Privacy Policy
Blickle Räder+Rollen GmbH u. Co. KG, Heinrich-Blickle-Straße 1, 72348 Rosenfeld, Germany, registered with the District Court of Stuttgart under HRA 410183, is the owner and operator of the websites blickle.com, blickle.de, blickle.at, blickle.co.uk, blickle.fr, blickle.es, blickle-raeder.ch, blickle.se, blickle.it, blickle.us, blickle.ca, blickle.cn, blickle.nl, blickle.be, blickle.cz, blickle.no, blickle.fi, blickle.dk, blickle.com.ro, blickle.com.tr, blickle.ru, blickle.pl, blickle.hu, blickle.jp, blickle.kr, blickle.pt, blickle.lt, blickle.bg, blickle.com.hr, blickle.rs, blickle.lv, blickle.ee, blickle.si, blickle.com.ua, blickle.com.au. On behalf of the entire Blickle Group, thank you for visiting our website and for your interest in our company and services. More information about our international Group companies is available under clause 3 and here. Protecting your privacy when handling your data is important to us. Because of this, your personal data will only be processed in accordance with European data protection legislation and any relevant national data protection requirements.
1. Introduction
This Privacy Policy meets our duties to provide information to our customers and users of this website in accordance with Article 13 of the German General Data Protection Regulation (GDPR). We are committed to protecting your personal data. Personal data is any information relating to an identified or identifiable natural person. This includes information such as names, postal and email addresses and telephone numbers. The legal basis for data protection is established by the GDPR, the German Telemedia Act (TMG) and the EU ePrivacy Regulation.
We only process the personal data of our users if this is required in order to provide a functional website, content or services, or if the processing of this data is justified under the GDPR.
2. Your data protection rights as a user of this website or customer (rights of the data subject)
Under data protection law, you are considered a data subject as a visitor to this website or as a customer. You have certain rights as a data subject. These rights are as follows:
At any time you have the right to obtain information without any charge about your stored personal data, its origins and recipients and the purpose of data processing - without having to give any justification for this request. You are also entitled to have this data corrected, rectified, blocked or deleted. You may also request specific personal data and reuse it for your own purposes with different organisations. You can also restrict the processing of your data and/or object to the processing for reasons related to your specific situation at any time. If you have granted your consent for us to process your data, you can withdraw this consent at any time. You are also entitled to lodge a complaint with the supervisory authority in accordance with Article 77 of the GDPR.
3. Controller / (Joint) Controllership
a) Controller / Joint Controllership pursuant to Article 26 GDPR
Blickle Räder+Rollen GmbH u. Co. KG, Heinrich-Blickle-Straße 1, 72348 Rosenfeld, Germany, is the controller in the sense of Article 4(7) of the GDPR for the personal information (defined below) collected on the aforementioned websites.
We are jointly responsible with group companies and/or distributors to the extent that we pass on personal data to group companies and/or distributors or receive personal data from them (joint controllership, pursuant to Article 26 of the GDPR). Joint controllership may also arise with other natural or legal persons (e.g. payment service providers); the following applies accordingly to these relationships.
b) Information pursuant to Article 26 (2) GDPR
Joint controllership exists with the following companies of the Blickle Group:
- Blickle Castors & Wheels Ltd, Milton Keynes, United Kingdom of Great Britain and Northern Ireland
- Blickle Wielen B.V., Houten, The Netherlands
- Blickle B.V., Lier, Belgium
- Blickle Hispania S.A., Madrid, Spain
- Blickle Italia S.r.l., Desio, Italy
- Blickle a.s., Brno, Czech Republic
- Blickle Räder + Rollen GmbH, Grödig, Austria
- Blickle Räder + Rollen GmbH, Lyssach, Switzerland
- Blickle France SAS, Herrlisheim, France
- Blickle Romania S.R.L., Cluj-Napoca, Romania
- Blickle Australia Wheels and Castors Pty Ltd, Arundel, Australia
- Blickle AB, Helsingborg, Sweden
- Blickle Oy, Vantaa, Finland
- Blickle Norge AS, Horten, Norway
- Blickle Sanayi Tekerlekleri Tic. Ltd. Sti, Istanbul, Türkiye
- Blickle Castors (Taicang) Co., Ltd. Taicang, China
- Blickle Canada Inc, Candiac, Canada
- Blickle U.S.A. Wheels and Casters Inc., Newnan, USA
as well as with our distribution companies. You can find them here.
The transfer of personal data to group and/or distribution companies, as well as the receipt of such data, takes place in the context of business cooperation as well as the promotion and distribution of Blickle products and services. This may also involve the processing of your personal data. The parties have jointly determined the sequence of processing of this data for this case in individual process sections. The parties are jointly responsible for the protection of your personal data within the process sections described below (Article 26 of the GDRP).
Within the framework of joint controllership under data protection law, we have agreed with the aforementioned companies who fulfils which obligations under the GDPR. This relates in particular to the exercise of your rights as a data subject and the fulfilment of the information obligations pursuant to Articles 13 and 14 of the GDPR.
