Privacy policy

1. data protection - basics at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in our data protection declaration listed below this text.

Data collection on our website

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find the operator's contact details in the legal notice of this website.

How do we collect your data?
On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form.

Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter our website.

What do we use your data for?
Some of the data is collected in order to ensure the error-free provision of the website. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority.

Analysis tools and third-party tools
When you visit our website, your surfing behavior may be statistically evaluated. This is mainly done using cookies and so-called analysis programs. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. Detailed information on this can be found in the following privacy policy.

You can object to this analysis. We will inform you about the objection options in this privacy policy.

2. legal bases

The relevant legal bases are primarily derived from the GDPR. These are supplemented by national laws of the member states and may be applicable together with or in addition to the GDPR.

Consent
Art. 6 para. 1 lit. a) GDPR serves as the legal basis for processing operations for which we have obtained consent for a specific processing purpose.

Performance of a contract
Art. 6 para. 1 lit. b) GDPR serves as the legal basis for processing operations that are necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

Legal obligation
Art. 6 para. 1 lit. c) GDPR serves as the legal basis for processing operations which are necessary for compliance with a legal obligation.

Vital interests
Art. 6(1)(d) GDPR serves as the legal basis if processing is necessary in order to protect the vital interests of the data subject or of another natural person.

Public interest
Art. 6(1)(e) GDPR serves as the legal basis for processing operations that are necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Legitimate interest
Art. 6(1)(f) GDPR serves as the legal basis for processing that is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

3. rights of the data subjects

Right to information
Pursuant to Art. 15 GDPR, data subjects have the right to request confirmation as to whether we are processing data concerning them. They can request information about this data as well as the further information listed in Art. 15 para. 1 GDPR and a copy of their data.

Right to rectification
Pursuant to Art. 16 GDPR, data subjects have the right to request the rectification or completion of data concerning them and processed by us.

Right to erasure
Pursuant to Art. 17 GDPR, data subjects have the right to request the erasure of data concerning them without undue delay. Alternatively, they can request that we restrict the processing of their data in accordance with Art. 18 GDPR.

Right to data portability
Pursuant to Art. 20 GDPR, data subjects have the right to request the provision of the data they have provided to us and to request that it be transferred to another controller.

Right to lodge a complaint
Data subjects also have the right to lodge a complaint with the supervisory authority responsible for them in accordance with Art. 77 GDPR.

Right to object
If personal data is processed on the basis of legitimate interests in accordance with Art. 6 (1) sentence 1 (f) GDPR, data subjects have the right to object to the processing of their personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from their particular situation or the objection is directed against direct advertising. In the latter case, data subjects have a general right to object, which is implemented by us without specifying a particular situation.

4 General notes and mandatory information

Data protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

Information on the responsible body
The responsible body for data processing on this website is

CPC Unternehmensmanagement AG
The Squaire 12
Am Flughafen
D-60549 Frankfurt am Main

Phone: +49 69 56030303
E-Mail: contact@cpc-ag.de

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

Withdrawal of your consent to data processing
If we process your personal data as part of a balancing of interests on the basis of our overriding legitimate interest, you have the right to object to this processing at any time with effect for the future on grounds relating to your particular situation.

If you exercise your right to object, we will stop processing the data concerned. However, we reserve the right to continue processing if we can demonstrate compelling legitimate grounds for the processing which override your interests, fundamental rights and freedoms, or if the processing serves the establishment, exercise or defense of legal claims.

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. You can exercise your objection as described above.

If you exercise your right to object, we will stop processing the data concerned for direct marketing purposes. All you need to do is send an informal message or Email to datenschutz@cpc-ag.de. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to lodge a complaint with the competent supervisory authority
In the event of breaches of data protection law, the data subject has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, blocking, deletion
You have the right to free information about your stored personal data, its origin and recipients and the purpose of the data processing and, if applicable, a right to correction, blocking or deletion of this data at any time within the framework of the applicable legal provisions. You can contact us at any time at the address given in the legal notice if you have further questions on the subject of personal data. 

Objection to advertising emails
We hereby object to the use of contact data published as part of our duty to provide a legal notice for the purpose of sending unsolicited advertising and information material. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

5. data protection officer

We have appointed a data protection officer for our company.

Prof. Dr. Andreas Wamsler
Pestalozzistrasse 22
74321 Bietigheim

Phone: +49 7142 9669351
E-mail: datenschutz@cpc-ag.de

6. data collection on our website

Cookies
Some of the web pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies are used to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognize your browser on your next visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g. shopping cart function) are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies to analyze your surfing behavior) are stored, these are treated separately in this privacy policy.

