privacy notice | IPL Expert

Data Protection

In the following, we will inform you in accordance with the legal requirements of data protection law (in particular in accordance with BDSG nF and the European General Data Protection Regulation 'GDPR') about the type, scope and purpose of the processing of personal data by our company. This data protection declaration also applies to our websites and social media profiles. With regard to the definition of terms such as "personal data" or "processing", we refer to Art. 4 GDPR.

Name and contact details of the person responsible
Our responsible person (hereinafter “responsible person”) within the meaning of Art. 4 no. 7 GDPR is:

Mr. Georg Ewald J. Bäuning
Industriepark 6
27777 Ganderkesee
Tel +49 4222 400 3850
Email address: Ewald@GEB.vision

Types of data, purposes of processing and categories of data subjects

In the following we will inform you about the type, scope and purpose of the collection, processing and use of personal data.
1. Types of data we process
Usage data (access times, websites visited, etc.), inventory data (name, address, etc.), contact data (telephone number, e-mail, fax, etc.), contract data (subject of the contract, duration, etc.), communication data (IP address, etc.) ),

2. Purposes of processing according to Art. 13 Para. 1 c) GDPR
Processing of contracts, optimizing the website technically and economically, enabling easy access to the website, fulfilling contractual obligations, supporting commercial use of the website, designing the website in a user-friendly manner, economic operation of the advertising and website, marketing / sales / advertising, avoidance of SPAM and abuse, customer service and customer care, handling contact inquiries,

3. Categories of data subjects according to Art. 13 Para. 1 e) GDPR
Visitors / users of the website, customers, suppliers, interested parties, employees of customers or suppliers. The data subjects are collectively referred to as "users".

Legal basis for processing personal data
In the following we will inform you about the legal basis for the processing of personal data:
If we have obtained your consent for the processing of personal data, the legal basis is Article 6 Paragraph 1 Sentence 1 Letter a) GDPR.
1. If processing is necessary to fulfill a contract or to carry out pre-contractual measures that are carried out upon your request, the legal basis is Article 6 Paragraph 1 Sentence 1 Letter b) GDPR.
2. Is the processing necessary to fulfill a legal obligation to which we are subject (e.g.
statutory retention requirements), Art. 6 Para. 1 S. 1 lit. c) GDPR is the legal basis.
3. If processing is necessary to protect the vital interests of the data subject or another natural person, the legal basis is Article 6 Paragraph 1 Sentence 1 Letter d) GDPR.
4. If processing is necessary to safeguard our or the legitimate interests of a third party and your interests or fundamental rights and freedoms do not outweigh your interests, Article 6 (1) sentence 1 lit.f) GDPR is the legal basis.

Transfer of personal data to third parties and processors
In principle, we will not pass on any data to third parties without your consent. If this is the case, the transfer takes place on the basis of the aforementioned legal bases, e.g. when transferring data to online payment providers for the fulfillment of a contract or due to a court order or due to a legal obligation to surrender the data for the purpose of criminal prosecution, to avert danger or to enforce intellectual property rights. We also use contract processors (external service providers, e.g. for web hosting our websites and databases) to process your data. If data is passed on to the processors as part of an agreement for order processing, this always takes place in accordance with Art. 28 GDPR. We carefully select our processors, check them regularly and have given us the right to issue instructions with regard to the data. In addition, the processors must have taken suitable technical and organizational measures and comply with the data protection regulations according to BDSG nF and DS-GVO.

Data transfer to third countries
The adoption of the European General Data Protection Regulation (GDPR) created a uniform basis for data protection in Europe. Your data will therefore mainly be processed by companies for which the GDPR applies. Should the processing by third party services take place outside the European Union or the European Economic Area, then these must meet the special requirements of Art. 44 ff. GDPR. This means that processing takes place on the basis of special guarantees, such as the establishment of a data protection level that is officially recognized by the EU Commission or compliance with officially recognized special contractual obligations, the so-called “standard contractual clauses”. Insofar as we obtain your express consent to data transmission to the USA due to the ineffectiveness of the so-called "Privacy Shield", according to Art. 49 Paragraph 1 Sentence 1 lit. by US authorities and the use of the data for monitoring purposes, possibly without legal remedies for EU citizens.

