Data protection

Data policy privacy

Data protection information on the use of our website

This information pursuant to Art. 13 et seq. GDPR on data protection serve the information obligation when collecting personal data on our website.

The protection of your privacy is of crucial importance to our company and we are committed to handling your personal data in a responsible and trustworthy manner. With the following data protection information, we would like to give you a better understanding of how we collect, use, protect and pass on your personal data when you visit our websites, use our offers via our website and manage our relationships with interested parties and customers. 

1. name and contact details of the person responsible

ZARGES GmbH
Zargesstr. 7
82362 Weilheim
Germany

Phone: +49 (0) 881 687-0
E-mail: zarges@zarges.de

(hereinafter referred to as "ZARGES", "we", "us").

2. contact details of the data protection officer:

Holzhofer Consulting GmbH
Martin Holzhofer
Lochhamer Str. 31
82152 Planegg

Tel.: (0 89) 1 25 01 56 00
E-mail: datenschutzbeauftragter-zarges@holzhofer-consulting.de

3. the purposes for which the personal data are to be processed and the legal basis for the processing

3.1 Processing of access data

For technical reasons, we process a limited amount of data (so-called connection data) every time you access our website. This data is technically necessary in order to establish and execute a connection between your end device and our servers. This data is processed in the main memory of the web server for the duration of the connection:

The following data or data categories are collected:

  • IP address
  • MAC address
  • Source port of the calling device or a gateway (e.g. firewall or proxy)
  • Timestamp (date and time) of the retrieval
  • Amount of data transferred
  • Operating system used
  • Message whether the request was successful (via HTTP error code)
  • Message as to why a request may have failed (via HTTP error code)
  • Referrer (website from which our main page or subpages were accessed)
  • User agent (browser type with which you access our website and version)
  • Width and height of the display screen
  • Language settings of your browser

The IP address, time stamp, HTTP error code, referrer and user agent are automatically logged when our websites are accessed in order to ensure the functionality and protection of our websites. The logs are also used to optimise the website. Your IP address is only processed further in the logs in abbreviated form and is therefore anonymised. It is not possible for us to create user profiles with personal references with this data.

The processing is carried out on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.  A balancing of interests was carried out and came to the conclusion that the processing is necessary to safeguard our legitimate interests and that these outweigh your interests, fundamental rights and freedoms that require the protection of personal data.

3.2 Cookies and related technologies

3.2.1 General information

This website partly uses so-called cookies and related technologies (e.g. scripts). Cookies do not damage your computer and do not contain viruses. Cookies are used to make our website more user-friendly, effective and secure. These are small text files that are stored on your end device and saved by your browser, for example to "remember" information about you, such as your language settings or login information. Some of these cookies are set by us and are referred to as first-party cookies. We also use third-party cookies and related technologies that originate from a domain other than that of the website you are visiting.

By selecting the appropriate technical settings in your Internet browser, you can be notified before cookies are set and decide whether to accept them individually and prevent the storage of cookies and transmission of the data they contain. Cookies that have already been saved can be deleted at any time. However, we would like to point out that you may then not be able to use all the functions of this website to their full extent.

You can find out how to manage (including deactivating) cookies in the most important browsers by clicking on the links below:

We basically distinguish between the following categories:

  • Technically necessary cookies and related technologies ("Essential")
  • Statistics cookies and related technologies
  • Marketing cookies and related technologies
  • Social media cookies and related technologies

Further information on the individual categories and the option of rejecting each category (with the exception of those that are technically necessary) can also be found in the "Data protection settings" under the following link:

Data protection settings

3.2.2 Technically required cookies and related technologies

Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Such cookies are technically essential for the operation of the website and to provide the service requested by the user and therefore cannot be deactivated.

The processing is carried out on the basis of our legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offer in accordance with Art. 6 para. 1 lit. f GDPR.  A balancing of interests was carried out and came to the conclusion that the processing is necessary to safeguard our legitimate interests and that these outweigh your interests, fundamental rights and freedoms that require the protection of personal data.

You can view and change the cookie settings here.

3.2.3 Cookies requiring consent such as analysis and tracking cookies and related technologies (e.g. tracking scripts)

Advertising, marketing and analysis tools from third-party providers are also integrated on our website. These are not technically necessary for the operation of the website, but serve, for example, to record the behaviour of the user, to display advertising tailored to this behaviour or to enable an analysis of the use of our website (e.g. Google Analytics, Google Ads / DoubleClick and LinkedIn Ads).

An overview of all third-party services integrated on the website, as well as detailed information on each of these services, can be found in section 11.

3.3 Processing in connection with the use of our contact form or when contacting us by e-mail

When contacting us via the contact form and other forms on our website (

www.zarges.com/de/kontakt/), the information you provide will only be stored for the purpose of processing and answering the enquiry and for possible follow-up enquiries and, if necessary, for further advice.

