PROTIQ on data protection
We are delighted that you are interested in our company, products and services and would like you to feel safe with regard to our protection of your personal data.
The operator of this website and responsible for the collection, processing and use of your per-sonal data in compliance with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (FDPA) and the German Telemedia Act (TMG) is
PROTIQ GmbH
Flachsmarktstraße 54
32825 Blomberg
Tel. +49 5235 3-4 38 00
Fax +49 5235 3-4 41 154
The protection of privacy is of crucial importance, particularly for tomorrow’s Internet-based business models and the development of an Internet-based economy. With this declaration on data protection, we therefore want to emphasize our dedication to protecting your privacy.
Our employees as well as the appointed service providers are bound through us to confidentiality and to comply with the provisions of the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (FDPA) and other relevant data protection regulations.
We take the protection of your personal data seriously and strictly adhere to the rules of the data protection laws.
For explanation: “Personal data” means any information relating to an identified or identifi-able natural person (data subject).
This includes, for instance, your name, your physical address, your contact data (e-mail address, telephone numbers) or your credit card number and account information.
The following declaration offers you an overview of how we want to ensure this protection.
Use and disclosure of personal data
Any personal data that you supply to us through our website or by other means are collected, processed and stored for correspondence with you and for the purposes for which you have made the data available to us. In addition, we will use these data to send you occasional offers and to inform you about new products, services, and other items that may be of interest to you. You may at any time object to such use of your data by an appropriate means of communica-tion, for example by sending an e-mail to
service@protiq.com.
We shall only disclose your personal data if you have expressly consented to this, if there is a legal basis or obligation or if it is necessary for the enforcement of our rights, for instance the enforcement of claims resulting from a contractual relationship with you. Your personal data col-lected by us shall never be passed on by us to third parties for any marketing purposes, sold or made available in any other form.
We shall only disclose personal data to companies affiliated with Phoenix Contact GmbH & Co. KG, service providers or other third parties as far as this is necessary to perform a service or transaction requested by yourself. The respective third-party supplier must only use these per-sonal data to perform the service required or the transaction needed, which is commissioned in our order. Service providers which we use for our own purposes, for example within shared ser-vices, shall be obliged by us in writing through corresponding agreements on contract data pro-cessing to comply with the data protection laws, and may not use these data for own purposes.
For the dispatch and as part of the dispatch order, we will transmit your data to the appointed delivery company. The transmission shall only include such data which are necessary for the delivery of the goods. The contracted company may only use your data for this purpose.
When using our online shop, your data may also be passed on to payment service providers as far as this is necessary for processing the payments. Depending on which payment service pro-vider you select in relation with your order, we will pass on the payment data collected for the purpose of processing the payment to the credit institution or the payment service provider commissioned with the payment. In some cases, the selected payment service providers collect these data themselves if you create or have created an account there. In this case, you must register with the payment service provider with your access data during the order procedure. The data protection declaration of the respective payment service provider shall then be applicable.
Data processing on this website
For safety and technical reasons, PROTIQ automatically processes information on its systems transmitted to us by your browser, and which basically includes:
- Browser type/version
- Operating system used
- The URL (website) accessed on our systems
- Referrer URL (the website
which referred to our website)
- Host name and full IP address of the accessing computer
- Date and time of query
- Retrieved data volume and data types
These data are not combined with any other data sources, and we do not carry out statistical evaluations on the basis of these data.
Notes regarding IP addresses:
IP addresses are absolutely necessary for the transmission of websites and data from our serv-ers to your browser; they are the “addresses” for the information you request from our web servers. However, unabridged IP addresses are regarded as personal data and are therefore only processed by us to the extent technically required.
We also use cookies and web analytics when our website is visited. In this regard, please read the additional explanations under the corresponding headings in this data protection statement.
Registration on our website
Our website in part contains services which you can only use if you have previously entered your personal data (registered). To register in the PROTIQ portal at least your name, form of address, your company (in the case of business customers), your physical address and a valid e mail ad-dress are necessary. The data stored by us in the portal can include, for instance, the permanent storage of projects or the creation of offers as well as the creation and issuance of print orders.
Optionally, you have the possibility to provide us with further information about you (eg title, tele-phone number, VAT ID). Some of these data are required for the extended services on our web-site, for example for online ordering via our online shop.
Your consent to the storage of your data as well as their use to send advertising information can be revoked at any time by an e-mail with the corresponding information sent to
service@protiq.com. You may also contact this e-mail address if you would like to have your entire account deleted.
The purposes of the processing for which the personal data are intended:
Use of certain services on our website, such as maintenance of your master data, delivery and billing addresses, requesting offers, ordering products, tracking your order history, generating individual price lists and comfortable return handling.
Legal basis for the processing:
Art. 6 (1) (b) GDPR
Processing of your data for the preparation and handling of your order or the respective business transaction.
Art. 6 (1) (f) GDPR
Legitimate interests for marketing purposes, IT-security and administrative reasons, to the extent permitted by law.
Categories of personal data that are processed:
○ Form of address, title, name
○ Contact details (address, email address(es), telephone number, etc.)
○ Company
○ Statistical data regarding your orders
○ System log data
Source (origin) of the data:
From the data subject
Recipient(categories) of the data:
Service providers who support us in the administration of the website may have access to your data. However, these service providers are obliged by data protection law-compliant agreements (commissioned data processing agreement - DPA) to not use these data for own purposes.
Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
It is not intended to transmit the data to third countries.
Storage duration of the data:
Your data entered during registration will be stored until you submit a deletion request or after 10 years after your last usage of the account.
However, depending on the chosen way of contacting us, we will have your request for deletion confirmed by an appropriate contact to verify your identity.
Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
Without the specification of your data, it is not possible to use certain functions (for example obtaining a binding offer) of our website or our web portal.
Automated decision-making / Profiling:
There will be no automated decision-making or profiling based on your collected data.
Newsletter
If you would like to receive the newsletter offered on our website, we need your valid e-mail address. Optionally, you have the possibility to provide us with further information about you (form of address, first name, last name). However, they are not required for the subscription of the newsletter but only serve for personally addressing you in the newsletter. After the registration, you will receive an e-mail from us with a link with which you have to confirm the receipt of the newsletter (“double opt-in”). This serves to verify the e-mail address you provided and to ensure that no third party has ordered the newsletter from your e-mail address.
Your consent to the storage of your data as well as their use for sending the newsletter or other advertising information may be revoked at any time via the unsubscribe link at the end of each newsletter. Furthermore, you may also send an e-mail with a corresponding revocation to service@protiq.com
at any time.
Our e mail newsletter may contain links that lead you to specific PROTIQ websites. This way we can measure the effectiveness of marketing initiatives. However, these evaluations are made on the basis of anonymized data, so that no conclusions to your person can be drawn. In addition, the newsletter may contain links to third party websites.
Information on the processing of your personal data within the dispatch of the newsletter can be found at: Newsletter subscription
The purposes of the processing for which the personal data are intended:
Sending promotional emails.
Interest-based contents of an advertising email (usage profile).
Legal basis for the processing:
Art. 6 (1) lit. a GDPR
(consent for receiving the newsletter)
Art. 6 (1) lit. a GDPR
(optional consent for the creation of the usage profile with reference to the email address)
Categories of personal data that are processed:
To receive the newsletter
• Email address
System log data generated during registration and dispatch of the newsletter, for instance IP address, date/time.
Optional (voluntary information):
• Title, name
• Company, address.
For the usage profile
• Email address
• Which mailing was opened when (date/time) and how often
• Which link within the newsletter was clicked when (date/time) and how often
Source (origin) of the data:
From the data subject (recipient of the newsletter)
Recipient(categories) of the data:
Within the administration of the newsletter system, employees of PROTIQ may access the data.
Service providers who support us in the administration and operation of the newsletter dispatch may have access to your data where applicable. However, these service providers are obliged by data protection law-compliant agreements (commissioned data processing agreement - DPA) to not use these data for own purposes.
When transferring a dispatched newsletter via the public Internet, routing via servers in other countries cannot be ruled out. Neither Phoenix Contact nor our service provider has any influence on the routing.
Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
It is not intended to transmit the data to third countries.
Storage duration of the data:
For the dispatch of the newsletter, your data will be stored as long as you receive the newsletter or otherwise required pursuant to the respective applicable law.
(max. 3 years from the last contact starting with the end of the calendar year in which the commercial relationship expired)
If you unsubscribe from the newsletter, we will delete your data after expiry of the limitation period of the respective applicable law.
(max. 6 years starting with the end of the calendar year in which the cancellation took place).
Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
Your email address is required to receive our newsletter. Without your email address, we cannot send you our newsletter.
We cannot send you a newsletter tailored to your previous use without your consent for the creation of the user profile.
Automated decision-making / profiling:
There will be no automated decision-making or profiling (according to Art. 22 GDPR) based on your collected data.
Contact forms
Your personal data, which you provide to us when using the various contact forms, will be used exclusively for processing your specific request to us.
Information on the processing of your contact data in this context can be found at: Use of contact forms
The purposes of the processing for which the personal data are intended:
Your personal data, which you make available to us when making general contact, e.g. by calling or faxing our head office, sending an email to our service@ email address or using the various contact forms on our website, will be used to process your specific request to us.
Legal basis for the processing:
Art. 6 (1) (b) GDPR
Necessary to process your request.
Categories of personal data that are processed:
Depending on the contact method or contact form, necessary or optional entry:
○ Name, company
○ Address, contact details such as email address, telephone, fax
○Depending on the context and where applicable, additional fields for specifying your request or free text
○ System log data that is collected when you call, fax or email us or fill out a contact form on the website, such as IP address, date/time.
Source (origin) of the data:
From the data subject
Recipient(categories) of the data:
If need be, other companies of the Phoenix Contact Group, if this is necessary to process your request.
Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
It is not intended to transmit the data to third countries, unless it is necessary for the processing of your request.
If you submit your request from a third country, your request will be forwarded to the local Phoenix Contact company. A transfer to this country will then be necessary to process your request.
To protect the data within the Phoenix Contact group companies, there is an international Phoenix Contact data protection framework agreement based on the EU standard contractual clauses joined by all relevant Phoenix Contact companies worldwide.
Storage duration of the data:
Depending on the content of your request, different retention periods may apply to your data. These can be 10 years in individual cases, provided that your request is relevant under the respective applicable law.
The form data that you entered on the website will be deleted automatically after 12 months (calculated from the end of the current calendar year).
Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
Your data are necessary to process your contact.
Without your data, processing is not possible.
Automated decision-making / Profiling:
There will be no automated decision-making or profiling based on your collected data.
Customer management/Order processing
Your personal data, which you provide to us within the scope of order processing, will be used exclusively for processing the respective business transactions with you.
Information on processing your data within the customer management and for processing busi-ness transactions can be found at: Customer Management and Order Processing
The purposes of the processing for which the personal data are intended:
Execute a contractual relationship with a customer for the supply of goods and services and for handling transports / returns / complaints / escalation management as well as payment transactions.
Legal basis for the processing:
Art. 6 (1) (b) GDPR
(required to fulfill an agreement or to initiate an agreement)
Art. 6 (1) (f) GDPR
(legitimate interests)
For legitimate interests, see “Purposes of the processing” above. Phoenix Contact customers are exclusively legal persons, or persons who are involved in business transactions, about whom information is collected or who are evaluated within the company.
Categories of personal data that are processed:
Name, address (customer, delivery address, billing address), contact details (telephone, fax, email), bank details
Results of the sanction list checks
Source (origin) of the data:
From the data subject
Recipient(categories) of the data:
Service areas of the parent company if necessary, to fulfil the agreement.
Subcontractors needed in individual cases to process the business transaction, such as transport service providers, authorities, etc.
Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
We do not transmit your data to third countries, unless it is necessary for the processing of the order or your request or order originates from the respective country.
Storage duration of the data:
Retention period according to legal provisions pursuant to the respective applicable law (max. 10 years).
Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
The processing of the personal data mentioned here is essential for executing the contractual relationship or is required by law.
Without these data we cannot process business transactions.
Automated decision-making / Profiling:
There will be no automated decision-making or profiling based on your collected data.
Supplier management/Purchase order processing
Your personal data, which you provide to us within a purchase order, will be used exclusively for processing the respective business transactions with you.
Information on processing your data within the supplier management and for handling business transactions can be found at: Supplier management and purchase order processing
The purposes of the processing for which the personal data are intended:
The process and the use of the personal data are intended to cover the demands regarding externally procured materials, investments and services.
Selection of optimal sources of supply, reduction of procurement risk, quality assurance, minimization of default risks (supplier, goods).
Ensuring the production capability of the company.
Legal basis for the processing:
Art. 6 (1) (b) GDPR
(required to fulfill an agreement or to initiate an agreement)
Art. 6 (1) (f) GDPR
(legitimate interests)
Legitimate interests of the controller and consideration regarding the rights of personality of the data subjects:
For legitimate interests, see “Purposes of the processing” above.
Categories of personal data that are processed:
Name, title, business address, additional addresses, business contact details (telephone number, fax number, email address), form of address, department and function in the company, bank details, control data, VAT ID number.
Result of the assessment:
Assessment results obtained:
Credit rating/risk index, shareholder structure based on various basic data, audit report.
Various own key figures such as:
ABC classification, supplier profile, evaluation number; free text (risk report).
System data from the ERP (for ordering, goods receipt, quality data).
Source (origin) of the data:
○ From the data subject
○ From credit reporting agencies
I○ nformation collected from our own databases.
Recipient(categories) of the data:
○ PROTIQ GmbH
Companies that provide contracted services on our behalf and for defined purposes.
Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
Within an intragroup, cross-company supplier management, data from suppliers are also made available to Phoenix Contact companies worldwide if required.
To protect the data, there is an international Phoenix Contact data protection framework agreement based on the EU standard contractual clauses, which was joined by all relevant Phoenix Contact companies worldwide.
Storage duration of the data:
Master data of a supplier are stored in the system as long as there is a contractual relationship or a contractual relationship cannot be ruled out for the future.
Furthermore, these data are immediately changed or blocked/deleted if the supplier/contact person as a natural person so requires, or if the responsible purchaser becomes aware of incorrect data.
(in each case subject to statutory retention periods)
Procurement documents are deleted after expiry of the retention period of the respective applicable law (max. 10 years) and upon completion of the tax audit.
Own audit reports on quality are stored up to 10 years for a long-term supplier development and for the quality proof in customer audits.
Creditworthiness information is stored 6 years for the evaluation of the medium-term development of a supplier as long as there is a contractual relationship.
Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
The processing of the personal data mentioned here is necessary for the supplier management or the handling of business transactions.
Without these data, we cannot enter into a business relationship.
Automated decision-making / Profiling:
There will be no automated decision-making or profiling based on your collected data.
Application details
The processing of your application with us will be done by Phoenix Contact GmbH & Co. KG to whose website we merely link. Therefore please also consider the detailed information within the registration in their career portal.
Chat
Your personal data, which you
provide to us when using the chat, will be used exclusively for processing your
specific request to us.
Information on the
processing of your contact data in this context can be found at: Use of chat
Cookies
Our websites use what is known as cookies in several places. Cookies are small text files that are placed on your computer and stored by your browser. They serve to make our offer more user-friendly, effective, and secure. Thus, for instance, they ensure the technical realization of a user session in the online shop of PROTIQ. At the same time, these cookies provide information which allows us to optimize our websites in line with user requirements, for example to save the language you have chosen on our website.
