Data protection policy

The protection of personal data is very important to us. We therefore adhere strictly to the regulations of the German Data Protection Act (BDSG) and General Data Protection Regulation (GDPR).

1. Information on the collection of personal data

(1) In the following we inform you on the collection of personal data when using our website. Personal data are all data that are personally identifiable to you, e.g. name, address, e-mail addresses, user behaviour.

(2) Controller pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR) is: Bernd Krechel (see Legal Notice). You may reach our Data Protection Officer using our mailing address with the addition of “Data Protection Officer”.

(3) When you contact us by e-mail or via a contact form, we will store the data you provide (your e-mail address, your name, if applicable your telephone number, your company/employer as well as your role) in order to answer your questions. We will delete these data once their storage will no longer be necessary or will limit their processing if statutory storage obligations apply.

(4) If we use contracted service providers for individual functions of our offer or would like to use your data for marketing purposes, we will inform you in detail about the respective processes below. We also specify the defined criteria for the storage period.

2. Your rights

(1) You have the following rights against us with regard to your personal data:

Right of access,
Right to rectification or erasure,
Right to restriction of processing,
Right to object to the processing,
Right to data portability.

To exercise your rights, you may turn to the Data Protection Officer (see above) or the Controller (see above).

(2) You are also entitled to lodge a complaint against processing of your personal data with one of the data protection supervisory authorities.

3. Collection of personal data when visiting our website

When you only visit our website for information purposes, i.e. if you do not transmit information in any other form, we will only collect those personal data which your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us in order to display our website to you and to ensure its stability and security (legal basis is Art. 6 section 1 cl. 1f GDPR):

IP-address
Date and time of your request
Time zone difference to Greenwich Mean Time (GMT)
Content of the request (specific page)
Access status/HTTP status code
The amount of data transferred
Website from which the request comes
Browser
Operating system and its interface
Language and version of the browser software.

4. Use of cookies

In addition to the aforementioned data, cookies will be stored on your computer when you use our website. Cookies are small text files which are stored to your hard drive and assigned to the browser you use and which transmit specific information to the site placing the cookie (in this case us). Cookies cannot run programs or transmit viruses to your computer. They are used to improve the Internet offer by globally enhancing its user-friendliness and effectiveness.

a) This website uses the following types of cookies; their scope and functionality are explained below:

Transient cookies (see b)
Persistent cookies (see c).

b) Transient cookies are automatically deleted when you close your browser. This includes in particular session cookies. These store a so-called session ID, by which different requests of your browser can be assigned to the common session. Thus, your computer will be recognized when you return to our website. The session cookies will be deleted once you log off or close your browser.

c) Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You may delete cookies at any time via the security settings of your browser.

d) You may configure your browser settings according to your wishes and refuse the acceptance of third party cookies or of all cookies, for example. Please note that you may then not be able to use all functions of this website.

5. Objection to or withdrawal of the consent to the processing of your data

(1) If you have given your consent to the processing of your data, you may withdraw this consent this at any time. Once submitted, such a withdrawal of consent will affect the permissibility of the processing of your personal data.

(2) If we base the processing of your personal data on the weighing of interests, you may object to the processing. This is the case if processing is not necessary in particular to fulfil a contract with you, which is detailed in the following description of the functions. When exercising such objection, we kindly ask you to explain the reasons why we should no longer process your personal data. In the event of your justified objection, we will examine the situation and either stop or adjust data processing or point out to you our compelling legitimate reasons, on the basis of which we will continue processing.

(3) Of course, you may object to the processing of your personal data for marketing and data analysis purposes at any time. You may use the following contact data to inform us on your objection to marketing: contact@ceiton.com

6. Application data

(1) The applicant agrees that the Ceiton Technologies GmbH uses his contact data for the purpose of establishing and maintaining contacts and that all messages concerning this user relationship may be sent by e-mail, unless another form is mandatory by law.

7. Newsletter

7.1 Information included in the newsletter form

Our newsletter informs you on CEITON. For more information on the contents, the recording of your registration, the sending via the US provider MailChimp, the statistical evaluation and your options to unsubscribe, see our privacy statement.

7.2 Information on the Newsletter and consents

With the following notes we inform you on the contents of our newsletter as well as on the registration, sending and statistical evaluation procedure and your rights of objection. By subscribing to our newsletter you agree to its receipt and the described procedures.