This agreement is necessary because personal data is processed in different process sections and systems in the course of entrepreneurial cooperation as well as advertising and sales, which are operated either by Blickle Räder+Rollen GmbH u. Co. KG or a group or distribution company.
Data transfer with distribution companies takes place with regard to marketing and sales, and with group companies additionally for the purposes of controlling, accounting, personnel management, business operations in general and internal organization.
Even if there is joint controllership, the parties fulfil the data protection obligations for the data processing carried out by them within the scope of joint controllership.
Both Blickle Räder+Rollen GmbH u. Co. KG and the aforementioned group and/or distribution companies shall make the information required under Articles 13 and 14 of the GDPR available to the data subjects free of charge in a precise, transparent, comprehensible and easily accessible form in clear and simple language. In doing so, each party shall provide the other with all necessary information from its sphere of activity. The parties shall inform each other without delay of legal positions asserted by data subjects. They shall provide each other with all information necessary to respond to requests for information.
Data protection rights can be asserted both at Blickle Räder+Rollen GmbH u. Co. KG and at the aforementioned group and distribution companies. In principle, data subjects will receive the information from the office where the rights were asserted. However, in order to speed up the procedure, we recommend that you assert your rights against Blickle Räder+Rollen GmbH u. Co. KG.
4. Contact / Contact Options - Data Protection Coordinators - Data Protection Officer
If you have any questions related to data protection within the Blickle Group which are not covered by this Privacy Policy, or if you wish to exercise your rights as a data subject, please contact the controller directly.
We recommend sending an email to our data protection coordinators (datenschutz@blickle.com). You can also contact us by post. We also have an external data protection officer. They can be contacted by sending an email to datenschutz@blickle.com.
If you want to contact us by email, we wish to point out that the confidentiality of the information transmitted is not guaranteed for unencrypted emails. The content of unencrypted emails can be viewed by third parties (see “Information security” section).
You can also contact us via contact forms on our website. Information you provide in a contact form, including your contact details, will then be encrypted, forwarded to us and stored by us for the purpose of processing the request and for follow-up queries.
How do we collect your data?
On the one hand, your data is collected when you provide it to us. This can be, for example data that you enter in a contact form. Other data is collected automatically or with your consent by our IT systems when you visit the website. systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of the page view). of the page view). This data is collected automatically as soon as you enter this website.
What do we use your data for?
Some of the data is collected to ensure that the website is provided without errors. Other data can be used to analyse your user behaviour.
To exercise your right to lodge a complaint in accordance with Article 77 of the GDPR, please contact the relevant supervisory authority.
5. Retention period
We delete or make unavailable the personal data of data subjects or restrict the processing of this data as soon as it is no longer required. Data may be retained past this point if this is required under European or national directives, legislation or other requirements to which the controller is subject. Personal data will also be deleted, made unavailable or have its processing restricted at the end of any retention period required by the aforementioned standards, unless this data is required in order to enter into a contract or for the performance of a contract.
6. Legal principles with regard to the processing of personal data
If a data subject grants consent for their personal data to be processed, the legal basis for the processing is Article 6(1)(1)(a) of the GDPR.
The legal basis for the processing of personal data for the performance of a contract to which the data subject is a party is Article 6(1)(1)(b) of the GDPR. The same legal basis applies for the processing of personal data for the implementation of pre-contractual measures.
The legal basis for the processing of personal data for compliance with a legal obligation of our company is Article 6(1)(1)(c) of the GDPR.
The legal basis for the processing of personal data for the purposes of the legitimate interests of our company or a third party when those interests are not overridden by the interests or rights and freedoms of the data subject is Article 6(1)(1)(f) of the GDPR.
a) Purpose of data processing
Our website can be used without entering personal data. However, personal data is required in order to use certain services on our website. These are explained separately below and in particular inform you of the nature, scope and purpose of the collection, use and processing of personal data. We generally only process personal data if this is required in order to provide a functional website, content or services. Personal data may be collected for the purpose of providing and optimising our online content, for information and contact purposes, for customer service and support, for marketing, advertising and sales, for meeting contractual and legal obligations, for security measures, or for filling positions in response to applications. Any use of your personal data takes place only for the stated purposes and to the extent necessary to achieve these purposes.
We process personal data to meet contractual obligations in accordance with Article 6(1)(1)(b) of the GDPR. This includes:
- Purchase and delivery of products
- guaranteeing functionality
- processing orders
- creating user accounts
- providing services, e.g. repeat orders, changing an address, complaints, etc.
- to provide you with relevant information about your orders
- to contact you if we have or want to establish a business relationship with you or your employer (business contacts)
- handling job applications (covered in detail below).
We also process data for the purpose of our legitimate interests in accordance with Article 6(1)(1)(f) of the GDPR,
- to put together statistical information for the purpose of improving products and services
- to prevent, investigate and report criminal offences
- to assert legal claims (including debt collection procedures) and defend against legal claims
- to conduct audits
- for advertising purposes, unless you have instructed us not to use your data for this purpose
- to put together statistical information for the purpose of improving products and services. We may on occasion process order and usage data to create groups of users for this purpose - these groups are anonymised immediately and are not used to analyse or predict your personal preferences.
