Privacy policy
The data controller responsible for the processing of your personal data
Controller, hereinafter referred to as the "Administrator", "We" or "Company", is
Ecotec Deutschland GmbH with its registered office at: 12435 Berlin, Heidelberger Straße 65.
Administrator contact details:
The use of contact data published within the scope of the imprint obligation by third parties for the sending of unsolicited advertising and information material is hereby expressly prohibited. The operator expressly reserves the right to take legal action in the event of the unsolicited sending of advertising information, for example by spam mails.
We will only use the personal information we receive for the specific, lawful purposes for which the information was collected. The scope of the personal data, the purpose of its processing, the legal basis for this processing, the duration of the processing and the categories of recipients of the data are set out in this Privacy Policy.
Purpose of processing personal data: | Legal basis for processing: | Retention period and information on whether the provision of personal data is a legal or contractual obligation or a condition for entering into a contract and whether the data subject is obliged to provide such data and what the possible consequences of not providing it are: |
---|---|---|
(a) Communication, in particular answering the questions asked via the contact form on https://www.ecotec-deutschland.de/en/contact or by e-mail to us | Art. 6, para. 1, letter b) GDPR (acting on your request, i.e. answering the question you have asked, the contact request made by you via the form on the website or by e-mail) | Personal data will be stored for the duration of the statutory limitation period of claims if a complaint, request, etc. (usually 3 years, maximum 6 years counted from the termination of the contract/relationship), unless there is another legal basis for further processing, e.g. our processing of the data for the purpose of dealing with possible complaints or inquiries and to comply with the principle of accountability under Article 5 (2) GDPR. The provision of the data is voluntary, but failure to provide it will prevent communication by electronic means. |
(b) Communicating with those who contact us via social networks (replying to comments and messages, etc.) | Art. 6(1)(f) GDPR (“legitimate interests of the Controller”) | The data will be stored for the duration of the existence of the legitimate interest pursued by the Administrator and for the duration of the limitation period for possible claims (in principle 3 years, calculated for a maximum of 6 years from the termination of the relationship/contract). The provision of the data is voluntary, but failure to provide the data prevents communication via social networks. |
(c) Marketing of the Administrator’s products and services | Art. 6(1)(a) GDPR (your consent to processing) and/or Art. 6(1)(f) GDPR (“legitimate interests of the Controller”) | Data will be stored until you withdraw your consent. You can revoke the consent you have given to the Administrator at any time. |
(d) the storage of cookies or the use of other similar technologies on your device (PC, laptop, tablet, phone/smartphone, smart TV) | Art. 6(1)(a) GDPR (your consent to processing) | The data will be stored until the data subject revokes his consent to the further processing of his or her personal data. The provision of the data is not a contractual or legal obligation. Failure to provide the data (blocking the installation of cookies) may result in limited functionality of the website. |
(e) Conducting direct marketing for the Administrator’s products and services | Art. 6(1)(f) GDPR (“Legitimate interests of the Controller”), which is an independent ground that legalizes the processing of personal data and no consent is required. Recital (47) of the preamble to the GDPR states that ‘the processing of personal data for the purpose of direct marketing may be regarded as an activity carried out in the legitimate interest’. | The data will be stored for the duration of the legitimate interest pursued by the Data Controller or until the object is objected to the further processing of personal data for marketing purposes (Art.21 Abs. 3 GDPR). If the data subject objects to the processing of his/her data (e.g. e-mail address, first name, last name, name of the employer) for direct marketing purposes, the personal data will no longer be processed by the Administrator for this purpose. |
(f) Conclusion and performance of the contract (including quality assurance) | Art. 6(1)(b) GDPR (the data subject is a party to the contract) | The data will be stored for the period necessary for the execution, termination or expiry of the contract and settlements, as well as for the period after which any claims become time-barred (usually 3 years, maximum 6 years from the termination of the contract/relationship), unless there is another legal basis for further processing, e.g. for our processing of the data in the context of the processing of possible complaints or claims and to comply with the principle of accountability pursuant to Art. 5 para. 2 of the GDPR. The provision of data is a legal obligation (obligation of the contractual partners), failure to provide the data prevents the conclusion and/or fulfilment of the contract. |
