Legal

ANOVA GmbH Privacy Notice
This Privacy Notice informs you about how we process your personal data and tells you about your rights under data protection law. We process your personal data in accordance with the EU's General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and all other applicable laws. We understand how important it is to you that your privacy is protected when you use our websites and our apps. We take our duty very seriously to ensure that your data remains confidential in accordance with the applicable provisions of data protection law, as this is in our mutual interest. We use up-to-date technology to communicate with you and to protect your data.

This Privacy Notice applies to ANOVA GmbH's websites and to its apps for mobile devices. This website provides links to third-party websites (external links). These websites are the responsibility of their respective operators. If you notice that links on our website lead to websites with content that breaks the law, please inform us of this by emailing vasb@nabin.qr. We will then remove these links from our website immediately. We cannot accept any responsibility for the accuracy, completeness or quality of the information provided or for it being up-to-date.

We would like to point out that transferring data over the Internet is not always secure. It is therefore not possible to ensure that data is fully protected from access by third parties.


1. Who is responsible for data processing?
ANOVA GmbH, Joachim-Jungius-Straße 10, 18059 Rostock, Germany
Data protection officer
Tel: +49 381 2026 02 20
Fax: +49 381 2026 02 21
Email address vasb@nabin.qr

Our data protection officer can be contacted at the above address or as follows:
Email address qngrafpuhgm@nabin.qr


2. For which purposes and for what legal basis do we process your data?
a) When you visit our website:
When you visit our websites www.anova.de and www.deco21.de, your device's browser automatically sends information to our web server. This information is temporarily stored in a log file. During this process, the following information is collected without any action on your part until it is automatically deleted:
  • IP address of the computer sending the request
  • Date and time of access
  • Name and URL of the file you are accessing
  • Website from which you are accessing our website (referrer URL)
  • The browser you are using and possibly your computer's operating system and the name of your access provider

We process this data for the following purposes:
  • To ensure a stable connection to our website
  • To ensure our website is easy to use
  • To evaluate our system security and stability
  • For further administrative purposes
  • To ensure our IT systems are secure and operational
  • To advertise our own training programs and other ANOVA GmbH products and for the purposes of market research and opinion polls

The legal basis for our data processing activities is Article 6 Paragraph 1 Sentence 1(f) GDPR. Our legitimate interest is based on the data collection purposes listed above. We never use the data to identify you as a person. We also use cookies and analytics services when you visit our website. More information on this can be found in Sections 4 and 5 of this Privacy Notice.

b) When you contact us, e. g. by email:
We collect personal data when you contact our company. If you choose to contact us using the contact form provided on our website, the type and extent of the data collected is clear from the form itself; if you decide to contact us in another way (e. g. by email), you decide by means of the content of the message you send to us the type and extent of the data you transfer to us. The data will be used exclusively for the purpose of processing your request and the necessary associated technical administration. The processing of data after you have contacted us takes places in accordance with Article 6 Paragraph 1 Sentence 1(a) GDPR on the basis of your freely given consent. The personal data we collect will be deleted automatically as soon as we have finished handling your request, provided that the matter is fully resolved and there are no statutory retention requirements. Your email address will be stored solely for the purpose of corresponding with you and will not be disclosed to third parties.

We also process your personal data for the purpose of complying with legal obligations, such as retention requirements under commercial and tax law. In such cases, the legal basis for processing is the applicable legislation in conjunction with Article 6 Paragraph 1 Sentence 1(c) GDPR.


3. To which recipients do we transfer your personal data?
Your personal data will only be transferred to third parties for the purposes listed below.
We only transfer your personal data to third parties if:
  • you have given your express consent to this in accordance with Article 6 Paragraph 1 Sentence 1(a) GDPR.
  • the transfer is necessary in accordance with Article 6 Paragraph 1 Sentence 1(f) GDPR for the establishment, exercise or defense of legal claims and there is no reason to believe that you have an overriding legitimate interest in your data not being disclosed.
  • there is a legal obligation to transfer your data in accordance with Article 6 Paragraph 1 Sentence 1(c) GDPR
  • doing so is legally permissible and, in accordance with Article 6 Paragraph 1 Sentence 1(b) GDPR, is necessary in order to fulfill the terms of a contractual relationship with you; in such cases, your data will be transferred to selected external service providers working in the field of IT operations


4. Do we transfer data outside of Europe?
We only transfer personal data to service providers or group companies located outside the European Economic Area (EEA) if the European Commission has confirmed that the third country has an adequate level of data protection or other adequate data protection guarantees (e. g. the agreement of standard contractual clauses in accordance with EU law, Privacy Shield) are in place. You can also request information by contacting us using the details provided above.