7.3 Contents of the Newsletter

We will only send newsletters, e-mails and other electronic notifications containing marketing information (hereinafter “newsletters”) with the consent of the recipients or a legal permission. If the contents of a newsletter are specifically described within the scope of a registration, they are decisive for the consent of the users. In addition, our newsletters contain information about our services.

7.4 Double-Opt-In and recording

For the subscription to our newsletter we use the so-called double opt-in procedure. This means that after subscription you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that no one may register with other e-mail addresses.

Subscriptions to the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes the storage of the login and confirmation time, as well as of the IP address. Also the changes of your data stored with MailChimp are logged.

7.5 Use of the sending provider “MailChimp”

The newsletter is sent by “MailChimp”, a newsletter sending platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.

The e-mail addresses of our newsletter recipients, as well as their further data described in the context of these notes, are stored on the servers of MailChimp in the USA. MailChimp uses this newsletter sending and evaluation information on our behalf. Furthermore, MailChimp may use this data according to its own information to optimize or improve its own services, e.g. to technically optimize the sending and presentation of the newsletter or for economic purposes, in order to determine in which countries the recipients are located. However, MailChimp does not use the data of our newsletter recipients to contact them directly or pass them on to third parties.

We trust in the reliability and IT and data security of MailChimp. MailChimp is certified to the US-EU data protection agreement, the „Privacy Shield“ and thus undertakes to comply with the EU data protection regulations. In addition, we have concluded a „Data-Processing-Agreement“ with MailChimp. This is a contract in which MailChimp undertakes to protect the data of our users, to process them on our behalf in accordance with their data protection regulations and in particular not to pass them on to third parties. You may view the data protection regulations of MailChimp here.

7.6 Subscription data

To subscribe to the newsletter, simply enter your e-mail address.

Optionally, we ask you to enter your first and last name. This information is only used to personalise the newsletter. We only use this information to adapt the contents of the newsletter to the interests of our readers.

7.7 Statistical evaluation and analyses

The newsletters contain a so-called “web-beacon”, i.e. a pixel-sized file that is retrieved from the MailChimp server when the newsletter is opened. Within the scope of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval will initially be collected. This information is used to technically improve the services based on the technical data or the target groups and their reading behaviour based on their retrieval locations (which can be identified using the IP address) or access times.

The statistical evaluations also include determining whether and when newsletters are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our intent, nor that of MailChimp, to observe individual users. The evaluations help us much rather to determine the reading habits of our users and to adapt our contents to them or to send different contents according to the interests of our users.

7.8 Online retrieval and data management

There are cases, in which we direct newsletter recipients to the web pages of MailChimp. For example, our newsletters contain a link by which newsletter recipients may call up newsletters online (e.g. in case of display problems in their e-mail programme). Furthermore, newsletter recipients may subsequently correct their data, e.g. the e-mail address. Likewise, the Privacy Statement of MailChimp may only be viewed on their website.

In this context we point out that cookies are used on the websites of MailChimp and thus personal data are processed by MailChimp, its partners and service providers (e.g. Google Analytics). We have no influence on this collection of data. For more information, see the Privacy Statement of MailChimp. We also draw your attention to the possibilities of objecting to the collection of data for marketing purposes on the websites https://www.aboutads.info/choices/ and https://www.youronlinechoices.com/ (for Europe).

7.9 Termination/withdrawal

You may cancel the receipt of our newsletter at any time, i.e. withdraw your consent. At the same time your consents to its sending via MailChimp and the statistical analyses will expire. A separate termination of the sending via MailChimp or the statistical evaluation is unfortunately not possible.

You will find a link to unsubscribe from the newsletter at the end of each newsletter.

7.10 Legal bases General Data Protection Regulation

In accordance with the provisions General Data Protection Regulation (GDPR) valid from 25 May 2018, we inform you that your consents to the sending of e-mail addresses are based on Article 6 section 1a, 7 GDPR and on Article 7 section 2(3) and/or section 3 UWG [Fair Trade Practices Act]. The use of the sending provider MailChimp, the statistical evaluations and analyses as well the logging of the registration procedures, are based on our legitimate interests pursuant to Article 6 section 1f GDPR. We wish to use a user-friendly and secure newsletter system that serves both, our business interests and the expectations of users.