The following data or data categories are collected and processed:

  • Company
  • First name, surname
  • E-mail address
  • Telephone number (optional)
  • Street/house number
  • Postcode
  • Place
  • Country
  • Language
  • Industry
  • Customised message

If you contact us by e-mail on your own initiative, we will only collect your personal data (name, e-mail address, individual message) to the extent provided by you. The data processing serves to process and respond to your contact enquiry.

The legal basis for the processing of your data is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. A balancing of interests was carried out and came to the conclusion that the interests of the data subjects do not outweigh our interests in the processing. In this case, we have a legitimate interest in responding to your enquiry and, if necessary, in carrying out pre-contractual measures (e.g. advice on purchase interest, preparation of offers) with business customers, for which the processing of the data and data categories mentioned here is necessary.

If the contact is made for the purpose of implementing pre-contractual measures with private end customers or concerns a contract already concluded between the data subject and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.

3.4 Processing in connection with an order

In the ZARGES online shop you have the option of ordering various products (e.g. access equipment, crates or logistics products) from our range.

In order to be able to process and fulfil your orders, we and any third parties or processors commissioned by us process the following data from you, insofar as you have provided us with this data as part of the order or in the course of the contractual relationship:

  • Surname, first name of the client and, if applicable, the recipient of the goods
  • E-mail address
  • Company (voluntary information) of the client and, if applicable, the recipient of the goods
  • Street and house number of the client and, if applicable, the recipient of the goods
  • City of the client and, if applicable, the recipient of the goods
  • Postcode of the customer and, if applicable, the recipient of the goods
  • Country of the client and, if applicable, the recipient of the goods
  • Telephone number
  • Payment information depending on the selected payment method (e.g. bank details such as IBAN, bank, account holder or credit card information / credit card number)
  • Order number/reference

The data collected when the order is placed is processed exclusively for the purpose described above. The provision of this data is necessary for the conclusion of the contract. If you do not provide us with this information, a contract will not be concluded with us. All other information is voluntary.

The legal basis for the processing of your data is Art. 6 para. 1 lit. b GDPR (for contracts with natural persons) or Art. 6 para. 1 lit. f GDPR (for contracts with legal persons). Accordingly, the processing is necessary for the fulfilment of a contract.

If the legal basis for the processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR, a balancing of interests was carried out and came to the conclusion that the interests of the data subjects do not outweigh our interests in the fulfilment of the contracts. In the present case, we have a legitimate interest in the fulfilment and processing of contractual obligations with our business customers, for which the processing of the data and data categories mentioned here is necessary.

3.5 Processing in connection with the creation of a customer account

On our website, you also have the option of creating an ongoing customer account with us by completing the registration form at https://www.zarges.com/de/produkte/customer/account/create/ or directly during the order process. The associated processing serves the purpose of improving your shopping experience, providing certain functions and simplifying order processing.

The following data or data categories are collected and processed:

  • First name, surname
  • E-mail address
  • password

We store the data collected during registration for as long as you are registered on our website. Your data will be deleted if you cancel your registration or revoke your consent. Statutory retention periods remain unaffected.

The legal basis for the processing of your data is your voluntary and informed consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. The consent to be given is given by the fact that the creation of a customer account is voluntary and, in particular, an order can also be completed as a guest and thus without the creation of an ongoing customer account. You can revoke your consent at any time and without giving reasons by notifying us, without affecting the legality of the processing carried out on the basis of the consent until the revocation. Your customer account will then be deleted in accordance with data protection regulations.

3.6 Processing in connection with a whitepaper download

You can download so-called white papers from our website by filling out a corresponding form (e.g. at https://www.zarges.com/de/was-bei-der-auswahl-des-richtigen-steiggeraets-zu-beachten-ist/), which you can use to find out about topics such as tips on purchasing ladders & work platforms.

The following data or data categories must be provided in order to make the download available:

  • Surname, first name
  • E-mail address
  • Company/Company
  • Postcode/city
  • Industry (voluntary information)
  • Department (optional)

The information you provide will only be used to provide the corresponding white paper. The legal basis for the processing of your data is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. A balancing of interests was carried out and came to the conclusion that the interests of the data subjects do not outweigh our interests in the processing. In this case, we have a legitimate interest in providing users with special content as part of a white paper, for which the processing of the data and data categories mentioned here is necessary.

You also have the option of subscribing to our e-mail newsletter by ticking the corresponding checkbox below the form. This is done on the basis of your voluntary and informed consent. Detailed information on this can be found in section 3.8.

