juwi Wind- und Solarenergie

Data Protection Notes

1. Protection of your personal data

Dear visitors to our website, we are very happy about your interest in our juwi group (all companies affiliated with juwi AG in accordance with Section 15 Stock Corporation Act (Aktiengesetz)), as well as the offered products or services. We would like you to feel safe when you visit our websites, also regarding protection of your personal data.

The controller for processing activities on this website is juwi AG, Energie-Allee 1, D-55286 Wörrstadt.

Protection of your personal data is an important concern for us that we take very seriously. Observation of the provisions of the General Data Protection Regulation (EU-GDPR), the Federal Data Protection Act (BDSG), the Telecommunications Act (TKG) and the Telemedia Act (TMG) is of the utmost priority for us. We have taken technical and organisational measures in our company in order to preserve data protection.
These data protection notes inform you about the type, scale and purposes of processing of personal data on these websites and your connected rights. They apply to customers, property owners, suppliers and other data subjects.

These data protection notes apply in particular to processing activities by any companies of juwi group resident in the EU: Energie-Allee 1, D-55286 Wörrstadt, Germany, email: info(at)juwi.de, Phone: +49 6732 96 57 0, Fax: +49 6732 96 57 7001. The operational data protection officer of juwi can also be reached at data-protection(at)juwi.de.

The data protection notes will be updated at regular intervals. In order to learn about this, we recommend that you regularly view the data protection notes.

Where links are provided to other websites, we have neither influence on, nor control of, the linked content and the data protection policies applying there. We recommend examining the data protection declarations on the linked websites. This will allow you to determine whether, and to what extent, personal data are collected, processed, used or made accessible to third parties.

 

2. General notes

Our Data Protection Notes are intended to be simply and easily understood. As a rule, the Data Protection Notes use the official General Data Protection Regulation (GDPR) terms. The official definitions are explained in Art. 4 EU-GDPR.

 

2.1 Use of the website
When you visit our website, it is technically necessary for data to be transferred to our web server via your internet browser. The following data are anonymously recorded while you are connected to facilitate communication between your internet browser and our web server: Name of your internet provider, number of visits to our websites in the course of the day/week, number of visits per site, average duration of visit per site, number of feedbacks, the website from which you visit us and your abbreviated IP address. These data are analysed to ensure smooth operation of the website and to improve our offer.

For reasons of technical security, in particular as a means of warding off attempted attacks on our web server, these data are temporarily stored by us. No inference to individual persons is possible on the basis of this data. Within seven days at the latest, the data are anonymised by abbreviation of the IP address at domain level, so that it is no longer possible to relate them to the individual user. No analysis of these data ensues except, for statistical purposes, in anonymised form. No fusion of this data with data from other sources is undertaken, nor are they used to create a personal user profile.

 

2.2 Cooperation with juwi
In the course of the initiation, conclusion, processing and execution of contractual relationships and/other cooperation and for the purpose of establishing contact, we may also collect the following information:
a) Form of address, first name, last name, academic title
b) Date of birth if applicable
c) Email addresses
d) Address
e) Phone number (landline and/or mobile phone)
f) Fax number
g) Property data
h) Bank information
i) Function in the company / public authority

These data are collected for the following purposes:
a) Identification;
b) Carrying out of our contractual relationship;
c) Correspondence and communication;
d) Invoicing;
e) Creditworthiness check;
f) Processing of any claims present and establishment of any claims against you or the customer or supplier.

We also process – as far as this is necessary within the context of the contractual relationship and/or the other cooperation – personal data that are rightfully acquired by us from publicly accessible sources (e.g. public registers, press, internet) or that are rightfully transmitted by any other third parties.

 

2.3 Children
It is not in our interest to collect personal data of children younger than 16. We do not knowingly or deliberately record any data concerning children and we are aware that processing of personal data concerning children is only legitimate with the consent of their parents. If you believe that we have collected data concerning your child, you as parent may report this to us under data-protection(at)juwi.de. The data will then be deleted.

