Privacy Policy
Purpose of the processing of personal data (hereinafter referred to as "Data") within our online offering and the related websites, features and content, as well as our external online presence thereto, e.g. our social media profiles. (collectively referred to as "online offering"). With regard to the terminology used, e.g. "Personal data" or the "processing" thereof, we refer to the definitions expounded in Article 4 of the General Data Protection Regulation (GDPR).
Responsible Person:
Surname/Forename: George F. Canzler
Street/Number: Lietzensee Ufer 2
ZIP, City, Country: 14057 Berlin, Deutschland
Managing Director: George F. Canzler
Telephone Number: +49 (0)171 878 63 14
Email Address: george.canzler@bespoke-communication.eu
Privacy Policy Supervisor:
Surname/Forename: Sebastian Weigelt (Wiebel und Partner GmbH)
Email Address: s.weigelt@wiebel-partner.de
Type of data processed:
• Inventory data (e.g., names, addresses).
• Contact data (e.g., email, telephone numbers).
• Content data (e.g., text entries, photographs, videos).
• Usage date (e.g., visited websites, interest in content, access time).
• Meta and communication data (e.g., device information, IP addresses).
Processing of special categories of data (Art. 9 para. 1 GDPR):
• No special data categories are processed
Categories of individuals affected by the processed data:
• Customers / interested parties / suppliers.
• Visitors and users of the online offering.
In the following, we also refer to the persons concerned as "users".
Purpose of processing:
• Provision of the online offering, its contents and functions.
• Answering contact requests and communicating with users.
• Marketing, advertising and market research.
25.5.2018
1. Relevant Legal Basis
In accordance with Art. 13 GDPR, we hereby inform you of the legal basis of our data processing. Unless said legal basis is mentioned in the privacy policy, the following applies: The legal basis for obtaining consent is Article 6 (1) para. a and Art. 7 GDPR; the legal basis for the processing and discharge of our services and the execution of contractual measures as well as the response to inquiries is Art. 6 (1) para. b GDPR; the legal basis for processing in order to fulfil our legal obligations is Art. 6 (1) para. c GDPR, and the legal basis for processing in order to safeguard our legitimate interests is Art. 6 (1) para. f GDPR. In the event that the vital interests of affected persons or another natural persons require the processing of personal data, Art. 6 para. 1 subpara. d GDPR provides as legal basis thereto.
2. Changes and Updates to the Privacy Policy
We ask you to inform yourself regularly about the content of our privacy policy. We will modify the privacy policy as soon as changes to data processing necessitate it. We will notify you as soon as the changes require your participation (e.g. consent) or other individual notification.
3. Security Measures
3.1. We take appropriate technical measures in accordance with Art. 32 GDPR, taking into account the latest technology, implementation costs and the nature, scope, circumstances and purposes of the processing as well as the probability of occurrence and severity of the risk to the rights and freedoms of natural persons and organisational measures to ensure a level of protection appropriate to the risk; Measures include, in particular, ensuring the confidentiality, integrity and availability of data by monitoring physical access to the data, as well as their access, input, disclosure, availability and separation. In addition, we have established procedures that ensure the management of the rights of affected persons, data erasure and data vulnerability. Furthermore, we consider the protection of personal data already in the developmental phase, or selection of hardware, software and procedures, according to the principle of data protection by technology design, taken into account privacy aware default settings (Art. 25 GDPR).
3.2. One of the security measures is the encrypted transfer of data between your browser and our server.
4. Cooperation with Processors and Third Parties
4.1. If, in the context of our processing, we disclose data to other persons and companies (processors or third parties) or otherwise grant access to the data, this will only be done on the basis of legal permission (e.g. if a transmission of the data to third parties, as required by payment service providers, pursuant to Art. 6 (1) (b) GDPR for the performance of the contract) you have consented to, a legal obligation or based on our legitimate interests (e.g. the use of agents, web hosting, etc.).
4.2. If we commission third parties to process data on the basis of a so-called " processing contract", this is done on the basis of Art. 28 GDPR.
5. Transmission to Third Countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or in the context of the use of third party services or disclosure or transmission of data to third parties, this will only be done if it is to fulfil our (pre) contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only in the presence of the special conditions of Art. 44 et seq. GDPR. That is, processing is, for example, on the basis of specific guarantees, such as the officially recognized level of data protection (e.g. through the “Privacy Shield” for the USA) or compliance with officially recognized special contractual obligations (the so-called "standard contractual clauses").
6. Rights of Affected Persons
6.1. You have the right to ask for confirmation as to whether the data in question is processed and for information about this data as well as further information and a copy of the data in accordance with Art. 15 GDPR.
6.2. According to Art. 16 GDPR, you have the right to demand the completeness of the data concerning you or the correction of the incorrect data concerning you.
6.3. In accordance with Art. 17 GDPR, you have the right to demand that the relevant data be deleted immediately or, alternatively, to require a restriction of the processing of data in accordance with Art. 18 GDPR.
6.4. You have the right to demand that the data relating to you, which you have provided to us, be obtained in accordance with Art. 20 GDPR and request the transmission thereof to other responsible persons.
6.5. Pursuant to Art. 77 GDPR, you also have the right to file a complaint with the competent supervisory authority.
7. Right of Cancellation
You have the right to grant consent in accordance with. Art. 7 para. 3 GDPR with future effect.
