data subject, you have the following rights with regard to the processing of your personal data:
You may contact us for the purpose of exercising your rights using the contact information in Section A
Where applicable, you find information on any specific modalities and mechanisms which facilitate the exercise of your rights, in particular the exercise of your rights to data portability and to object, in the information on the processing of personal data in Section B of this Data Protection Information.
Below you find more detailed information on your rights with regard to the processing of your personal data:
As a data subject, you have a right to obtain access and information under the conditions provided in Article 15 of the General Data Protection Regulation.
This means in particular that you have the right to obtain confirmation from us as to whether we are processing your personal data. If so, you also have the right to obtain access to the personal data and the information listed in Article 15 paragraph 1 of the General Data Protection Regulation. This includes information regarding the purposes of the processing, the categories of personal data that are being processed and the recipients or categories of recipients to whom the personal data have been or will be disclosed (Article 15 paragraph 1 points (a), (b) and (c) of the General Data Protection Regulation).
You can find the full extent of your right to access and information in Article 15 of the General Data Protection Regulation, which can be accessed using the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.
As a data subject, you have the right to rectification under the conditions provided in Article 16 of the General Data Protection Regulation.
This means in particular that you have the right to receive from us without undue delay the rectification of inaccuracies in your personal data and completion of incomplete personal data.
You can find the full extent of your right to rectification in Article 16 of the General Data Protection Regulation, which can be accessed using the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.
III. Right to erasure (“right to be forgotten”)
As a data subject, you have a right to erasure (“right to be forgotten”) under the conditions provided in Article 17 of the General Data Protection Regulation.
This means that you have the right to obtain from us the erasure of your personal data and we are obliged to erase your personal data without undue delay when one of the reasons listed in Article 17 paragraph 1 of the General Data Protection Regulation applies. This can be the case, for example, if personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed (Article 17 paragraph 1 point (a) of the General Data Protection Regulation).
If we have made the personal data public and are obliged to erase it, we are also obliged, taking account of available technology and the cost of implementation, to take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of those personal data (Article 17 paragraph 2 of the General Data Protection Regulation).
The right to erasure (“right to be forgotten”) does not apply if the processing is necessary for one of the reasons listed in Article 17 paragraph 3 of the General Data Protection Regulation. This can be the case, for example, if the processing is necessary for compliance with a legal obligation or for the establishment, exercise or defence of legal claims (Article 17 paragraph 3 points (b) and (e) of the General Data Protection Regulation).
You can find the full extent of your right to erasure
(“right to be forgotten”) in Article 17 of the General Data Protection Regulation, which can be accessed using the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.
IV. Right to restriction of processing
As a data subject, you have a right to restriction of processing under the conditions provided in Article 18 of the General Data Protection Regulation.
This means that you have the right to obtain from us the restriction of processing if one of the conditions provided in Article 18 paragraph 1 of the General Data Protection Regulation applies. This can be the case, for example, if you contest the accuracy of the personal data. In such a case, the restriction of processing lasts for a period that enables us to verify the accuracy of the personal data (Article 18 paragraph 1 point (a) of the General Data Protection Regulation).
Restriction means that stored personal data are marked with the goal of restricting their future processing (Article 4 paragraph 3 of the General Data Protection Regulation).
You can find the full extent of your right to restriction of processing in Article 18 of the General Data Protection Regulation, which can be accessed using the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.
As a data subject, you have a right to data portability under the conditions provided in Article 20 of the General Data Protection Regulation.
This means that you generally have the right to receive your personal data with which you have provided us in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from us if the processing is based on consent pursuant to Article 6 paragraph 1 point (a) or Article 9 paragraph 2 point (a) of the General Data Protection Regulation or on a contract pursuant to Article 6 paragraph 1 point (b) of the General Data Protection Regulation and the processing is carried out by automated means (Article 20 paragraph 1 of the General Data Protection Regulation).
You can find information as to whether an instance of processing is based on consent pursuant to Article 6 paragraph 1 point (a) or Article 9 paragraph 2 point (a) of the General Data Protection Regulation or on a contract pursuant to Article 6 paragraph 1 point (b) of the General Data Protection Regulation in the information regarding the legal basis of processing in Section B of this Data Protection Information.
In exercising your right to data portability, you also generally have the right to have your personal data transmitted directly from us to another controller if technically feasible (Article 20 paragraph 2 of the General Data Protection Regulation).
You can find the full extent of your right to data portability in Article 20 of the General Data Protection Regulation, which can be accessed using the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.
As a data subject, you have a right to object under the conditions provided in Article 21 of the General Data Protection Regulation.
At the latest in our first communication with you, we expressly inform you of your right, as a data subject, to object.
More detailed information on this is given below:
1. Right to object on grounds relating to the particular situation of the data subject
As a data subject, you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on Article 6 paragraph 1 point (e) or (f), including profiling based on those provisions.
You can find information as to whether an instance of processing is based on Article 6 paragraph 1 point (e) or (f) of the General Data Protection Regulation in the information regarding the legal basis of processing in Section B of this Data Protection Information.
In the event of an objection relating to your particular situation, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
You can find the full extent of your right to objection in Article 21 of the General Data Protection Regulation, which can be accessed using the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.
2. Right to object to direct marketing
Where your personal data are processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.
You can find information as to whether and to what extent personal data are processed for direct marketing purposes in the information regarding the legal basis of processing in Section B of this Data Protection Information.
If you object to processing for direct marketing purposes, we no longer process your personal data for these purposes.
You can find the full extent of your right to objection in Article 21 of the General Data Protection Regulation, which can be accessed using the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.
VII. Right to withdraw consent
Where an instance of processing is based on consent pursuant to Article 6 paragraph 1 point (a) or Article 9 paragraph 2 point (a) of the General Data Protection Regulation, as a data subject, you have the right, pursuant to Article 7 paragraph 3 of the General Data Protection Regulation, to withdraw your consent at any time. The withdrawal of your consent does not affect the legitimacy of the processing that occurred based on your consent until the withdrawal. We inform you of this before you grant your consent.
You can find information as to whether an instance of processing is based on Article 6 paragraph 1 point (a) or Article 9 paragraph 2 point (a) of the General Data Protection Regulation in the information regarding the legal basis of processing in Section B of this Data Protection Information.
VIII. Right to lodge a complaint with a supervisory authority
As a data subject, you have a right to lodge a complaint with a supervisory authority under the conditions provided in Article 77 of the General Data Protection Regulation.
E. Effective date of and changes to this Data Protection Information
The effective date of this Data Protection Information is August 5th, 2020.
It may be necessary to modify this Data Protection Information due to technical developments and/or amendment of statutory or official requirements.
An up-to-date version of this Data Protection Information can be retrieved at any time at www.ee-co.com/privacy-policy.