We would also like to point out that you may object to the future processing of your personal data at any time in accordance with the statutory provisions of Article 21 GDPR. Such objection may be lodged in particular against processing for direct marketing purposes.

„Information on the newsletter in accordance with the model prepared by the counsel Dr. Thomas Schwenke“.

8. Plug-ins to social networks

Currently, we use the following social media plug ins: Facebook, Instagram, Twitter, Xing, LinkedIn, Pinterest

We use the so-called two-click solution. This means that when you visit our site, no personal data will initially be passed on to the providers of the plug-ins. You can recognize the provider of the plug-in by its initial letter or the logo. We offer you the possibility to communicate directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it, the plug-in provider receives the information that you have accessed the corresponding website of our online offer. In addition, the data mentioned under point 3 of this declaration will be transmitted. In the case of Facebook and Xing, the IP address is anonymized immediately after collection, according to the respective provider in Germany. By activating the plug-in, personal data will be transferred from you to the respective plug-in provider and stored there (for US providers in the USA). Since the plug-in provider collects data mainly via cookies, we recommend that you delete all cookies before clicking on the button using your browser’s security settings.

On our site we use social plugins of the social network Pinterest. When you visit a page that contains such a plugin, your browser connects directly to the servers of Pinterest. The plugin transmits protocol data to the server of Pinterest in the USA. This log data may include your IP address, the address of the websites visited which also includes Pinterest features, browser type and settings, the date and time of the request, how you use Pinterest, and cookies.

(2) We have no influence on the data collected and data processing processes, nor are we aware of the full extent of data collection, the purposes of processing, the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.

(3) The plug-in provider stores the data collected about you as user profiles and will use them for marketing, market research and/or demand-oriented design of its website purposes. Such an evaluation takes place in particular (also for not logged in users) for the representation of demand-dependent advertisement and in order to inform other users of the social network about your activities on our website. You are entitled to object to the creation of these user profiles, in this case you must contact the respective plug-in provider to exercise this right. Through the plug-ins we offer you the possibility to interact with social networks and other users, which enables us to improve our offer and to make it more interesting for you as a user. Legal basis for the use of plug-ins is Article 6 section 1 cl. 1f GDPR.

(4) The data will be transferred regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected with us will be directly assigned to your existing account with the plug-in provider. If you click the activated button and, for example, link the page, the plug-in provider will also store this information in your user account and share it publicly with your contacts. We recommend that you log off regularly after using a social network, especially before activating the button, as this will prevent the assignment to your profile with the plug-in provider.

(5) For more information on the purpose and scope of data collection and its processing by the plug-in provider, please refer to the data protection declarations of these providers as notified below. They will also provide you with further information about your rights in this regard and setting options to protect your privacy.

(6) Addresses of the respective plug-in providers and URL with their data protection information:

Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA;
Service provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland; https://www.facebook.com/policy.php; more information on data collection: https://www.facebook.com/help/186325668085084, https://www.facebook.com/about/privacy/your-info-on-other#applications and https://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has adhered to the EU-US-Privacy-Shield, https://www.privacyshield.gov/EU-US-Framework .

Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA;
The Instagram service is provided by Facebook Ireland Limited.
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland;
Data Policy: https://help.instagram.com/519522125107875.

Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter has adhered to the EU-US-Privacy-Shield, https://www.privacyshield.gov/EU-US-Framework.

Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; https://www.xing.com/privacy .

LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; https://www.linkedin.com/legal/privacy-policy. LinkedIn has adhered to the EU-US-Privacy-Shield, https://www.privacyshield.gov/EU-US-Framework.

9. Integration of YouTube videos

(1) We have integrated YouTube videos into our online offering, which are stored on https://www.YouTube.com and can be played directly from our website. These are all integrated in the “extended data protection mode”, i.e. no data about you as a user will be transmitted to YouTube if you do not play the videos. Only when you play the videos the data referred to in section 2 will be transmitted. We have no influence on this data transmission.