Deletion of data and storage duration
Unless expressly stated in this data protection declaration, your personal data will be deleted or blocked as soon as you revoke your consent to processing or the purpose for storage no longer applies or the data is no longer required for the purpose, unless it is further Storage is required for evidence purposes, or there are statutory retention requirements. This includes, for example, commercial law retention obligations for business letters in accordance with Section 257 (1) HGB (6 years) and tax retention obligations in accordance with Section 147 (1) AO of documents (10 years). When the prescribed retention period expires, your data will be blocked or deleted, unless the storage is still necessary for the conclusion or fulfillment of a contract.

Existence of automated decision-making
We do not use automatic decision-making or profiling.

Provision of our website and creation of log files
1. If you only use our website for information purposes (i.e. no registration and no other transmission of information), we only collect the personal data that your browser transmits to our server. If you want to view our website, we collect the following data:
• IP address;
• Internet service provider of the user;
• the date and time of the request;
• browser type;
• language and browser version;
• content of the call;
• time zone;
• Access status / HTTP status code;
• amount of data;
• Websites from which the request came;
• Operating system.
A storage of this data together with other personal data does not take place.

2. These data serve the purpose of user-friendly, functional and secure delivery of our website to you with functions and content as well as their optimization and statistical analysis.

3. The legal basis for this is our legitimate interest in data processing in accordance with Article 6, Paragraph 1, Sentence 1, Letter f) of the GDPR, which is also part of the above-mentioned purposes.

4. For security reasons, we store this data in server log files for a storage period of 70 days. After this period these are automatically deleted, unless we need to keep them for evidence purposes in the event of attacks on the server infrastructure or other legal violations.

Cookies
1. We use so-called cookies when you visit our website. Cookies are small text files that your internet browser stores and saves on your computer. When you visit our website again, these cookies provide information in order to automatically recognize you. Cookies also include the so-called “user IDs”, where user information is stored using pseudonymised profiles. When you visit our website, we will inform you about the use of cookies for the aforementioned purposes and how you can object to them or prevent their storage ("opt-out") by means of a reference to our data protection declaration.

A distinction is made between the following types of cookies:

• Necessary, essential cookies : Essential cookies are cookies that are absolutely necessary for the operation of the website in order to save certain functions of the website such as logins, shopping cart or user input, e.g. regarding the language of the website.

• Session cookies : Session cookies are used to recognize multiple uses of a
Offer required by the same user (e.g. if you have logged in to determine your login status). When you visit our site again, these cookies provide information in order to automatically recognize you. The information obtained in this way is used to optimize our offers and to give you easier access to our site. When you close the browser or log out, the session cookies are deleted.

• Persistent cookies : These cookies are saved even after the browser is closed. They are used to store the login, to measure the range and for marketing purposes. These are automatically deleted after a specified period, which can differ depending on the cookie. You can delete cookies at any time in the security settings of your browser.

• Cookies from third-party providers (third-party cookies, especially from advertisers) : You can configure your browser settings according to your wishes. B. Reject the acceptance of third-party cookies or all cookies. However, we would like to point out at this point that you may then not be able to use all the functions of this website. Read more about these cookies in the respective data protection declarations for the third-party providers.

2. Data categories: user data, cookies, user ID (in particular the pages visited, device information, access times and IP addresses).

3. Purposes of processing : The information obtained in this way is used to optimize our web offers technically and economically and to enable you to access our website more easily and securely.

4. Legal basis : If we process your personal data with the help of cookies on the basis of your consent (“opt-in”), then Article 6 (1) sentence 1 lit. a) GDPR is the legal basis. Otherwise we have a legitimate interest in the effective functionality, improvement and economic operation of the website, so that in this case Art. 6 Para. 1 S. 1 lit. f) GDPR
The legal basis is. The legal basis is also Article 6, Paragraph 1, Sentence 1, Letter b) GDPR, if the cookies are used to initiate contracts, e.g. for orders.

5. Storage period / deletion: The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. Otherwise, cookies are stored on your computer and transmitted to our site from there. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that not all functions of the website can be used to their full extent.