Most of the cookies we use are so-called “session cookies”. They will be deleted automatically from your browser once you leave the site. In part, however, we also use cookies that are saved for a longer period of time. The maximum storage period of a cookie can be up to two years.
All cookies on our websites contain purely technical information in a pseudonymized or anony-mized form; they do not contain any personal data.
We ourselves do not store any information in the LSO (Local Shared Objects) area of your computer, so we do not use so-called “Flash Cookies”. However, other services we may link to, such as YouTube, use this function for their own purposes, where applicable.
Social Media / Social Networks / External Links
On our website, we do not use any automatically activated plug-ins (eg iFrames) of the social networks. Our buttons for social networks such as Facebook, Twitter, Xing, LinkedIn, YouTube, Instagram etc. are mere links that refer to the respective sites of the provider. If you click on these links, you will be redirected to the pages of the respective social network. The instructions on data protection given there will then be applicable. This also applies to links to other third party websites.
In addition, we ourselves also have online presences in some of these social networks and platforms to inform interested parties/users about our products and services and to communicate with them. On some of these platforms, user data is processed outside the European Union (EU), even in countries where no data protection level comparable to that of the EU can be guaranteed. Your data is often used for the platform's own purposes, e.g. for market research and advertising purposes or to analyze your user behavior for the creation of user profiles. For these purposes, cookies from these platforms are usually stored on the user's computer, which can be used to store or assign user profiles.
Although PROTIQ does not have access to the profile data processed by the platforms, PROTIQ may be jointly responsible under data protection law for the use of these platforms. The personal data of the users is processed on the basis of our legitimate interests in simple information and communication with the users pursuant to art. 6 (1) lit. f GDPR.
If you have any questions regarding the processing of your personal data when using these social networks, please contact the respective platform directly, as we do not have access to your data there.
For detailed information on the processing of your personal data and the opt-out options, we refer you to the following linked details of the social media platforms:
Facebook
Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
on the basis of an joint controller agreement of personal data according to art. 26 GDPR.
Privacy policy at: https://www.facebook.com/about/privacy,
Opt-out at: https://www.facebook.com/settings?tab=ads.
Instagram
Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Privacy policy at: http://instagram.com/about/legal/privacy/
Opt-out at: http://instagram.com/about/legal/privacy/ (point VI.).
YouTube
YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA
represented by: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043,USA
Privacy policy at: https://www.google.de/intl/de/policies/privacy/,
Opt-out at: https://adssettings.google.com/.
Twitter
Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland
Privacy policy at: https://twitter.com/de/privacy,
Opt-out at: https://twitter.com/personalization.
LinkedIn
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland
Privacy policy at: https://www.linkedin.com/legal/privacy-policy,
Opt-out at: https://www.linkedin.com/psettings/.
XING
XING SE, Dammtorstraße 30, 20354 Hamburg, Deutschland
Privacy policy at: https://privacy.xing.com/de/
Opt-out at: https://privacy.xing.com/de/datenschutzerklaerung
Facelift Cloud
We use Facelift Cloud, a service provided by Facelift Brand Building Technologies GmbH (Gerhofstraße 19, 20354 Hamburg, Germany) to manage our online presence on social media (Facebook, Instagram, LinkedIn and Twitter). Facelift Cloud enables us to publish, promote, manage, monitor and moderate the content of our social media profiles. For this purpose, the social media user IDs of customers and prospects who interact with us on the platforms, as well as the communication history, are stored in a data centre of Facelift Brand Building Technologies GmbH and made available to us for use via the Facelift Cloud software.
Marketing automation with Mautic
We use Mautic on this website, an open source tool for marketing automation. It is an analysis and tracking software for the allocation and storage of usage data (including browser used, last page visited, length of stay). The software uses this information to personalise our marketing efforts and better target the interests of each individual user. The software also helps us to better evaluate the success of individual marketing measures. For this purpose, we have concluded an AV contract with our hoster for the Mautic marketing tool.
We use the open source marketing tool Mautic on our website, which is operated exclusively on servers in Germany. Data is not passed on to third parties. We only collect and process data with Mautic to the extent necessary to achieve our business goals with you.
Mautic's way of working is expressed through:
a) Email marketing and campaigns
With so-called email marketing, personalised emails are sent to you. These are partly based on your usage behaviour on the website, when reading our emails and when interacting with the links contained therein. Furthermore, we also send e-mails as part of campaigns. The allocation to the campaigns is done through segmentation and tagging.
b) Personalised web links
In order to recognise whether, for example, a user calls up a link from an email, Mautic adds a unique identifier to these links, which has previously been assigned to an individual user profile.
c) IP address
The IP address currently used by website visitors is transmitted to us each time our website is accessed. Mautic uses this to recognise users of the website.
d) Reports evaluate the performance data on the collected data and display it in aggregated form.
The data collected in the process are:
• Number of page views and length of stay of the website visitor
• the click path of the respective visitor
• Downloads of files provided via the website
• Landing page visits
• Email openings from newsletters and campaigns
In the context of a registration on the website, the provider collects data through the use of Mautic:
• Contact details (such as name, postal or e-mail address, telephone number)
• Business contact details (such as your job title, the name of a business, business email address, telephone or fax number).
• The IP address of the terminal from which the use of the website takes place (a sequence of digits that identifies your current computer connection on the Internet).