3.7 Processing in connection with registration for seminars and online events (e.g. ZARGES e-learning)

If you use our seminars and training courses (e-learning or face-to-face seminars) and register for them using the corresponding registration forms at www.zarges.com/de/services/seminare-schulungen/, we process the following data or data categories for the planning and implementation of the seminars and, if applicable, for the creation and sending of personalised certificates of participation:

Data of the client:

  • Company
  • Street/house number
  • Postcode
  • Location
  • Country
  • Language
  • Customer number (voluntary information)
  • Tax number (voluntary information)
  • Contact person
  • Telephone number
  • e-mail address
    ​​​

Data of the participants:

  • Salutation
  • Surname, first name
  • e-mail address
  • Function
  • Date of birth

The data collected during registration will be processed exclusively for the purpose of carrying out the registration and planning the corresponding event (e.g. seminars and training courses). The legal basis for the processing of your data is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. A balancing of interests was carried out and came to the conclusion that the interests of the data subjects do not outweigh our interests in the processing. In the present case, we have a legitimate interest in the organisation and planning of seminars and training courses and the associated conclusion of contracts with business customers, for which the registration procedure and the associated processing of the data and data categories mentioned here is necessary.

If the data collected during registration is used to carry out the registration and planning of the corresponding event and to conclude contracts with natural persons, the data is processed in accordance with Art. 6 para. 1 lit. b GDPR for the fulfilment of a contract.

3.8 Processing in connection with the newsletter registration

If you would like to receive regular information about new products and services or other interesting topics, ZARGES offers you the option of receiving a newsletter ("ZARGES Newsletter").

You can subscribe to our newsletter by completing the relevant registration form at https://www.zarges.com/de/newsletter/ or by ticking the relevant checkbox under the various forms (e.g. contact form). You will then receive an activation link to the e-mail address provided, which you must click on to complete the registration (so-called double opt-in procedure).

Your subscription to the newsletter only becomes active when you click on the activation link. If you do not click on the link, your data will be automatically deleted after 30 days. This ensures that no third party has misused your personal data.

The following data or data categories are collected and processed:

  • First name
  • Surname
  • e-mail address
  • Company
  • Industry
  • Language

The legal basis for the processing is Art. 6 para. 1 lit. a GDPR, i.e. your express and voluntary consent in combination with the double opt-in procedure.

You can revoke your consent at any time and without giving reasons. You have various options for doing so:

  • You can unsubscribe by clicking on the "Unsubscribe" button, which can be found in every newsletter.
  • You can send an informal e-mail with your cancellation request to zarges@zarges.de.

If you have given your consent to receive a newsletter, the provision of your e-mail address is mandatory. If you do not provide us with this, we will not be able to send you the requested information. All other data is voluntary.
 

4. obligation to provide the data

As a rule, the provision of the personal data mentioned in section 3 is neither legally nor contractually required. You are not obliged to provide the data. Failure to provide it therefore has no consequences. This only applies if no other information is provided in the respective processing operations.

5. automated decision-making including profiling

ZARGES GmbH does not make automated decisions in individual cases, including profiling in accordance with Art. 22 (1) and (4) GDPR.

6. data transfer to a third country

Data is transferred to countries outside the EU and the European Economic Area ("third countries") as part of the administration, development and operation of IT systems. The transfer only takes place on the basis of:

  • an adequacy decision of the European Commission within the meaning of Art. 45 GDPR.
  • an approved certification mechanism pursuant to Art. 42 GDPR together with legally binding and enforceable obligations of the controller or processor in the third country.
  • of standard data protection clauses adopted by the Commission in accordance with the review procedure under Art. 93 (2) GDPR.

When using our website, personal data is currently transferred to third countries through the use of third-party services in the following cases:

  • Transmission of data to Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
  • Transmission of data to YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.
  • Transmission of data to LinkedIn Corp, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA.
  • Transmission of data to Meta Platforms, Inc, 1 Hacker Way, Menlo Park, CA 94025, USA.
  • Transmission of data to PayPal Inc, 2211 N 1st St San Jose, CA 95131, USA.
  • Transmission of data to InnoCraft Ltd, 7 Waterloo Quay PO625, 6140 Wellington, New Zealand.
  • Salesforce, Inc. Salesforce Tower, 415 Mission Street, 3rd Floor, San Francisco, CA 94105, USA

The websites and logs are located exclusively on servers in Germany.

7. categories of recipients of data and data sources

7.1 Categories of recipients of data 

To the extent permitted by law, we pass on personal data to external parties:

  • Credit institutions and providers of payment services for billing and processing payments (e.g. PayPal).
  • Shipping service provider
  • Lawyers for the defence and enforcement of claims
  • Tax consultant for financial accounting and preparation of balance sheets
  • debt collection service providers and competent courts in order to collect receivables and enforce claims in court. If personal data (customer and contact data, payment data and data on the claim) is transferred to a debt collection service provider in the event of debt collection, we will inform you in advance of the intended transfer.

We use the following categories of recipients as processors within the meaning of Art. 28 GDPR to process personal data for the purposes stated here:

  • Provider of servers for the purpose of hosting our websites
  • IT service provider for the maintenance of our IT infrastructure
  • Providers of marketing, analysis and other services (e.g. Google, LinkedIn and YouTube)
  • Service provider for e-mail marketing tool
  • Service provider for order processing
  • Other processors within the meaning of Art. 28 GDPR in the course of order processing

These service providers process information about you on our behalf and on the basis of our instructions and are contractually obliged to comply with the applicable data protection laws within the meaning of Art. 28 GDPR.