Borlabs
This website uses the cookie consent tool of Borlabs GmbH, Hamburger Str. 11, 22083 Hamburg, Germany, which sets technically necessary cookies to store your cookie preferences. This data processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in providing a cookie consent management service for website visitors.

Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are

 

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources.

The basis for data processing is Art. 6 para. 1 lit. f GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

7. analysis tools and advertising

Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called "cookies". These are text files that are stored on your computer and enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.

Google Analytics cookies are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.

Leadinfo
This website uses the lead generation service of Leadinfo B.V., Rotterdam, Netherlands. This recognizes visits from companies to our website based on IP addresses and shows us publicly available information, such as company names or addresses. In addition, Leadinfo sets two first-party cookies to evaluate user behavior on our website and processes domains from form entries in order to correlate IP addresses with companies and improve services. Further information can be found at www.leadinfo.com. On this page: www.leadinfo.com/en/opt-out you have an opt-out option. If you opt out, your data will no longer be collected by Leadinfo."

IP anonymization
We have activated the IP anonymization function on this website. This means that your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser plugin
You can prevent the storage of cookies by selecting the appropriate settings in your browser software; however, please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Objection to data collection
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this website: Deactivate Google Analytics.

You can find more information on how Google Analytics handles user data in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Contract data processing
We have concluded a contract data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Demographic characteristics in Google Analytics
This website uses the "demographic characteristics" function of Google Analytics. This allows reports to be created that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google and from visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the section "Objection to data collection".

Matelso
Our website uses a service provided by matelso GmbH, Stuttgart. If you call a telephone number that matelso has connected for us, information about the telephone call is transferred to a web analysis service we use (e.g. Google Analytics). matelso also reads cookies set by our analysis service or other parameters of the website you have visited, for example referrer, document path, remote user agent. The corresponding information is processed by matelso in accordance with our instructions and stored on servers in the EU. You can find more information at: https://matelso.com/de/privacy-statement. You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.

8th Newsletter

Newsletter data
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected, or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.

The data entered in the newsletter registration form is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

The data you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.

9. plug-ins and integrated third-party content

We have integrated functions and content obtained from third-party providers into our online offering. For example, videos, presentations, buttons or contributions (hereinafter referred to as content) may be integrated. In order to display content to visitors to our website, the respective third-party provider processes, among other things, the IP address of the user so that the content can be transmitted to the browser and displayed. Without this processing, the integration of third-party content is not possible. In some cases, additional information is collected via so-called pixel tags or web beacons, whereby the third-party provider receives information about the use of the content or visitor traffic on our online offer, technical information about the user's browser or operating system, the time of the visit or referring websites. The data obtained in this way is stored in cookies on the user's end device.

Categories of data subjects: Users of the plug-in

Data categories:
Usage data (e.g. websites visited, interests, access time), meta and communication data (e.g. device information, IP address), contact data (e.g. email address, telephone number), master data (e.g. name, address)

Purposes of processing:
Design of our online offering, increasing the reach of advertisements in social media, sharing posts and content, interest-based and behavior-based marketing, cross-device tracking

Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)

Google Maps
This site uses the Google Maps map service via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

You can find more information on the handling of user data in Google's privacy policy: https://policies.google.com/privacy.

HubSpot
At CPC Unternehmensmanagement AG, we use HubSpot CRM (hereinafter referred to as "HubSpot"), an all-in-one platform for inbound marketing, sales, CRM and customer service from HubSpot Inc, 25 First Street, 2nd Floor, Cambridge, MA 02141 USA, to store and process data from and in our sales and marketing processes. As HubSpot cannot guarantee that data will not be transferred to the USA, we have concluded agreements with HubSpot on the basis of EU standard contractual clauses. HubSpot, Inc. participates in the EU-US Privacy Shield Agreement and the Swiss-U.S. Privacy Shield and is certified for compliance with them. Further information on the Privacy Shield Agreement can be found under "Privacy Shield List" on the homepage of the U.S. Department of Commerce(https://www.privacyshield.gov).

The following companies affiliated with HubSpot Inc. comply with the data protection principles of the named Privacy Shields: HubSpot Ireland Limited, HubSpot Australia Pty Ltd, HubSpot Asia Pte. Ltd. and HubSpot Japan KK.

We have concluded an order processing contract with HubSpot Inc. in accordance with Art. 28 GDPR and fully implement the resulting requirements.

Details and information on HubSpot's privacy policy can be found at https://legal.HubSpot.com/de/privacy-policy.

As we are a customer of HubSpot based in the European Economic Area ("EEA"), HubSpot Ireland Limited is our data controller for the processing of your personal data.