 

3. Collection and processing of personal date

Your data will be collected, used and stored for the following purposes:

a. If any contract is to be established between you and us, specified in its contents or changed, we will collect and process personal data as far as this is necessary for such purposes, point (v) of Article 6(1) GDPR.
b. If there is no contractual relationship, we will process your personal data if this is necessary to maintain our legitimate interest or that of any other company of juwi group, which is in pursuing our main business purpose, planning and execution of projects within the area of renewable energies, or in the scope of credit checks and to investigate or prevent crimes, point (f) of Article 6(1) GDPR.
c. When you transmit any personal data to us, such as your name and contact details within the context of a contact form or to register for our newsletter and/or to order our company magazine, this is done solely based on free consent, point (a) of Article 6(1) EU-GDPR.
d. In order to meet statutory obligations (e.g. archiving obligations under commercial and tax law, and under the law on energy management (Energiewirtschaftsgesetz)), point (c) of sentence 1 of Article 6(1) EU-GDPR.
e. If there is or was a contractual relationship between us, we process your personal data of the purpose of the legit interest pursuant to Art. 6 Section 1 S. 1 lit. f GDPR to inform you via E-Mail or Phone about interesting news or events or to get feedback from you on the quality of our services

Your data will be processed by us for the first time from the time of collection, provided that we are informed of this by you or a third party.

The personal data collected by us for the order will be stored until the expiration of the statutory archiving obligation (6 years after the end of the calendar year in which the contractual relationship ended) and then erased, except if we are obligated to archive the data for a longer period according to point (c) of sentence 1 of Article 6(1) EU-GDPR due to archiving and documentation obligations under tax and commercial law (e.g. from the Commercial Code, Criminal Code, Tax Code or Anti-Money-Laundering Act) or if you have consented to storage beyond this according to point (a) of sentence 1 of Article 6(1) EU-GDPR.

 

4. Duration of storage

The duration of storage of personal data is dependent on the relevant statutory retention periods (e.g. arising from commercial law and fiscal law). Following expiry of the relevant time limit, the corresponding data are routinely deleted. Where data are necessary for the purpose of fulfilment or initiation of a contract, or we have a legitimate interest in the continued storage, the data will be deleted when they are not longer necessary for these purposes or you have exercised your revocation or objection rights.

 

5. Passing on of data

No transfer of your personal data to third parties ensues, except:
a) When we have made specific reference to same in the description of the respective data processing process,
b) When you have expressly consented to same pursuant to point a of sentence 1 of Article 6 (1) EU-GDPR,
c) The transfer is necessary pursuant to point (1) of Art. 6 (1) EU-GDPR for the purpose of asserting, exercising or defending legal claims and there is no reason to assume that you have an overriding interest in the non-transfer of your data,
d) In cases in which a statutory obligation to pass on the data pursuant to point c, sentence 1, Article 6 (1) EU-GDPR applies and
e) Where this is necessary pursuant to point b, sentence 1, Article 6 (1) EU-GDPR for the processing of the contractual relationship with you.

Within the juwi Group (this shall be taken to mean all the companies associated with juwi AG pursuant to Section 15 AktG), only those bodies shall obtain access to personal data that require them in order to enable us to meet contractual and/or statutory obligations. As far as this is necessary in accordance with point (b) of sentence 1 of Article 6(1) EU-GDPR for initiation, conclusion, processing and execution of contractual relationships and/or for other cooperation, your personal data will be passed on to third parties. This shall in particular include passing on to companies of the juwi group, subcontractors, cooperation partners, investors, banks and their representatives, lawyers and tax advisors, courts and other public authorities, as well as translators, for the purposes of correspondence and to assert claims and/or rights and/or defend rights, and IT service providers charged by us in the context of commissioned data processing as well as insurance providers. The data passed may only be used by third parties for the purposes specified. Your personal data will not be transferred to any third parties for any other than the purposes listed above.

Furthermore, we use external service providers for the execution of our services; these have been carefully selected and commissioned in writing. They are bound by our instructions and are regularly checked by us. Where necessary, we have concluded commissioned data processing contracts with them pursuant to Article 28 E-GDPR. These are service providers for web hosting, the dispatch of e-mails and the maintenance and updating of our IT system, etc. Our service providers will not pass these data on to third parties.

