The protection of personal data is a priority for our organization. Therefore we operate online and other services in accordance with the applicable regulations for the protection of data and data security. The information below explains which personal data is collected, how it is protected and how it is used.
The entity responsible pursuant to Art. 4 para. 7 of the EU General Data Protection Regulation (DSGVO) is Campana & Schott GmbH, Gräfstraße 99, 60487 Frankfurt am Main.
1. Application area and responsibility
- This Data Privacy Statement explains the type, scope and purpose with regard to the processing of personal data as part of the online services and associated websites, functions and contents (hereafter “online services” or “website”) and other services provided by the Campana & Schott group of companies (hereafter also “Campana & Schott”).
- For additional information about Campana & Schott, please consult the Imprint on www.campana-schott.com.
- The term “user” includes all customers and visitors of the Campana & Schott online and other services. Please note that terms such as “user” are always used in a gender-neutral form.
2. Data Protection Officer
We have appointed a Data Protection Officer in accordance with the statutory provisions. If you have questions about how your personal data is processed, you can contact the Data Protection Officer at:
Campana & Schott GmbH
Data Protection Officer
60487 Frankfurt am Main
3. General information about data processing, legal basis
- We only process the personal data of users in accordance with the relevant data protection provisions. This means that user data is only processed if this is legally permitted, i.e. in particular if the data must (by law) be processed for the provision of contractual services (e.g. implementation of engagements) as well as online and other services, if the user has provided consent, and on the basis of Campana & Schott's justified interests (i.e. interest in the analysis, optimization and efficient operation and security of the online offering in terms of Art. 6 para. 1 f. DSGVO, or on the basis of sec. 15 (3) TMG (Telemedia Act)) until the application of the DSGVO, particularly with regard to measuring the degree of coverage, the development of profiles for advertising and marketing purposes, and the collection of access data and the use of third-party services.
- With regard to the processing of personal data on the basis of the data protection regulation (DSGVO), which goes into effect on 25 May 2018, please note that the legal basis for the items below is as follows: Art. 6 para. 1 a and Art. 7 DSGVO for consent, Art. 6 para. 1 b DSGVO for the processing of data to render services and implement contractual measures of Campana & Schott, Art. 6 para. 1 c DSGVO for the processing of data to meet Campana & Schott’s legal obligations, and Art. 6 para. 1 f DSGVO for the processing of data to protect the justified interests of Campana & Schott.
- Insofar as reference is made to justified interests as defined by Art. 6 para. 1 f. DSGVO in the context of the Data Privacy Statement, sec. 28 (1) sent. 1 no. 2 and sec. 15 (3) TMG apply as the legal basis for Campana & Schott’s justified interests until the DSGVO goes into effect on 25 May 2018.
4. Security measures
- We implement organizational, contractual and technical security measures in accordance with the state of technology to ensure that the provisions of the data protection laws are adhered to, and also to protect the data that is processed by Campana & Schott against incidental or intentional manipulation, loss, destruction or unauthorized access.
- The security measures include in particular the encrypted transmission of data between your browser and the Campana & Schott servers.
5. Forwarding of data to third parties and third-party providers
- Data is only forwarded to third parties in line with the statutory provisions. User data will only be forwarded to third parties if this is required for e.g. settlement purposes, or for other purposes that are required to meet Campana & Schott’s contractual obligations vis-a-vis the users.
- In the event we engage subcontractors with the provision of services, we will implement suitable legal precautions that are required under Art. 28 DSGVO, along with the corresponding technical and organizational measures, to ensure the protection of personal data in accordance with the relevant statutory provisions.
- Where contents, tools or other resources are used by other providers (hereafter jointly “third-party providers”) in the context of this Data Privacy Statement, and those providers are based in a third country, it will be assumed that data will be transferred into the residence country of the third-party providers. Third countries are countries in which the DSGVO is not a directly applicable law, i.e. usually countries outside of the EU or European Economic Area. Data will only be transferred to third countries if a suitable level of data protection can be warranted, if the users have consented to the transfer, or if this transfer is permitted under the law.
6. Rights of users
- Users have the right to request and receive information about the personal data that Campana & Schott has stored about them. In addition, users also have the right to have incorrect data corrected, to restrict the processing of their personal data and to have the same deleted, where applicable, to assert their rights to data portability and, in the event of suspected unlawful data processing, to submit a complaint to the supervisory authority in charge (Der Hessische Datenschutzbeauftragte, Gustav-Stresemann-Ring 1, 65189 Wiesbaden).
- Similarly, users may in general also withdraw previously granted consent with future effect. An e-mail or letter sent to the addresses noted under section 10 , or a notification using the contact form noted in section 10, is deemed sufficient for this purpose. Data processing activities that have been carried out on the basis of your consent are deemed lawful until receipt of the withdrawal notice.
7. Right of objection
Users can object to the future processing of their personal data at any time in accordance with the legal requirements. Objections may be raised in particular with regard to the processing of data for direct advertising purposes. An e-mail or letter sent to the addresses noted under section 10 is deemed sufficient for this purpose.
8. Deletion of data
- The data stored at Campana & Schott will be deleted once it is no longer required for the intended purpose, and if the deletion of the data is not opposed by statutory retention obligations. The processing of user data will be restricted if the data is not deleted because it is required for other and legally permissible purposes. That is, the data will be blocked and not processed for any other purpose. This applies to e.g. user data that must be stored in compliance with commercial or tax laws.
