Effective: April 20, 2018
Processing of personal data
Visiting our website
We record and save your computer’s IP address in order to send the contents of our website visited by you to your computer (e.g. texts, pictures, and files provided for downloading, etc.) (cf. Art. 6 (1) lit. b GDPR). We also process these data to identify and pursue any misuse. Legal basis in this case is Art. 6 (1) lit. f GDPR. In this context, our legitimate interest in data processing is to ensure the due functioning of our website and the business transacted via the Website.
We also acquire and process your personal data when you contact us directly, for example via our website, and when you order information material or newsletters. Legal basis in this case is Art. 6 (1) lit. b GDPR.
In as far as we process your data as described above for the purpose of accepting and processing your inquiry or information material or newsletter order, you are contractually bound to make these data available to us. We are unable to process your request without the data.
Where you have given your consent to the processing of personal data (cf. Art. 6 (1) lit. a GDPR), you can withdraw your consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent up to the time of withdrawal of consent.
Data transfer within the ECT Group or to selected third parties
European Computer Telecoms AG is the parent company of the ECT Group. In some cases, after a careful check, we send your data to other companies belonging to the ECT Group, who are then responsible for further processing.
Data are forwarded to the following companies, among others, if and to the extent that the requirements in compliance with data protection legislation necessary for this are met:
• to service providers which process data on our behalf (e.g. in email marketing or software design and development, or to support processing of customer inquiries).
• to other third parties (for example public authorities) to the extent that we are legally obliged to do so.
In these cases, the information is transferred to third parties to enable further processing. External service providers are selected carefully and audited at regular intervals to ensure protection of your data privacy.
These service providers / processors are bound by instructions. Given this, they are subject to our requirements, which include processing of your data exclusively in line with our instructions and in compliance with the applicable Data Protection Act. In particular, they are contractually bound to treat your data with strict confidentiality, and are not permitted to process data for other purposes than the ones agreed.
Data transfer to the data processor is effected on the basis of Art. 28 (1) GDPR.
We will not sell your data to third parties or otherwise share them for commercial purposes.
We employ various security measures such as encryption and authentication tools in line with the current state of the art to protect and maintain the security, integrity, and availability of your data.
100% protection against unauthorized access in the case of data transfers across the Internet or a website cannot be guaranteed, but we and our service providers and business partners do our utmost to protect your personal data in line with the prevailing data protection regulations by means of physical, electronic, and process-oriented security precautions in line with the current state of the art. Among other things, we use the following measures:
• Strict criteria for authorization to access your data according to the “need-to-know principle” (restriction to as few people as possible) and exclusively for the specified purpose
• Transfer of acquired data exclusively in encrypted form
• Storage of confidential data, exclusively in encrypted form
• Firewall safeguarding of IT systems to provide protection against unauthorized access, for example by hackers
• Permanent monitoring of accesses to IT systems to detect and prevent the misuse of personal data
In line with article 17 of the basic EU data protection regulations, we will keep your data only as long as necessary for the respective purposes for which we process your data. If we process data for a number of purposes, they are automatically deleted or stored in a format that does not permit conclusions to be drawn directly as regards your person as soon as the last specific task has been performed.
A cookie is a small file that stores Internet settings. Almost every website uses cookie technology. It is downloaded by your Internet browser on the first visit to a website. The next time this website is opened with the same user device, the cookie and the information stored in it is either sent back to the website that created it (first-party cookie) or sent to another website it belongs to (third-party cookie). This enables the website to detect that you have opened it previously with this browser and in some cases to vary the displayed content.
Some cookies are extremely useful, as they can improve the user experience on opening a website that you have already visited a number of times. Provided you use the same user device and the same browser as before, cookies remember for example your preferences, how you use a site, and adapt the displayed offerings to be more relevant to your personal interest and needs.
Cookies also allow us to analyze the use of our website. They do not include any personal data and cannot identify you on third-party websites––including those of analytics providers. We use the following types of cookies:
These cookies are essential for the functioning of our website. This includes, for example, issue of anonymous session IDs to summarize multiple queries to a web server, or ensuring fault-free functioning of registrations and orders.
These cookies help us to save your chosen settings or support other functions when you are navigating our website. They allow us, for example, to remember your preferred settings for your next visit or save your login data for certain areas of our Website.
These cookies collect information about how you use our website (e.g. which Internet browser you use, how often you visit our website, which pages you open, or how long you stay on our website). These cookies do not store any information that enables visitors to be personally identified. The information collected with the help of these cookies is aggregated, and thus anonymous.
You can accept or decline cookies––including those used for website tracking––by selecting the appropriate settings for your browser. You can set your browser to notify you when you receive a new cookie, or to decline cookies altogether. However, if you choose to decline cookies you may not be able to use all the features of our website (e.g. for purchasing orders). Your browser also offers you the option to delete cookies (e.g. via the Clear Browsing History function). For further information, please refer to the user help function under Settings in your web browser.