You can object to the processing of your personal data at any time. Please refer to “Right of objection” below for more information.
We may process your data on the basis of your consent in accordance with Article 6(1)(1)(a) of the GDPR for certain purposes, particularly:
- to put together statistical information for the purpose of improving products and services
- to enable personalised use of the website, provide personalised offers and optimise online content
- to send you newsletters with regular offers
- to provide special information and offers
- for market research
- for surveying customers
- to help visitors use the website with reminder functions
- for analysis purposes so that we can improve our offer for you.
You can withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
The legal basis for storing or accessing cookies, device identifiers or other information on your device for processing purposes is the European ePrivacy Directive in conjunction with Section 12 et seq. of the German Telemedia Act and Articles 6(1)(1)(a) and 6(1)(1)(f) of the GDPR.
b) Applications
The legal basis for the processing of personal data for job application purposes is Article 6(1)(1)(b) of the GDPR (establishing a contract) and Section 26 of the German Data Protection Act (Processing of Data for the Purposes of the Employment Relationship). We also use consent as a legal basis for the processing of data in the context of the application process (Article 6(1)(1)(a) of the GDPR.
This consent is granted voluntarily and is used for the purpose of staff recruiting and the transfer of your data to an internal talent pool. You can revoke any consent which you have granted at any time in whole or in part. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
As part of the application process, special categories of personal data of applicants in the sense of Article 9(1) of the GDPR (in particular health data) may be disclosed, transmitted and/or requested so that the controller can fulfil their obligations under labour law, social security and social protection law. The data subject (usually the applicant) can also disclose special categories of personal data in order to exercise their rights. In such cases, personal data will be processed on the basis of Article 9(2)(b) of the GDPR. The legal basis for the processing of personal data to assess the ability of the applicant to work, for the purpose of a medical diagnosis, the provision of health or social care or the administration of health or social care systems and services is Article 9(2)(h) of the GDPR.
Additional information about the processing of personal data is provided on our applicant portal.
7. Right of objection and withdrawal of consent
If we process your personal data for the purpose of legitimate interests pursued by us or a third party in accordance with Article 6(1)(1)(e) or (f) of the GDPR, you are entitled to object to the processing in accordance with Article 21 of the GDPR.
Article 21(1) of the GDPR entitles you to object to the processing of your personal data at any time. We will cease to process your personal data from the time that you object unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or if the purpose of the processing is to establish, exercise or defend legal claims.
You also have the right to withdraw consent with effect for the future in accordance with Article 7(3) of the GDPR.
If you would like to object to the processing of your personal data or withdraw your consent (particularly in connection with the technologies outlined below), you can contact us at any time. One way you can do so is to send an email to datenschutz@blickle.com.
8. Cookies
Our website uses so-called cookies, which are designed to make our website more user-friendly, effective and secure – for example, by facilitating navigation on our website. In addition, cookies enable us to measure the frequency of page views and the generic use of the website.
Cookies are small text files that are stored on your computer system. Cookies do not harm your computer and do not contain viruses. We would like to point out that some of these cookies are transferred from our server to your computer system, these mostly being so-called “session cookies”. “Session cookies” are automatically deleted from your hard disk after the end of the browser session. Other cookies remain on your computer system and allow us to recognise your computer system on your next visit (so-called persistent cookies). Of course you can refuse to accept cookies at any time, provided that your browser allows this. Please note that if you do this, you will not be able to use all the features of our website to the fullest extent possible.
The help function in the menu bar of most web browsers tells you how to prevent your browser from accepting new cookies, how to let your browser know when to accept a new cookie or how to deactivate all cookies received.
You can also delete cookies. Exactly how this is done will depend on your browser and operating system. As a result, we cannot provide instructions about how to delete cookies on your system here.
You can deactivate cookies at any time. However, deactivating strictly necessary cookies may cause certain features on the website to be unavailable. You can choose not to allow cookies at any time. You can object and/or withdraw your consent by sending an email to datenschutz@blickle.com.
9. Services, technologies and cookies used by the website
We use the following services, technologies and cookies to make sure that we can provide the essential features of our website and meet contractual obligations we have with our customers and partners. The legal bases for their use are Article 6(1)(1)(b) (entering into or performance of a contract), 6(1)(1)(c) (compliance with legal obligations) and/or 6(1)(1)(f) (compelling legitimate interests) of the GDPR. The primary legitimate interest is monitoring of the technical performance of the website.
a) Server-Log
Every visit to this website is recorded and stored in server log files. This data is used extensively for the technical analysis of how the server is being used, e.g. in order to avoid excess load on the server and/or managing the load on the server, and is processed on the basis of Article 6(1)(1)(f) of the GDPR.
