Data Privacy Statement

Table of contents

I. General information on data protection

II. privacy policy website

 

I. General information on data protection

1.1 Information on the responsible body:

ORGADATA Datenservice GmbH

Laurentiusstraße 21

42103 Wuppertal

We attach particular importance to the protection of your personal data. Your personal data is processed in accordance with data protection regulations, in particular the European General Data Protection Regulation (EU GDPR) and the German Federal Data Protection Act (BDSG).

The following information provides an overview of the type, scope and purpose of the collection, processing and transmission of personal data as well as the security measures used to protect this data.

Personal data are individual details about the personal or factual circumstances of an identified or identifiable natural person, such as your name, address, telephone number, date of birth, email address and IP address.

1.2 Legal basis for the processing of personal data

  • Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a EU GDPR serves as the legal basis. You can revoke your consent to this processing at any time for the future in accordance with Art. 7 para. 3 EU GDPR.
  • When processing personal data that is necessary for the fulfilment of a contract or for the implementation of pre-contractual measures, Art. 6 para. 1 lit. b EU GDPR serves as the legal basis.
  • Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c EU GDPR serves as the legal basis.
  • If processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, the legal basis for processing is Article 6(1)(f) of the EU GDPR. In this case, you have a right to object in accordance with Art. 21 EU GDPR.

1.3 Data erasure and storage duration

Personal data will be deleted as soon as the purpose of storage no longer applies. Data may also be stored if this is provided for by statutory retention obligations to which our company is subject (e.g. retention periods of up to 10 years under accounting and tax law in accordance with the German Fiscal Code (AO) and German Commercial Code (HGB)).

1.4 Your rights

Upon written request, we will inform you in accordance with Art. 15 EU GDPR in accordance with our legal obligation under Art. 12 EU GDPR whether and which of your personal data is processed or stored by us. Furthermore, you have the right to rectification of inaccurate data in accordance with Art. 16 EU GDPR, data portability in accordance with Art. 20 EU GDPR, blocking and erasure of your personal data in accordance with Art. 17 EU GDPR - provided there are no legal obligations to retain data - and the right to restriction of processing in accordance with Art. 18 EU GDPR. You also have the right to contact the competent supervisory authority in accordance with Art. 77 EU GDPR.

IN ADDITION, YOU HAVE THE RIGHT TO OBJECT PURSUANT TO ART. 21 EU GDPR IF THE PROCESSING IS BASED ON LEGITIMATE INTERESTS IN ACCORDANCE WITH ART. 6 ABS. 1 LIT. F EU GDPR.

If you have given us your consent to process your data, you can of course revoke this consent at any time for the future in accordance with Art. 7 para. 3 EU GDPR.

If you have any questions regarding the processing of your personal data, you can contact our data protection contact person, who is also available to you in the event of requests for information, suggestions or complaints.   

ORGADATA Datenservice GmbH

Laurentiusstraße 21

42103 Wuppertal

E-mail: info@orgadata-ds.com

1.5 Changes to our privacy policy

In order to ensure that our privacy policy always complies with the current legal requirements, we reserve the right to make changes at any time. This also applies in the event that the privacy policy has to be adapted due to new or revised services, for example new services.

Status: 02/2025

 

II Privacy policy website

2.1 Provision of the website

Use of hosting service providers

Our website is hosted on servers of a hosting service provider located in the EU on the basis of order processing in accordance with Art. 28 EU GDPR. As part of its services, the hosting service provider may have access to personal data of our users, in particular to technical data that is generated as part of the technical communication between you and our website (e.g. server log files). They may not use this data for their own purposes. The use of a hosting service provider is based on our legitimate interests pursuant to Art. 6 para. 1 lit. f EU GDPR in the provision of infrastructure and platform services, computing capacity, e-mail dispatch and security services.

Server log files

When you visit our website or use its services, the device you use to access the site automatically transmits log data (connection data) to our server. The corresponding information consists of

  • Type and version of the browser you are using,
  • Type and version of the operating system you are using,
  • Referrer URL of the page from which you accessed our website,
  • Date and time of access to our website,
  • Name of the subpages you accessed,
  • IP address of your computer system,
  • Amount of data transferred in each case.

The data collected is used exclusively for statistical evaluations for the purpose of the operation, security and optimisation of the website. For security reasons, however, we reserve the right to check the log data retrospectively if there is a justified suspicion of unlawful use based on concrete evidence. The data will not be stored for longer than necessary for this purpose. This collection is based on our legitimate interests in accordance with Art. 6 para. 1 lit. f EU GDPR.

