Data Protection Policy

of Xantaro Deutschland GmbH

With this privacy policy, Xantaro Deutschland GmbH would like to give the users of the website an overview of the processing of their personal data and their rights under data protection law. Which data is processed in detail and how it is used depends largely on the services used on this website in each case. Therefore, not all parts of this information will apply to the individual user.

Furthermore, we only handle personal data to the extent that this is possible in accordance with data protection regulations. We also endeavour to take all necessary technical and organisational security measures to adequately protect personal data from unauthorised access and misuse at all times.

 


Responsible body

Xantaro Deutschland GmbH
An der Alster 3
20099 Hamburg

Tel: +49 (0)40 413 498-0
Fax: +49 (0)40 413 498-444
E-Mail: info@xantaro.net

 

As data protection officer, we have appointed:

The data protection officer of Xantaro Deutschland GmbH
datenschutz@xantaro.net

 


Your rights as a data subject

As a data subject, you have the right of access under Article 15 GDPR, the right to rectification under Article 16 GDPR, the right to erasure under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to object under Article 21 GDPR and the right to data portability under Article 20 GDPR.

With regard to the right of information and the right of deletion, the restrictions according to §§ 34 and 35 BDSG apply.

If you have given us your consent, you can object at any time with effect for the future.

In addition, you can complain at any time to a supervisory authority.

 


Right of object

Information on your right of object under Article 21 of the General Data Protection Regulation (GDPR)

You have the right to object at any time to the processing of personal data concerning you for reasons arising from your particular situation, which is carried out on the basis of Article 6, paragraph 1, letter f GDPR (data processing based on a balancing of interests).

If you object, we will no longer process your personal data, unless we can prove compelling reasons worthy of protection for the processing, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

 

Recipient of objection

You can object (form-free) with the subject “objection” stating your name, address and date of birth to the below address:

Xantaro Deutschland GmbH
An der Alster 3
20099 Hamburg

or by email to datenschutz@xantaro.net

 


Deletion or blocking of data

We adhere to the principles of data avoidance and data economy. We therefore only store personal data for as long as it is necessary to achieve the purposes stated here or as provided for in the various storage periods provided for by law. After the respective purpose or expiry of these periods, the corresponding data will be blocked or deleted as a matter of routine and in accordance with statutory regulations.

Access Data / Server Logfiles

 

Purpose, legal basis of data processing and legitimate interest
Our web space provider, Host Europe GmbH, collects data about every access to the website (so-called server log files). Server log files are general information, such as the type of web browser, the operating system used, the domain name of your internet service provider and so on. In addition, our web space provider uses an access log to access our website, which uses the IP address and an error log, which also uses the IP address and serves to report problems that occur on the website.

This information is technically necessary for the correct delivery of requested content from websites and is mandatory when using the internet. They are processed in particular for the following purposes:

  • Ensuring a trouble-free connection of the website,
  • Ensuring a smooth use of our website,
  • Evaluation of system security and stability
  • To defend us against and prosecute cyber-attacks, and
  • For other administrative purposes.

The processing takes place in accordance with Art. 6 Para. 1 Lit f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website as well as security.

 

Recipient of the data
We and our web space provider Host Europe GmbH process the personal data as described above.

 

Provision of the data

The provision of the aforementioned personal data is not required by law or contract. Without the IP address, however, the service and functionality of our website cannot be guaranteed.

 


Contact Form

 

Purpose, legal basis of data processing and legitimate interest

By providing the contact form on our website, we want to make it easy for users to contact us. The entered data such as name, company and e-mail address are stored for the purpose of individual contact (for example by e-mail) as well as for possible follow-up questions. We will use the data only to respond to your inquiry and subsequently to support any business relationship that may have arisen or may potentially arise.

We process the data entered in the contact form on the basis of a legitimate interest (Art 6 Para. 1 Lit f GDPR) or/and also to initiate a contractual relationship (Art. 6 para. 1 lit. B DSGVO).

 

Recipient of the data
We process the personal data internally.

 

Provision of the data
The provision of your personal data is voluntary. However, we can only process your request if you provide us with your name, the company name, your e-mail address and the reason for the request.