The released data is clearly recognisable to the user by filling out a form. The data required to submit the form is marked.
Mautic is only used if you have expressly given your consent to the use of so-called "first-party cookies" when using our website for the first time. You can revoke this consent at any time by contacting the person named above. In this case, all tracking data collected by means of Mautic will be deleted immediately.
Trusted Shops
Trusted Shops widgets are integrated on this website to display Trusted Shops services (e.g. seal of approval, collected ratings) and to offer Trusted Shops products to shoppers after they have placed an order.
This serves to protect our legitimate interests, which outweigh our interests in the context of a balancing of interests, in optimal marketing by enabling secure shopping in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO. The trust badge and the services advertised with it are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany, with whom we are jointly responsible for data protection pursuant to Art. 26 DSGVO. Within the framework of this data protection notice, we inform you in the following about the essential contractual contents in accordance with Art. 26 (2) DSGVO.
The trust badge is provided within the scope of joint responsibility by a US-American CDN provider (content delivery network). An appropriate level of data protection is ensured by standard data protection clauses and further contractual measures. Further information on the data protection of Trusted Shops GmbH can be found in their
data protection declaration.
When the Trustbadge is called up, the web server automatically saves a so-called server log file, which also contains your IP address, the date and time of the call-up, the amount of data transferred and the requesting provider (access data) and documents the call-up. The IP address is anonymised immediately after collection so that the stored data cannot be assigned to you personally. The anonymised data is used in particular for statistical purposes and for error analysis.
After the order has been completed, your email address, which has been hashed using a cryptological one-way function, is transmitted to Trusted Shops GmbH. The legal basis is Art. 6 para. 1 p. 1 lit. f DSGVO. This serves to check whether you are already registered for services with Trusted Shops GmbH and is therefore necessary for the fulfilment of our and Trusted Shops' overriding legitimate interests in the provision of the buyer protection linked to the specific order in each case and the transactional evaluation services in accordance with Art. 6 (1) sentence 1 lit. f DSGVO. If this is the case, further processing will be carried out in accordance with the contractual agreement between you and Trusted Shops. If you have not yet registered for the services, you will subsequently be given the opportunity to do so for the first time. Further processing after registration also depends on the contractual agreement with Trusted Shops GmbH. If you do not register, all transmitted data will be automatically deleted by Trusted Shops GmbH and a personal reference is then no longer possible.
Trusted Shops uses service providers in the areas of hosting, monitoring and logging. The legal basis is Art. 6 para. 1 lit. f DSGVO for the purpose of ensuring trouble-free operation. Processing may take place in third countries (USA and Israel). An adequate level of data protection is ensured in the case of the USA by standard data protection clauses and further contractual measures and in the case of Israel by an adequacy decision.
Within the framework of the joint responsibility existing between us and Trusted Shops GmbH, please prefer to contact Trusted Shops GmbH with data protection questions and to assert your rights using the contact options given in the data protection information linked above. Irrespective of this, however, you can always contact the data controller of your choice. Your enquiry will then, if necessary, be passed on to the other responsible person for a response.
Web analyses
On our websites we use different tools for pseudonymized or anonymized web analyses and to evaluate the success of our marketing measures. The following explanations will give you an overview of tools we use and to what extent. We do not use all tools on all websites.
Intended purposes of the processing of the personal data:
Web analysis and online advertising (remarketing), i.e. in detail analysis of user behavior to optimize our online services and display interest-related advertising
Legal basis for the processing:
Art. 6 (1) (f) GDPR
(Legitimate interests of the controller)
Art. 6 (1) (a) GDPR
(Optional consent for the creation of marketing profiles)
Legitimate interests of processing pursued by the controller and their balancing with the interests and rights of the users:
Analysis and statistical evaluation of the use of our website, optimization of the user guidance and the economic operation of our online services, provision of offers and contents that are as relevant and interest-related as possible.
We have carefully balanced these legitimate interests with your interests and fundamental rights and freedoms as a user. Where we use Google services or tools from other third-party providers, we do not have less restrictive, but equally suitable means to pursue our interests, either because of the international distribution of such tools or because of their standard interfaces to other software systems we use. The data is processed using a pseudonym; the data gained is not used to identify users. In your interest, we have implemented the services of third-party providers in such a way that they are as data protection-friendly as possible (e.g. by shortening the IP address, reducing the standard storage period, etc.).
Furthermore, there are different possibilities to deactivate and prevent tracking (opt-out), so that the user can easily execute his right to object according to the GDPR at any time. Where this is technically possible and supported by the service providers, do-not-track settings by our users are also respected.
Categories of personal data that are processed:
Pseudonymous statistical data for the use of the website and our online services
(For example: Which pages are called in which order; duration of stay on our websites; which offers are clicked...).
Source (origin) of the data:
From the data subject (when using the website).
Recipient of the data (categories):
As part of the administration of the website, employees of PROTIQ GmbH may have access to the data.
Service providers who support us in the administration and operation of web analytics and online advertising as well as third-party providers of analysis and tracking tools may have access to your data. However, these service providers are contractually obliged by respective data processing agreements to only use the data on our account and not for their own purposes.
Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
Within our services, data can be transferred anonymized or pseudonymized to servers in the USA and stored there. From the point of view of the European Union, there is no “adequate level of protection” in the USA for the processing of personal data in line with EU standards. However, our service providers signed the EU standard contractual clauses and are therefore subject to a comparable level of protection, thereby ensuring compliance with European data protection law.
Storage duration of the data:
Data collected and processed for web analysis purposes are stored pursuant to the respective applicable law (max. 14 months) before being deleted or anonymized. The storage duration of cookies for web analyses is 6 months.
Automated decision-making / Profiling:
There will be no automated decision-making or personalized profiling based on your collected data. The pseudonymized collected data will not be assigned to a person.
Google Services
Google Analytics
We use Google Analytics, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") for web analysis and range measurement. Google uses cookies. The information generated by the cookie about users' visits to our website is generally transmitted to and stored by Google on servers in the United States.
However, Google Analytics is used by us exclusively with activated IP anonymization (so-called IP masking). This means that the IP address of users is shortened by Google. Only in exceptional cases, e.g. if technical failures occur in Europe, the full IP address is transferred to a Google server in the USA and then shortened there. To the best of our knowledge, the IP address transmitted by the user's browser will not be merged with other data of the user held by Google.
Google uses the transmitted data on our behalf and on the basis of a (commissioned) data processing agreement, to evaluate the use of our website, to create reports on the activities within our online offering and to provide us with other services associated with the use of the website. With the help of these analysis results we can, for example, identify particularly popular areas of our website and the preferences of users and use the knowledge gained in this way to further improve our offer and make it more targeted and interesting for you as a user.
With the processing of the data we pursue our legitimate interests in an analysis and statistical evaluation of the use of our website, in the optimization of our online offer and in the provision of content that is as relevant to your interests as possible. We have carefully balanced these legitimate interests with your interests and fundamental rights and freedoms as a user and have come to the conclusion that no consent is required but that data processing is allowed on the basis of our legitimate interests, Art. 6 (1) (f) GDPR.
The determining reason for the use of Google Analytics is the fact that there is no equally suitable web analysis tool for our specific purposes. Google Analytics is not only the most widespread tool in the international context and is therefore particularly suitable for websites of internationally active groups of companies. Due to its wide distribution, Google Analytics - unlike other web analysis tools - also has standard interfaces to other software systems that we use. Furthermore, in your interest we implemented Google Analytics as data protection friendly as possible (in addition to IP masking, e.g. by not processing the user ID for cross-device analysis of visitor flows, by reducing the standard storage period, etc.).
The acceptance of cookies when using our website is not mandatory; if you do not wish cookies to be stored on your device, you can deactivate the corresponding option in the system settings of your browser or in the Cookiebot settings (Cookie Management). Additionally, you can delete saved cookies at any time in the system settings of your browser. If you do not accept cookies, however, this may lead to functional limitations. In addition, you can deactivate the use of Google Analytics cookies using a browser add-on if you do not wish the website analysis. You can download this add-on here: http://tools.google.com/dlpage/gaoptout?hl=en.
You can use the Google Analytics opt-out browser add-on to prevent Google Analytics from using your information. To disable Google Analytics, download and install your web browser add-on. The Google Analytics opt-out add-on is compatible with all common browsers. For the add-on to work, it must be loaded and run correctly in your browser. To learn more about how to disable Google Analytics and correctly install the browser add-on, click here: https://support.google.com/analytics/answer/181881?hl=en.
As an alternative to the browser add-on, for example for mobile devices, you can also prevent Google Analytics from capturing data by clicking on the opt-out link that you find in the privacy menu of the respective website if this website uses Google Analytics. An "opt-out cookie" will then be set to prevent your data from being collected in the future. The opt-out cookie applies only to the specific browser used when you set it and only to our website and is stored on your device. If you delete the cookies in your browser, you must set the opt-out cookie again.
The common browsers also offer a "Do-Not-Track-Function". If this function is activated, your device informs the web analysis tool that you do not want to be tracked.
Please also note the following: From the point of view of the European Union, there is no "adequate level of protection" for the processing of personal data in the USA that corresponds to EU standards. However, this level of protection can be replaced or established for individual companies by signing the so-called EU standard contractual clauses. Google has signed these clauses and hereby guarantees to comply with the European data protection law.
The data processed by Google Analytics is automatically deleted after a period of max. 13 months. Data whose retention period has been reached is automatically deleted once a month.
You can find out more about Google's use of data, setting and withdrawal options in Google's privacy policy: https://policies.google.com/privacy
Google Analytics 4
Our website uses Google Analytics 4, a newly developed product of Google which is currently in its beta testing phase. The Google Analytics 4 allows us to combine app and web data (such as clicks, page views, apps open, scrolls, outbound clicks, site search, video engagement, file downloads, and more) for unified reporting and analysis across platforms.
For more information on Google Analytics, including on the applicable retention periods, please see above under "Google Analytics".
Google Ads
For the purpose of optimizing our online offer we use third-party retargeting and remarketing services on our website to help us analyze, improve and operate our online services in an economic way.
Online Advertising (Retargeting/Remarketing) In order to improve our marketing offer, we use retargeting and remarketing services from third parties on our website to analyze, optimize and economically operate our online services.