You can find information on deleting cookies by browser here :

Chrome: https://support.google.com/chrome/answer/95647

Safari: https://support.apple.com/de-at/guide/safari/sfri11471/mac

Firefox: https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen

Internet Explorer: https://support.microsoft.com/de-at/help/17442/windows-internet-explorer-delete-manage-cookies

Microsoft Edge: https://support.microsoft.com/de-at/help/4027947/windows-delete-cookies

6. Objection and “opt-out” : You can generally prevent cookies from being saved on your hard drive, regardless of your consent or legal permission, by selecting “do not accept cookies” in your browser settings. However, this can limit the functionality of our offers. You can opt out of third-party cookies for advertising purposes via this American website (https://optout.aboutads.info) or this European one
Website (http://www.youronlinechoices.com/de/praferenzmanagement/).

Contact via contact form / email / fax / post

1. When you contact us via the contact form, fax, post or email, your details will be processed for the purpose of handling the contact request.

2. If you have given your consent, the legal basis for processing the data is Art. 6
Para. 1 S. 1 lit. a) GDPR. Legal basis for the processing of the data in the course of a
Contact request or e-mail, a letter or fax are transmitted, is Art. 6 Abs. 1 S. 1 lit. f)
GDPR. The person responsible has a legitimate interest in the processing and storage of the data in order to be able to answer user inquiries, to preserve evidence for reasons of liability and, if necessary, to be able to meet his statutory retention requirements for business letters. If the contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 Para. 1 S. 1 lit. b) GDPR.

3. We can save your details and contact requests in our customer relationship management system ("CRM system") or a comparable system.

4. The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those that were sent by e-mail, this is the case when the respective conversation with you has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been finally clarified. We save inquiries from users who have an account or contract with us for up to two years after the end of the contract. In the case of legal archiving obligations, the deletion takes place after their expiry: End of commercial law (6 years) and tax law (10 years) retention obligation.

5. You have the option at any time to revoke your consent to the processing of personal data in accordance with Article 6, Paragraph 1, Sentence 1, Letter a) of the GDPR. If you contact us by email, you can object to the storage of personal data at any time.

Google Maps
1. We have integrated maps from “Google Maps” (provider: Google Ireland Limited, register no .: 368047, Gordon House, Barrow Street, Dublin 4, Ireland) on our website.

2. Data category and description of data processing : usage data (e.g. IP, location, page accessed). With Google Maps, we can display the location of addresses and directions directly on our website in interactive maps and enable you to use this tool. When you visit our website, where Google Maps is integrated, a connection to the Google servers in the USA is established. Your IP and location can be transmitted to Google. In addition, Google receives the information that you have accessed the corresponding page. This also takes place without a user account with Google. If you are logged into your Google account, Google can assign the above data to your account. If you do not want this, you have to log out of your Google account. Google creates user profiles from such data and uses this data for the purposes of advertising, market research or the optimization of its websites.

3. Purpose of processing: Provision of a user-friendly, economical and optimized website.
4. Legal bases: If you have given your consent to the processing of your personal data by the third party provider using “Google Maps” (“opt-in”), then Article 6 (1) sentence 1 lit. a) GDPR is the legal basis. The legal basis is also our legitimate interest in data processing in accordance with Article 6, Paragraph 1, Sentence 1, Letter f) of the GDPR.

5. Data transmission / recipient category : Third party providers in the USA.

6. Storage period: Cookies up to 6 months or until you delete them. Otherwise, as soon as they are no longer required for processing purposes.

7. Opposition and removal option: You have a right to object to Google against the creation of user profiles. Therefore, please contact Google directly using the data protection declaration below. You can make an opt-out objection with regard to the advertising cookies here in your Google account:
https://adssettings.google.com/authenticated.

8. In the terms of use of Google Maps at https://www.google.com/intl/de_de/help/terms_maps.html and in the privacy policy for advertising from Google at

https://policies.google.com/technologies/ads you will find further information on the use of Google cookies and their advertising technologies, storage duration, anonymization, location data, functionality and your rights. General data protection declaration from Google: https://policies.google.com/privacy.

Presence on social media
1. We maintain profiles and fan pages in social media. When you use and call up our profile in the respective network, the respective data protection information and terms of use of the respective network apply.

2. Data categories and description of data processing: usage data, contact details,
Content data, inventory data. Furthermore, the data of the users within social networks are saved in
Usually processed for market research and advertising purposes. For example, usage profiles can be created on the basis of user behavior and the interests of the users resulting therefrom. The usage profiles can in turn be used, for example, to place advertisements inside and outside the networks that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users' computers, in which the usage behavior and the interests of the users are stored. Furthermore, data can be stored in the usage profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them). For a detailed description of the respective forms of processing and the possibilities of objection (opt-out), we refer to the data protection declarations and information provided by the operators of the respective networks. In the case of requests for information and the assertion of data subject rights, we point out that these can be most effectively asserted with the providers. Only the providers have access to the data of the users and can take appropriate measures and provide information directly. If you still need help, you can contact us.