 


Event Participation

 

Purpose, legal basis of data processing and legitimate interest
In order to participate in our events and events of our partners, we provide a contact form for individual contact. The entered data such as first name, last name, company, position / title, email and phone number are saved for the purpose of individual contact and registration at events.

We process the data entered in the contact form on the basis of a legitimate interest (Art 6 (1) lit f GDPR).

 

Recipient of the data
Die personenbezogenen Daten werden von uns unternehmensintern verarbeitet sowie gegebenenfalls bei Anmeldung zu Veranstaltungen von Partnern an diese weitergegeben und von diesen verarbeitet.

 

Provision of the data
The personal data is processed internally and, in the case of registration for a partner event, passed on to this partner and processed by them.


Use of Cookies

In addition to its own cookies, this website only uses cookies from Twitter. These cookies are only set if sub-pages are called upon which Twitter content is displayed (e.g. “Latest News”), the browser does not block the Twitter script and the browser is not in private mode (or the “do not track” option is activated).

If the “do not track” option is activated in the user’s browser (also: private mode), this website will not deliver cookies from third party providers.

 

Deletion of Cookies
The browser settings can be used to delete individual cookies or the entire cookie inventory. Depending on the browser provider, the necessary information can be found under the following links:

 

Additionally, you can prevent the loading of so-called scripts by default. NoScript allows the execution of JavaScript, Java and other plugins only at trusted domains of your choice. Information and instructions on how to edit this function can be obtained from the provider of your browser (e.g. for Mozilla Firefox:https://addons.mozilla.org/de/firefox/addon/noscript/).


Google Analytics

 

Purpose, legal basis of data processing and legitimate interest
This website uses Google Analytics, a web analysis service of Google Inc. “(“Google”). Google Analytics uses “cookies”, which are text files placed on the user’s computer, to help the website analyse, how users use the site. The information generated by the cookie about the use of this website is usually transferred to a Google server in the USA and stored there. However, since the “anonymizeIP” extension is implemented on this website, Google first reduces the IP address within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases, will Google transmit the full IP address to a server in the USA and shortened it there. On our behalf, Google will use this information to evaluate the use of the website, to compile reports on website activities and to provide us with further services relating to website and Internet use. The IP address of the user transmitted by the browser within the framework of Google Analytics is not merged with other Google data.

The purposes of data processing are to evaluate the use of the website and to compile reports on activities on the website. Other related services will then be provided based on the use of the website and the Internet. The data is processed based on a legitimate interest (Art 6 Para 1 Lit f GDPR).

 

Opt-Out
The user may refuse the use of cookies by selecting the appropriate settings on their browser, however please note that if they do this, the user may not be able to use the full functionality of this website.

The user can also prevent the collection by Google Analytics by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout

In addition or as an alternative to the browser add-on, the user can prevent tracking by Google Analytics on our pages by clicking on this LinkAn opt-out cookie is installed on the user’s device. This will prevent Google Analytics from collecting data for this website and for this browser in future as long as the cookie remains installed in the browser.

You can find further information on terms of use and data protection at
http://www.google.com/analytics/terms/de.html and https://www.google.de/intl/de/policies/

 

Profiling
With help of the tracking tool Google Analytics, the behavior of the website visitors can be evaluated and the interests can be analysed. For this purpose, we create a pseudonymous user profile.

 

Recipient of the data
Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA, will process the personal data.

 

Storage duration
Details on the storage duration of the cookies can be found above under the specification of the individual cookies

 

Provision of the data
The provision of the aforementioned personal data is not required by law or contract and is based on your freely given consent.

 

Third country transfer and appropriate safeguards
The data is partly processed in the USA.

 


YouTube

 

Purpose, legal basis of data processing and legitimate interest
This website uses YouTube videos. YouTube uses so-called “cookies”, text files that are stored on the user’s computer. The purpose is to store the user settings of the website user when the user views the video. When you visit a page with the YouTube plugin, a connection to YouTube servers is established. This tells YouTube which pages you visit. If you are logged in to your YouTube account, YouTube can personally associate your browsing behaviour with you. You can prevent this by first logging out of your YouTube account.