Other recipients are affiliated companies within the ZARGES Group. Areas of our group of companies perform certain data processing tasks centrally for the affiliated companies in the group. Your data may be processed centrally within the Group, for example for the central administration of address data, for telephone customer service, for contract and service processing, for collection and disbursement or for joint mail processing.

The affiliated companies in the Group are

  • Werner Co.

Your data will also be passed on if we are legally obliged to do so.

7.2 Data sources

As a rule, we process personal data that we have received from our customers and interested parties as part of our business relationships.

In the present case, we have received all data from you in connection with the use of our website, registration in our online shop and the associated placing of orders by you.

8. storage duration and criteria for determining the duration

Personal data will only be stored for as long as is necessary to fulfil the purposes stated here or for as long as the retention periods stipulated by law require. After the respective purpose no longer applies or after the retention periods have expired, the data will be deleted in accordance with the statutory provisions.

We store your data for the period of the existing contract and after termination of the contract with you, initially for the duration of the warranty period or for a period until receipt of the tax assessment notice for the year in which the contract was terminated. In the event that the tax assessment is not final, the data will be stored until the full tax audit has been completed. In addition, we may store your data for the duration of the settlement of legal disputes and the assertion, exercise or defence of legal claims. If there are statutory retention periods, we are obliged to store the data until these periods expire. After expiry of the statutory retention obligations, which arise primarily from commercial and tax law (in particular §§ 147 AO and 257 HGB), we delete this data again.

We store your data for advertising purposes until you object to its use, you withdraw your consent or contacting you is no longer permitted by law.  We store your other data for as long as we need it to fulfil the specific purpose (e.g. to fulfil or process a contract) and delete it once the purpose no longer applies.

In this case, all connection data is automatically deleted from the web server's memory shortly after the end of the connection. The anonymised access logs are stored for 31 days. In the event that parts of the access logs are required for the purpose of preserving evidence, these are excluded from deletion until the respective incident has been finally clarified.

9. information on your rights as a data subject

ZARGES GmbH is responsible for the processing of your data, unless otherwise stated.

You can request information from us at any time (Art. 15 GDPR) about the data stored about you and its correction (Art. 16 GDPR) in the event of errors. You can also request the restriction of processing (Art. 18 GDPR), the portability (Art. 20 GDPR) of the data you have provided to us in a machine-readable format or the erasure of your data (Art. 17 GDPR) - insofar as it is no longer required.

You also have the right to object at any time to the use of your data based on public or legitimate interests (Art. 21 GDPR).

If we process your data on the basis of your consent, you can revoke this consent at any time with effect for the future (Art. 7 para. 3 GDPR). Upon receipt of your revocation, we will no longer process your data for the purposes specified in the consent.

If you wish to make use of your rights as a data subject, please send your request by e-mail to zarges@zarges.de or by post to the address given in point 1.

10. right to lodge a complaint with a supervisory authority

You can also lodge a complaint with a supervisory authority at any time in accordance with Art. 77 (1) GDPR. For us, the

Bavarian State Office for Data Protection Supervision, Promenade 18, 91522 Ansbach, P.O. Box 1349, 91504 Ansbach, e-mail: poststelle@lda.bayern.de, telephone: +49 (0) 981 180093-0, responsible.

Alternatively, you can contact your local supervisory authority.

11. data protection information for all third-party services integrated on this website

11.1 Data protection notice on the use of Google Analytics

This website uses Google Analytics, a web analysis service of Google Inc. LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

Google Analytics uses technologies such as cookies, web storage in the browser and tracking pixels that enable your use of the website to be analysed.  The following information may be collected in the process:

  • Host name of the accessing computer (IP address)
  • Browser type/version
  • operating system used,
  • Referrer URL (the previously visited page),
  • Click path
  • Date and time of the server request
  • Location data
  • Purchasing activities

Your data may be linked by Google with other data, such as your search history, your personal accounts, your usage data from other devices and all other data that Google has about you.

The storage period for the data generated by Google Analytics is 14 months. After this period, all data is automatically deleted. We have also added the code "anonymiseIP" to Google Analytics on this website.

The data generated about your use of this website is generally transferred to a Google server in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission within the meaning of Art. 45 para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified in accordance with the DPF, the level of data protection is therefore considered adequate. Google has certified itself in accordance with the DPF and has therefore undertaken to comply with European data protection principles.

The data processing serves the purpose of analysing this website and its visitors as well as for marketing and advertising purposes. On behalf of the operator of this website, Google will therefore use this information to analyse your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de 

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 (1) TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You give the corresponding consent via the consent banner.