Data transfer into countries outside of the European Union and the states that are party to the Treaty on the European Economic Area (“non-member countries”) ensues within the framework of the development and setting-up of worldwide renewable energy projects and the administration and operation of IT systems used by us. In this regard, the following is preconditioned and fulfilled by us:

a) The fulfilment of a statutory permit requirements

b) In particular, we guarantee an appropriate data protection level in accordance with the EU standard contract clauses for the transfer of personal data to non-member states through the conclusion of corresponding contracts. A copy of the standard contractual clauses issued by the EU Commission can be found on the internet under: https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32010D0087&from=DE The transfer of data abroad or to supranational or intergovernmental bodies ensues only where permissible or demanded by law.

 

6. Your rights

If the statutory conditions are met, you are due the following rights:

a. In accordance with Article 7(3) EU-GDPR, you may withdraw your consent given towards us at any time. This shall also apply to withdrawal of declarations of consent that were given to us before the application of the EU-GDPR, i.e. before 25 May 2018. The withdrawal of consent shall only have the consequence that we may no longer continue the processing activities that were based on this consent in future;

b. In accordance with Article 15 EU-GDPR, you may demand access to your personal data processed by us. In particular, you may request information on the purposes of the processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage duration, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if they were not collected by us, and the existence of automated decision-making, including profiling and any indicative information on its details;

c. In accordance with Article 16 EU-GDPR, you may demand rectification of any inaccurate personal data stored by us or completion of these without undue delay;

d. In accordance with Article 17 EU-GDPR, you may demand erasure of your personal data stored by us as far as processing is not required in order to exercise the right to freedom of expression and information, to comply with a legal obligation, for reasons of public interest or for assertion, exercise or defence of rights and/or claims;

e. In accordance with Article 18 EU-GDPR, you may demand restriction of processing of your personal data as far as the accuracy of the data is contested by you, processing is unlawful, but you decline erasure and we no longer require the personal data, but you still require them to assert, exercise or defend legal claims or you have objected to processing in accordance with Article 21 GDPR;

f. In accordance with Article 20 EU-GDPR, you may demand to obtain your personal data that you have provided to us in a structured, common and machine-readable format or to demand transfer to another controller and

g. In accordance with Article 77 EU-GDPR, you may lodge a complaint with a supervisory authority. Usually, you may contact the supervisory authority at your common place of residence or work place or our registered office for this. The supervisory authority competent for our company is the state officer for data protection and freedom of information in Rhineland Palatinate, Hintere Bleiche 34, D-55116 Mainz, phone: 06131 208-2449, email: poststelle(at)datenschutz.rlp.de.

If you have any further questions concerning protection of your personal data, these data protection notes or the given declarations of consent, you may, of course, contact our data protection officer at any time. Any complaints concerning handling of your personal data may also be targeted at our data protection officer. Contact details of the data protection officer: data-protection(at)juwi.de.

Right to object
If your personal data are processed based on legitimate interests in accordance with point (f) of sentence 1 of Article 6(1) EU-GDPR, you have the right to object to processing of your personal data in accordance with Article 21 EU-GDPR at any time as far as there are grounds for this that result from your special situation.

An objection to the processing mentioned in no. 3 e is possible at any time and without stating reasons.

An informal declaration to juwi is sufficient if you want to exercise your right to object, gladly also by email to data-protection(at)juwi.de.
 

7. Notes on individual website offers

7.1 Newsletter
Do you want to receive the newsletter we offer on the website? In this case, we will require your email address and information that enables us to verify that you are the holder of the indicated email address and that you agree to receive the newsletter. When mailing the Newsletter, we use what is known as the double opt-in process. This means that we only send you our Newsletter by e-mail when you have expressly confirmed your consent to the receipt of our newsletter. To this end, you receive an e-mail with a link which allows you to confirm that, as owner of the relevant e-mail address, you wish to receive the Newsletter in future. With this confirmation, you consent within the meaning of point a of Article 6 (1) EU GDPR to our using your personal data for the purposes of mailing the desired Newsletter. At the time of registration for the Newsletter, we store the IP address through which you registered for the Newsletter as well as the date and time of your registration and confirmation for the Newsletter, in addition to the e-mail address necessary for mailing. In this way we can track any possible abuse at a later point in time. No further data are collected.