How Retargeting/Remarketing works On our website, data is collected using a cookie/tracking technology to improve our online offering. This data is not used by us to identify you personally, but solely to evaluate the use of our website and to address and provide users who are already interested in our content and offers with interest-related advertising. We are convinced that the display of an interest-related advertisement is generally more interesting for the user than advertising that has no such personal reference. The following section of this privacy policy explains with which third parties we cooperate, how your data is processed in this context, and how you can deactivate and opt out from such retargeting/ remarketing technologies.
Google Ads We use the online marketing tool Google Ads, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). We use the remarketing function within the Google Ad Service in order to place ads within the Google Advertising Network (e.g. in search results, videos, web pages, etc.) so that they are specifically displayed to users who have a supposed interest in the ads or the products and services advertised. For these purposes, so-called (re)marketing tags (invisible graphics or codes) are integrated and executed on our website and other websites of the Google Advertising Network directly by Google. In this way an individual cookie is stored on the user's device (comparable technologies can also be used instead of cookies), this serves to recognize your browser. Google usually stores information about this cookie, such as which websites the user has visited, what content he is interested in and what offers the user has clicked on, as well as technical information on the browser and operating system, referring websites, visiting times and other information about the use of the online service.
Furthermore, we use the function of Ads Conversion. Using an individual "conversion cookie" we can track how many of our visitors are taking actions on our website resulting from an advertising campaign. The information collected with the help of the cookie is used by
Google to compile conversion statistics for us. However, we only know the anonymous total number of users who clicked on our ad and were directed to a page with a conversion tracking tag. We do not receive any personally identifiable information.
The data processing associated with the services described above is carried out for analysis, optimization and marketing purposes, in particular in order to better measure and evaluate the success of our advertising campaigns and to provide you with offers and content that are as closely aligned with your interests as possible. We have carefully balanced these legitimate interests with your interests, fundamental rights and freedoms as a user and have come to the conclusion that no consent is required, but that data processing is allowed on the basis of our legitimate interests, Art. 6 (1) (f) GDPR. The determining reason for the use of Google Ads is the fact that there is no equally suitable online advertising network for our specific purposes. Google Ads is the most widespread international advertising tool and is therefore particularly suitable for advertising in our internationally group of companies. The most important aspect, however, is that the network of Google's partners - the so-called display network - is probably the world's largest network and you as a user can therefore be addressed in the best possible and most targeted way.
When balancing these interests, it has also been considered that the acceptance of marketing cookies when using our website is not mandatory and can be prevented by you in different ways. If you do not wish such marketing cookies to be stored on your device, you can deactivate the corresponding option in the system settings of your browser. Already stored cookies can be removed at any time in the system settings of your browser. However, if you do not accept any cookies, this may lead to functional limitations. You can also prevent data processing by Google Ads by clicking on this Link. An "opt-out cookie" will then be set to prevent your data from being collected in the future. The opt-out cookie applies only to the browser used when you set it and only to our website and is stored on your terminal device. If you delete the cookies in your browser, you must set the opt-out cookie again. The common browsers also offer a "Do-Not-Track-Function". If this function is activated, your device informs the web analysis tool that you do not want to be tracked.
Insofar data is processed in the USA, we would like to point out that Google is certified under the EU-U.S.-Privacy Shield Agreement and thereby guarantees compliance with European data protection law.
The data processed by Google Ads is deleted after 90 days. The deletion of data whose retention period has been reached takes place automatically once a month. Further information on the use of data by Google, setting and withdrawal options can be found in Google's data protection declaration (https://policies.google.com/technologies/ads?hl=en) and in your personal settings for the display of advertising by Google (https://adssettings.google.com/authenticated).
Google Tag Manager For reasons of transparency, we would like to point out that we use the Google Tag Manager on our website. Google Tag Manager is a solution that allows providers of websites to manage website tags through a single interface and in this way to integrate Google services into their offering. The Google Tag Manager itself (which implements the tags) does not collect or process any personal data.
Google Tag Manager
We would also like to draw your attention to the use of Google Tag Manager on our website. Google Tag Manager is a solution with which website operators can manage website tags via a uniform interface and thus integrate Google services in particular into their offering. The Google Tag Manager itself (which implements the tags) does not collect or process any personal data.
Google Optimize
Our website uses the web analysis and optimisation tool Google Optimize, a service linked to Google Analytics, also from Google (see above). We use Google Optimize to improve the content and features of our website via A/B testing. This means that certain new features or versions of our website are made available to users and statistical analysis is used to determine which variant of the feature or website achieves better results.
A/B testing is carried out using cookies. Please note that the information collected by these cookies about your use of this website is usually transferred to a Google server in the USA and stored there. We use Google Optimize with the extension "_anonymizeIp()".
More detailed information about Google Analytics and the applicable retention periods can be found above under "Google Analytics".
Microsoft Ads
We use Microsoft Ads: a service provided by Microsoft Ireland Operations Limited, The Atrium Building Block B, Carmanhall Road, Sandyford Business Estate, Dublin 18) ("Microsoft"). Microsoft Ads is an advertising platform that allows us to develop campaigns and target users across Microsoft's Search and Audience Network. To this end, Microsoft Ads stores a cookie on your computer if you arrived at our website through a Microsoft ad. This allows Microsoft and us to recognise that someone has clicked on an ad, been redirected to our website and reached a predetermined landing page (conversion page). We only know the total number of users who clicked on an ad and were directed to a conversion page, so we only process aggregate data.