Further information on how Google Analytics handles user data can be found under the following links:

https://support.google.com/analytics/answer/6004245?hl=de

https://www.google.com/analytics/terms/de.html

https://www.google.de/intl/de/policies/

11.2 Data protection notice on the use of Google Tag Manager

This website uses the Google Tag Manager of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

This service allows website tags to be managed via an interface. This application is used to manage JavaScript tags and HTML tags that are used to implement tracking and analysis tools in particular. The purpose of data processing is to design and optimise our website in line with requirements. The Google Tool Manager only implements tags. This means that no cookies are used and, as a rule, no data is collected. The Google Tag Manager triggers other tags, which in turn may collect data. However, the Google Tag Manager does not access this data. If deactivation has been carried out at domain or cookie level, it remains in place for all tracking tags, provided they are implemented with Google Tag Manager.

However, Google Tag Manager records your IP address, which may be transmitted to a Google server in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission within the meaning of Art. 45 para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified in accordance with the DPF, the level of data protection is therefore considered adequate. Google has certified itself in accordance with the DPF and has therefore undertaken to comply with European data protection principles.

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 (1) TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You give the corresponding consent via the consent banner.

You can find more information about Google Tag Manager at: https://developers.google.com/tag-platform/tag-manager?hl=de

11.3 Data protection notice on the use of Google Maps

This website uses Google Maps to display interactive maps and to provide directions. Google Maps is a map service of Google Inc. LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

By using Google Maps, information about the use of this website, including your IP address and the (start) address entered as part of the route planner function, may be transmitted to Google in the USA. For the USA, there is an adequacy decision of the EU Commission within the meaning of Art. 45 para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified in accordance with the DPF, the level of data protection is therefore considered adequate. Google has certified itself in accordance with the DPF and is therefore obliged to comply with European data protection principles.

When you access a web page on our website that contains Google Maps, your browser establishes a direct connection with Google's servers. The map content is transmitted by Google directly to your browser, which integrates it into the website. We therefore have no influence on the scope of the data collected by Google in this way. To the best of our knowledge, this is at least the following data:

  • Date and time of the visit to the website in question,
  • Internet address or URL of the website accessed,
  • IP address, (start) address entered during route planning.

We have no influence on the further processing and use of the data by Google and can therefore accept no responsibility for this.

If you do not want Google to collect, process or use data about you via our website, you can deactivate JavaScript in your browser settings. In this case, however, you will not be able to use the map display.

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 (1) TTDSG. The legal basis for any further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You give the corresponding consent via the consent banner.

For more information on the purpose and scope of data collection and the further processing and use of data by Google, please refer to Google's privacy policy

11.4 Data protection notice on the use of Google Fonts API/ gStatic API

External fonts such as Google Fonts and gStatic are used on this website for better visual presentation. These are services provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA ("Google").

These web fonts are integrated by a server call, usually a Google server in the USA. This establishes a connection with your end device and, among other things, transmits to the server which of our web pages you have visited. The IP address of your device's browser is also collected by Google. This data is not linked to your Google account.

Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission within the meaning of Art. 45 para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified in accordance with the DPF, the level of data protection is therefore considered adequate. Google has certified itself in accordance with the DPF and has therefore undertaken to comply with European data protection principles.

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 (1) TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You give the corresponding consent via the consent banner.

You can find more information at https://developers.google.com/fonts/faq?tid=331597391040

or www.google.de/intl/de/policies/

11.5 Data protection notice on the use of Doubleclick.net by Google (Google Ads Conversion Tracking)

This website uses the online marketing tool DoubleClick by Google and the associated conversion tracking (visit action analysis). This is an analysis service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA ("Google").

DoubleClick uses cookies to display adverts that are relevant to users, to improve campaign performance reports or to prevent a user from seeing the same adverts more than once. Google uses a cookie ID to record which adverts are displayed in which browser and can thus prevent them from being displayed more than once. In addition, DoubleClick can use cookie IDs to record so-called conversions that are related to ad requests. This is the case, for example, when a user sees a DoubleClick advert and later visits the advertiser's website with the same browser and makes a purchase there. According to Google, DoubleClick cookies do not contain any personal data.

Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our level of knowledge:

By integrating DoubleClick, Google receives the information that you have called up the corresponding part of our website or clicked on an advert from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider will find out your IP address and store it. The information obtained with the help of the DoubleClick cookie is used to create conversion statistics. This tells us the total number of users who clicked on one of our adverts and were redirected to a page with a conversion tracking tag. However, we do not receive any information with which users can be personally identified

In addition, the DoubleClick Floodlight cookies used enable us to understand whether you perform certain actions on our website after you have accessed or clicked on one of our display/video adverts on Google or on another platform via DoubleClick (conversion tracking). DoubleClick uses this cookie to understand the content with which you have interacted on our websites in order to be able to send you targeted advertising later.

Your data is generally transmitted to the servers of Google LLC in the USA. For the USA, there is an adequacy decision of the EU Commission within the meaning of Art. 45 para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified in accordance with the DPF, the level of data protection is therefore considered adequate. Google has certified itself in accordance with the DPF and has therefore undertaken to comply with European data protection principles.