5. Website

5.1 Use of cookies
Our website uses cookies. Cookies are small files that your browser automatically creates and that are stored on your device (PC, laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your device and do not contain any viruses, Trojans or other malicious software. Cookies store information relating to the specific end device that is being used. This does not, however, mean that we can use them to gain direct knowledge of your identity. On the one hand, we use cookies to make our website more convenient for you to use. This involves the use of session cookies, which detect that you have already visited certain pages on our website. Session cookies are deleted automatically as soon as you leave our website. To make our website more user-friendly, we also use temporary cookies, which are stored on your device for a certain period of time. If you visit our website again to make use of our services, the cookie automatically recognizes that you have visited our website before and detects which data you have already entered and settings you have already changed so that you do not need to do this again. On the other hand, we use cookies to collect statistical data about how our website is used and so that we can improve our website for you (see Section 5). If you visit our website again, these cookies enable us to automatically recognize that you have already accessed our site. These cookies are deleted automatically after a certain period of time. The processing of data by cookies for the aforementioned purposes is necessary in order to safeguard our legitimate interests and those of third parties in accordance with Article 6 Paragraph 1 Sentence 1(f) GDPR. Most browsers accept cookies by default. However, you can configure your browser so that no cookies are saved on your computer or so that a warning always appears before a new cookie is saved. Please note that fully deactivating cookies may mean that you are not able to use all of our website's features.

5.2 Use of GOOGLE ADWORDS CONVERSION TRACKING
As a Google AdWords customer, we use Google conversion tracking, an analytics service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). If you accessed our website by clicking on a Google ad, Google AdWords will place a cookie on your computer known as a conversion cookie. These cookies expire after 30 days and cannot be used to identify you. If you visit certain pages on our website before the cookie has expired, Google and we can detect that someone clicked on the ad and was forwarded to our web page. A different cookie is allocated to each AdWords customer. This means that cookies cannot be tracked across the websites of AdWords customers. The information obtained with the help of the conversion cookie is used to create conversion statistics for AdWords customers who have chosen to make use of conversion tracking. This enables AdWords customers to find out the total number of users who have clicked on their ad and were forwarded to a page to which a conversion tracking tag has been added. AdWords customers do not, however, obtain any information that can be used to personally identify users.
If you do not wish to be included in the tracking, you can opt out by changing your browser settings so that cookies are not installed (deactivation). This means that you will not be included in the conversion tracking statistics.
Further information and Google's Privacy Policy can be found at: http://www.google.de/policies/privacy/

5.3 Use of REMARKETING or the "SIMILAR AUDIENCES" feature provided by GOOGLE INC.
We may use the remarketing technology provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). This technology is used to display targeted ads on websites within the Google partner network to users who have already accessed our web pages and online services and who have already shown an interest in our company. The ads are displayed by means of cookies, which are small text files that are stored on the user's computer. These text files analyze how users behave when they visit our website so that these findings can subsequently be used for the purpose of targeted product recommendations and interest-based advertising.
If you do not wish to receive any interest-based advertising, you can stop Google from using cookies for these purposes by visiting https://support.google.com/ads/answer/7395996.
Alternatively, you can stop third-party providers from using cookies by visiting the deactivation page of the Network Advertising Initiative at https://www.networkadvertising.org/understanding-online-advertising/what-are-my-options and following the opt-out instructions provided.
Further information about Google remarketing and Google's Privacy Policy can be found at: https://www.google.com/policies/technologies/ads/. By using our services, you consent to Google processing the data collected about you in the manner and for the purpose described above. Please note that Google has its own privacy policy and that this is independent from our own. We cannot accept any responsibility or liability for this policy and for these processes.

5.4 Use of FACEBOOK CONVERSION TRACKING
Our website may also use the visitor actions pixel provided by Facebook, Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook") to evaluate and support our online marketing campaigns. This pixel allows us to track users’ behavior after they have viewed or clicked on a Facebook ad. This enables us to collect information about the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous, meaning that we do not receive the personal data of individual users. However, this data is stored and processed by Facebook and we can only inform you about this to the best of our knowledge. Facebook can link this data with your Facebook account and use it for its own advertising purposes in accordance with its Data Policy (http://www.facebook.com/about/privacy). You can allow Facebook and its partners to display adverts on and outside of Facebook. A cookie may also be stored on your computer for these purposes.