The following data is collected:
- host address (IP address)
- the date and time when the website was accessed
- name of the file which was accessed
- HTTP status code
- the amount of data transmitted
- the website from which you accessed our website (referrer URL)
- browser/operating system/interface
- information about the server service which is used
- protocol version
This anonymous data is stored separately from any personal data and therefore cannot be linked to a specific person. This data is only transmitted to third parties if this is legally required or if we are ordered to do so by a court order. This data is not passed on for commercial or non-commercial purposes. However, we reserve the right to review this data subsequently if we have reason to believe that the website has been used illegally, including DDoS attacks on our website.
b) Consent with ConsentManager
Our website uses the consent technology of ConsentManager to obtain your consent to store cookies on your device or to use certain technologies and to document this in accordance with data protection requirements. The provider of this technology is Jaohawi AB, Håltegelvägen 1b, 72348 Västerås, Sweden, website: https://www.consentmanager.de (hereinafter "ConsentManager").
When you visit our website, a connection is established to ConsentManager's servers to obtain your consent and other permissions regarding the use of cookies. ConsentManager will then store a cookie on your device so that your browser remembers the choices you made until you revoke your consent. The data collected in this way is stored until you prompt us to delete it, you delete the ConsentManager provider cookie yourself or the purpose for which the data is being stored no longer applies. This does not affect any binding statutory retention requirements.
You can change or revoke the consent you have given or the settings you have made at any time by clicking on the ConsentManager icon in the lower left corner of your browser window.
We use ConsentManager to obtain your consent for the use of cookies in line with legal requirements. The legal basis for this is Art. 6(1)(c) of the GDPR.
Processors
We have concluded a data processing agreement (DPA) related to the use of the above-mentioned service. This contract is required under data protection law and ensures that the personal data of visitors to our website is processed in accordance with our instructions and in compliance with the GDPR.
c) Google technologies
This website uses the following technologies operated by Google Ireland Limited, register number: 368047, Gordon House, Barrow Street, Dublin 4, Ireland (Google).
Please note that Google uses a separate privacy policy. We accept no responsibility or liability for Google’s policy or procedures. Please refer to Google’s privacy policy before using our website. Google’s privacy policy is available here: https://policies.google.com/privacy?hl=en.
i. Google Tag Manager
We use this technology to manage our previously described analysis services on the basis of Article 6(1)(1)(f) of the GDPR. Google Tag Manager is used solely to implement tags. This means: No cookies are used and no personal data is collected. Google Tag Manager triggers other tags, which may collect data. However, Google Tag Manager does not access this data. If deactivated at the domain or cookie level, this will apply to all tracking tags if they are implemented with Google Tag Manager. For more information about Google Tag Manager, please refer to: https://support.google.com/tagmanager/answer/7157428?hl=en-GB and https://policies.google.com/privacy?hl=en.
ii. Google Adwords Conversion Tracking
If you grant your consent for us to do so (Article 6(1)(1)(a) of the GDPR, we will use Google Conversion Tracking to collect statistics about how our website is used and in order to optimise our website for you. If you have reached our website via a Google ad, a cookie will be stored on your computer by Google Adwords. These cookies expire after 30 days and are not used to identify you personally. If a user visits specific pages on the website of an Adwords customer before the cookie expires, Google and the customer will see that the user has clicked on the ad and has been forwarded to this page. A different cookie is assigned to each AdWords customer. Cookies cannot therefore be tracked across websites of different Adwords customers. Conversion cookies are used to put together conversion statistics for Adwords customers. AdWords customers are informed of the total number of users who have clicked on their ad and then been forwarded to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. You can also disable cookies for conversion tracking by blocking cookies from the domain “www.googleadservices.com” in your browser. Google’s privacy policy for conversion tracking is available here https://services.google.com/sitestats/en.html.
iii. Google Remarketing
If you grant your consent for us to do so (Article 6(1)(1)(a) of the GDPR), we will use Google Remarketing. This technology makes it possible to provide targeted marketing to users on the Google partner network who have already visited our websites and online services and have expressed an interest in our offering on the pages. Advertising is shown through the use of cookies. These text files are used to analyse what users do when they visit the website so that they can be provided with targeted recommendations and interest-based advertising.
iv. Google Maps
If you grant your consent for us to do so (Article 6(1)(1)(a) of the GDPR), this website will use Google Maps to provide you with maps and site plans. Each time Google Maps is accessed, Google sets a cookie to process user settings and data when viewing the page on which Google Maps is integrated. This cookie from Google is usually not deleted by closing the browser but expires after a certain time unless it is manually deleted by you.
The use of Google Maps and information obtained through Google Maps is subject to the Google Terms of Use https://policies.google.com/terms?hl=en as well as the supplementary terms and conditions for Google Maps https://www.google.com/intl/en/help/terms_maps/.
v. Google Fonts
If you consent to this in advance (Art. 6 para. 1 sentence 1 lit. a) DSGVO), we use the fonts provided by Google. Google Fonts ensures a high display quality. In addition, Google Fonts are automatically optimised for the web, which saves data volume and ensures fast loading times. Problems caused by different image synthesis systems (rendering) in different browsers, operating systems and mobile devices are largely avoided by using Google Fonts. By using Google Fonts, the fonts are reloaded via a Google server. This external call-up transmits data to the Google servers. In this way, Google also recognises that you or your IP address is visiting our website. Google Fonts stores CSS and font requests securely at Google.