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 (1) TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You give the corresponding consent via the consent banner.

Further information on DoubleClick and data protection at Google can be found under the following links:

https://support.google.com/campaignmanager/answer/9015629?hl=de

https://www.google.de/policies/privacy/

11.6 Data protection notice on the use of Google Dynamic Remarketing (Google Ads Remarketing)

We use the remarketing or "Similar Audiences" function of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google") on our website. The application is used to analyse visitor behaviour and visitor interests. Google uses cookies to analyse website usage, which forms the basis for the creation of interest-based advertising. The cookies are used to record visits to the website and anonymised data on the use of the website. In principle, no personal data of website visitors is stored. If you subsequently visit another website in the Google Display Network, you will be shown adverts that are highly likely to take into account the product and information areas you have previously visited.

The collected data is generally transmitted to the servers of Google LLC in the USA and stored there. For the USA, there is an adequacy decision by the EU Commission within the meaning of Art. 45 (3) GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified in accordance with the DPF, the level of data protection is therefore considered adequate. Google has certified itself in accordance with the DPF and has therefore undertaken to comply with European data protection principles.

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 (1) TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You give the corresponding consent via the consent banner.

Further information about Google Remarketing and the associated privacy policy can be found at: https://developers.google.com/tag-platform/devguides/dynamic-remarketing?hl=de

and www.google.de/policies/privacy/

11.7 Data protection notice on the use of Google reCaptcha

On this website, we use the reCAPTCHA function of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google). This function is primarily used to distinguish whether an entry is made by a natural person or abusively by machine and automated processing - e.g. by a bot or other spam software. By spam, we mean any unsolicited information that is sent to us electronically. reCAPTCHA therefore serves to ensure the security of our website and therefore ultimately also your security.

With the reCAPTCHA service, a JavaScript element is integrated into the source code and then the application runs in the background and analyses your user behaviour.

With the classic CAPTCHAS, you usually have to solve text or image puzzles or tick a checkbox to confirm that you are not a bot.

With the new Invisible reCAPTCHA version, it is no longer necessary to tick the box. Instead, the entire recognition process and the corresponding risk analysis run in the background. Google does not disclose in detail exactly what data it collects and stores. We currently use both reCaptcha versions on our website.

According to our information, the following information is collected in relation to your end device and your browser and transmitted to Google:

  • Referrer URL (the address of the page from which the visitor comes)
  • IP address of the user
  • Operating system of the user
  • Mouse and keyboard behaviour
  • Set language in the browser
  • Screen and window resolution
  • Time zone
  • Installation of browser plugins
  • Restricted location and usage data

In addition, Google reCAPTCHA also uses cookies (small text files that store data in your browser).

Google uses "Google Fonts", i.e. fonts downloaded from the Internet by Google, for the visual design of the Captcha window. No information other than that already transmitted to Google via the reCAPTCHA functionality will be processed.

Google reCAPTCHA is used in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in determining individual responsibility on the Internet and avoiding misuse and spam and thus ensuring the security of our website. The storage of and access to information in the end user's terminal equipment is carried out in accordance with Section 25 (1) and (2) TTDSG.

As part of the use of Google reCAPTCHA, personal data may also be transferred to the servers of Google LLC. in the USA. For the USA, there is an adequacy decision of the EU Commission within the meaning of Art. 45 para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified in accordance with the DPF, the level of data protection is therefore considered adequate. Google has certified itself in accordance with the DPF and has therefore undertaken to comply with European data protection principles.

Further information on data protection at Google can be found at www.google.com/intl/de/policies/privacy/

Further information about Google reCAPTCHA can be found on Google's web developer page at https://developers.google.com/recaptcha?hl=de.

11.8 Data protection notice on the use of Meta Pixel and Meta Custom Audience

We use a so-called "meta pixel" (formerly Facebook pixel) from Meta Platforms Inc, 1 Hacker Way, Menlo Park, CA 94025, USA ("Meta") on our website. The Meta pixel can be used to track the behaviour of users after they have clicked on a Meta advertisement. With the help of the Meta pixel, we can understand how our marketing measures on Meta/Facebook are received and, if necessary, take optimisation measures. For this purpose, interest-based adverts ("meta ads") are displayed to users of our website when they visit the Facebook social network or other websites that also use the process. Accordingly, we also use the meta pixel to display the meta ads placed by us only to those Facebook users who have also shown an interest in our online offering or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Meta (so-called meta "Custom Audiences" or "Look Alike Audiences").

Through the Meta pixel, your browser automatically establishes a direct connection with the Meta server. We have no influence on the scope and further use of the data collected by Meta through the use of this tool and therefore inform you according to our level of knowledge:

By integrating the Meta pixel, Meta receives the information that you have clicked on one of our adverts or accessed the corresponding web page on our website. If you are registered with a Meta service, Meta can assign the visit to your account. Even if you are not registered with Meta or have not logged in, it is possible for the provider to find out and store your IP address and other identifying features.