5.5 Use of FACEBOOK RETARGETING
Our website may use the remarketing or Custom Audience feature provided by Facebook. We can use this feature to reach visitors to our website by displaying targeted, interest-based ads to them when they visit Facebook. Facebook uses cookies to analyze how our website is used and this forms the basis for the generation of the interest-based ads. This process involves Facebook saving a small file containing a sequence of numbers to the browsers of the visitors to our website. This series of numbers is used to record visitors to our website and to collect anonymous data about how our website is used. No personal data is collected about the visitors to our website. If you visit Facebook again, it is very likely that you will see adverts that take into account product and information pages that you have accessed previously.

5.6 Use of RETARGETING TRACKING
We may use retargeting. In the field of online marketing, retargeting refers to a process by which visitors to a website are identified using cookies and are reached again by being shown targeted ads when they visit other websites. No personal data is collected about the visitors to our website. We use temporary cookies with a validity period of 90 days for the purpose of retargeting. Like with web tracking, the data we collect for retargeting is in an anonymous form.


6. For how long do we store your data?
Our company applies the principles of data avoidance and data minimization. We therefore only store your personal data for as long as we need it to fulfill the purposes described in this Privacy Notice, in particular for the term of your contract with us or for the storage and retention periods required by law. These are stipulated in legislation such as the German Commercial Code (Handelsgesetzbuch), the German Fiscal Code (Abgabenordnung) and the German Money Laundering Act (Geldwäschegesetz). The retention periods are up to ten years. Once the specific purpose for which the data is being stored has been met or, as the case may be, these statutory periods have expired, the data in question will be routinely deleted in accordance with legal requirements.


7. What rights do you have?
You have the following rights:
  • In accordance with Article 15 GDPR, you have the right to obtain access to the personal data concerning you that we are processing. In particular, you can request information about the purposes of the processing; the category of personal data concerned; the categories of recipient to whom your personal data has been or will be disclosed; the envisaged duration of storage; the existence of the right to request rectification or erasure of your personal data, to request restriction of its processing or to object to such processing; the right to lodge a complaint; the source of your data if we did not collect the data; the existence of automated decision-making, including profiling, and if applicable meaningful information about this process.
  • In accordance with Article 16 GDPR, you have the right to obtain without undue delay the rectification of inaccurate personal data or the completion of incomplete personal data concerning you that is stored by us.
  • In accordance with Article 17 GDPR, you have the right to obtain the erasure of personal data concerning you that is stored by us, provided that the processing is not necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims.
  • In accordance with Article 18 GDPR, you have the right to obtain restriction of processing of your personal data if the accuracy of the data is contested by you, if the processing is unlawful but you do not wish for your data to be erased, if we no longer need the personal data but you need it for the establishment, exercise or defense of legal claims or if you have objected to processing pursuant to Article 21 GDPR.
  • In accordance with Article 20 GDPR, you have the right to receive in a structured, commonly used and machine-readable format the personal data that you have provided to us or to request that this personal data be transmitted to another controller.
  • In accordance with Article 7 Paragraph 3 GDPR, you have the right to withdraw your consent at any time. This means that we will no longer be permitted to continue processing your data in the future if this processing was based on your consent.
  • In accordance with Article 77 GDPR, you have the right to lodge a complaint with a supervisory authority. As a general rule, you can do this by contacting the supervisory authority in your habitual residence or place of work or in our place of business.

Right to object
If your personal data is being processed on the basis of legitimate interests in accordance with Article 6 Paragraph 1 Sentence 1(f) GDPR, you have the right pursuant to Article 21 GDPR to object to the processing of your personal data, provided that there are grounds for doing so that relate to your particular situation or you are objecting to processing for direct marketing purposes. In the latter case, you have a general right to object and we will implement your wishes without the need for you to state grounds relating to your particular situation. If you would like to make use of your right to withdraw consent or your right to object, please email us at qngrafpuhgm@nabin.qr.


8. Data security
We have implemented appropriate and up-to-date technical and organizational security measures to protect data from accidental or deliberate manipulation, loss, destruction or access by unauthorized parties. Please note, however, that – as is always the case when transmitting data over the Internet – if you send us unencrypted data in a normal, unsecured email, there is the risk that this will be read or changed by unauthorized parties.


9. Validity of and changes to this Privacy Notice
This Privacy Notice is current and valid and was last updated in May 2018. Changes to our website and the services we offer as well as changes to legal or official regulations may require us to amend this Privacy Notice. The latest, up-to-date version of our Privacy Notice can be viewed, saved and printed on our website at https://www.anova.de/en/legal/data-privacy.html at any time.


If you wish to make any complaints, you may contact the data protection officer named above or a data protection supervisory authority. Our competent data protection supervisory authority is:

The Schwerin data protection authority


Rostock, May 22nd, 2018

www.deco21.de ANOVA GmbH