The Google Terms of Use, can be found at Google Terms of Use - Privacy Policy & Terms of Use - Google.
Further details on Google Fonts can be found at Frequently Asked Questions | Google Fonts | Google Developers.
d) YouTube
If you grant your consent for us to do so (Article 6(1)(1)(a) of the GDPR), our website will use plug-ins (i.e. optional software components which enhance an existing piece of software) from YouTube, which is operated by Google. The operator is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. Visiting any of our pages containing a YouTube plug-in will create a connection to the servers of YouTube. This will provide the YouTube server with information about which of our sites you visited. If you are logged in to your YouTube account, this will enable YouTube to associate your surfing behaviour directly with your personal profile. We use YouTube in order to present online content in an appealing manner. For more information about how user data is processed, please refer to the YouTube privacy policy: https://policies.google.com/privacy?hl=en.
e) Facebook Pixel
If you grant your consent for us to do so (Article 6(1)(1)(a) of the GDPR), our website will use the user action pixel from Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (Facebook) for conversion tracking. This is used to track the behaviour of visitors once they have been forwarded to a website after clicking a Facebook ad. This allows us to evaluate the effectiveness of Facebook advertising for statistical and market research purposes and optimise our future marketing measures. The data that we collect as the operator of this website is anonymized. This means that we are not able to link it to individual users. However, because the data is stored and processed by Facebook, it can be linked to your user profile. Furthermore, Facebook may use the data for its own advertising purposes in line with the Facebook Data Policy. This allows Facebook to display ads on Facebook’s webpages and outside of Facebook. We are not able to influence how this data is used. Facebook’s Privacy Policy contains additional information about how your personal information is protected: https://www.facebook.com/privacy/explanation.
f) LinkedIn
If you grant your consent for us to do so (Article 6(1)(1)(a) of the GDPR), our website will use functions like the analysis and conversion tracking technology provided by the platform LinkedIn Inc. (2029 Stierlin Ct, Mountain View, CA 94043, USA, “LinkedIn”). We use this technology to display advertising which is relevant to you and based on your interests. LinkedIn also provides us with aggregated and anonymous reports of advertising activity and information about how you interact with our website. LinkedIn uses Javascript code and cookies for this purpose. These record data about how you use our website, including URLs, referrer URLs, IP addresses, device and browser properties, timestamps and page views. This data is encrypted and analysed within seven days. Anonymized data is deleted within 90 days. LinkedIn does not share any personal data with the owner of the website; instead, it only provides reports in summarised form about the target group of the website and how the advertising on the website is performing. The collected information is also processed on the servers of LinkedIn Inc. in the USA in accordance with EU standard contractual clauses. For more information, please refer to the LinkedIn privacy policy: https://www.linkedin.com/legal/privacy-policy.
g) etracker
Our website uses etracker, an analysis service. etracker is operated by etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany. The data can be used to create usage profiles under a pseudonym. The technology uses cookies, which you will be asked to consent to in advance (Article 6(1)(1)(a) of the GDPR). The cookies allow the website to recognise your browser. The data obtained will not be used to personally identify visitors to this website without the specific consent of the data subject in question. The data will not be combined with personal data about the owner of the pseudonym. All of the data generated through the use of etracker is processed and stored in Germany. etracker has been independently audited and certified to confirm that this is the case and has been awarded the “ePrivacyseal”. For more information, please refer to the privacy policy of etracker: https://www.etracker.com/en/data-privacy/.
h) Sitecore Tracking
If you grant your consent for us to do so (Article 6(1)(1)(a) of the GDPR), this website will use the Sitecore web analysis service so that we can make our website more customer friendly. For more information about how your data is processed by Sitecore and Sitecore’s privacy policy, please refer to: http://www.sitecore.net/legal/privacy-policy.aspx. For more information about the cookies which this technology uses, please refer to: http://www.sitecore.net/legal/privacy-policy.aspx.
i) amCharts
We use the amCharts service from Antanas Marcelionis to display our site locations on our website (https://www.amcharts.com). This is required in order for the website to function properly. As a result, the legal basis for the processing of the related data is Article 6(1)(1)(f) of the GDPR). amCharts only uses customer data to display map functions and to temporarily store your settings. This data may include the IP addresses and location data of users; however, these will not be collected without the consent of the user (Article 6(1)(1)(a) of the GDPR). The data might be processed in the USA. In such cases we conclude EU standard contractual clauses with the data processor. For more information, please refer to the amCharts privacy policy: https://www.amcharts.com/privacy-policy/.
j) Leadlab
Our website uses Leadlab from WiredMinds GmbH, Lindenspürstraße 32, 70176 Stuttgart, Germany. Leadlab processes data in anonymised form in order to analyse and optimise our website. Any cookies involved in this process will only be used with your prior consent (Article 6(1)(1)(a) of the GDPR). However, Leadlab does not normally use cookies. It also only generates data related to legal persons, not natural persons. Leadlab is based around pixel tags. Pixel tags are small JavaScript elements on a website. Collecting and analysing the data provides information about what people do when they visit our website. This includes gathering information about a user’s interests based on how they use websites, as well as the geographical origin of visitors to these websites.
k) UCommerce
We cooperate with the webshop provider Ucommerce ApS, Klostergade 28, 2, DK-8000 Aarhus, CVR no. 32267149. If you order from the webshop, it is necessary for business and contract transactions that personal data is processed. The legal basis for this is Art. 6(1)(b) DSGVO. The data is collected, stored and, if necessary, passed on insofar as it is required to provide contractual services. Mandatory information is marked separately in the webshop, without such a conclusion of a contract is not possible. The duration of storage depends on commercial and tax law requirements and can be up to ten years.