Cookies

We use so-called cookies in some areas of the website in order to recognise visitor preferences and to be able to design the website in an optimal and attractive way. This facilitates navigation and a high degree of user-friendliness of the website. The processing by cookies for the technical provision of the website constitutes a legitimate interest pursuant to Art. 6 para. 1 lit. f EU GDPR / § 25 para. 2 TDDDG. In addition, the legal basis is Art. 6 para. 1 lit. a EU GDPR or Section 25 para. 1 TDDDG if we require your consent for the use of cookies (e.g. for marketing or analysis purposes).

Cookies are technologies that your browser automatically creates and that are stored on your end device when you visit our website. Cookies do not cause any damage to your computer and do not contain viruses. Most of the cookies we use are deleted again at the end of the browser session (so-called session cookies). Other cookies remain on your computer and enable us to recognise your computer on your next visit (so-called persistent or cross-session cookies). Thanks to these files, it is possible, for example, to display information on the site that is specifically tailored to your interests.

You can set your browser so that it informs you about the placement of cookies. This makes the use of cookies transparent for you. If you completely exclude the use of cookies, you may not be able to use individual functions of this website. 

Webcare

We use the DataReporter WebCare consent banner to obtain consent for the use of cookies and tools on our website in accordance with data protection regulations. This is a service provided by DataReporter GmbH, Zeileisstraße 6, 4600 Wels, Austria (‘DataReporter’).

You can find more information about this company at www.datareporter.eu. The Consent Banner records and stores the decision of the respective user of our website. Our consent banner ensures that statistical and marketing cookies are only set once the user has given their express consent to their use.

For this purpose, we store information on the extent to which the user has confirmed the use of cookies. The user's decision can be revoked at any time by accessing the cookie settings and managing the declaration of consent. Existing cookies are deleted after consent is revoked. A cookie is also set to store information about the status of the user's consent, which is referred to in the cookie details. Furthermore, the IP address of the respective user is transmitted to DataReporter servers when this service is called up. The IP address is neither stored nor associated with any other data of the user, it is only used for the correct execution of the service. The use of the above-mentioned data is therefore based on our legitimate interest in the legally compliant design of our website in accordance with Art. 6 para. 1 lit. f GDPR and Art. 6 para. 1 lit. c GDPR to comply with legal obligations and to provide evidence of the consent given.

Further information can be found in DataReporter's privacy policy at HTTPS://WWW.DATAREPORTER.EU/DE/PRIVACYSTATEMENT.HTML

Enquiries about this service can be sent to office@datareporter.eu.

Security of your data

We use technical and organisational security measures to adequately protect the data provided by you against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. We therefore use SSL encryption for the transmission of confidential content, such as enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from ‘http://’ to ‘https://’ and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties. Our security measures are developed in line with the state of the art.

2.2 Making contact

If you contact us (e.g. via contact form, e-mail, telephone, social media), your personal data will be stored and processed by us for the purpose of processing the enquiry and any associated follow-up questions in accordance with Art. 6 para. 1 lit. b EU GDPR (in the context of pre-contractual/contractual measures) or in accordance with Art. 6 para. 1 lit. f EU GDPR (general enquiries). We do not pass on this data without your consent.

The data you provide will remain with us until you request us to delete it, object to its storage or the purpose for which it was stored no longer applies (i.e. after your enquiry has been processed), provided that there are no statutory retention obligations to the contrary.

2.3 Registration

If you register on our website in order to order goods, services and information in our online portal, personal data will be collected. Registration enables access to services and content that are only available to registered users. If required, registered users have the option of changing or deleting the data provided during registration at any time. Your data may be passed on to shipping and payment service providers commissioned by us to process your order. Your data will not be passed on to third parties beyond this. The processing of your personal data is carried out on the basis of contract processing (in accordance with Art. 6 para. 1 lit. b EU GDPR). This data will be deleted in accordance with the statutory retention obligations.

2.4 Newsletter

If you register for our newsletter on our website, we will use the personal data you provide in this context exclusively for sending the newsletter. 

The registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registering, you will receive an email asking you to confirm your registration. This confirmation is necessary to prevent registrations from third-party e-mail addresses. Subscriptions to the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements (consent pursuant to Art. 6 para. 1 lit. a EU GDPR). This includes storing the time of registration and confirmation as well as the IP address. Any data that we receive from you and the logged information will not be passed on to third parties. 