The dispatch of our e-mail Newsletter of the juwi group ensues through the technical service provider CleverReach GmbH&Co KG, Mühlenstr. 43, 26180 and Rastede ("CleverReach") to whom we pass on your data provided at the time of registration for the Newsletter. This ensues in accordance with point f, Article 6 (1) EU-GDPR and serves our legitimate interest in the use of an advertising-effective, secure and user-friendly newsletter system. The data provided by you for the purpose of receiving the Newsletter (e.g. e-mail address) are stored on the CleverReach servers in Germany. We have concluded a commissioned data processing contract with CleverReach, in which we oblige CleverReach to protect the data of our customers and not to pass them on to third parties. The Data Protection Declaration of CleverReach can be viewed here: https://www.cleverreach.com/de/.

CleverReach uses this information on our instructions for mailing and statistical analysis of the Newsletter. For analysis purposes, the e-mails sent contain what are known as web beacons or tracking pixels, which represent one-pixel image files which are stored on our website. These show whether a Newsletter message has been opened and what links, if any, can been clicked. Furthermore, with the aid of what are known as conversion trackings, an analysis can be carried out to determine whether clicking on the link in the Newsletter resulted in a previously-defined action (e.g. purchase of a product on our website). In addition, technical information is collected (e.g. time of viewing, IP address, browser type and operating system). The data are collected exclusively in pseudonymised form and are not linked with your further personal data; a direct attribution to you is ruled out. These data serve exclusively the purpose of statistical analysis of newsletter campaigns. The results of these analyses can be used to tailor the Newsletter more closely to the interests of the recipients. If you wish to object to the data analysis for statistical analysis purposes, you need to cancel receipt of the Newsletter.

You can cancel the Newsletter at any time through the link included in every Newsletter or by e-mail. Following cancellation, your e-mail address will immediately be deleted from our Newsletter mailing list, unless you have expressly consented to continued use of the collected data or continued processing is otherwise permissible by law.


7.2 juwi operator login: Virtual platform and MVV Enamic
You can register for an operator login in order to be able to view the operating results of your solar or wind energy plant via the respective platform or inform yourself of the current technical condition of your plant.

Within the framework of the login setup and registration, we collect and use the following personal data: Form of address, first name, last name, postal address, business e-mail address, company, user name and password. Furthermore, you can provide voluntary details of your function in the company, business mobile phone and fax number. The legal basis for the data processing is the fulfilment of the contract concluded with you pursuant to point b, Article 6 (1) EU-GDPR, provided the processing is necessary for the rendering of the desired services.

The data are collected and stored within the online platforms and can be exported. In the case of a new registration, juwi will send the access information to the user by e-mail. Passwords are issued by the users themselves and not administered by juwi.

The data for registration and setup of the “juwi Virtual Platform” are sent to our service provider meteocontrol GmbH, Spicherer Strasse 48, 86157 Augsburg, which provides the platform’s online service. These data are not otherwise passed on to third parties and are used exclusively for the respective online service. We have concluded a commissioned data processing contract with meteocontrol, in which we oblige meteocontrol, to protect the data of our customers and not to pass them on to third parties.

The data for registration and setup of the “MVV Enamic” are sent to our service provider MVV Enamic GmbH, Luisenring 49, 68159 Mannheim, which provides the platform’s online service. These data are not otherwise passed on to third parties and are used exclusively for the respective online service. We have concluded a commissioned data processing contract with MVV Enamic GmbH, in which we oblige MVV Enamic GmbH, to protect the data of our customers and not to pass them on to third parties.

Your data for the operator login of the “juwi Virtual Platform” and “MVV Enamic” will be deleted as soon as the commercial/technical management contract between you and us is terminated or you request the deletion of the operator login for other reasons and this does not conflict with any statutory retention obligations. You can have your login, including the data provided by you, changed by corresponding notification to info(at)juwi-om.de or directly to data-protection(at)juwi.de.


7.3 General contact
Once you contact us and provide us with your contact details, we will process these contact details (name, email address, phone number) by way of correspondence.