8. Right of Objection
You can object to the future processing of your data at any time, in accordance with Art. 21 GDPR. The objection may in particular be made against processing for direct marketing purposes.
9. Cookies and Right of Objection for Direct Advertising
We use temporary and permanent cookies, i.e. small files that are stored on users' devices (for an explanation of the term and function, see the previous section of this Privacy Policy). In part, the cookies are used for security or to operate our online offering (for example, the website) or to save the user's decision when confirming the cookie banner. In addition, we or our technology partners use cookies for reach measurement and marketing purposes, which users are informed about in the course of the privacy policy.
A general objection to the use of cookies used for online marketing purposes can be found in a variety of services, especially in the case of tracking, explained via the US website http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be achieved by switching them off in the browser settings. Please note that not all features of this online offering may be used.
10. Deletion of Data
The data processed by us is deleted, in accordance with Art. 17, or limited as regards processing, pursuant to Art.18 GDPR. Unless explicitly stated in this privacy policy, the data stored by us is deleted as soon as it is no longer required and said deletion does not conflict with any statutory storage requirements. If the data is not deleted, because it is required for other and legitimate purposes, its processing will be restricted. That is, the data is blocked and not processed for other purposes. This applies, for example, for data that must be kept for commercial or tax purposes.
10.1. Germany: According to legal requirements, storage occurs for 6 years, in accordance with § 257 para. 1 of the German Commercial Code (trading books, inventories, opening balance sheets, annual accounts, commercial papers, accounting documents, etc.) and for 10 years, in accordance with § 147 para. 1 of the German Fiscal Code (books, records, status reports, accounting documents, commercial and business papers, documents relevant to taxation, etc.).
11. Establishing Contact
11.1. When contacting us (via contact form or email), the information provided by the user is used to process the contact request, pursuant to Art. 6 para. 1 subpara. b) GDPR.
11.2. User information can be stored in our Customer Relationship Management System ("CRM System") or similar organisation.
11.3. We delete the requests in the event that they are no longer required. We check the necessity therein every two years; enquiries from customers who have a customer account are stored permanently and refer to deletion on the details of the customer account. In the case of legal archiving obligations, deletion takes place after its expiry (end of commercial law [6 years] and tax law [10 years] pursuant to retention obligations).
12. Collection of Access Data and Log Files
12.1. Based on our legitimate interests, within the meaning of Art. 6 para. 1 subpara. f. GDPR, we collect data concerning all access to the server on which this service is located (so-called server log files). The access data includes the name of the accessed web page, file, date and time of access, amount of data transferred, message about successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the enquiring provider
12.2. Log file information is stored for security purposes for a maximum of seven days (for example, to investigate abusive or fraudulent activities), after which time the information is deleted. Where further data retention is required for evidential purposes, it shall be exempted from the aforementioned cancellation period until the final clarification of the incident.
13. Cookies and Reach Measurement
13.1. Cookies are information transmitted from our web server or third-party web servers to users' web browsers and stored there for later retrieval. Cookies can be small files or other types of information storage.
13.2. We use "session cookies" that are only stored for the duration of the current visit to our website (for example, to enable the saving of your login status or the shopping cart function and thus the use of our online offering itself). A session cookie randomly generates and saves a unique identification number, known as a session ID. In addition, a cookie contains information about its origin and retention period. These cookies cannot save any other type of data. Session cookies will be deleted if you have finished using our online offering and have, for example, logged out or closed the browser.
13.3. Within the scope of the present privacy policy, users are informed of the use of cookies in the context of pseudonymous reach measurement.
13.4. If users do not want cookies stored on their computer, they will be asked to disable the option in their browser's system settings. Saved cookies can be deleted in the browser’s system settings. The exclusion of cookies can, however, lead to functional restrictions of this online offering.
13.5. You may object to the use of cookies for reach measurement and promotional purposes through the network advertising initiative's opt-out page (http://optout.networkadvertising.org/) and the US website (http://www.aboutads.info/choices ) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).
14. Integration of Services and Third-Party Content
Based on our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offering within the meaning of Art. 6 (1) subpara. GDPR), we make use of content or services offered by third-party providers in order to provide their content and services, such as videos or fonts (collectively referred to as "content"). This always presupposes that the third-party providers of this content are aware of the IP address of the users, since they could not send the content to the users’ browser without the IP address. The IP address is therefore required for the presentation of this content. We endeavour to only use content from respective providers that use the IP address solely for the purposes of delivering said content. Third parties may also use so-called pixel tags (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include, but is not limited to, technical information about the browser and operating system, referring websites, time of access, and other information regarding the use of our online offering.
16.2. The following provides an overview of third-party providers and their content, as well as links to their privacy policies, which contain further information on the processing of data and, as already mentioned in part, possibilities for objection (so-called opt-out):
- External fonts from Adobe Systems Software Ireland Limited, https://typekit.com/ ("Typekit Fonts"). The integration of Typekit fonts is carried by accessing an Adobe server (usually in the US). Privacy Policy: https://www.adobe.com/privacy/opt-out.html
- Third-party external code from the JavaScript framework "jQuery", provided by the jQuery Foundation, https://jquery.org.