Specific details and information on the cookies used by HubSpot can be found at https://legal.HubSpot.com/cookie-policy and https://legal.HubSpot.com/de/cookie-policy. If you generally do not want HubSpot to collect data, you can prevent the storage of cookies at any time by changing your browser settings or by using the following opt-out link: Opt-Out Link.

You can contact HubSpot's data protection officer at privacy@HubSpot.com.

The central element of HubSpot are customer-related profiles that are generated as soon as initial contact is made with us by telephone, electronically/digitally, by email, via our website (e.g. by submitting a form) or our chatbot or in any other way.

We use HubSpot in our company for the following activities:

 

  • Customer Relations Management and Customer Service
  • Contact forms / e-mail
  • Individualized e-mail marketing (newsletter/infomail, automated e-mails, e.g. to provide downloads)
  • Content management (website and blog, landing pages)
  • Social Media Publishing & Reporting
  • Reporting (e.g. traffic sources, accesses, etc. ...)
  • Customer Relations Management and Customer Service
  • Applicant management

We record the data collected from you in the context of pre-contractual and contractual contacts in HubSpot in order to

 

  • maintain a customer and applicant file,
  • organize internal tasks,
  • organize general customer service (inquiries, requests for quotations, callbacks, etc.),
  • optimize and control internal processes (e.g. monitoring of customer contacts, task reminder management, reporting, etc.)
  • organize, control and optimize our inbound marketing

We collect this data because it is necessary for the performance of a contract with you or for the implementation of pre-contractual measures taken at your request within the meaning of Art. 6 para. 1 b) GDPR, or because the processing is necessary for compliance with a legal obligation, Art. 6 para. 1 c) GDPR, and CPC Unternehmensmanagement AG as the controller is subject to this obligation.

In addition, we collect and use this data on the basis of our legitimate interest within the meaning of Art. 6 para. 1 f) GDPR in order to contact our customers, to determine which of our company's services are of interest to our customers and for individualized advertising, insofar as this is legally permissible.

Contact form / E-Mail

Form fields that must be completed by you in any case in order to contact us via this form so that we can get back to you on your request are marked with an * as a mandatory field.

When you send us the form you have filled out, the data you provide, as well as your IP address, date and time, will first be processed for us by HubSpot and then made available to us in our HubSpot system. This processing of your personal data is necessary so that we can process and answer your request via the contact form, Art. 6 para. 1 b) GDPR.

If you contact us directly by email, we will also store and process the information you provide to us in this email and enter it into our Hubspot system. This processing of your personal data is necessary so that we can process and answer your request, Art. 6 para. 1 b) GDPR.

In addition, the data collected via the contact form and by e-mail is stored and processed in HubSpot in order to determine why customers have contacted us and which of our company's services are of particular interest to our customers within the scope of our legitimate interest within the meaning of Art. 6 para. 1 f) GDPR. In addition, we use this data to provide our contacts with individualized information about the services we offer, insofar as this is legally permissible.

We delete the data collected in this way if it is no longer required and any statutory retention obligations have expired. We check annually whether data needs to be deleted. Within the scope of the statutory retention obligations (6 years according to HGB, 10 years according to AO), the deletion takes place after the end of the year in which this expires.

Information for applicants:

As part of the job application process via our career website, we use HubSpot to collect and process the following personal data submitted by you as an applicant:

  • First name, last name
  • Address
  • E-mail address
  • Cell phone number
  • Cover letter
  • Curriculum vitae and relevant certificates and supporting documents 

We use this data exclusively to process your application. Only the employees involved in the application process have access to this data. The data will be deleted six months after the end of the application process. 

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. 

Contact form for e-mail marketing / blog updates
On our website you will find various contact forms that you can use to request free information material (marketing assets such as a web analysis kit, a white paper, etc.), event tickets and/or a newsletter (e.g. blog updates, etc.) on various areas of our services. To receive this information material from us, you must complete a form and send it to us. Form fields that you must complete in any case in order to receive the information material are marked with an * as a mandatory field.

The data collected via the contact forms for information material, free events and newsletter subscriptions is made available to us in HubSpot, where it is stored and processed. In addition to the data you enter, your IP address and the time at which you subscribed to the marketing newsletter are stored. In addition to the form data, HubSpot evaluates the data collected about you via cookies when you send the form data. With the help of HubSpot, we can send you individualized and tailored information about our services. This not only has the advantage for us that we only send you targeted information that we assume you are really interested in. We also monitor whether you are at all interested in the information we provide or whether we are just bothering you with unnecessary and annoying e-mails for us and for you. If we find this to be the case, we will endeavor not to provide you with any more information. After all, we have no interest in getting on your nerves with e-mails that you do not read and delete or, in the worst case, even keep us, CPC Unternehmensmanagement AG, in a negative memory. You have given your consent to this type of data processing in accordance with Art. 6 para. 1 a) GDPR. You can of course revoke this consent at any time.