You can revoke your consent to the collection and storage of your data and its use for sending the newsletter at any time without giving reasons. You will find a link to cancel the newsletter at the end of each newsletter.

2.5 Analysis tools

The analysis measures listed below and used by us are carried out on the basis of Art. 6 para. 1 lit. a EU GDPR (consent). By using these analysis measures, we want to ensure that our website is designed to meet requirements and is continuously optimised. We use the analysis tools to record the use of our website in pseudonymised form and evaluate it for the purpose of optimising our offering.

You can revoke your consent to us at any time with effect for the future.

Google Analytics

This website uses functions of the web analysis service Google Analytics to measure and analyse user behaviour on our website and to improve our online offering and tailor it to the needs of our users. The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland. Pseudonymous profiles based on the use of different devices can be created to analyse and better track user behaviour. Google Analytics uses cookies for this purpose. These cookies enable us to track the behaviour of a user on different end devices without identifying a specific person. Google Analytics is used on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR. The data collected is stored for 14 months before it is automatically deleted.

Geolocalisation and IP anonymisation

Google Analytics does not use individual IP addresses in the EU. Instead, rough geographic location data is stored based on the following derived information: city (as well as the latitude and longitude of the city), continent, country, region, subcontinent (and associated ID-based counterparts). For EU users, the IP address is used exclusively for geolocalisation and then deleted immediately. The full IP address is not stored, logged or used for any other purpose. All IP queries are carried out on servers within the EU before the data is forwarded to Google Analytics servers for further processing. The data collected by Google Analytics may be processed on Google servers in the USA. Google LLC is certified under the Data Privacy Framework and is obliged to guarantee an appropriate level of data protection. There is also an order processing contract with Google which can be accessed here: https://business.safety.google/adsprocessorterms/

Withdrawal of your consent and opt-out options

You can withdraw your consent to data processing by Google Analytics at any time. You can do this either by adjusting your cookie settings on our website or by installing the Google Analytics opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=de. Alternatively, you can prevent the storage of cookies by selecting the appropriate settings in your browser software. Please note, however, that this may restrict the use of certain functions of our website. 

You can find more information on how Google handles user data in Google's privacy policy: https://policies.google.com/privacy.  

Meta Pixel

This website uses the visitor action pixel from Meta to measure conversions. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Meta, the data collected is also transferred to the USA and other third countries.

This allows the behaviour of site visitors to be tracked after they have been redirected to the provider's website by clicking on a Meta ad. This allows the effectiveness of the meta adverts to be evaluated for statistical and market research purposes and future advertising measures to be optimised.

The data collected is anonymous to us as the operator of this website; we cannot draw any conclusions about the identity of the user. However, the data is stored and processed by Meta so that a connection to the respective user profile is possible and Meta can use the data for its own advertising purposes in accordance with the Meta Data Usage Policy. This enables Meta to place adverts on Meta pages and outside Meta. This use of the data cannot be influenced by us as the website operator.

The use of Meta pixels is based on Art. 6 para. 1 lit. f EU GDPR. The website operator has a legitimate interest in effective advertising measures, including social media. A corresponding consent is requested for the processing of your data (e.g. consent to the storage of cookies). This processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a EU GDPR; consent can be revoked at any time.

You can find further information on protecting your privacy in Meta's data protection information: HTTPS://DE-DE.FACEBOOK.COM/ABOUT/PRIVACY/

You can also deactivate the remarketing function ‘Custom Audiences’ in the settings section for adverts at HTTPS://WWW.FACEBOOK.COM/ADS/PREFERENCES/?ENTRY_PRODUCT=AD_SETTINGS_SCREEN or on the website of the European Interactive Digital Advertising Alliance: https://www.youronlinechoices.com/de/praferenzmanagement/.

LinkedIn Insight Tag

This website uses functions of the LinkedIn Insight Tag conversion tracking technology. The provider is LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland. LinkedIn uses so-called ‘cookies’. These are text files that are stored on your computer and enable personalised advertisements on LinkedIn. We also receive anonymous reports on the performance of the adverts and information on website interaction. The LinkedIn Insight Tag establishes a connection to the LinkedIn server, stores your data in encrypted form and anonymises it within seven days.