For more information about Microsoft's data storage and retention policies, please visit https://privacy.microsoft.com/de-de/privacystatement.
Before using Microsoft Ads, we will obtain your consent (Art. 6 (1) (a) DSGVO).
Friendly Captcha
Our website uses the service "Friendly Captcha" (www.friendlycaptcha.com). This service is offered by Friendly Captcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany. Friendly Captcha is a novel, privacy-friendly protection solution to make it more difficult for automated programs and scripts (so-called "bots") to use our website.
Friendly Captcha processes and stores the following data in the above-mentioned process:
Anonymised IP address of the requesting computer; Information about the browser used, as well as the operating system; Anonymised counter per IP address to control the cryptographic tasks; Website from which the access has taken place.
The data is used exclusively for the protection against spam and bots described above. Friendly Captcha does not set or read any cookies on the visitor's terminal device. IP addresses are only stored in hashed (one-way encrypted) form and do not allow us and Friendly Captcha to draw any conclusions about an individual person. If personal data is collected, it is deleted after 30 days at the latest. The legal basis for the processing is our legitimate interest in protecting our website from improper access by bots, i.e. spam protection and protection against attacks (e.g. mass requests), Art. 6 para. 1 lit. f DSGVO. Further information on data protection when using Friendly Captcha can be found at https://friendlycaptcha.com/legal/privacy-end-users/.
Supplementary information regarding the use and transfer of personal data
PROTIQ may be forced to disclose your data and related information by judicial or official order. Likewise, we reserve the right to use your data for the assertion of or defense against any legal claims. In accordance with applicable law we also reserve the right to store and transfer personal and other data for a specific purpose in order to detect and combat illegal activities, fraudulent attempts or a breach of PROTIQ’s terms of use.
We do not sell, disclose or otherwise make available personal data to third parties for marketing purposes.
Secure communication on the Internet
We make every effort to ensure that your personal data is transferred and stored using technical and organizational measures to prevent access by unauthorized third parties.
As a general rule, the Internet is regarded as an insecure environment. In contrast to a telephone line, for instance, data transfers on the Internet can be more easily wiretapped, recorded or even modified by unauthorized third parties. To ensure the confidentiality of communications with you, we use an AES 256bit SSL/TLS encryption of our website. This encryption is regarded as secure, based on the latest technological advancements. Operating systems and browsers from earlier versions also achieve this security level. If necessary, you should update the operating system and the browser on your device to benefit from this high-level encryption.
Email communication without encryption does not guarantee comprehensive data security. Therefore, we recommend using the regular postal mail for confidential information.
Data subject rights
You are entitled to the following rights, if the respective legal requirements are met: Right to have access to your data that we store; rectification, erasure, restriction of processing your data or the right to object to the processing, as well as data portability.
If you do not agree to your personal data being saved or this data becomes inaccurate, we will ensure, upon your request, that your data is corrected, blocked or deleted under the statutory provisions. Upon request, we will send you a list of your personal data, that we have stored, please do not hesitate to contact our designated point of contact.
Additionally, you have the right to lodge a complaint with athe competent data protection supervisory authority of your country of location, if you believe the processing of your personal data is unlawful.
Should you have any questions that have not been addressed in this data protection notice, in case you wish more detailed information regarding a specific point, please do not hesitate to contact our designated point of contact.
Please note that depending on the circumstances, we may require proof of identification to handle any requests regarding your personal data.
If you reside in France, you also have the right to provide instructions on the handling of your personal data after death.
Update to this Privacy Policy
If PROTIQ launches new services, alters its Internet procedures or if the legal requirements or the Internet and IT security technology is further developed, this data protection statement will be updated. We therefore reserve the right to change or supplement this statement as required. The current version will be published at
www.protiq.com/en/privacy/
.
Right of access / changing and deleting personal data
Information in accordance with Article 13 or 14 GDPR
If you have any questions that have not been addressed by this data protection statement or if you require more detailed information regarding a specific point, please do not hesitate to contact us.
If you no longer agree to your personal data being stored or if they become inaccurate, we shall, upon your request to this effect, proceed to their blockage or deletion, or perform the necessary corrections thereto, to the extent possible under the statutory provisions. Upon request, we will inform you about all your personal data that we have stored. To do so, please contact:
PROTIQ GmbH
Flachsmarktstraße 54
32825 Blomberg
Tel. +49 5235 3-4 38 00
Fax +49 5235 3-4 41 154
Please appreciate that we require proof of identity to handle any requests regarding your person-al data we have stored.
Statutory information to be provided where your personal data are collected (in accordance with Article 13 or 14 GDPR) can be found related to the context in those places where we collect your data on this website, or summarized here:
Data Protection Officer
For general questions regarding the collection, processing or use of personal data by us as well as for general information regarding data protection at PROTIQ, please contact us in writing at:
PROTIQ GmbH
– Datenschutzbeauftragter –
Flachsmarktstraße 54
32825 Blomberg
Controller within the meaning of the EU General Data Protection Regulation (GDPR) or the Federal Data Protection Act (FDPA)
PROTIQ GmbH
Flachsmarktstraße 54
32825 Blomberg
Tel. +49 5235 3-4 38 00
Fax +49 5235 3-4 41 154
Updated: August 8, 2023