For more information on data processing by UCommerce and its data protection provisions please refer to: https://ucommerce.net/contact-us/data-privacy-and-cookie-policy.
l) Adyen
We cooperate with the payment service provider Adyen N.V.. Payment processing (e.g. via credit card, EPS, Giropay, iDEAL, Paypal, Klarna, Google Pay, Apple Pay) is carried out via Adyen N.V. German Branch, Friedrichstraße 63, 10117 Berlin, to which we pass on the information you provided during the ordering process together with information about your order in accordance with Article 6(1)(1)(b) GDPR. Your data will be passed on for the purpose of payment processing with the payment service provider Adyen and only insofar as it is necessary for this purpose. Information on data processing by Adyen and their privacy policy can be found at: https://www.adyen.com/policies-and-disclaimer/privacy-policy.
m) Hosting und Content Delivery Networks (CDN)
We host the content of our website with the following providers:
i. Hetzner
This service is provided by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen (hereinafter “Hetzner”).
For further information please refer to the privacy policy of Hetzner: https://www.hetzner.com/de/rechtliches/datenschutz.
We use the information provided by Hetzner on the basis of Article. 6(1)(f) of the GDPR. We have a legitimate interest in ensuring that our website is as reliable as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Article. 6(1)(a) of the GDPR and Section 25(1) of the German Telecommunications-Telemedia Data Protection Act (TTDSG), provided this consent includes the storage of cookies or access to information on the end device of the user (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.
Processors
We have concluded a data processing agreement (DPA) related to the use of the above-mentioned service. This contract is required under data protection law and ensures that the personal data of visitors to our website is processed in accordance with our instructions and in compliance with the GDPR.
ii. Amazon CloudFront CDN
We utilize the content delivery network Amazon CloudFront CDN. This service is provided by Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855, Luxembourg (hereinafter "Amazon").
Amazon CloudFront CDN is a globally distributed content delivery network. The information transferred between your browser and our website is routed via the content delivery network. This allows us to increase the global accessibility and performance of our website.
The use of Amazon CloudFront CDN is based on our legitimate interest in ensuring that our website is as secure and functional as possible (Articles 6(1)(f) of the GDPR).
Data is transferred to the USA based on the standard contractual clauses of the EU Commission. Details are available here: https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/.
More information about Amazon CloudFront CDN can be found here: https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice__German_Translation.pdf.
Processors
We have concluded a data processing agreement (DPA) related to the use of the above-mentioned service. This contract is required under data protection law and ensures that the personal data of visitors to our website is processed in accordance with our instructions and in compliance with the GDPR.
iii. Amazon Web Services (AWS)
This service is provided by Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855, Luxembourg (hereinafter "AWS").
Whenever you visit our website, your personal data will be processed on the AWS servers. Your personal data may also be transmitted to the holding company of AWS in the USA. Data is transferred to the USA based on the standard contractual clauses of the EU Commission. Details are available here: https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/.
For further information, please refer to AWS's privacy policy: https://aws.amazon.com/de/privacy/?nc1=f_pr.
The use of AWS is based on Art. 6(1)(f) of the GDPR. We have a legitimate interest in ensuring that our website is as reliable as possible. f a corresponding consent has been requested, the processing is carried out exclusively on the basis of Article. 6(1)(a) of the GDPR and Section 25(1) of the German Telecommunications-Telemedia Data Protection Act (TTDSG), provided this consent includes the storage of cookies or access to information on the end device of the user (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.
Processors
We have concluded a data processing agreement (DPA) related to the use of the above-mentioned service. This contract is required under data protection law and ensures that the personal data of visitors to our website is processed in accordance with our instructions and in compliance with the GDPR.
n) Userlike with extended data privacy features
We use Userlike (hereinafter "Userlike") to process user requests via our support channels or via live chat systems. This service is provided by Userlike UG (haftungsbeschränkt), Probsteigasse 44 - 46, 50670 Cologne, Germany.
Messages that you send to us may be stored in the Userlike ticket system or answered by our employees in live chat. When you communicate with us via Userlike, both we and Userlike will store the following: your name and email address, should you have provided them, and your chat history. This data is combined in a profile.
We will retain any messages sent to us until you prompt us to delete them or the purpose for which the data is stored no longer applies (e.g. after we have completed processing your enquiry). This does not affect any mandatory statutory provisions - in particular statutory retention periods.
