Data Protection Statement
This Data Protection Statement was last updated in May 2018 to reflect changes in data protection laws, specifically the GDPR . It sets out the data protection practices carried out through the use of the Internet and any other electronic communications networks byData Business Services GmbH & Co KG and its associated companies (all together “COMPANY”).
Contacts for Data Protection:
In case of any requests on data protection issues, please contact:
Ralph Göllnitz (Data Protection Officer)
Requests that do not have confidential or sensitive content can be sent by mail to the Data Protection Officer by using the following e-mail address:
Fax: +49 89 66002036
Personal information we collect
COMPANY collects personal information from you through the use of registration forms, for instance every time you sign up for an electronic newsletter, when you send us an application to be considered for employment, when you register for an event, when you submit a request for proposal or for information, when you request the authorization of downloading a document, when you enter an online competition or when you send us a message via an email reply mechanism provided on the COMPANY sites.
Utlization of personal information
We process personal information collected via the COMPANY sites for the purposes of:
• Providing our services
• Dealing with your enquiries and requests
• Proposing/inviting access to COMPANY’s social media accounts
• Proposing/inviting to informational events and conferences
• Providing you with information about products and services.
Information we gather via this website
When you visit one of the COMPANY sites, we collect information automatically about those visits.
In particular, your browser automatically sends us certain Internet-related information, such as the Internet Protocol (IP) address of the computer you are using.
Only technical cookies are used which do not store tracking or retrievable information or any type of personal data.
wfwaf-authcookie-(hash) This cookie is used by the Wordfence firewall to perform a capability check of the current user before WordPress has been loaded.
wf_loginalerted_(hash) This cookie is used to notify the Wordfence admin when an administrator logs in from a new device or location.
wfCBLBypass Wordfence offers a feature for a site visitor to bypass country blocking by accessing a hidden URL. This cookie helps track who should be allowed to bypass country blocking.
Information we share
We will only disclose personal information to other companies within our group of companies, business partners, government bodies and law enforcement agencies, successors in title to our business and suppliers we engage to process data on our behalf. In these circumstances we will share your personal information for purposes such as our legitimate business purposes and to comply with legal obligations.
Links to other sites
This Data Protection Statement applies only to information collected by a COMPANY site. For further information an the all data protection policies of COMPANY please contact the DPO.
COMPANY sites contain links to other sites that are not owned or administered by COMPANY. Please be aware that COMPANY is not responsible for the privacy practices of such other third party sites. We encourage you to read the privacy statements of every Web site you visit.
We maintain safeguards to protect against unauthorized disclosure, use, alteration, or destruction of the personal information you provide to us through the COMPANY sites. Please note, however, that perfect security does not exist on the Internet. Therefore, while we endeavour to protect your personal data, when data is transferred over the Internet it may potentially be accessed and used by unauthorised parties.
SSL and/or TLS encryption
For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption programme. You can recognise an encrypted connection by checking whether the address line of the browser switches from “http://” to “https://” and also by the appearance of the lock icon in the browser line.
If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.
Access and correction and deletion
We want to make sure that any information we hold on you is up to date and correct. If you have any requests concerning your personal information COMPANY holds about you , to obtain a copy or any queries with regard to these practices please contact us at the contact the DPO as listed the beginning of this document.
Internet based transfers
Given that the Internet is a global environment, using the Internet to collect and process personal data necessarily involves the transmission of data on an international basis. Therefore, by browsing the COMPANY sites and communicating electronically with us, you acknowledge our processing of personal data in this way. However, we will endeavour to protect all personal information collected through the COMPANY sites in accordance with strict data protection standards.
Changes to this data protection statement
We reserve the right to amend this Statement at any time without advance notice in order to address future developments of COMPANY, the Website or changes in industry or legal trends. We will post the revised Statement on the Website or announce the change on the home page of the Website. You can determine when the Statement was revised by referring to the “Last Updated” date on the top of this Statement. Any changes will become effective upon the posting of the revised Statement on the Website. By continuing to use the Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Statement, in whole or part, you can choose to not continue to use the Website.
Security of your data
Your personal data will be secured by taking all technical and organizational security measures so that they are inaccessible to unauthorized third parties. When sending very sensitive data or information, it is recommended to use the mailing route, as a complete data security can not be guaranteed by e-mail.
Duration of storage:
The personal data provided by you is stored for the duration of the use of the website or in the event of the provision of information or services until the expiry of the legal storage period and to the permitted extent, taking the basic principles of the EU-GDPR and the German Federal Data Protection Act (BDSG) into account.
Registration on this website
You have the option to register on our website to be able to use additional website functions. We shall use the data you enter only for the purpose of using the respective offer or service you have registered for. The required information we request at the time of registration must be entered in full. Otherwise we shall reject the registration.
To notify you of any important changes to the scope of our portfolio or in the event of technical modifications, we shall use the e-mail address provided during the registration process.
We shall process the data entered during the registration process on the basis of your consent (Art. 6 Sect. 1 lit. a GDPR). You have the right to revoke at any time any consent you have already given us. To do so, all you are required to do is sent us an informal notification via e-mail. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your revocation.
The data recorded during the registration process shall be stored by us as long as you are registered on our website. Subsequently, such data shall be deleted. This shall be without prejudice to mandatory statutory retention obligations.
Processing of data (customer and contract data)
We collect, process and use personal data only to the extent necessary for the establishment, content organization or change of the legal relationship (data inventory). These actions are taken on the basis of Art. 6 Sect. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual actions. We collect, process and use personal data concerning the use of our website (usage data) only to the extent that this is necessary to make it possible for users to utilize the services and to bill for them.