The legal bases for this are point (b) of Article 6(1) and point (f) of Article 6(1) EU-GDPR. Establishing contact for sales purposes in the Business-to-Business area (B2B) may be seen as a legitimate interest within the meaning of the second rule under consideration of reconciliation of interests.

These data will not be passed on to any third parties outside of juwi group and shall be deleted without undue delay after the contact, if no further usage purposes result from this. In case of point (f) of Article 6(1) EU-GDPR, you may object to processing if the relevant laws do not permit processing activities, e.g. to perform a contract in accordance with point (b) of Article 6(1) EU-GDPR or unless there is any statutory archiving obligation.


7.4 Web form for dispatch of applications
If you apply to us through our web form, we collect your personal data. These include, in particular, your contact data (such as first name and surname, form of address, postal address, e-mail address of the user and telephone number) as well as further data on your background provided by you (e.g. curriculum vitae, qualifications, educational qualifications and professional experience) and your person (e.g. address, personal interests). Particular categories of personal data may come under this heading (e.g. details of a severe disability). As a rule, your personal data are collected directly from you in the context of the application process and encrypted during electronic transfer. The data stem from the application form filled out online and the files uploaded.

The data processing serves for the initiation of an employment relationship. The overriding legal basis for this is point b, Article 6 (1) EU-GDPR in conjunction with Section 26, sub-section 1 BDSG. In addition, consent pursuant to point a, Article 6 (1), 7 EU GDPR in conjunction with Section 26, Sub-section 2 BDSG may be drawn on as legal consent. Where the processing of your data is based on consent, you have the right to revoke this consent with effect for the future at any time.

Within our company, only those persons and bodies (e.g. Personnel Department) will obtain access to your personal data that absolutely require them in order to conduct the application process to meet our contractual obligations. Where applicable, your application will be passed on to the respective responsible party for examination. Under no circumstances will your personal data be passed on to third parties.

Data regarding an application for a specific advertised position will be stored and processed by us during the ongoing application process. Following conclusion of the application process (for example in the form of a job offer or rejection), the application incl. all personal data will be deleted from the system within six months of the termination of the application process. In the event of a job offer, we reserve the right to retain your application for a longer period, provided the date of entry lies more than six months in the future.

 

8. Security

In compliance with Article 32 EU-GDPR and giving consideration to the state of the art, the implementation costs and the type, scope, circumstances and purpose of the processing, as well as the different degrees of likelihood of occurrence and the severity of the risk to the rights and freedoms of natural persons, we take suitable technical and organisational measures to guarantee a degree of protection in keeping with the risk. For security reasons and as a form of protection when transferring confidential information, we use SSL encryption.

We will protect your personal data from unauthorised access, use or publication, and we shall ensure that your personal data that are stored in our IT infrastructure are within a controlled, secure environment in which unauthorised access and publication are prevented. All of our employees and all persons involved in processing activities are obligated to comply with the EU-GDPR, the BDSG-new and other laws relevant for data protection, and for confidential handling of personal data.

In case of collection and processing of personal data, the information will be transmitted encrypted in order to prevent misuse of data by third parties. Our security measures will be revised continually according to the technological developments.


9. Cookies

Our website uses cookies which are stored in your browser and contain certain settings for the use of the website (e.g. on the ongoing session). Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files which are sent to your device and stored in your browser. Most of the cookies we use are what are known as session cookies which are deleted automatically when the browser is closed. Other cookies remain stored on your device until you delete them or the storage period expires. These cookies make it possible for us to recognise your browser on your next visit to our site.

In some cases, the cookies serve to simplify website processes by storing settings (e. g. retention of options already selected). If personal data are also processed by individual cookies implemented by us, the processing ensues pursuant to point b, Article 6 (1) EU-GDPR either to execute the contract or pursuant to point f, Article 6 (1) EU-GDPR to safeguard our legitimate interest in the best functionality of the website and a customer-friendly and effective design for visiting the site. You can set your browser so that you

a) are informed of the setting of cookies,
b) permit cookies only in the individual case,
c) reject the acceptance of cookies for certain cases or generally,
d) activate the automatic deletion of cookies when the browser is closed.