Information material
If you request information material via our website, we will also obtain your consent for us to provide you with individualized and tailored information about our services by e-mail.

Newsletter
If you subscribe to a newsletter via our website, we will also obtain your consent for us to provide you with individualized and tailored information about our services by e-mail.

10. zoom

At CPC Unternehmensmanagement AG, we use the Zoom communication tool from Zoom Video Communications Inc. ("Zoom") for video and telephone conferences and for arranging appointments for video and telephone conferences. The processing of the data provided by you in the context of this meeting request is necessary for the performance of a contract to which you are a party or for the implementation of pre-contractual measures taken at your request.

Zoom participates in and has certified its compliance with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework. Zoom is committed to subjecting all personal data from European Union (EU) member countries and Switzerland to the Privacy Shield Framework's Principles in accordance with the Privacy Shield Framework. For more information about the Privacy Shield Framework, and to view our certification, please visit the U.S. Department of Commerce Privacy Shield List.

In certain cases, Zoom transfers personal data from the EU in accordance with European standard contractual clauses approved by the Commission. A version of the Standard Contractual Clauses can be found at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32010D0087.

Further details and information on Zoom's privacy policy can be found at https://zoom.us/de-de/privacy.html and https://zoom.us/de-de/gdpr.html.

11. social media presences

We maintain online presences on social networks and career platforms so that we can exchange information with the users registered there and get in touch with them easily. In some cases, the data of users in social networks is used to conduct market research and thus pursue advertising purposes. User profiles can be created based on the usage behavior of users, for example the indication of interests, and used to adapt advertisements to the interests of target groups. Cookies are regularly stored on users' end devices for this purpose, in some cases regardless of whether you are a registered user of the social network. In connection with the use of social media, we also use the associated messengers to communicate easily with users. We would like to point out that the security of individual services may depend on the user's account settings. Even in the case of end-to-end encryption, the service provider can draw conclusions about the fact that and when users communicate with us and may collect location data. Depending on where the social network is operated, user data may be processed outside the European Union or outside the European Economic Area. This may result in risks for users because, for example, it may be more difficult to enforce their rights.

Categories of data subjects: registered users and non-registered users of the social network

Data categories:
Master data (e.g. name, address), contact data (e.g. email address, telephone number), content data (e.g. text details, photographs, videos), usage data (e.g. websites visited, interests, access times), meta and communication data (e.g. device information, IP address)

Purposes of processing: expansion of reach, networking

Legal basis: Legitimate interests (Art. 6 para. 1 lit. f) GDPR), consent (Art. 6 para. 1 lit. a) GDPR)

Legitimate interests: Interaction and communication on social media presence, profit increase, insights about target groups

Facebook

Service used:
Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland

LinkedIn

Service used:
LinkedIn Corporation, 1000 West Maude Avenue, Sunnyvale, CA 94085, USA

YouTube

Service used:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

Xing

Service used:
New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany

12 Liability for own content

The contents of these pages have been created with the utmost care. However, we cannot accept any liability for the accuracy, completeness and topicality of the content. As a service provider, we are responsible for our own content on these pages in accordance with general legislation.

13 Liability for links (contents of external providers)

Cross-references ("links") to content provided by other providers are to be distinguished from our own content. We have no influence on their content; the respective provider or operator of the pages is always responsible for the content of the linked pages. 

14. contact

On our website, we offer the option of contacting us directly or obtaining information via various contact options. If contact is made, we process the data of the person making the inquiry to the extent necessary to answer or process the inquiry. The data processed may vary depending on how we are contacted.

Categories of data subjects: Inquiring persons

Data categories:
Master data (e.g. name, address), contact data (e.g. email address, telephone number), content data (e.g. text entries, photographs, videos), usage data (e.g. interests, access times), meta and communication data (e.g. device information, IP address).

Purposes of processing: Processing of inquiries

Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR), fulfillment or initiation of a contract (Art. 6 para. 1 lit. b) GDPR)

15. data transmission

We transmit the personal data of visitors to our online offering for internal purposes (e.g. for internal administration or to the HR department in order to comply with legal or contractual obligations). The internal transfer or disclosure of data only takes place to the extent necessary in compliance with the relevant data protection regulations.

