1. Name and contact details of the controller and its Data Protection Officer
This data protection information applies to data processing by:
Ascenion GmbH (hereafter: Ascenion)
Telefon: +49 (0)89 – 318814-0
Fax: +49 (0)89 – 318814-20
Ascenion's Data Protection Officer is
Secure Consult GmbH & Co. KG
Telephone: +49 (0)8252 – 9094110
2. Collection and storage of personal data, and the purpose and manner of their use
a) If you visit our website
If you visit our website www.ascenion.de, the browser in use on your device will automatically send data to our web server. These data are temporarily saved in a so-called log file. The following data are collected and stored, without any action on your part, until they are automatically deleted:
- IP address of the enquiring computer
- date and time of access
- name and URL of the requested file
- website from which access was made (referrer URL)
- browser used and, as required, your computer’s operating system and the name of your access provider.
These data are processed by us for the following purposes:
- to guarantee trouble-free connection to the website
- to guarantee easy use of our website
- to evaluate system security and stability, and
- for further administrative purposes.
The legal basis for this data processing is Article 6 para. 1 (f) of the EU General Data Protection Regulation (GDPR). Our legitimate interest results from the data-collection purposes listed above. Under no circumstances do we use the data collected to draw conclusions about you yourself.
b) If you register for our newsletter
We use your email address to send you our newsletter on a regular basis if you have explicitly agreed to this under GDPR Article 6 para. 1 (a). The submission of your email address is sufficient in order to receive the newsletter.
You may unsubscribe at any time, for example via a link at the bottom of every newsletter. Alternatively you may also unsubscribe at any time by sending an email to email@example.com.
c) If you use our contact form
We provide a contact form on our website for you to get in touch with us on any matter. To use it, you must provide a valid email address so that we know who sent the enquiry and are able to answer it. You may submit further details on a voluntary basis.
Data processing for the purposes of making contact with us is in accordance with GDPR Article 6 para. 1 (a), based on your free consent.
The personal data gathered by us when you use the contact form will be deleted once your query has been addressed, unless they are already stored by us for other purposes.
3. Disclosure of data
Your personal data will not be disclosed to third parties except for the purposes described below.
We only disclose your personal data to third parties if this permitted by law, in particular if:
- you give your express consent according to GDPR Article 6 para. 1 a);
- disclosure is required according to GDPR Article 6 para. 1 (f) to safeguard legitimate interests, and there is no reason to believe that you have an overriding and legitimate interest in the non-disclosure of your data;
- in the event that under GDPR Article 6 para. 1 (c) we are legally obliged to disclose your personal data and/or
- this is required under GDPR Article 6 para. 1 (b) in order to enter into or perform a contractual relationship with you.
The cookies are used to store information relating to the specific device being used. They do not enable us to directly become aware of your identity.
In addition, we also use temporary cookies to increase user friendliness. These are saved on your device for a specific period of time. If you visit our website again within this time period, the inputs and settings you made at your last visit are recalled, so that you do not have to enter them again.
The data processed by cookies for the purposed named are required according to GDPR Article 6 para, 1 (f) to safeguard our legitimate interests and those of third parties.
Most browsers automatically accept cookies. You can, however, configure your browser so that cookies are not saved on your computer, or so that you receive an alert before a new cookie is stored. Please note that complete deactivation of cookies can result in you not being able to use all the website functions.
5. Analysis tool: Google Analytics
We use Google Analytics, a web analysis tool from Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereafter: “Google”). This tracking procedure is carried out according to GDPR Article 6 para. 1 (f). The use of Google Analytics allows us to ensure a need-based design and the continuous optimization of our website. We also use this tracking procedure to obtain and analyse statistical data on the use of our website for the purposes of optimization. These interests are considered legitimate under the aforementioned provision.
In this context, user profiles are created (anonymized in the case of anonymizeIP (see next paragraph), otherwise pseudonymized) and cookies are used (see Section 4). The information generated by the cookie concerning your use of the website, for example
- browser type/version,
- operating system used,
- referrer URL (of the previously visited page),
- IP address of the accessing computer,
- time of the server request,
- time spent on the website and
- number of page views within our website
is transmitted to and saved on a Google server in the USA.
Ascenion uses the Google Analytics function ‘anonymizeIP’ on its website. This function automatically removes the last octet (for IPv4) or the last 80 bits (for IPv6) of the IP address of visitors to our website in the European Union and in member states of the European Economic Area, thus preventing Google from unambiguously identifying the IP addresses of users visiting our website (IP Masking).
Information generated by the cookie is used to evaluate website use, to compile reports on website activities and to provide further services connected to website and internet use for the purposes of market research and the need-based design of these web pages. This information may also be transmitted to third parties if legally required or if third parties are contracted to process these data. According to Google, your IP address will not under any circumstances be linked to other Google data.
You can prevent the installation of cookies using the appropriate setting in your browser software. We advise you, however, that this may prevent you from using all the website functions to their full extent.
Furthermore, you can prevent the data generated by the cookie concerning your use of the website (including your IP address) from being recorded, and prevent them from being processed by Google, by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, particularly for browsers on mobile devices, you can prevent data being gathered by Google Analytics by clicking this link. An opt-out cookie will be set to prevent your data from being gathered on future visits to this website. The opt-out cookie applies only to this browser and to our website and will be stored on your computer. If you delete cookies in this browser, you have to reset the opt-out cookie.
Further information concerning data protection in connection with Google Analytics can be found, for example, on the Google Analytics help page (https://support.google.com/analytics/answer/6004245?hl=de).