The collected customer data shall be eradicated upon completion of the order or the termination of the business relationship. This shall be without prejudice to any statutory retention mandates.
Data transfer upon closing of contracts for online stores, retailers and the shipment of merchandise
We share personal data with third parties only if this is necessary in conjunction with the handling of the contract; for instance, with companies entrusted with the shipment of goods or the financial institution tasked with the processing of payments. Any further transfer of data shall not occur or shall only occur if you have expressly consented to the transfer. Any sharing of your data with third parties in the absence of your express consent, for instance for advertising purposes, shall not occur. The basis for the processing of data is Art. 6 Sect. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or for pre-contractual actions.
Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)
In the event that data are processed on the basis of Art. 6 Sect. 1 lit. e or f GDPR, you have the right to at any time object to the processing of your personal data based on grounds arising from your unique situation. This also applies to any profiling based on these provisions. To determine the legal basis, on which any processing of data is based, please consult this Data Protection Declaration. If you log an objection, we will no longer process your affected personal data, unless we are in a position to present compelling protection worthy grounds for the processing of your data, that outweigh your interests, rights and freedoms or if the purpose of the processing is the claiming, exercising or defence of legal entitlements (objection pursuant to Art. 21 Sect. 1 GDPR).
If your personal data is being processed in order to engage in direct advertising, you have the right to at any time object to the processing of your affected personal data for the purposes of such advertising. This also applies to profiling to the extent that it is affiliated with such direct advertising. If you object, your personal data will subsequently no longer be used for direct advertising purposes (objection pursuant to Art. 21 Sect. 2 GDPR).
We use “Google reCAPTCHA” (hereafter “reCAPTCHA”) on our websites. Provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).
With reCAPTCHA we want to check if the data entry on our websites (for example in a contact form) is done by a human or by an automated program. For this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For analysis, reCAPTCHA evaluates various information (for example, the IP address, the time a visitor spent on the website or mouse movements made by the user). The data collected during the analysis will be forwarded to Google.
The reCAPTCHA analyzes are completely in the background. Site visitors are not advised that an analysis is taking place.
Data processing takes place on the basis of Art. 6 para. 1 lit. f EU-GDPR. The website operator has a legitimate interest in protecting its websites from abusive automated spying and SPAM.
Google Web Fonts
This site uses so-called web fonts, provided by Google, for the uniform representation of fonts. When you view a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
To do this, the browser you use must connect to Google’s servers. As a result, Google learns that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a consistent and attractive presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f EU-GDPR.
If your browser does not support web fonts, a default font will be used by your computer.
This site uses the mapping service Google Maps via an API. Provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. To use the features of Google Maps it is necessary to store your IP address. This information is usually transmitted to and stored by Google on servers in the United States. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of an attractive presentation of our online offers and an easy traceability of the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f EU-GDPR.
Wordfence Plugin – Data Processing Agreement
Defiant provides a data processing agreement to help customers meet their data privacy and protection obligations that are part of the General Data Protection Regulation (GDPR). Defiant has pre-signed the agreement and it is available to all Defiant customers that are processing personal data and operate in the European Economic Area (EEA) or are otherwise subject to the territorial scope of the GDPR. To learn more about privacy and data protection rules of the EEA click here.
To comply with EU General Data Protection Regulation (“GDPR”), our EU customers must sign our Data Processing Agreement (“DPA”) and the Standard Contractual Clauses to establish the respective responsibilities between the Defiant customer (as the data controller) and Defiant itself (as the data processor). If the GDPR applies to you please download, sign, and email both the DPA and the Standard Contractual Clauses to email@example.com. Both the DPA and Standard Contractual Clauses are available in one document below. Note you must sign in two places.
Defiant Data Processing Agreement and Standard Contractual Clauses can be downloaded here: https://www.wordfence.com/gdpr/dpa.pdf
Remember to sign in two places and email it to firstname.lastname@example.org.
To help you understand which cookies the Wordfence plugin sets, when installed on your WordPress site, we have provided the guide below. Wordfence currently sets three cookies and we explain what each cookie does, who will have the cookie set, and why the cookie helps secure your site.
What it does: This cookie is used by the Wordfence firewall to perform a capability check of the current user before WordPress has been loaded.
Who gets this cookie: This is only set for users that are able to log into WordPress.
How this cookie helps: This cookie allows the Wordfence firewall to detect logged in users and allow them increased access. It also allows Wordfence to detect non-logged in users and restrict their access to secure areas. The cookie also lets the firewall know what level of access a visitor has to help the firewall make smart decisions about who to allow and who to block.
What it does: This cookie is used to notify the Wordfence admin when an administrator logs in from a new device or location.
Who gets this cookie: This is only set for administrators.
How this cookie helps: This cookie helps site owners know whether there has been an admin login from a new device or location.
What it does: Wordfence offers a feature for a site visitor to bypass country blocking by accessing a hidden URL. This cookie helps track who should be allowed to bypass country blocking.
Who gets this cookie: When a hidden URL defined by the site admin is visited, this cookie is set to verify the user can access the site from a country restricted through country blocking. This will be set for anyone who knows the URL that allows bypass of standard country blocking. This cookie is not set for anyone who does not know the hidden URL to bypass country blocking.
How this cookie helps: This cookie gives site owners a way to allow certain users from blocked countries, even though their country has been blocked.
Further questions or concerns:
Data Business Services GmbH & Co. KG