3. Purpose of processing: communication with users connected and registered on social networks; Information and advertising for our products, offers and services; External representation and image cultivation; Evaluation and analysis of the users and content of our presences in social media.

4. Legal basis: The legal basis for the processing of personal data is our legitimate interest in the above purposes in accordance with Art. 6 Para. 1 S. 1 lit.f) GDPR. Insofar as you have given us or the person responsible for the social network your consent to the processing of your personal data, the legal basis is Art. 6 Para. 1 S. 1 lit. a) in conjunction with Art. 7 GDPR.

5. Data transmission / recipient category : social network.

6. The data protection notices, information options and objection options (opt-out) of the respective networks / service providers can be found here:

• Facebook service provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland); Website: www.facebook.com; Data protection declaration: https://www.facebook.com/about/privacy/, Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com; Contradiction:
https://www.facebook.com/help/contact/2061665240770586; Agreement on joint processing of personal data on Facebook pages (Art. 26 GDPR):
https://www.facebook.com/legal/terms/page_controller_addendum, data protection information for Facebook pages: https://www.facebook.com/legal/terms/information_about_page_insights_data.

• XING - service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany) Data protection declaration / opt-out: https://privacy.xing.com/de/datenschutzerklaerung.

• LinkedIn - service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) - data protection declaration: https://www.linkedin.com/legal/privacy-policy, cookie policy and opt-out: https: // www .linkedin.com / legal / cookie-policy

Social media plug-ins

1. We use social media plug-ins from social networks on our website. We use the so-called "two-click solution" Shariff from c't or heise.de:
https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html; Service provider: Heise Medien GmbH & Co. KG, Karl-Wiechert-Allee 10, 30625 Hanover, Germany; Data protection:
https://www.heise.de/Datenschutzerklaerung-der-Heise-Medien-GmbH-Co-KG-4860.html.

2. Data category and description of data processing: usage data, content data,
Inventory data. When you visit our website, “Shariff” does not transmit any personal data to the third-party providers of the social plug-ins. Next to the logo or the brand of the social network you will find a controller with which you can activate the plug-in with a click.
This activation represents your consent in the form that the respective provider of the social network receives the information that you have accessed our website and that your personal data is transmitted to the provider of the plug-in and stored there. These are so-called third-party cookies. With some providers such as Facebook and XING, according to their information, your IP will be anonymized immediately after the survey. The plug-in provider saves the data collected about the user as a usage profile. You can revoke your consent at any time by deactivating the controller.

3. Purpose of data processing: improvement and optimization of our website; Increasing our awareness through social networks; Ability to interact with you and the users among themselves via social networks; Advertising, analysis and / or needs-based design of the website.

5. Data transmission / recipient category: social network.

6. Social networks used and objection: We refer you to the respective data protection declarations of the social networks with regard to the purpose and scope of data collection and processing. You will also find information about your rights and
Setting options to protect your personal data. You stand by
You have the right to object to the creation of these user profiles, whereby you can contact the respective plug-in provider directly to exercise these rights.

Facebook

1. We have plug-ins from the social network Facebook.com (company headquarters in the EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland) on our website as part of the so-called “two-click Solution ”from Shariff. You can recognize this by the Facebook logo“ f ”or the addition“ Like ”,“ Like ”or“ Share ”.

2. As soon as you willingly activate the Facebook plug-in, a connection will be established from your browser to the Facebook servers. In doing so, Facebook receives the information, including your IP, that you have accessed our website and transmits this information to Facebook servers in the USA, where this information is stored. If you are on Facebook in
If you are logged in to your account, Facebook can assign this information to your account. When you use the functions of the plug-in, e.g. pressing the “Like” button, this information is also transferred from your browser to the Facebook server in the USA and stored there and displayed in your Facebook profile and, if applicable, with your friends .