- According to the legal requirements, data is stored for six years pursuant to sec. 257 (1) HGB (German Commercial Code) (account books, inventories, opening balances, annual financial statements, business letters, posting documents etc.), and for ten years pursuant to sec. 147 (1) AO (German Fiscal Code) (ledgers, records, management reports, posting documents, business letters, documents relevant for tax purposes etc.).
9. Collection of access data
- Based on the justified interests of Campana & Schott, we collect data about each access to the server on which this service is located (so-called server log files). Access data includes in particular the name of the accessed website, the file, the date and time of access, the transmitted data volumes, the successful access report, browser type with version, the user's operating system, the referrer URL (the previously visited website), the IP address and the requesting provider.
- We only use the log data - which is not allocated to the user's person or used for other profiling purposes - in accordance with the statutory provisions for statistical analysis for the purpose of operating, securing and optimizing the online service of Campana & Schott. At the same time, Campana & Schott reserves the right to subsequently audit the log data if there are concrete indications of suspected illegal use.
- For security reasons (e.g. to verify abuse or fraudulent actions) Campana & Schott stores log file information for a maximum of seven days, after which the information is deleted. Data that must continue to be stored for evidence purposes is exempt from the deletion until such time as the respective incident has been fully solved.
- When a user contacts Campana & Schott using the contact form or by e-mail (both unencrypted), the user's information will be processed for the following purposes:
- to process and complete the contact inquiry;
- to support the internal business purposes of Campana & Schott, namely data analyses, revisions, the development of new products, improving this website, improving Campana & Schott services, identifying trends of use and determining the effectiveness of Campana & Schott advertising campaigns;
- to prevent improper use or risks to the interests of other users or those of Campana & Schott, taking into account Campana & Schott’s justified interests as defined by Art. 6 para. 1 f. DSGVO.
When you want to send confidential messages to Campana & Schott, please mail the information by post to Campana & Schott GmbH, Gräfstraße 99, 60487 Frankfurt am Main for your own security.
- User data may be stored in the Campana & Schott Customer Relationship Management system (“CRM System”).
11. Google Analytics
- Campana & Schott uses Google Analytics, a website analysis service offered by Google Inc. (“Google). Google Analytics uses “cookies” that are stored on your computer and that allow us to analyze your use of the portal. The information about the use of the website, which is created by the cookie, is generally transmitted to a Google server in the US and is stored in that location. However, if IP anonymisation has been activated on the website, Google will, within the member states of the EU or in other contracting states of the Treaty on the European Economic Area, shorten your IP address before the data is transmitted to Google in the US. Only in exceptional cases will the full IP address be transmitted to a Google server in the US and shortened at that location.
- On the order of Campana & Schott, Google will use the transmitted information to analyze your use of the website, prepare reports about the activities on the website and, if applicable, perform other services associated with the use of the website. The shortened IP address transmitted from your browser in the context of Google Analytics will not be combined with any other Google data.
- You can prevent the storage of cookies by making the corresponding settings in your browser software; however, please note that this may prevent you from being able to use all functions of the portal. You can also prevent the data relating to your use of the portal that is created by the cookie (including your IP address) from being collected, transmitted to and processed by Google by downloading and installing the browser plug-in available under the following link. It will install an opt-out cookie that prevents the collection of your data when you visit the portal:
- Cookies will be installed on your computer when you visit the website. Cookies are small text files that are stored on your hard drive (assigned to your browser), and that are used to send certain information to Campana & Schott. Cookies cannot execute programs or transfer viruses to your computer. They are used to improve the usability and effectiveness of Internet services.
- This website uses the following types of cookies, the scope and function of which are explained in more detail below:
- Transient cookies are automatically deleted when you close your browser. Session cookies in particular fall under this category. They save a so-called session ID, which can be used to assign various queries by your browser to a particular session. In this way, your computer is recognized when you return to the website. Session cookies are deleted when you log out or close the browser.
- Persistent cookies are automatically deleted following a specified time period, which may vary depending on the cookie. You can delete these cookies in the security settings of your browser at any time.
- You can configure the browser setting in accordance with your requirements and e.g. refuse to accept third-party cookies, or all cookies. Please note that in that case, you may not be able to use all of the functions on this website.
- The flash cookies that are used are not recorded by your browser but by your Flash plug-in. In addition, we also use HTML5 storage objects, which are filed on your device. These objects store the required data independent of the browser you use, and do not have an automatic expiry date. If you do not want flash cookies to be processed, you must install the corresponding ad-on, e.g. “Better Privacy” for Mozilla Firefox, or the Adobe Flash Killer cookie for Google Chrome. You can prevent the use of HTML5 storage objects by setting your browser to private mode. We also recommend that your cookies and browser activities are manually deleted at regular intervals.
13. Changes to the Data Privacy Statement
- Campana & Schott reserves the right to amend the Data Privacy Statement in order to adapt the same to changing legal environments, or in the event of changes to the service and the data processing activities. This only applies with regard to the declaration regarding data processing, however. Where user consent is required, or parts of the Data Privacy Statement contain provisions regarding the contractual relationship with the user, such changes will only be made with the user's consent.
- Users are requested to familiarise themselves with the contents of the Data Privacy Statement on a regular basis.
Status of the Data Privacy Statement: July 2018