The cookies settings for the respective browsers can be administered under the following links:

a) Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
b) Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-
c) Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647 
d) Safari: https://support.apple.com/kb/ph21411?locale=de_DE 
e) Opera: https://help.opera.com/en/latest/web-preferences/#cookies 

You can also individually administer the cookies of many companies and functions used for advertising. To do so, use the corresponding user tools which can be called up under https://www.aboutads.info/choices/  or http://www.youronlinechoices.com/uk/your-ad-choices.

Most browsers also offer what is known as a “do-not-track” function. When this function is activated, the respective browser informs advertising networks, websites and applications that you do not wish to be tracked for purposes of behaviour-based advertising and similar. Information and instructions on how this function can be processed can be found, depending on the browser provider, under the following links:

a) GoogleChrome: https://support.google.com/chrome/answer/2790761?co=GENIE.Platform%3DDesktop&hl=en 
b) Mozilla Firefox: https://www.mozilla.org/de/firefox/dnt/ 
c) Internet Explorer: https://support.microsoft.com/en-us/help/17288/windows-internet-explorer-11-use-do-not-track 
d) Opera: https://help.opera.com/en/opera36/be-safe-and-private/#notrack

In addition, you can prevent the upload of what are known as scripts as standard. “NoScript” permits the execution of JavaScripts, Java and other plug-ins only for trustworthy domains of your choice. Information and instructions on how you can process this function can be obtained from your browser provider (e.g. for Mozilla Firefox under: https://addons.mozilla.org/en-US/firefox/addon/noscript/ ).

Please note that the deactivation of cookies may restrict the functionality of our website.

 

10. Use of Google Analytics

Our website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses what are known as “cookies”, text files which are stored on your computer and which permit an analysis of your use of the website. The information generated by the cookies regarding your use of this website is generally sent to a Google server in the USA and stored there. We deploy Google Analytics only with activated IP anonymisation. In this process, the user’s IP address is shortened by Google within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area so that relation to a specific person can be ruled out. We store only the shortened and thus anonymised IP addresses. Google Inc. is headquartered in the US and is certified under the EU-US “Privacy Shield” data protection agreement, which safeguards the observance of the data protection level applying in the EU. The processing ensues pursuant to point f, Article 6 (1) EU-GDPR resp. Section 15, Sub-section 3 TMG on the basis of our legitimate interest in the statistical analyses of user behaviour for optimisation and marketing purposes. On behalf of the operator of this website, Google will use this information to evaluate your use of the website. This serves to facilitate reporting to the website operator on website activities and other services associated with website use and internet use. The IP address provided by your browser in the context of Google Analytics will not be merged with other data provided by Google. The conditions for use of Google Analytics and information on data protection can be called up under the following links: https://marketingplatform.google.com/about/analytics/terms/us/ and  https://policies.google.com/?hl=en&gl=en /.

You can prevent the storage of cookies by changing the relevant settings in your browser software. However, we would draw your attention to the fact that, in this event, you may not be able to use all the functions of this website. Furthermore, you can prevent the collection of data generated by cookies and relating to your use of the website (incl. your IP address) and the processing of your data by Google by downloading and installing the browser plug-in available under URL http://tools.google.com/dlpage/gaoptout?hl=en.

Clicking on the following link prevents data collection by Google Analytics by setting what is known as an opt-out cookie: Deactivation of Google Analytics

Information on Google Analytics handling of user data can be found in the Google data protection declaration under https://support.google.com/analytics/answer/6004245?hl=en.

 

11. Google Maps

Via an interface, our website uses the online map services provider Google Maps. Provider of this map service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. In order to use the functionalities of Google Maps, it is necessary to store your IP address. This information is transferred to a Google server in the USA and stored there. The provider of this site has no influence over this data transfer. The use of Google Maps ensues in the interest of an appealing presentation of our online offer and for easier retrieval of the addresses listed on the website. This represents a legitimate interest within the meaning of point f, Article 6 (1) EU-GDPR. Google is certified under the Privacy Shield Agreement and, under this agreement, guarantees compliance with European data protection (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). You can find further information on the handling of user data in the Google data protection declaration:  https://policies.google.com/privacy?hl=en&gl=en / and opt-out: https://www.google.com/settings/ads/.