(g) Entry, recording and storage of invoices and accounting documents as well as bookkeeping | Art. 6(1)(c) GDPR (“Compliance with a legal obligation”) in relation to Art. 74(2) of the Accounting Act and in relation to Art. 86 § 1 of the Tax Ordinance Act. | The data will be kept for the period during which the regulations require the retention of books and accounting documents (i.e. for 5 years, calculated from the beginning of the year following the financial year to which the data relate) and for the period after which any tax debts become time-barred. The provision of the data is a legal obligation. Failure to provide it prevents the fulfilment of a legal obligation. |
(h) Fraud detection and prevention | Art. 6(1)(c) GDPR (“Compliance with a legal obligation”) | The data will be stored for the duration of the contract and thereafter for the period after which claims arising from the contract become statute-barred. In the event of claims being asserted by the Administrator or notifying the competent authorities – for the duration of such proceedings and “for 5 years from the beginning of the year following the financial year in which the operations, transactions and proceedings are finally concluded, paid off, settled or time-barred” |
(i) respond to complaints within the time and form required by law | Art. 6(1)(c) GDPR (“Compliance with a legal obligation”) | The data will be stored for a period of 1 year after the expiry of the warranty period or settlement of the claim and thereafter for the duration of the limitation period for any claims. The provision of the data is a contractual requirement, failure to provide the complaint will prevent the fulfilment of the complaint. |
(j) establishing, defending against and asserting claims brought by or against the Administrator | Art. 6(1)(f) GDPR (“legitimate interests of the Controller”) | The data will be stored for the period:
|
(k) to deal with any complaints or requests, processing for archival and security purposes, | Art. 6(1)(f) GDPR (“legitimate interests of the Controller”) | The data will be stored for the duration of the legitimate interest pursued by the Controller. The data will be stored until the legally binding conclusion of the proceedings and for the duration of the limitation period for possible claims (generally 3 years, maximum 6 years calculated from the termination of the relationship/contract). If the personal data and the content of the correspondence constitute evidence in the proceedings conducted on the basis of the law, or if the Administrator has become aware that they may constitute evidence in the proceedings, the data retention period shall be extended until the final conclusion of the proceedings. |
(l) Recruitment | Article 6(1)(c) of the GDPR (‘legal obligation of the controller’), the Labour Code, Article 6(1)(a) of the GDPR and Article 9(2)(a) of the GDPR (‘consent of the data subject’) | Data will be retained for up to 9 months after the termination of employment. The provision of the data is required by law, failure to provide the data makes it impossible to participate in the recruitment. |
(m) Keeping records of employment | Article 6(1)(c) of the GDPR (‘legal obligation of the controller’) | Data will be stored for a period in accordance with current legislation, i.e. 10 years or 50 years. The provision of the data is required by law, failure to provide it will result in a ban on employment. |
The Administrator uses the services of external entities that cooperate with him. Personal data will only be transmitted to external bodies if and to the extent that this is necessary for the purpose of the processing. External entities may use the transferred (entrusted) personal data only for the purpose of performing the task assigned by the Controller.
- entities providing technical support services to the Administrator and suppliers of IT solutions enabling the Administrator to conduct its business (e.g. software providers, e-mail providers and hosting providers),
- entities that provide the Administrator with technical support services and suppliers of IT solutions that enable it to conduct its business (e.g. software providers, email providers and hosting providers)
- entities that provide postal, courier and similar services (e.g. courier brokers) – insofar as this is necessary for the execution of deliveries and correspondence,
- selected bodies that handle accounting, tax, consulting, translation and legal matters on behalf of the Administrator – insofar as this is necessary to achieve the specific purpose of processing,
Your personal data will not be transferred outside the EEA or made available to international organisations. In exceptional cases, your personal data may also be transferred to third countries, i.e. outside the European Economic Area, if this is necessary for the provision of the services to you or if this is required by another valid legal basis. In this case, the transfer of the data will be carried out on the basis of appropriate safeguards in accordance with data protection laws. You can find out more about these warranties, and how and where you can obtain a copy of them, by contacting us using the contact details provided above.
To the extent consent is required to process personal data for a specific purpose, the controller obtains such consent. The consent given can be revoked at any time by contacting the Administrator. If the consent is withdrawn, the data will no longer be processed to the extent to which the consent relates, but the withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent before its withdrawal.