If a YouTube video starts, the provider uses cookies that collect information about user behaviour.

The data is processed on the basis of your consent (Art 6 (1) lit a GDPR).

For more information, please use the following website https://policies.google.com/privacy.

 

Recipient of the data
Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA will process the personal data.

 

Storage duration
Details on the storage duration of the cookies can be found above under the specification of the individual cookies.

 

Withdrawal of consent
If you have deactivated the storage of cookies for the Google-Ad-Program, you will not have to expect such cookies when watching YouTube videos. YouTube also stores non-personal usage information in other cookies. If you want to prevent this, you must block the storage of cookies in the browser.

 

Provision of the data
The provision of the aforementioned personal data is not required by law or contract and is based on your freely given consent.

 

Third country transfer and appropriate safeguards
The data is partly processed in the USA.

 


Twitter

 

Purpose, legal basis of data processing and legitimate interest
This website connects to Twitter, a microblogging service. Twitter uses so-called “cookies” through our website, text files that are stored on the user’s computer to enable the user to share content from the website in his Twitter profile. Twitter also uses other text files. The purpose of these other text files is to determine the ID of the website users in order to allow third-party advertisers to target those users with relevant advertising.

The data is processed on the basis of your freely given consent (Art 6 (1) lit a GDPR). For more information, please use the following Twitter website https://twitter.com/en/privacy.

 

Recipient of the data
Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 IRELAND will process the personal data.

 

Storage duration
Details on the storage duration of the cookies can be found above under the specification of the individual cookies.

 

Provision of the data
The provision of the aforementioned personal data is not required by law or contract and is based on your freely given consent.

 

Third country transfer and appropriate safeguards
The data is partly processed in the USA.

 


Google Maps

 

Purpose, legal basis of data processing and legitimate interest
On this website we use the offer of Google Maps. Google Maps is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter “Google”). This enables us to display interactive maps directly on the website and enables you to use the map function conveniently.

For more information, please use the following website https://policies.google.com/privacy.

The legal basis for the integration of Google Maps and the associated data transfer to Google is your freely given consent (Art. 6 (1) lit. a GDPR).

 

Recipient of the data
By visiting the website, Google receives information that you have called up the corresponding subpage of our website. This happens regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in at Google, your data will be assigned directly to your account.

If you do not want the assignment in your profile at Google, you have to log out before activating the button at Google. Google stores your data as user profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) for the purpose of providing need-based advertising and to inform other users of the social network about your activities on our website.

 

Third country transfer and appropriate safeguards
The data is processed in the USA.

 

Withdrawal of consent
If you do not want Google to collect, process or use data about you via our website, you can deactivate JavaScript in your browser settings. In this case, however, you will not be able to use our website, or only to a limited extent.

 

Provision of the data
The provision of your personal data is voluntary, solely based on your consent. If you prevent access, this may result in functional restrictions on the website.


Use of Social Media Plugins

 

This website uses plugins that allow users to communicate with social media platforms. To protect the privacy of the user, however, the Shariff plugin prevents the scripts of the social media platforms from being executed when the page is loaded, but only activates it when the user explicitly clicks on the corresponding button. This applies to all social media plugins with the exception of the direct integration of Twitter content on the “Latest News” page. Furthermore, this website only initiates data exchange between the user’s browser and social media platforms if the user initiates this data exchange themselves. The user can find information about the collection and use of the data in the social networks in the respective terms of use of the respective provider: http://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html

 

We have integrated the social media buttons of the following companies on our website:

  • Facebook Inc. (1601 S. California Ave – Palo Alto – CA 94304 – USA/ Ltd. 4 Grand Square, Grand Canal Harbour, Dublin 2, Irland)
  • Twitter Inc. (795 Folsom St. – Suite 600 – San Francisco – CA 94107 – USA)
  • LinkedIn Corporation (2029 Stierlin Court – Mountain View – CA 94043 – USA/ Wilton Plaza, Wilton Place, Dublin 2, Ireland)

 


Facebook

 

Purpose, legal basis of data processing and legitimate interest

This website uses social plugins (“plugins”) of the social network facebook.com, the plugins are recognisable by one of the Facebook logos (grey “f” on dark blue tile with the addition “share”).