User of Google Analytics
This website uses Google Universal Analytics, a web analysis service offered by Google Inc. (“Google”). Google Universal Analytics uses ‘cookies,’ text files stored on your computer, to help us analyze how you use our website. The information generated by the cookie about your use of this website (including your IP address) is transferred to Google servers in the USA and saved there.
We have activated IP anonymization on this website, so that the IP address of users within EU Member States or other States party to the Agreement on the European Economic Area will be truncated by Google beforehand. Only in exceptional cases is the full IP address sent to Google servers in the USA and truncated there. On behalf of the website provider, Google will use this information for the purpose of analyzing your use of the website, compiling reports on website activity, and providing us with other services relating to website activity and internet usage. Google will not associate the IP address transmitted by your browser within the operations of Google Universal Analytics with any other data held by Google. You may prevent cookies from being installed by selecting the appropriate settings on your browser. However, please note that in this case you may not be able to use the full range of functions of this website. Furthermore, you can prevent Google from collecting and using the data regarding your use of the website generated by the cookies (including your IP address) by downloading and installing the browser plugin from the following link http://tools.google.com/dlpage/gaoptout?hl=de. For more detailed information on the conditions of use and data privacy, go to http://www.google.com/analytics/terms/de.html and/or http://www.google.de/privacy.html.
Please note that this website uses Google Universal Analytics with the code extension “anonymizeIp” to ensure anonymized recording of IP addresses (known as IP masking) and exclude direct personal references.
Standard periods for deletion of data
Legislation has defined numerous data storage periods and obligations. At the end of these periods, the relevant data will be routinely deleted. Data that are not affected by the above storage periods and obligations are deleted or anonymized as soon as the purposes defined in this data privacy statement no longer apply. Unless this data privacy statement includes other deviating provisions for data storage, we will store any data we collect for as long as they are required for the above purposes for which they were collected.
Other data use and deletion of data
Any further processing or use of your personal data will generally only be carried out to the extent permitted on the basis of a legal regulation or where you have consented to data processing or data use. In the case of further processing for other purposes than the ones for which the data were originally collected, we will inform you about these other services and provide you with all other significant information before further processing.
Identification and prosecution of misuse
We will store any information for the identification and prosecution of misuse, in particular your IP address, for a maximum period of 7 days. Legal basis in this case is Art. 6 (1) lit. f GDPR. Our legitimate interest in keeping your data for 7 days is to ensure the functioning of our website and the business transacted via this website and to be able to fight off cyberattacks and similar malicious actions. Where appropriate, we may use anonymous information to tailor the design of our website to user needs.
Rights concerning the processing of
Right of access
On request, you have the right to obtain information from us about the personal data concerning you and processed by us, to the extent defined in Art. 15 GDPR. You can send your request either by mail or email to the addresses given below.
Right to rectification
You have the right to require us to rectify any inaccurate personal data concerning you without undue delay (Art. 16 GDPR). For this purpose, please contact the address given below.
Right to deletion
Where the legal reasons defined in Art. 17 GDPR apply, you have the right to immediate deletion (“right to be forgotten”) of personal data concerning you. These legal reasons include: the personal data are no longer necessary for the purposes for which they were processed, or you withdraw your consent, and there are no other legal grounds for processing; the data subject objects to the processing (and there are no overriding legitimate grounds for processing––does not apply to objections to direct advertising). To assert your above right, please contact the contact address given below.
Right to restriction of processing
If the criteria defined in Art. 18 GDPR are fulfilled, you have the right to restriction of processing as established in the above article of the GDPR. According to this article, restriction of processing may be called for in particular if processing is unlawful and the data subject opposes deletion of the personal data and requests the restriction of their use instead, or if the data subject has objected to processing according to Art. 21 (1) GDPR as long as it is unclear whether our legitimate interest overrides the interest of the data subject. To assert your above right, please contact the contact address given below.
Right to data portability
You have the right to data portability as defined in Art. 20 GDPR. This means you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, and have the right to transmit those data to another controller, such as another service provider. Prerequisite is that processing is based on consent or a contract, and is carried out using automated means. To assert your above right, please contact the contact address given below.
Right to object
You have the right to object at any time under Art. 21 GDPR to processing of personal data concerning you which is based on Art 6 (1) lit. e or f GDPR, on grounds relating to your particular situation. We will desist from processing your personal data unless we can demonstrate compelling legitimate grounds for processing which override your interests, rights, and freedoms, or unless processing is for the establishment, exercise, or defense of legal claims. To assert your above right, please contact the contact address given below.
Complaints to supervisory authorities
ECT takes your reservations and rights very seriously. However, if you are of the opinion that we have not dealt with your complaints or reservations adequately, you have the right to submit a complaint to the data privacy protection authorities responsible.
Contact ECT data protection officer
If you have any questions regarding the use of your personal data, it is best to use the contact form or use the following contact data:
European Computer Telecoms AG
Tel: +49 89 552947-0