Our use of Userlike is based on Art. 6(1)(f) of the GDPR. We have a legitimate interest in processing your enquiry as quickly, reliably and efficiently as possible. f a corresponding consent has been requested, the processing is carried out exclusively on the basis of Article. 6(1)(a) of the GDPR and Section 25(1) of the German Telecommunications-Telemedia Data Protection Act (TTDSG), provided this consent includes the storage of cookies or access to information on the end device of the user (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.
For further information, please see Userlike's privacy policy at: https://www.userlike.com/de/data-privacy and https://www.userlike.com/de/blog/live-chat-software-datenschutz-dsgvo.
Processors
We have concluded a data processing agreement (DPA) related to the use of the above-mentioned service. This contract is required under data protection law and ensures that the personal data of visitors to our website is processed in accordance with our instructions and in compliance with the GDPR.
10. Our social media presences / data processing by social networks
We maintain the publicly accessible profiles on social networks listed below.
Social networks such as Facebook, Xing, etc. may analyse your user behaviour when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media profiles triggers numerous processing operations relevant to data protection.
In detail: If you are logged into your social media account and visit our social media presence, the operator of the social media portal can regularly assign this visit to your user account. However, your personal data may be collected even if you are not logged in or do not have an account with the respective social media portal. This data collection takes place, among other things, by means of cookies that are stored on your terminal device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. Provided you have an account with the respective social network, the interest-based advertising may be displayed on all devices on which you are or were logged in.
Please note that we cannot comprehensively trace the processing operations on the social media portals. Depending on the provider, further processing operations may be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.
a) Legal basis
Our social media presences are intended to ensure the most comprehensive presence possible on the internet. This is a legitimate interest within the meaning of Article 6(1)(1)(f) of the GDPR. The analysis processes initiated by the social networks may be based on deviating legal bases to be indicated by the operators of the social networks (e.g. consent within the meaning of Article 6(1)(1)(a) of the GDPR).
b) Responsible party and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both vis-à-vis us and vis-à-vis the operator of the respective social media portal (e.g. vis-à-vis Facebook).
Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing procedures of the social media portals. Our options are largely determined by the corporate policy of the respective provider.
c) Storage period
The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it or revoke your consent to store it. Stored cookies remain on your end device until you delete them. Mandatory legal provisions - in particular retention periods - remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).
d) Social networks in detail
i. Facebook
We have a profile on Facebook. The provider is Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA.
We have concluded an agreement with Facebook on joint responsibility for the processing of data (Controller Addendum). This agreement defines the data processing operations for which we or Facebook are responsible when you visit our Facebook fan page. You can view this agreement at the following link: www.facebook.com/legal/terms/page_controller_addendum.
You can adjust your advertising settings yourself in your user account. To do so, click on the following link and log in: www.facebook.com/settings. Details can be found in Facebook's privacy policy: www.facebook.com/legal/terms/page_controller_addendum.
ii. Instagram
We have a profile on Instagram. The provider is Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA. For details on how they handle your personal data, please see Instagram's privacy policy: https://help.instagram.com/519522125107875.
iii. XING
We have a profile on XING. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. For details on how they handle your personal data, please refer to the XING privacy policy: https://privacy.xing.com/en/privacy-policy.
iv. LinkedIn
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses standard contractual clauses (or EU model clauses) to transfer personal data out of the EU. LinkedIn uses advertising cookies.
If you would like to deactivate LinkedIn advertising cookies, please use the following link: www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
For details on their handling of your personal data, please refer to LinkedIn's privacy policy: www.linkedin.com/legal/privacy-policy/
v. LinkedIn Insight
This website uses the retargeting and conversion tool provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, which can be used to display personalized advertisements on the "LinkedIn" platform to visitors to this website.
For this purpose, a small text file called a cookie is set on the browser of your end device when you visit our website. This cookie will expire after 120 days. When the user visits certain pages of this website while they are logged into their LinkedIn account, a connection will be established to the servers of LinkedIn to display interest-based advertising on the platform. The cookie also makes it possible to create anonymous reports on the performance of the advertisements on LinkedIn as well as information about how users interact with our website, which are provided to us and LinkedIn.
Advertisements will not be displayed and statistical reports will not be created unless the user is logged into their LinkedIn account while they are using this website.
All of the data processing described above, in particular the setting of cookies to read information on your device, will only be performed if you give us your express consent in accordance with Art. 6(1)(a) of the GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the "Cookie Consent Tool" provided on the website.
For details on their handling of your personal data, please refer to LinkedIn's privacy policy: www.linkedin.com/legal/privacy-policy/
vi. LinkedIn Marketing Solutions
We use "LinkedIn Marketing Solutions" on our website. This service is provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (hereinafter "LinkedIn"). This enables us to point visitors to our website towards additional content of ours that is likely to be of interest to them based on how they use the social network LinkedIn. This content is displayed on the basis of a cookie-based analysis of previous user behaviour, but no personal data is stored. In order to show you content which reflects your interests, we store small text files called cookies on your computer or mobile device in order to collect pseudonymised data about your browsing behaviour so that content can be tailored on the basis of the stored information.