Only when a user clicks on such a plugin, their browser establishes a direct connection to the Facebook servers. The provider has no influence on the amount of data Facebook collects with the help of this plugin and therefore informs users according to it’s level of knowledge:

By activating the plugin, Facebook receives information that a user has called up the corresponding page of the offer, the date of the visit and some information in connection with the browser used. If the user is logged into Facebook, Facebook can assign the visit to the users Facebook account. Every interaction with the plugin, for example the sharing of a post, causes the corresponding information from the user’s browser to be transmitted directly to Facebook and stored there. If the user is not a member of Facebook, it is still possible for Facebook to obtain and store the user’s IP address. According to Facebook, only an anonymised IP address is stored in Germany.

The purpose and scope of data collection and the further processing and use of the data by Facebook as well as the relevant rights and setting options for the protection of users’ privacy can be found in Facebook’s data protection information: https://www.facebook.com/about/privacy/.

If a user is a Facebook member and does not want Facebook to use this offer to collect data about him or her and link it to his or her membership data stored on Facebook, he or she may not press the button of the social media plugin. Further settings and objections to the use of data for advertising purposes can be made within the Facebook profile settings: https://www.facebook.com/settings?tab=ads.

 

Recipient of the data
Facebook Ireland Ltd. 4 Grand Square, Grand Canal Harbour, Dublin 2, Ireland and Facebook .1601 S. California Ave – Palo Alto – CA 94304 – USA processes the personal data of the user.

 


Twitter

 

Purpose, legal basis of data processing and legitimate interest
This website uses web page elements (https://dev.twitter.com/web/overview), such as buttons or integrated content of the Twitter service. With the help of the website elements it is possible, for example, to share a contribution or page of this offer on Twitter or to follow the provider on Twitter. The Twitter plugin can be recognised by the grey Twitter logo on light blue tile with the addition “tweet”. As further contents individual tweets can be merged into the website.

When the user calls up a subpage on which Twitter content is integrated, the browser establishes a direct connection to the Twitter servers. On all other areas of the website, the plugin is not activated until the user clicks on it.

The provider has no influence on the amount of data Twitter collects with the help of the website elements and informs users according to their level of knowledge. After this, only the IP address of the user as well as the URL of the respective website is transmitted when using the button, but is not used for purposes other than the presentation of the website element.

Further information can be found in Twitter’s privacy policy at http://twitter.com/privacy.

 

Recipient of the data
Twitter Inc, 795 Folsom St., Suite 600, San Francisco, CA 94107, USA („Twitter“) processes the user’s personal information.

 


LinkedIn

 

Zwecke, Rechtsgrundlage und berechtigtes Interesse der Datenverarbeitung
This website uses social plugins of the social network “LinkedIn”. The plugins of LinkedIn can be recognised by the grey “in” on blue tile and the addition “communicate”.

Only when a user clicks on such a plugin, the plugin establishes a connection between the user’s browser and the LinkedIn server. The provider has no influence on the amount of data, LinkedIn collects with the help of this plugin and therefore informs the user according to their level of knowledge.

By activating the plugin, LinkedIn receives the information that a user has called the corresponding page of the offer, from which page they come and to which page they change. In addition, further information (e.g. device identifier, operating system, web browser, installed add-ons, proxy server, ISP and, if applicable, location data) is collected about the user’s terminal device. If the user is logged into LinkedIn, LinkedIn can assign the visit to the users LinkedIn account. Every interaction with the plugins, for example by pressing the “Share” button, results in the corresponding information from the user’s browser being transmitted directly to LinkedIn and stored there. Even if the user is not a member of LinkedIn, this user data is collected and stored by LinkedIn.

 

Recipient of the data
LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA processes the user´s personal data. Privacy matters outside the USA are the responsibility of LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland.


Change to our Data Protection Policy

We reserve the right to adapt this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. The new privacy policy will then apply for your next visit.