Please note that LinkedIn is also based in the USA and also processes user data in the USA. LinkedIn only transfers user data to countries for which the European Commission has issued an adequacy decision in accordance with Art. 45 EU GDPR or on the basis of suitable guarantees in accordance with Art. 46 EU GDPR (e.g. standard contractual clauses). LinkedIn also undertakes to comply with the European level of data protection in the USA by providing appropriate guarantees. You can find more information on this at: HTTPS://EN.LINKEDIN.COM/LEGAL/L/DPA and HTTPS://WWW.LINKEDIN.COM/LEGAL/L/EU-SCCS.

Further information on the collection and processing of your data using conversion tracking technology can be found in LinkedIn's privacy policy: HTTPS://WWW.LINKEDIN.COM/LEGAL/PRIVACY-POLICY. You can find further setting options to protect your privacy or opt-out in your user account at HTTPS://WWW.LINKEDIN.COM/PSETTINGS/GUEST-CONTROLS/RETARGETING-OPT-OUT.

2.6 Third-party content and services

On the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f EU GDPR, content, services and services from other providers that complement our offer are integrated within our online offer. By using the services listed below, we want to ensure that our website is designed to meet your needs and is continuously optimised. If we request your consent for the use of these services, the legal basis is Art. 6 para. 1 lit. a EU GDPR.

Google Tag Manager

Google Tag Manager is used on our website. Google Tag Manager is a solution from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland that allows us to manage website tags via an interface. The tool itself (which implements the tags) is a cookie-free domain that does not collect any personal data. The Google Tag Manager triggers other tags, which in turn may collect data. The Google Tag Manager does not access this data. If deactivation has been carried out by the user at domain or cookie level, this remains in place for all tracking tags that are implemented with Google Tag Manager. The tags used are named separately below and can be individually edited by you in the data protection settings, for example by deactivating cookies for these elements. Further information: https://www.google.com/policies/privacy/.

Albacross

We obtain your consent to process personal data on behalf of Albacross Nordic AB (‘Albacross’).

The information collected through cookies on your device, which may be referred to as personal data, is processed by Albacross, a company that provides lead identification and ad targeting through its offices in Stockholm and Krakow. Full contact details can be found below.

By processing personal data, Albacross can improve a service provided by us and our website (e.g. lead generation service) by adding data to the database about companies.

The data collected and used by Albacross is intended to provide information about the IP address you used to access our website, as well as technical information that allows Albacross to distinguish between different users with the same IP address. Albacross stores the domain of the form input in order to assign the IP address to your employer.

Full information on the processing of personal data can be found in our PRIVACY POLICY.

You can withdraw your consent to this processing at any time. Address your cancellation either to us or directly to ALBACROSS: Albacross Nordic AB, Company reg. no 556942-7338, Kungsgatan 26, 111 35 Stockholm, Sweden.

Microsoft Clarity

Personal data is processed when you visit this website. Categories of data processed: Data for the creation of usage statistics. Purpose of processing: Anonymisation and creation of statistics and analysis of user behaviour.

The legal basis for processing: Your consent in accordance with Art. 6 (1) a GDPR. Data is transferred: to the independent controller Microsoft Ireland Operations Ltd, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. The legal basis for the transfer of data to Microsoft Ireland Operations Ltd. is your consent in accordance with Art. 6 (1) a GDPR. This may also involve the transfer of personal data to a country outside the European Union.

The transfer of data to the USA is based on Art. 45 GDPR in conjunction with the European Commission's adequacy decision C(2023) 4745, as the data recipient has undertaken to comply with the data processing principles of the Data Pricacy Framework (DPF).

INFORMATION ABOUT THE DPF MEMBERSHIP OF MICROSOFT IRELAND OPERATIONS LTD. To contact the Data Protection Officer of Microsoft Ireland Operations Ltd by email:  https://www.microsoft.com/de-at/concern/privacy. The privacy policy of Microsoft Ireland Operations Ltd.: HTTPS://PRIVACY.MICROSOFT.COM/DE-DE/PRIVACYSTATEMENT.

Links to Third-Party Websites
Based on our legitimate interest, it may occur that links to other providers, which complement our offering, are included within this online service. When accessing websites referred to on this webpage, you may be asked again for information such as your name, IP address, browser properties, etc. This privacy policy does not govern the collection, sharing, or handling of personal data by third parties. Please take note of the specific privacy policies of the individual third-party providers and service providers whose links we include on our website in this context.

2.7 Minors
Our online offering is generally directed at adults. Personal information from individuals who have not yet reached the age of 16 may only be provided to us with the explicit consent of their legal guardian (Art. 8 GDPR). Processing without the consent of the legal guardian is not permitted. We therefore reserve the right to delete all data concerning minors if we do not have the consent of a legal guardian.