3. The purpose and scope of the data collection as well as its further processing and use of the data by Facebook as well as your related rights and setting options to protect your privacy can be found in Facebook's data protection information: https://www.facebook.com/about/privacy/ . Data collection with the "Like" button:
https://www.facebook.com/help/186325668085084. You can manage and object to your settings regarding the use of your profile data for advertising purposes on Facebook here:
https://www.facebook.com/ads/preferences/.

4. If you log out of Facebook before visiting our website and delete your cookies, no data about your visit to our website will be assigned to your profile on Facebook when the plug-in is activated.

5. Agreement on joint processing of personal data on Facebook pages (Art. 26 GDPR): https://www.facebook.com/legal/terms/page_controller_addendum, data protection information for Facebook pages: https: //www.facebook .com / legal / terms / information_about_page_insights_data.

XING
1. We have integrated plug-ins from the social network XING (XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany) on our website as part of the so-called “two-click solution” from Shariff. You can recognize this by the share button with a white XING logo and the "X" symbol on a green background.

2. If you willingly activate the XING share button on our website, when you access the respective website, your browser will establish a connection with the XING server. According to XING, no data is stored about the call from which XING could derive a direct personal reference. In particular, XING does not save any of your IP addresses and does not use cookies. When you click on the share button, you will be redirected to the XING homepage, where you can then - if you are logged in - recommend our site, which serves to increase our awareness and reach. With regard to these activities on the XING platform, the XING data protection declaration mentioned below applies.

3. If you log out of XING before visiting our website and delete your cookies, no data about your visit to our website will be assigned to your profile on XING when the plug-in is activated.

4. The purpose and scope of the data collection as well as its further processing and use of the data by XING as well as your related rights and setting options to protect your privacy can be found in XING's data protection information on the share button at https://www.xing.com/ app / share% 3Fop% 3Ddata_protection and XING's general data protection declaration at https://privacy.xing.com/de/datenschutzerklaerung.

Rights of the data subject

1. Objection or revocation against the processing of your data

Insofar as the processing is based on your consent in accordance with Art. 6 Paragraph 1 Sentence 1 lit. a), Art. 7 GDPR, you have the right to revoke your consent at any time. This does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation.

Insofar as we base the processing of your personal data on the balancing of interests in accordance with Art. 6 Para. 1 S. 1 lit. f) GDPR, you can object to the processing. This is the case, in particular, if the processing is not necessary to fulfill a contract with you, which we describe in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and either stop or adjust the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue processing.

You can object to the processing of your personal data for advertising and data analysis purposes at any time. You can exercise your right of objection free of charge. You can inform us about your objection to advertising using the following contact details:

Mr. Georg Ewald J. Bäuning
Industriepark 6
27777 Ganderkesee
Tel. +49 4222 400 3850
Email address: Ewald@GEB.vision

2. Right to information
You have the right to request confirmation from us as to whether personal data relating to you is being processed. If this is the case, you have the right to information about your personal data stored by us in accordance with Art. 15 GDPR. This includes, in particular, information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data, unless it was collected directly from you.

3. Right to rectification
You have the right to correct incorrect data or to complete correct data in accordance with Art. 16 GDPR.

4. Right to cancellation
You have the right to have your data stored by us deleted in accordance with Art. 17 GDPR, unless this is contrary to statutory or contractual retention periods or other statutory obligations or rights to further storage.

5. Right to Restriction
You have the right to request a restriction on the processing of your personal data if one of the requirements in Art. 18 Para. 1 lit. a) to d) GDPR is met:
• If you dispute the correctness of the personal data concerning you for a period of time that enables the person responsible to check the correctness of the personal data;
• the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
• the person responsible no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
• if you have lodged an objection to the processing in accordance with Art. 21 Paragraph 1 GDPR and it has not yet been determined whether the legitimate reasons of the person responsible outweigh your reasons.

6. Right to data portability
You have the right to data portability according to Art. 20 GDPR, which means that you can receive the personal data we have stored about you in a structured, common and machine-readable format or you can request that it be transmitted to another person responsible.

7. Right to Complain
You have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority in particular in the member state of your place of residence, your place of work or the place of the alleged violation.

Data security
In order to protect all personal data that is transmitted to us and to ensure that we and our external service providers comply with data protection regulations, we have taken suitable technical and organizational security measures. Therefore, among other things, all data between your browser and our server is encrypted via a secure SSL connection.

Status: 13.06.2021

Data Protection

Sales

Sales UK & Ireland

Manufacturer