It may be necessary for us to disclose personal data in order to perform contracts or to fulfill a legal obligation. If we are not provided with the data required in this respect, it may not be possible to conclude the contract with the data subject.

We transfer data to countries outside the EEA (so-called third countries). This is done for the purposes stated above (transfer within the Group and/or other recipients). The transfer only takes place to fulfill our contractual and legal obligations or on the basis of the data subject's prior consent. In addition, this transfer takes place in compliance with the applicable data protection laws and in particular in accordance with Art. 44 et seq. GDPR, in particular on the basis of adequacy decisions issued by the European Commission or on the basis of certain guarantees (e.g. standard data protection clauses, etc.).

16. storage period

We generally store the data of visitors to our online offering for as long as this is necessary to provide our service or if this has been provided for by the European legislator or another legislator in laws or regulations to which we are subject. In all other cases, we delete the personal data after the purpose has been fulfilled, with the exception of data that we must continue to store in order to fulfill legal obligations (e.g. we are obliged to retain documents such as contracts and invoices for a certain period of time due to retention periods under tax and commercial law).

17. amendment of this data protection notice

We will revise this data protection information in the event of changes to data processing or other occasions that make this necessary. You will always find the current version on this website.

(as at: 31.10.2020)

18. data protection Microsoft Teams

Data protection information for online meetings, telephone conferences and webinars via "Microsoft Teams" of the CPC Unternehmensmanagement AG group of companies.

We would like to inform you below about the processing of personal data in connection with the use of "Microsoft Teams".

Purpose of processing
We use the "Microsoft Teams" tool to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter: "online meetings"). "Microsoft Teams" is a service of Microsoft Corporation.

Responsible party
The party responsible for data processing directly related to the holding of "online meetings" is the respective legal entity of the CPC Unternehmensmanagement AG group of companies within which the meeting is organized. This information can be found in the e-mail signature of the organizer of the "online meeting".

Note: If you access the "Microsoft Teams" website, the provider of "Microsoft Teams" is responsible for data processing. However, accessing the website is only necessary for the use of "Microsoft Teams" in order to download the software for the use of "Microsoft Teams".

If you do not want to or cannot use the "Microsoft Teams" app, you can also use "Microsoft Teams" via your browser. The service is then also provided via the "Microsoft Teams" website.

What data is processed?
Various types of data are processed when using "Microsoft Teams". The scope of the data also depends on the data you provide before or when participating in an "online meeting". 

The following personal data is processed
User details: e.g. display name, email address if applicable, profile picture (optional), preferred language Meeting metadata: e.g. date, time, meeting ID, telephone numbers, location Text, audio and video data: You may have the option of using the chat function in an "online meeting". In this respect, the text entries you make are processed in order to display them in the "online meeting". In order to enable the display of video and the playback of audio, the data from the microphone of your end device and from any video camera of the end device will be processed accordingly for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time via the "Microsoft Teams" applications.

Scope of processing
We use "Microsoft Teams" to conduct "online meetings". If we want to record "online meetings", we will inform you transparently in advance and - if necessary - ask for your consent.

If it is necessary for the purposes of logging the results of an online meeting, we will log the chat content. However, this will not usually be the case.

Automated decision-making within the meaning of Art. 22 GDPR is not used.

Legal basis for data processing
Insofar as personal data of employees of the CPC Unternehmensmanagement AG group of companies is processed, Section 26 BDSG is the legal basis for data processing. If, in connection with the use of "Microsoft Teams", personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component of the use of "Microsoft Teams", Art. 6 para. 1 lit. f) GDPR is the legal basis for data processing. In these cases, our interest lies in the effective conduct of "online meetings".

In addition, the legal basis for data processing when conducting "online meetings" is Art. 6 para. 1 lit. b) GDPR, insofar as the meetings are conducted within the framework of contractual relationships.

If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) GDPR. Here too, we have an interest in the effective conduct of "online meetings".

Recipients / disclosure of data
Personal data that is processed in connection with participation in "online meetings" is not disclosed to third parties unless it is intended for disclosure. Please note that content from "online meetings" as well as personal meetings is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on. 

Other recipients: The provider of "Microsoft Teams" necessarily receives knowledge of the above-mentioned data, insofar as this is provided for in our order processing contract with "Microsoft Teams".

Deletion of data
We generally delete personal data when there is no need for further storage. A requirement may exist in particular if the data is still needed to fulfill contractual services, to check and grant or defend against warranty and guarantee claims. In the case of statutory retention obligations, deletion will only be considered after the respective retention obligation has expired.

Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint about the processing of personal data by us with a supervisory authority for data protection.

ChatGPT driver's license: How companies minimize legal and compliance risks