Privacy policy

© All rights to the contents of the Privacy Policy are reserved.
According to Art. 13 para. 1 and 2 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as the GDPR), we inform you that:
1. Personal Data Controller
The data controller responsible for the processing of your personal data
Controller, hereinafter referred to as the "Administrator", "We" or "Company", is
Ecotec Deutschland GmbH with its registered office at: 12435 Berlin, Heidelberger Straße 65.
2. Contact Us
Administrator contact details:
Correspondence address: 12435 Berlin, Heidelberger Straße 65
Use of our contact details
The use of contact data published within the scope of the imprint obligation by third parties for the sending of unsolicited advertising and information material is hereby expressly prohibited. The operator expressly reserves the right to take legal action in the event of the unsolicited sending of advertising information, for example by spam mails.
3. The purpose of the data processing by the controller, the legal basis of the processing, the duration of the storage of the personal data and whether the provision of the personal data is a legal or contractual obligation or a prerequisite for entering into a contract
General Provisions
We will only use the personal information we receive for the specific, lawful purposes for which the information was collected. The scope of the personal data, the purpose of its processing, the legal basis for this processing, the duration of the processing and the categories of recipients of the data are set out in this Privacy Policy.
Purpose of processing personal data: Legal basis for processing: Retention period and information on whether the provision of personal data is a legal or contractual obligation or a condition for entering into a contract and whether the data subject is obliged to provide such data and what the possible consequences of not providing it are:
(a) Communication, in particular answering the questions asked via the contact form on https://www.ecotec-deutschland.de/en/contact or by e-mail to us Art. 6, para. 1, letter b) GDPR (acting on your request, i.e. answering the question you have asked, the contact request made by you via the form on the website or by e-mail) Personal data will be stored for the duration of the statutory limitation period of claims if a complaint, request, etc. (usually 3 years, maximum 6 years counted from the termination of the contract/relationship), unless there is another legal basis for further processing, e.g. our processing of the data for the purpose of dealing with possible complaints or inquiries and to comply with the principle of accountability under Article 5 (2) GDPR. The provision of the data is voluntary, but failure to provide it will prevent communication by electronic means.
(b) Communicating with those who contact us via social networks (replying to comments and messages, etc.) Art. 6(1)(f) GDPR (“legitimate interests of the Controller”) The data will be stored for the duration of the existence of the legitimate interest pursued by the Administrator and for the duration of the limitation period for possible claims (in principle 3 years, calculated for a maximum of 6 years from the termination of the relationship/contract). The provision of the data is voluntary, but failure to provide the data prevents communication via social networks.
(c) Marketing of the Administrator’s products and services Art. 6(1)(a) GDPR (your consent to processing) and/or Art. 6(1)(f) GDPR (“legitimate interests of the Controller”) Data will be stored until you withdraw your consent. You can revoke the consent you have given to the Administrator at any time.
(d) the storage of cookies or the use of other similar technologies on your device (PC, laptop, tablet, phone/smartphone, smart TV) Art. 6(1)(a) GDPR (your consent to processing) The data will be stored until the data subject revokes his consent to the further processing of his or her personal data. The provision of the data is not a contractual or legal obligation. Failure to provide the data (blocking the installation of cookies) may result in limited functionality of the website.
(e) Conducting direct marketing for the Administrator’s products and services Art. 6(1)(f) GDPR (“Legitimate interests of the Controller”), which is an independent ground that legalizes the processing of personal data and no consent is required. Recital (47) of the preamble to the GDPR states that ‘the processing of personal data for the purpose of direct marketing may be regarded as an activity carried out in the legitimate interest’. The data will be stored for the duration of the legitimate interest pursued by the Data Controller or until the object is objected to the further processing of personal data for marketing purposes (Art.21 Abs. 3 GDPR). If the data subject objects to the processing of his/her data (e.g. e-mail address, first name, last name, name of the employer) for direct marketing purposes, the personal data will no longer be processed by the Administrator for this purpose.
(f) Conclusion and performance of the contract (including quality assurance) Art. 6(1)(b) GDPR (the data subject is a party to the contract) The data will be stored for the period necessary for the execution, termination or expiry of the contract and settlements, as well as for the period after which any claims become time-barred (usually 3 years, maximum 6 years from the termination of the contract/relationship), unless there is another legal basis for further processing, e.g. for our processing of the data in the context of the processing of possible complaints or claims and to comply with the principle of accountability pursuant to Art. 5 para. 2 of the GDPR. The provision of data is a legal obligation (obligation of the contractual partners), failure to provide the data prevents the conclusion and/or fulfilment of the contract.
(g) Entry, recording and storage of invoices and accounting documents as well as bookkeeping Art. 6(1)(c) GDPR (“Compliance with a legal obligation”) in relation to Art. 74(2) of the Accounting Act and in relation to Art. 86 § 1 of the Tax Ordinance Act. The data will be kept for the period during which the regulations require the retention of books and accounting documents (i.e. for 5 years, calculated from the beginning of the year following the financial year to which the data relate) and for the period after which any tax debts become time-barred. The provision of the data is a legal obligation. Failure to provide it prevents the fulfilment of a legal obligation.
(h) Fraud detection and prevention Art. 6(1)(c) GDPR (“Compliance with a legal obligation”) The data will be stored for the duration of the contract and thereafter for the period after which claims arising from the contract become statute-barred. In the event of claims being asserted by the Administrator or notifying the competent authorities – for the duration of such proceedings and “for 5 years from the beginning of the year following the financial year in which the operations, transactions and proceedings are finally concluded, paid off, settled or time-barred”
(i) respond to complaints within the time and form required by law Art. 6(1)(c) GDPR (“Compliance with a legal obligation”) The data will be stored for a period of 1 year after the expiry of the warranty period or settlement of the claim and thereafter for the duration of the limitation period for any claims. The provision of the data is a contractual requirement, failure to provide the complaint will prevent the fulfilment of the complaint.
(j) establishing, defending against and asserting claims brought by or against the Administrator Art. 6(1)(f) GDPR (“legitimate interests of the Controller”) The data will be stored for the period:

  • according to which claims arising from the contract are time-barred,
  • or ‘statute-barred’,
  • for the period in which the administrator may suffer legal consequences for non-performance of an obligation, e.g. receives a fine,
  • in the event that the administrator asserts claims in civil proceedings or is affected by criminal or tax proceedings, the accounting documents (which may contain personal data) must be kept “for 5 years from the beginning of the year following the financial year in which the operations, transactions and proceedings were finally concluded, settled, settled”. The provision of the data is not a contractual or legal obligation.
(k) to deal with any complaints or requests, processing for archival and security purposes, Art. 6(1)(f) GDPR (“legitimate interests of the Controller”) The data will be stored for the duration of the legitimate interest pursued by the Controller. The data will be stored until the legally binding conclusion of the proceedings and for the duration of the limitation period for possible claims (generally 3 years, maximum 6 years calculated from the termination of the relationship/contract). If the personal data and the content of the correspondence constitute evidence in the proceedings conducted on the basis of the law, or if the Administrator has become aware that they may constitute evidence in the proceedings, the data retention period shall be extended until the final conclusion of the proceedings.
(l) Recruitment Article 6(1)(c) of the GDPR (‘legal obligation of the controller’), the Labour Code, Article 6(1)(a) of the GDPR and Article 9(2)(a) of the GDPR (‘consent of the data subject’) Data will be retained for up to 9 months after the termination of employment. The provision of the data is required by law, failure to provide the data makes it impossible to participate in the recruitment.
(m) Keeping records of employment Article 6(1)(c) of the GDPR (‘legal obligation of the controller’) Data will be stored for a period in accordance with current legislation, i.e. 10 years or 50 years. The provision of the data is required by law, failure to provide it will result in a ban on employment.
4. Data recipients
The Administrator uses the services of external entities that cooperate with him. Personal data will only be transmitted to external bodies if and to the extent that this is necessary for the purpose of the processing. External entities may use the transferred (entrusted) personal data only for the purpose of performing the task assigned by the Controller.
The Administrator is not responsible for the processing of personal data. Personal data may be transferred to the following recipients cooperating with the Administrator:
  • entities providing technical support services to the Administrator and suppliers of IT solutions enabling the Administrator to conduct its business (e.g. software providers, e-mail providers and hosting providers),
  • entities that provide the Administrator with technical support services and suppliers of IT solutions that enable it to conduct its business (e.g. software providers, email providers and hosting providers)
  • entities that provide postal, courier and similar services (e.g. courier brokers) – insofar as this is necessary for the execution of deliveries and correspondence,
  • selected bodies that handle accounting, tax, consulting, translation and legal matters on behalf of the Administrator – insofar as this is necessary to achieve the specific purpose of processing,
5. Transfer of data outside the European Economic Area
Your personal data will not be transferred outside the EEA or made available to international organisations. In exceptional cases, your personal data may also be transferred to third countries, i.e. outside the European Economic Area, if this is necessary for the provision of the services to you or if this is required by another valid legal basis. In this case, the transfer of the data will be carried out on the basis of appropriate safeguards in accordance with data protection laws. You can find out more about these warranties, and how and where you can obtain a copy of them, by contacting us using the contact details provided above.
