The following notes provide a simple overview of what happens to your personal information when you visit our website. Personal information is any information that personally identifies you. For detailed information on the subject of data protection, please refer to our data protection declaration below this text.
I. Who is responsible?
The party responsible within the context of the Basic Data Protection Regulation and other national data protection laws of the member states as well as other provisions of data protection law is the:
III. General information on data processing
Scope of the processing of personal data
We process the personal data of our users only to the extent necessary to provide a functioning website as well as our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in those cases in which it is not possible to obtain prior consent for factual reasons and the processing of the data is permitted by applicable law.
In order to protect the security of your data during transmission, we use encryption procedures (e.g. SSL) via HTTPS. Our servers are protected by a firewall and virus protection. Back-up and recovery procedures as well as role and authorization concepts are a matter of course for us.
Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing personal data, Art. 6 Para. 1 lit. a EU Data Protection Basic Regulation (GDPR) serves as the legal basis.
Art. 6 para. 1 lit. b GDPR serves as the legal basis for the processing of personal data required for the performance of a contract to which the data subject is a party. This also applies to processing operations that are necessary for the implementation of pre-contractual measures. If the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 Para. 1 lit. C serves as the legal basis.
GDPR as a legal basis
In the event that vital interests of the data subject or another natural person necessitate the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.
If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and fundamental freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.
Data deletion and storage period
The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. In addition, the data may be stored if the European or national legislator has provided for this in Union regulations, laws or other provisions to which the person responsible is subject. The data shall also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless it is necessary for further storage of the data for the conclusion or performance of a contract.
IV. Data collection on our website
Server Log Files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us.
- Browser type and browser version
- Used operating system
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
- IP address
This data will not be merged with other data sources.
The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
Contact form and email contact
A contact form is available on our website, which can be used for electronic contact. If a user makes use of this possibility, the data entered in the input mask will be transmitted to us and stored.
These data are:
- First name
- Last Name
- Email address
- Company and
The processing of the data entered in the contact form is therefore carried out exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. For this purpose, an informal email notification to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
The data entered by you in the contact form will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.
V. Web analysis with Google Analytics
We use the function “Activation of IP anonymization” on this website. However, this will cause Google to shorten your IP address previously within Member States of the European Union or other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA where it will be shortened. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google.
Order data processing
We have concluded a contract with Google for order data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Objection to data collection
You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie is set to prevent the collection of your information on future visits to this website: Disable Google Analytics
VI. Google Data Studio
We use the Google Data Studio data management tool to visually create custom reports and interactive dynamic dashboards for our users. The basis for this is Art. 6 para. 1 letter f DSGVO (legitimate interest). Here we use the data from Google Analytics and no other interfaces to data sources (such as Google AdWords, Attribution 360, BigQuery, Cloud SQL, MySQL, Google Tables, YouTube Analytics, etc.). The web tool does not require a local application and can be started via the web. Access is via a browser, the data sources are connected directly via Google Data Studio. You will find further information on using Google Data Studio under: https://support.google.com/datastudio/answer/6283323?hl=en
VII. Google Tag Manager
This website uses the Google Tag Manager. Google Tag Manager is a solution that allows you to manage website tags through an interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not collect any personally identifiable information. The tool triggers other tags that may themselves collect data. Google Tag Manager does not access this data. If deactivation has been made at the domain or cookie level, it will persist for all tracking tags implemented with Google Tag Manager.
VIII. Social plug-ins from Facebook, Twitter, Google+, LinkedIn and Xing
On our website we offer you the possibility of using so-called “social plugins” of the companies:
- Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA;
- “Tweet” button from Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA;
- “Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA;
- “Recommended Button” by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA;
- “Share Button” by XING AG, Gänsemarkt 43, 20354 Hamburg, Germany.
To protect your data, we rely on the “Shariff” solution during implementation. This means that the plugins on the website are only displayed as a graphic, which contains a link to the corresponding website of the plugin provider. By clicking on the graphic you will be redirected to the respective services of the provider. Only then will your data be sent to the respective services. If you do not click on the graphic, there will be no exchange between you and the social networks mentioned above.
IX. EBF Newsletter
If you wish to receive the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you agree to the owner of the email address provided and to receive the newsletter.
We use the so-called double opt-in procedure to ensure that the newsletter is sent in an agreed manner. In the course of this procedure, the potential recipient can be added to a mailing list. The user then receives a confirmation email to confirm the registration in a legally secure manner. Only if the confirmation takes place, the address is taken up actively in the distributor.
We use this data exclusively for sending the requested information and offers.
Newsletter2Go is used as newsletter software. Your data will be transmitted to Newsletter2Go GmbH. Newsletter2Go is prohibited from selling your data and from using it for purposes other than sending newsletters. Newsletter2Go is a German, certified supplier, which was selected after the requirements of the data security basic regulation and the Federal Law for Data Protection.
Further information can be found here: https://www.newsletter2go.de/informationen-newsletter-empfaenger.
You can revoke your consent to the storage of data, email address and their use to send the newsletter at any time, for example by clicking on the “Unsubscribe” link in the newsletter.
For this reason, we ask you to inform yourself about our data protection measures at regular intervals by inspecting our data protection declaration.
X. Plugins and tools
Our website uses plugins from the YouTube page operated by Google. The site is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.
When you visit one of our pages equipped with a YouTube plug-in, a connection is established to YouTube’s servers. This will tell the YouTube server which of our pages you have visited.
If you are logged into your YouTube account, you can allow YouTube to directly associate your surfing behavior with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Further information on the handling of user data can be found in YouTube’s data protection declaration at: https://www.google.de/intl/de/policies/privacy.
This page uses the Google Maps map service via an API. Provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the features of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy retrievability of the places indicated by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
If you wish to use the chat offered on the Website, you may send us a message containing information and in some cases – if you wish to be contacted by us – your email address, telephone number or other contact information.
We only use this information to send you the information and offers you have requested.
A combination of Chatlio and Slack is used as chat software. Your data will be transferred to Gateshare LLC (Chatlio) and Slack Technologies in the United States. Gateshare LLC and Slack Technologies are prohibited from selling or using your information for any purpose other than online chat. Chatlio and Slack are providers selected in accordance with the requirements of the Basic Data Protection Regulation and the Federal Data Protection Act.
More information can be found here:
You may revoke your consent to the storage of data such as the contact data you have provided (email address, telephone number, etc.) and its use for communication with our service team at any time. Please send us a message at firstname.lastname@example.org.
XI. Your rights to information, correction, blocking, deletion and opposition
You have the right to receive information about your personal data stored by EBF GmbH at any time. You also have the right to have your personal data corrected, blocked or, apart from the prescribed data storage for business purposes, deleted. Please contact the data protection officer of EBF GmbH. In order that a block of data can be considered at any time, these data must be kept in a block file for control purposes. You can also request the deletion of the data, unless there is a legal archiving obligation. If such an obligation exists, we will block your data on request.
You can change or revoke your consent by notifying us accordingly with effect for the future.
You may at any time complain to the supervisory authority responsible for you. Your responsible supervisory authority depends on the federal state of your residence, your work or the presumed violation. You can find a list of the supervisory authorities (for the non-public sector) and their addresses at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
If you would like more detailed information on your personal data, our data protection officer will be happy to answer any questions you may have regarding our data protection policy.
We reserve the right to amend this data protection declaration from time to time so that it always complies with current legal requirements or in order to implement changes to our services in the data protection declaration, e.g. when introducing new services. Your next visit will then be subject to the new data protection declaration.