 

12. Web Fonts

12.1 Fonts.com
On our website, we use “fonts.com”, a font service of Linotype GmbH, Werner-Reimers-Strasse 2-4, 61352 Bad Homburg (“fonts.com”). Every time our website is called up, files are loaded from a “fonts.com” server to show the texts in a specific font. In this process, your IP address can be transferred to a “fonts.com” service and stored within the framework of the usual web log. The further processing of this information is the responsibility of “fonts.com”; please see the Data Protection Notes of “fonts.com” for the corresponding terms and setting options.


12.2 Font Awesome
In order to show uniform fonts, this website uses what are known as web fonts, provided by Fonticons, Inc. When a site is called up, your browser downloads the required fonts to your browser cache in order to show texts and fonts correctly.

To this end, the browser you use must contact the servers of Fonticons, Inc. In this way, Fonticons, Inc. becomes aware that our website has been called up from your IP address. The use of web fonts ensues in the interests of a uniform and appealing presentation of our online offer. This constitutes a legitimate interest within the meaning of point f, Article 6 (1) EU-GDPR. If your browser does not support web fonts, these symbols will not be used or shown. Further information on Font Awesome can be found under https://fontawesome.com/help and in the Data Protection Declaration of Fonticons, Inc.: https://fontawesome.com/privacy.

   

13. Social Media

13.1 Links to social media
Social networks - Facebook, Twitter, Xing, LinkedIn and Instagram – appear on our website only in the form of a link to the corresponding service. When the imbedded text/image link is clicked, you will be forwarded to the site of the respective provider. Only then will user information be transferred to the respective provider. We are not aware of, nor do we have any influence over, the scope of the processing of your data by other providers as soon as you call up the providers site. For information on the handling of your personal data when these sites are used, please see the respective data protection terms of the provider used by you.

 

13.2 YouTube
For the integration and display of video contact, our website uses plug-ins from YouTube. Provider of the video portal is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

When you visit a site with a YouTube plug-in, you are shown a preview image of this video. In addition to showing the video, when you click on the preview image, connections are established to servers of YouTube and the Google advertising network DoubleClick. The link connection ensues using what is known as the “extended data protection mode”, so that no YouTube cookies are used.

Even so, the connection link with YouTube results in data transfer, e. g. with information on the site from which the connection ensued.

YouTube can assign your surfing behaviour directly to your personal profile if you happen to be logged in to your YouTube account. You can prevent this by logging out beforehand.

juwi has no influence over, and only limited knowledge of, how and to what extent your data are processed.

The legal basis for the imbedding of YouTube and the associated transfer of data to Google is your consent (point a, Article 6 (1) EU-GDPR).

Details on the handling of user data can be found in the YouTube data protection declaration under: https://www.google.de/intl/de/policies/privacy.


13.3 juwi Facebook presence
Controller: Wherever the data you send to us via Facebook is also or exclusively processed by Facebook, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland is, in addition to us, controller of data processing within the meaning of EU-GDPR. To this end, we have concluded an agreement with Facebook pursuant to Article 26 EU-GDPR regarding a joint responsibility for the processing of data (controller addendum). This agreement lays down the data processing transactions for which we or Facebook are responsible when you visit our Facebook fan page. You can view the agreement under the following link: https://www.facebook.com/legal/terms/page_controller_addendum.

If you, as a visitor to our Facebook fan page, wish to assert your rights (information, rectification, erasure, restriction of processing, data portability, complaints to supervisory authority, rejection or revocation), you can contact either Facebook or us. You can change your advertising settings yourself in your account. To do so, click on the following link and log in:
https://www.facebook.com/settings?tab=ads or https://www.youronlinechoices.com.