Your data is generally transferred to the servers of Meta Platforms Inc. in the USA. For the USA, there is an adequacy decision of the EU Commission within the meaning of Art. 45 para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified under the DPF, the level of data protection is therefore considered adequate. Meta has certified itself in accordance with the DPF and is therefore committed to complying with European data protection principles.

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 (1) TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You give the corresponding consent via the consent banner.

Meta processes the data in accordance with the Meta Data Usage Policy. Specific information and details about the Meta Pixel and how it works can also be found in the Meta help section.

11.9 Data protection notice on the use of Facebook Connect

If a so-called "Facebook Connect Button" is placed on this website, you have the option of logging in to our website with your Facebook user data. The provider is Meta Platforms Inc, 1 Hacker Way, Menlo Park, CA 94025, USA.

In addition, information about your activities on our website can automatically flow into your Facebook profile via Facebook Connect. In this respect, when you activate the button, you are given the opportunity to give your express consent to access your Facebook user data as well as to consent to the publication of information and activities in your Facebook profile. The use of further data (e.g. contact via your e-mail address) only takes place with prior express consent. Please note that Meta receives information about the application or website via Facebook Connect, including what actions you take. In order to personalise the process of establishing connections, Meta may in some cases receive a limited amount of information before the application or website is authorised.

Your data is generally transferred to the servers of Meta Platforms Inc. in the USA. For the USA, there is an adequacy decision of the EU Commission within the meaning of Art. 45 para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified under the DPF, the level of data protection is therefore considered adequate. Meta has certified itself in accordance with the DPF and is therefore committed to complying with European data protection principles.

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 (1) TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You give the corresponding consent via the consent banner.

The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights in this regard and setting options to protect your privacy can be found in Meta's privacy policy.

Further information on data collection: http://www.facebook.com/help/186325668085084

11.10 Data protection notice on the use of YouTube

We use the function for embedding YouTube videos from YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA ("YouTube") on our website. YouTube is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google").

The YouTube videos can be played directly from our website. With this integration, content from the YouTube website is displayed in parts of a browser window. However, the YouTube videos are only called up by clicking on them separately. This technique is also known as "framing". When you call up a (sub)page of our website on which YouTube videos are integrated in this form, a connection to the YouTube servers is established and the content is displayed on the website by notifying your browser.

The integration of YouTube content only takes place in "extended data protection mode". This is provided by YouTube itself and ensures that YouTube does not initially store any cookies on your device. However, when the relevant pages are called up, the IP address and other data (e.g. browser used, operating system and its interface, language and version of the browser software, date and time of the query) are transmitted and thus, in particular, which of our Internet pages you have visited. However, this information cannot be assigned to you unless you have logged in to YouTube or another Google service (e.g. Google+) before accessing the page or are permanently logged in.

As soon as you start the playback of an embedded video by clicking on it, YouTube only stores cookies on your device through the extended data protection mode, which do not contain any personally identifiable data, unless you are currently logged in to a Google service. These cookies can be prevented by making the appropriate browser settings and extensions.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

The data collected is generally transferred to a YouTube or Google server in the USA and stored there. For the USA, there is an adequacy decision by the EU Commission within the meaning of Art. 45 para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified under the DPF, the level of data protection is therefore considered adequate. YouTube and Google have certified themselves in accordance with the DPF and are therefore obliged to comply with European data protection principles.

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 (1) TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You give the corresponding consent via the consent banner.

Further information on the collection and use of data by YouTube and Google can be found in YouTube's privacy policy at www.youtube.com/t/privacy

11.11 Data protection notice on the use of LinkedIn Analytics and LinkedIn Ads

On this website, we use "LinkedIn Analytics" and "LinkedIn Ads", services provided by LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA. ("LinkedIn"). Both services store and process information about your user behaviour on our website. Among other things, cookies are used for this purpose, which are stored locally in the cache of your web browser on your end device and which enable your use of our website to be analysed.

We use LinkedIn Analytics for marketing and optimisation purposes, in particular to analyse the use of our website and to continuously improve individual functions and offers as well as the user experience. By statistically evaluating user behaviour, we can improve our offering and make it more interesting for you as a user.

We use LinkedIn Ads so that visitors to this website can be shown personalised advertisements on LinkedIn. Furthermore, it is possible to create anonymous reports on the performance of the adverts and information on website interaction. For this purpose, the LinkedIn Insight tag is integrated on this website, which establishes a connection to the LinkedIn server if you visit this website and are logged into your LinkedIn account at the same time.

The LinkedIn Insight Tag sets a cookie in the user's browser. LinkedIn uses this to collect data, such as

  • URL
  • Referrer URL
  • Device properties
  • Browser properties
  • IP address
  • Timestamp
  • Page views

LinkedIn anonymises the generated data within 7 days. LinkedIn deletes the data again within 90 days. We therefore do not receive any personal data from LinkedIn. We only receive aggregated reports on the demographic composition of our target audience and the effectiveness of our adverts. In this process, we receive information about criteria such as

  • Industry
  • Job title
  • Size of the company
  • Career level
  • Location of website visitors

You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your web browser. We would like to point out that in this case you may not be able to use all functions on our website to their full extent. LinkedIn members can control the use of their personal data for advertising purposes in their account settings. To deactivate the Insight tag on our website, click here.