6. Your rights (rights of the person whose data are processed by the data controller)
To the extent consent is required to process personal data for a specific purpose, the controller obtains such consent. The consent given can be revoked at any time by contacting the Administrator. If the consent is withdrawn, the data will no longer be processed to the extent to which the consent relates, but the withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent before its withdrawal.
If your personal data is processed for direct marketing purposes, you can object to the processing of this data for this purpose at any time. If you wish to exercise the above rights, you should submit a request to the Administrator. The contact details of the administrator can be found in section (2). To ensure that the person making the request is authorized to do so, the Administrator may request additional information confirming the identity of the applicant.
  • entities providing technical support services to the Administrator and suppliers of IT solutions enabling the Administrator to conduct its business (e.g. software providers, e-mail providers and hosting providers),
  • entities that provide the Administrator with technical support services and suppliers of IT solutions that enable it to conduct its business (e.g. software providers, email providers and hosting providers)
  • entities that provide postal, courier and similar services (e.g. courier brokers) – insofar as this is necessary for the execution of deliveries and correspondence,
  • selected bodies that handle accounting, tax, consulting, translation and legal matters on behalf of the Administrator – insofar as this is necessary to achieve the specific purpose of processing,
  • entities providing technical support services to the Administrator and suppliers of IT solutions enabling the Administrator to conduct its business (e.g. software providers, e-mail providers and hosting providers),
  • entities that provide the Administrator with technical support services and suppliers of IT solutions that enable it to conduct its business (e.g. software providers, email providers and hosting providers)
  • entities that provide postal, courier and similar services (e.g. courier brokers) – insofar as this is necessary for the execution of deliveries and correspondence,
  • selected bodies that handle accounting, tax, consulting, translation and legal matters on behalf of the Administrator – insofar as this is necessary to achieve the specific purpose of processing,
If your personal data is processed for direct marketing purposes, you can object to the processing of this data for this purpose at any time.
If you wish to exercise the above rights, you should submit a request to the Administrator. The contact details of the administrator can be found in section (2). To ensure that the person making the request is authorized to do so, the Administrator may request additional information confirming the identity of the applicant.
The Data Controller is obliged to provide the relevant information in writing. The provisions of the GDPR specify the extent to which each of these rights can be exercised. This depends, in particular, on the legal basis and purpose of the processing of personal data by the Administrator.
You also have the right to lodge a complaint with the supervisory authority, i.e. the Office for Personal Data Protection, if you consider that the processing of your personal data is unlawful.
8. etracker
Our server stores certain information that your browser automatically transmits. This applies in particular to the following data:
  • the IP address of your device,
  • time and date of the server request,
  • Information about the browser you are using (type/name, version),
  • Operating system
  • Referring URL,
The data from the server log files is evaluated to:
  • the IP address of your device,
  • time and date of the server request,
  • Information about the browser you are using (type/name, version),
  • Operating system
  • Referring URL,
We cannot assign this information to a specific person; this information is not merged with other data sources. However, we reserve the right to review this data retrospectively if we have reasonable grounds to suspect a violation of the law.