For further details, please see Facebook’s data protection declaration:
https://www.facebook.com/about/privacy/

Facebook Data Protection Officer: To contact the Facebook Data Protection Officer you can use the online contact form provided by Facebook under the following link: https://www.facebook.com/help/contact/540977946302970

Data processing for statistical purposes by means of site insights: Facebook makes what are known as site insights available for our Facebook fan page:
https://www.facebook.com/business/a/page/page-insights. These are summarised data which provide insights into the persons interacting on our site. Site insights can be based on personal data collected in the context of a visit or interaction with persons on or with our site and in the context of the content provided there. Please note the personal data you share with us via Facebook. Your data can be processed for our market research and advertising purposes, even when you are not logged in on Facebook or have no Facebook account. In this way, it is possible, for example to compile user profiles from the user behaviour and the relevant interests. In turn, the user profiles can be used, for example, to place advertisements inside and outside of the platforms which probably match the interests of the user. This data recording ensues via cookies stored on your end device. Furthermore, data which is independent of the devices used by the user can be stored in the user profiles; in particular, when the users are members of the respective platforms and logged in there. Legal basis for the processing is point f, Article 6 (1) EU-GDPR. Our legitimate interest lies in the optimum presentation of our offer, effective information and communication with the customer and potential customers and in the targeted placement of advertising. Please note that we have no influence on the collection of data or further processing by Facebook. Consequently, we can provide no information on the scope, location or duration of data stored by Facebook. Furthermore, we can make no statement on whether Facebook is complying with existing deletion obligations, on the analysis and linking undertaken with this data by Facebook and to whom the data is transferred by Facebook. If you wish to avoid the processing of your personal data by Facebook, please contact us by some other means.

 

13.4 Company presence on other social networks
In addition to Facebook, juwi is also present on further social networks, such as:
a) Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland
b) Instagram Inc., Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland
c) LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
d) XING SE, Dammtorstraße 29-32, 20354 Hamburg Deutschland.

Responsible body at other social networks: If you visit our website via one of the other providers, your personal data will be processed by the respective provider who is then responsible for data processing within the meaning of EU-GDPR. For the assertion of your rights as a data subject, we would point out that these are most effectively asserted with the respective provider. Only they have access to your personal data collected. Should you still require assistance, please do not hesitate to contact us.

Data Protection Officer: Notes on contacting the Data Protection Officers of the other social media providers can be found here:

a) Twitter: https://www.twitter.ethicspointvp.com/custom/twitter/forms/data/form_data.asp
b) Instagram Inc. https://www.facebook.com/help/contact/540977946302970
c) Youtube: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland
d) LinkedIn Ireland Unlimited Company: https://www.linkedin.com/help/linkedin/ask/TSO-DPO
e) Xing SE: Datenschutzbeauftragter@xing.com

Processing of personal data on the basis of data transfer to juwi via social networks. As soon as you contact us via the various communication channels provided by social networks, juwi is independently responsible for the lawfulness of the data processing. If you contact us via one of the various social network communication channels (e. g. chat function, comment function, etc.) we will process your data for the purpose of responding so that your query can be dealt with in the best possible way. Legal basis for the processing is our legitimate interest in responding to your communication pursuant to point f, Article 6 (1) EU-GDPR.

 

14. Google reCAPTCHA

We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on our juwitality website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

The purpose of reCAPTCHA is to check whether the data input on our website (e.g. in a contact form) is made by a person or by an automated program. To this end, reCAPTCHA analyses the behaviour of the website visitor on the basis of various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis reCAPTCHA evaluates different information, e.g. IP address.

Duration of stay of the website visitor on the juwitality website mouse movements made by the user. The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place. Data processing is based on Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in protecting our website from abusive automated spying and from unwanted, automated submissions (spam).

Google is certified for the US-European data protection agreement "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU. We do not store personal data from the use of reCAPTCHA. In general, personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. Further information about Google reCAPTCHA and Google's privacy policy can be found at the following links: https://policies.google.com/privacy?hl=en&gl=en  / and https://www.google.com/recaptcha/intro/v3beta.html

 

15. Amendments to our Data Protection Notes

We reserve the right to update these Data Protection Notes where necessary, taking the valid data protection stipulations into account. In this way, we can adapt them to the current legal requirements and reflect changes in our products and services, e. g. the introduction of new services. The respective valid version applies for your visit.

Status of these Data Protection Notes is 06.08.2019.