- entities providing technical support services to the Administrator and suppliers of IT solutions enabling the Administrator to conduct its business (e.g. software providers, e-mail providers and hosting providers),
- entities that provide the Administrator with technical support services and suppliers of IT solutions that enable it to conduct its business (e.g. software providers, email providers and hosting providers)
- entities that provide postal, courier and similar services (e.g. courier brokers) – insofar as this is necessary for the execution of deliveries and correspondence,
- selected bodies that handle accounting, tax, consulting, translation and legal matters on behalf of the Administrator – insofar as this is necessary to achieve the specific purpose of processing,
- entities providing technical support services to the Administrator and suppliers of IT solutions enabling the Administrator to conduct its business (e.g. software providers, e-mail providers and hosting providers),
- entities that provide the Administrator with technical support services and suppliers of IT solutions that enable it to conduct its business (e.g. software providers, email providers and hosting providers)
- entities that provide postal, courier and similar services (e.g. courier brokers) – insofar as this is necessary for the execution of deliveries and correspondence,
- selected bodies that handle accounting, tax, consulting, translation and legal matters on behalf of the Administrator – insofar as this is necessary to achieve the specific purpose of processing,
You also have the right to lodge a complaint with the supervisory authority, i.e. the Office for Personal Data Protection, if you consider that the processing of your personal data is unlawful.
Our server stores certain information that your browser automatically transmits. This applies in particular to the following data:
- the IP address of your device,
- time and date of the server request,
- Information about the browser you are using (type/name, version),
- Operating system
- Referring URL,
- the IP address of your device,
- time and date of the server request,
- Information about the browser you are using (type/name, version),
- Operating system
- Referring URL,
8. etracker
Our website uses services of etracker GmbH from Hamburg, Germany (www.etracker.com) for the analysis of usage data. We do not use cookies for web analysis by default. If we use analysis and optimisation cookies, we will obtain your explicit consent separately in advance. If this is the case and you agree, cookies will be used to enable a statistical reach analysis of this website, a measurement of the success of our online marketing measures as well as test procedures, e.g. to test and optimise different versions of our online offer or its components. Cookies are small text files that are stored by the Internet browser on the user’s end device. etracker cookies do not contain any information that would allow a user to be identified.
The data generated with etracker is processed and stored by etracker exclusively in Germany on behalf of the provider of this website and is therefore subject to the strict German and European data protection laws and standards. In this respect, etracker has been independently audited, certified and awarded the ePrivacyseal data protection seal of approval.
Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 lit. f (legitimate interest) of the General Data Protection Regulation (GDPR). Our concern within the meaning of the GDPR (legitimate interest) is the optimisation of our online offer and our website. Since the privacy of our visitors is important to us, the data that may allow a reference to a single person, such as the IP address, login or device identifiers, will be anonymized or pseudonymized as soon as possible. It will not be used, merged with other data or passed on to third parties.
You can object to the data processing described above at any time by clicking on the slider. The objection has no adverse consequences. If no slider is displayed, data collection is already prevented by other blocking measures.
Further information on data protection at etracker can be found here.
9. Cookies
Our website may use “cookies” to identify returning users. A “cookie” is a small text file that is stored on the hard drive of a user’s computer. It is not capable of reading data from your computer. Most browsers are set to accept cookies. You can disable this feature or make sure that your browser asks you for permission every time it sets a cookie.
10. Automated decision-making and profiling
Personal data will not be used for automated decision-making that has legal consequences for you, including profiling.
11. Final Provisions
The administrator’s websites may contain links (references) to external websites of third parties, the content of which we have no influence on. Therefore, we cannot assume any liability for this third-party content. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible violations of the law at the time of linking. Illegal content was not recognizable at the time of linking. However, a permanent control of the content of the linked pages is not reasonable without concrete indications of a violation of the law. If we become aware of any violations of the law, we will remove such links immediately.
© This document is protected by copyright. The author as the creator has the exclusive personal and property rights and has these rights. The document is a “trade secret” of the author within the meaning of the Act on Combating Unfair Competition. The document has been created only for the use of the recipient of the document (customer). The author does not permit any other use, use, reproduction, distribution or resale of this document or parts of it without his prior written consent. Violation of the above conditions may result in liability, including criminal liability, under the Act on Combating Unfair Competition, the Criminal Code Act and/or the Act on Copyright and Related Rights. In particular, but not exclusively, the author has the right to demand that the prohibited acts be stopped, that the consequences of the prohibited acts be eliminated, that the damage suffered be remedied, that the benefits wrongly obtained be restituted, and that one or more declarations by the author be made with appropriate content and form. In addition, without the prior written consent of the author, it is prohibited to send or otherwise make available this document to persons or entities that may provide services that compete with those of the author – e.g. lawyers, auditors, consultants, IT specialists, consultants, accountants, auditors, legal advisors, lecturers, trainers, etc.