6. Social media plug-ins
We use social media plug-ins from the social networks Twitter and LinkedIn, based on GDPR Article 6 para. 1 (f), in order to increase awareness of our company via these platforms. This advertising purpose is regarded as a legitimate interest according to the GDPR. Responsibility for compliance with data protection regulations is carried by the respective plug-in providers themselves. Plug-ins are integrated into our website via a so-called two-click method, in order to provide the best possible protection for our users.
We use social media plug-ins from LinkedIn on our website (LinkedIn Corporation, 2029 Stierlin Court Ste. 200, Mountain View, CA 94043, U.S.A, and LinkedIn Ireland U.C., Wilton Plaza, Wilton Place, Dublin 2, Ireland; hereafter ‘LinkedIn’). This is a service provided by LinkedIn.
When you open a page on our website that contains such a plug-in, your browser establishes a direct connection to the LinkedIn server. The contents of the plug-in are transmitted directly to your browser, which then integrates them into the website.
Through the integration of a plug-in, LinkedIn receives information that your browser has accessed the relevant page on our website, even if you do not have a LinkedIn account, or are not currently logged in to LinkedIn. This information (including your IP address) is sent by your browser directly to a LinkedIn server in the USA or Ireland, and stored there.
If you are logged into LinkedIn, LinkedIn can directly assign your visit to our website to your LinkedIn account. If you interact with the plug-ins, e.g. click the ‘recommend’ button, this information will also be directly transferred to a LinkedIn server and stored there. The information will also be published on LinkedIn and be visible to your LinkedIn-contacts. Please note that we as providers of the web pages obtain no information regarding the data transferred or how LinkedIn uses them.
If you do not wish LinkedIn to be able to assign the data gathered via our website to your LinkedIn account, you must log out of LinkedIn before visiting our website.
The purpose and extent of data collection and the further processing and use of the data by LinkedIn, together with your respective rights and settings options for protecting your privacy can be found in LinkedIn’s Data Protection Policy (https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv).
Plug-ins from the short message network Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, and Twitter International Company, One Comberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland; hereafter ‘Twitter’) are integrated into our website. This is a service provide by Twitter. The Twitter plug-ins (‘tweet-buttons’) can be recognized by the Twitter logo on our website. You can find an overview of tweet buttons here (https://about.twitter.com/resources/buttons).
When you open a page on our website that contains such a plug-in, your browser establishes a direct connection to the Twitter server. Twitter receives information that you have visited our website using your IP address. If you click the tweet button while logged on to your Twitter account, you can link content on our website to your twitter profile. This allows Twitter to assign your visit to our website to your user account. Please note that we as providers of the web pages obtain no information regarding the data transferred or how Twitter uses them.
If you do not wish Twitter to be able to assign the data gathered via our website to your Twitter account, please log out of your Twitter account.
You can find more information in Twitter’s Data Protection Policy (https://twitter.com/privacy).
7. Rights of persons affected
You have the right:
- to obtain information about your personal data processed by us (GDPR Article 15). In particular, you can obtain information regarding: the purposes of the processing; the categories of personal data concerned; the categories of recipient to whom your data have or will be disclosed; the planned period of storage; the existence of the right to rectification or deletion of personal data, and to limitation of, or objection to, processing; the existence of the right of appeal; the origin of data not collected by us, and the existence of automated decision-making, including profiling and, as applicable, meaningful information regarding the details;
- to obtain the immediate rectification of incorrect personal data stored by us or to have incomplete data completed (GDPR Article 16);
- to obtain the erasure of personal data stored by us, in so far as the processing is not required to exercise the right to freedom of speech and information, to fulfil a legal obligation, for reasons of public interest, or to establish, exercise or defend legal claims (GDPR Article 17);
- to obtain restriction of processing of your personal data in the following cases: you contest the accuracy of the data; the processing is unlawful and you oppose the erasure of the data and request limitation of processing instead; we no longer require the data, but you require it to establish, exercise or defend legal claims; or you have objected to processing according to Article 21 GDPR (GDPR Article 18);
- to obtain the personal data you have provided us with in a structured, commonly used and machine-readable format or to have them transmitted to another controller (GDPR Article 20);
- to withdraw your consent previously granted to us (GDPR Article 7(3)). This means that we may no longer carry out data processing based on this consent in future and
- to lodge a complaint with a supervisory authority (GDPR Article 77). This is usually the supervisory authority in the member state of your habitual residence, place of work or our registered office.
8. Right to object
In as far as your personal data are processed according to GDPR Article 6 para. 1 (e) or (f), you have the right under GDPR Article 21 to object to this processing on grounds relating to your particular situation and the right to object to data processing for the purposes of direct marketing. In the latter case, you have a general right to object, and we will cease processing without you having to state a particular situation.
If you wish to make use of your right to object, you may do so at any time and an email to firstname.lastname@example.org is sufficient.
9. Data security
We use the widespread SSL method (Secure Socket Layer) during your visit to our website, together with the highest encryption level supported by your browser. This is generally 256 bit encryption. If your browser does not support 256 bit encryption, we use 128 bit v3 technology instead. You can recognize if a page on our website is being transmitted with encryption by the closed key or lock icon on your browser’s status bar.
We also use appropriate technical and organizational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are constantly being improved in line with technological developments.
10. The validity and revision of this Data Protection Policy
This Data Protection Policy is valid as of May 2018.
It may be necessary to revise this Data Protection Policy due to the continued development of our website or changes to legal or official guidelines. You can view and print out the current version at any time under https://www.ascenion.de/index.php?id=463.