8. etracker
Our website uses services of etracker GmbH from Hamburg, Germany (www.etracker.com) for the analysis of usage data. We do not use cookies for web analysis by default. If we use analysis and optimisation cookies, we will obtain your explicit consent separately in advance. If this is the case and you agree, cookies will be used to enable a statistical reach analysis of this website, a measurement of the success of our online marketing measures as well as test procedures, e.g. to test and optimise different versions of our online offer or its components. Cookies are small text files that are stored by the Internet browser on the user’s end device. etracker cookies do not contain any information that would allow a user to be identified.

The data generated with etracker is processed and stored by etracker exclusively in Germany on behalf of the provider of this website and is therefore subject to the strict German and European data protection laws and standards. In this respect, etracker has been independently audited, certified and awarded the ePrivacyseal data protection seal of approval.

Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 lit. f (legitimate interest) of the General Data Protection Regulation (GDPR). Our concern within the meaning of the GDPR (legitimate interest) is the optimisation of our online offer and our website. Since the privacy of our visitors is important to us, the data that may allow a reference to a single person, such as the IP address, login or device identifiers, will be anonymized or pseudonymized as soon as possible. It will not be used, merged with other data or passed on to third parties.

You can object to the data processing described above at any time by clicking on the slider. The objection has no adverse consequences. If no slider is displayed, data collection is already prevented by other blocking measures.

Further information on data protection at etracker can be found here.

9. Cookies
Our website may use “cookies” to identify returning users. A “cookie” is a small text file that is stored on the hard drive of a user’s computer. It is not capable of reading data from your computer. Most browsers are set to accept cookies. You can disable this feature or make sure that your browser asks you for permission every time it sets a cookie.

10. Automated decision-making and profiling
Personal data will not be used for automated decision-making that has legal consequences for you, including profiling.

11. Final Provisions
The administrator’s websites may contain links (references) to external websites of third parties, the content of which we have no influence on. Therefore, we cannot assume any liability for this third-party content. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible violations of the law at the time of linking. Illegal content was not recognizable at the time of linking. However, a permanent control of the content of the linked pages is not reasonable without concrete indications of a violation of the law. If we become aware of any violations of the law, we will remove such links immediately.

© This document is protected by copyright. The author as the creator has the exclusive personal and property rights and has these rights. The document is a “trade secret” of the author within the meaning of the Act on Combating Unfair Competition. The document has been created only for the use of the recipient of the document (customer). The author does not permit any other use, use, reproduction, distribution or resale of this document or parts of it without his prior written consent. Violation of the above conditions may result in liability, including criminal liability, under the Act on Combating Unfair Competition, the Criminal Code Act and/or the Act on Copyright and Related Rights. In particular, but not exclusively, the author has the right to demand that the prohibited acts be stopped, that the consequences of the prohibited acts be eliminated, that the damage suffered be remedied, that the benefits wrongly obtained be restituted, and that one or more declarations by the author be made with appropriate content and form. In addition, without the prior written consent of the author, it is prohibited to send or otherwise make available this document to persons or entities that may provide services that compete with those of the author – e.g. lawyers, auditors, consultants, IT specialists, consultants, accountants, auditors, legal advisors, lecturers, trainers, etc.