The data collected is generally transferred to a LinkedIn server in the USA and stored there. For the USA, there is an adequacy decision by the EU Commission within the meaning of Art. 45 (3) GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified under the DPF, the level of data protection is therefore considered adequate. LinkedIn has undertaken to comply with European data protection principles.

https://www.linkedin.com/help/linkedin/answer/a1346151?lang=de-DE

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 (1) TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You give the corresponding consent via the consent banner.

Further information on data protection at LinkedIn can be found in the LinkedIn privacy policy

11.12 Data protection notice on the use of Matomo (Cloud)

This website uses the open source web analysis service Matomo. The provider is InnoCraft Ltd, 7 Waterloo Quay PO625, 6140 Wellington, New Zealand. Matomo uses technologies that enable cross-page recognition of the user to analyse user behaviour (e.g. device fingerprinting). For this purpose, permanent cookies are stored on your end device and read by us. In this way, we are able to recognise and count returning visitors.

With the help of Matomo, we are able to collect and analyse data about the use of our website by individual visitors. Among other things, we can find out when which pages were accessed and from which region. We also collect various log files (e.g. IP address, referrer, geolocation, main browser language, browser user agent, date and time of the request, screen resolution used, page load time, etc.) and can thus measure whether our website visitors perform certain actions (e.g. clicks, purchases, website searches, scrolling behaviour, etc.). The IP address is anonymised before storage. The raw data is stored for 24 months.

The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 (1) TTDSG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You give the corresponding consent via the consent banner.

Further information on the handling of user data by Matomo Analytics can be found in Matomo's privacy policy.

11.13 Data protection notice on the use of Paypal

On our website, we offer the option of processing the payment process via the payment service provider PayPal (PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg or Paypal Inc., 2211 N 1st St San Jose, CA 95131 United States). PayPal is an online payment service provider. Payments are processed via so-called PayPal accounts, which are virtual private or business accounts. PayPal also offers the option of processing virtual payments via credit cards if a user does not have a PayPal account.

If you choose this payment method, Paypal is responsible for the processing of your data under data protection law, as Paypal processes the payments directly with the customers and therefore does not process the payment data in accordance with instructions.

The following data is collected by Paypal or transmitted to Paypal:

If users want to register with PayPal, they must first connect an existing bank account with PayPal. To set up their account, they must enter their country of origin, first and last name, email address and password.

If companies use PayPal as a payment option, the software collects information about the transaction. This usually includes

  • the payment amount
  • User device information (e.g. IP address)
  • technical usage data and
  • Geolocation data of the users.

PayPal also reserves the right to collect personal data from buyers. According to PayPal, this includes information such as

  • First name and surname
  • address
  • Telephone number
  • E-mail and
  • Account number

PayPal carries out a credit check for various services, such as payment by direct debit, to ensure your willingness and ability to pay. For this purpose, your data (name, address and date of birth, bank account details) are passed on to credit agencies. We have no influence on this process and only receive the result as to whether the payment has been made or rejected or whether a check is pending.

The processing of the above data is neither legally nor contractually required. Without the transmission of this personal data, however, a payment via PayPal cannot be carried out. However, there is always the option of choosing another payment method.

PayPal may also process your data in the USA. For the USA, there is an adequacy decision of the EU Commission within the meaning of Art. 45 para. 3 GDPR, which extends to the EU-US Data Privacy Framework (DPF). For data exports to recipients in the USA that are certified under the DPF, the level of data protection is therefore considered adequate.

Insofar as personal data is processed during the described transfers to PayPal, this is done exclusively for the purpose of payment processing and thus for the fulfilment of a contract in accordance with Art. 6 para. 1 lit. b GDPR (for contracts with natural persons) or Art. 6 para. 1 lit. f GDPR (for contracts with legal entities).

Further information on data protection at PayPal can be found at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
 

11.14 Data protection notice on the use of Leadinfo

We use the lead generation service provided by Leadinfo B.V., Rotterdam, The Netherlands, which recognizes visits of companies to our website based on IP-addresses and shows us related publicly available information, such as company names or addresses. In addition, Leadinfo places two first-party cookies for providing transparency on how our visitors use our website and the tool processes domains from provided form inputs (e.g. “leadinfo.com”) to correlate IP addresses with companies and to enhance its services. For additional information, please visit www.leadinfo.com. On this page: www.leadinfo.com/en/opt-out you have an opt-out option. In the event of an opt-out, your data will no longer be used by Leadinfo

Status November 2023

This privacy policy is subject to constant review and ZARGES reserves the right to make changes at any time. Such changes will be published accordingly on this website.