(2) By visiting the website, YouTube receives the information that you have accessed the corresponding sub-site of our website. In addition, the data mentioned under point 3 of this declaration will be transmitted. This is made irrespective of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your information will be directly associated with your account. If you do not wish to be associated with your YouTube profile, you must log off before activating the button. YouTube stores your data as user profiles and will use them for advertising, market research and/or demand-oriented design of its website purposes. Such an evaluation takes place in particular (even for not logged in users) for making demand-dependent advertisement and in order to inform other users of the social network about your activities on our website. You are entitled to object to the creation of these user profiles, in this case you must contact YouTube to exercise this right.

(3) For more information on the purpose and scope of data collection and its processing by YouTube, please refer to the data protection declaration. It contains also additional information about your rights in this regard and setting options to protect your privacy. https://www.google.de/intl/de/policies/privacy. Google processes your personal data in the USA and has adhered to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

10. Integration of Google Maps

(1) We do use the offer of Google Maps on this website. This enables us to display interactive maps directly on the website and enables you to conveniently use the map function.

(2) By visiting the website, Google receives the information that you have accessed the corresponding sub-site of our website. In addition, the data mentioned under point 3 of this declaration will be transmitted. This is made irrespective of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your information will be directly associated with your account. If you do not wish to be associated with your Google profile, you must log off before activating the button. Google stores your data as user profiles and will use them for advertising, market research and/or demand-oriented design of its website purposes. Such an evaluation takes place in particular (even for not logged in users) for making demand-dependent advertisement and in order to inform other users of the social network about your activities on our website. You are entitled to object to the creation of these user profiles, in this case you must contact Google to exercise this right.

(3) For more information on the purpose and scope of data collection and its processing by the plug-in provider, please refer to the data protection declarations of the provider. They will also provide you with further information about your rights in this regard and setting options to protect your privacy. https://www.google.de/intl/de/policies/privacy. Google processes your personal data in the USA and has adhered to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

11. Integration of Google reCAPTCHA

(1) We use Google’s reCAPTCHA v2 service in the contact forms on our website. When you check the box “I’m not a robot” and complete the images challenge, we can detect that you are an actual person and not a bot or any other spam software. For further information on Google reCAPTCHA, please go to https://developers.google.com/recaptcha.

12. Integration of WORDFENCE

(1) This site uses the WORDFENCE security plugin to protect the site from hacker attacks, etc. WORDFENCE is provided by DEFIANT, INC. The GDPR compliant Data Processing Agreement provided by Defiant, Inc has been duly signed by us.

(2) WORDFENCE currently uses three cookies and subsequently explains what each cookie does, who set the cookie, and why the cookie helps to protect the page.

wfwaf-authcookie- (Hash) What it does: This cookie is used by the Wordfence firewall to perform a capability check of the current user before WordPress has been loaded. Who gets this cookie: This is only set for users that are able to log into WordPress. How this cookie helps: This cookie allows the Wordfence firewall to detect logged in users and allow them increased access. It also allows Wordfence to detect non-logged in users and restrict their access to secure areas. The cookie also lets the firewall know what level of access a visitor has to help the firewall make smart decisions about who to allow and who to block.

wf_loginalerted_ (Hash) What it does: This cookie is used to notify the Wordfence admin when an administrator logs in from a new device or location. Who gets this cookie: This is only set for administrators. How this cookie helps: This cookie helps site owners know whether there has been an admin login from a new device or location.

wfCBLBypass What it does: Wordfence offers a feature for a site visitor to bypass country blocking by accessing a hidden URL. This cookie helps track who should be allowed to bypass country blocking. Who gets this cookie: When a hidden URL defined by the site admin is visited, this cookie is set to verify the user can access the site from a country restricted through country blocking. This will be set for anyone who knows the URL that allows bypass of standard country blocking. This cookie is not set for anyone who does not know the hidden URL to bypass country blocking. How this cookie helps: This cookie gives site owners a way to allow certain users from blocked countries, even though their country has been blocked.

(3) For more information on how to handle user information, please refer to the DEFIANT Privacy Policy: https://www.WORDFENCE.com/privacy-policy/

13. Update and modification

The data protection declaration must be adapted from time to time to the actual circumstances and to the legal situation. Please check the privacy policy before using our website to keep up to date with any changes or updates.

14. Accessibility of the data protection declaration

You may access and download the data protection declaration from the bottom line of the website using Data protection.