The information can be assigned to the user with the help of further information that LinkedIn has stored about the user, e.g. due to the user having an account on the social network "LinkedIn". LinkedIn uses an algorithm to analyse browsing behaviour so that it can display targeted product recommendations as personalized advertising banners on the user's LinkedIn account. LinkedIn may also combine the information collected via the cookies with other information that LinkedIn has collected via other websites and / or in connection with the use of the social network "LinkedIn" to create pseudonymised usage profiles. However, under no circumstances can the information collected be used to personally identify visitors to this website.
All of the data processing described above, in particular the setting of cookies to read information on your device, will only be performed if you give us your express consent in accordance with Art. 6(1)(a) of the GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the "Cookie Consent Tool" provided on the website.
For details on their handling of your personal data, please refer to LinkedIn's privacy policy: www.linkedin.com/legal/privacy-policy/
vii. LinkedIn Analytics und LinkedIn Ads
We use the conversion tracking technology and the retargeting function provided by the LinkedIn Corporation on our website. This technology can be used to provide visitors to this website with personalized advertisements on LinkedIn. To create anonymous reports on the performance of the advertisements as well as information about how users interact with the website, For this purpose, the LinkedIn Insight tag is embedded on this website. This establishes a connection to the server of LinkedIn if you visit this website while you are logged into your LinkedIn account. The privacy policy of LinkedIn (available at https://www.linkedin.com/legal/privacy-policy contains further information about how your data is collected and used, as well as the options and rights you have and can exercise to protect your privacy. When you are logged into LinkedIn, you can disable the data collection at any time at the following link: https://www.linkedin.com/psettings/enhanced-advertising.
11. Use and disclosure of personal data to third parties
We will provide your personal data to companies in the Blickle Group and/or distribution companies: (i) for the purpose of providing you with services or information that you request, or (ii) on the basis of your consent. You will be informed in advance if a company in the Blickle Group or a distribution company would like to use your personal data for a new purpose.
Some of the functions on our website are provided in partnership with third parties. This involves passing your personal data on to these providers. Examples are package delivery, sending of letters or emails, analysis of our databases, IT services, advertising, processing of payments and customer service. These service providers have access to personal information needed to perform their tasks. However, they may not use this information for any other purpose. They are also obliged to handle this information in accordance with this Privacy Policy and the GDPR. If any such subcontractors are considered processors in accordance with Article 28 of the GDPR, we have concluded appropriate contracts with them. These third parties were selected with care. The same applies if it is a case of joint responsibility. We have taken steps to ensure an adequate level of protection for any personal data that we pass on.
If you entrust us with the provision of a service, your personal data will only be used to the extent necessary for the performance of the order (for example, to process requests for information or to order brochures). This also applies for the transfer of your data to transport contractors, credit companies or other service providers used to provide the service or contract management.
The following exceptions apply: We disclose customer accounts and personal information about customers when we are required to do so by law or when such disclosure is required in exceptional circumstances to protect our rights and the rights of our customers and those of third parties, e.g. in the case of attacks on our network infrastructure. This can include exchanging data with companies that specialise in preventing and minimising abuse and credit card fraud and/or IT security. It is expressly stated that, in this context, there will be no transfer of the data to these companies for economic use contrary to this Privacy Policy.
No further disclosure, in particular the sale of your personal data to third parties will take place.
12. Transmission of personal data to a third country
Data is only transmitted to third countries with an adequate level of protection or on the basis of specific guarantees, e.g. contractual obligations based on so-called standard contractual clauses of the EU Commission. IP addresses and/or so-called “referral links” or online identifiers, for example, may be transmitted depending on browser settings. Due to the way such data may be combined, for which we are not responsible, it is possible for your personal data to be collected and processed outside of the scope of the GDPR.
13. Confidentiality
We are aware that some of the data you provide may be confidential. We will not sell, rent, distribute or commercially exploit your personal data. As an exception, we may pass data on to our service providers as detailed in this Privacy Policy. We guarantee that your personal data will be kept confidential. We will protect your personal data in line with our data policy and all relevant legal requirements and provisions.
14. Information security
We use appropriate technical and organisational security measures according to the current state of the art in order to protect the data made available by you to us against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Accordingly, your data is saved in a secure operating environment that is inaccessible to the public. Our security measures are periodically reviewed and continually improved in line with technological developments.
If you want to contact us by email, we wish to point out that the confidentiality of the information transmitted is not guaranteed for unencrypted emails. The content of unencrypted emails can be viewed by third parties. We therefore recommend that you send us confidential information either in encrypted form via the contact form on our website or by post.
Your email address will be used exclusively for the purpose of corresponding with you. No other use or disclosure to third parties will occur.
15. Protection of your data by TLS or SSL
For secure data transmission on the Internet, we use the hybrid encryption protocol Transport Layer Security (TLS), more widely known under the predecessor name Secure Sockets Layer Software (SSL). This software encrypts the information that is transmitted by you. All information subject to data protection is stored in encrypted form in a protected database.
Status and amendment of this Privacy Policy
This Privacy Policy was last updated on 3 March 2021. We reserve the right to change this Privacy Policy at any time, in accordance with applicable privacy laws, with future effect. All changes will be published here.