Data Protection Declaration

1. Data protection at a glance

General information

We, CETONI GmbH, as the operator of this website, take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data are all data with which you can be personally identified. You can find detailed information on the subject of data protection in our data protection declaration below this text.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) can be subject to security gaps. A complete protection of the data against access by third parties is not possible.

Which data are recorded?

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits. These are:

  • Date and time of the log entry
  • IP address
  • HTTP user
  • Date and time of the server request
  • Request (HTTP request type + HTTP request path + HTTP request parameters + HTTP protocol)
  • HTTP status code
  • amount of data transferred
  • Referrer URL (the previously visited page)
  • operating system used and its interface
  • Browser type and browser version

This data will not be merged with other data sources.

Who is responsible for data collection on this website?

The data processing on this website is carried out by the website operator. Our contact details are listed under point 2 of this data protection declaration.

How do we collect your data?

On one hand, your data is collected when you communicate it to us. This can be, for example, data that you enter in a contact form.
Other data are automatically recorded by our IT systems when you visit the website. This is mainly technical data (e.g. Internet browser, operating system or time of page visit). This data is collected automatically as soon as you enter our website.

What do we use your data for?

The data mentioned will be processed by us for the following purposes:

  • Ensuring a smooth connection and convenient use of the website,
  • Evaluation of system security and stability,
  • Processing of the contractual relationship and contract preparation,
  • carrying out a comparison with sanctions and anti-terror lists, if required by law,
  • for further administrative purposes.

The legal basis for data processing is Art. 6 Para. 1 S. 1 lit. f DSGVO. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally. In addition, we set cookies when you visit our website. Further analysis tools from third-party providers are not used on our website. You will find more detailed explanations in this data protection declaration.

What are your rights with regard to your data?

You have the right:

  • to request information about your personal data processed by us free of charge, in accordance with Art. 15 GDPR. In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data, if we have not collected it, as well as the existence of automated decision-making, including profiling, and, if necessary, meaningful information on their details;
  • in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;
  • to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless processing is necessary to exercise the right to freedom of expression
  • and information to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR, if you dispute the accuracy of the data, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you
  • need them to assert, exercise or defend legal claims or you have objected to processing them in accordance with Art. 21 GDPR;
  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another person responsible;
  • according to Art. 7 para. 3 GDPR, to revoke your previously given consent to us at any time. As a result, we are no longer allowed to continue the data processing based on this consent in the future
  • to complain to a supervisory authority in accordance with Art. 77 GDPR. In general, you can contact the supervisory authority (data protection officer of the federal state) of your usual place of residence or work, or our company headquarters.

You can contact our designated data protection officer at any time if you have any further questions about data protection. You can find the contact details under point 3.

2. General information and mandatory information

Note on the responsible body

The responsible body for data processing on this website is:

 

CETONI GmbH
Wiesenring 6
07554 Korbussen

Telephone: +49 36602 338-0
Fax: +49 36602 338-11
E-Mail: info@cetoni.de

The responsible body is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).

 

Objection to advertising mail

We hereby object to the use of the contact data published within the framework of the imprint obligation for sending unsolicited advertising and information materials. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam e-mails.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can withdraw your consent at any time. An informal e-mail to us is sufficient. The legality of data processing carried out before the withdrawl remains unaffected by the withdrawl.

Right to lodge a complaint with the competent supervisory authority

In the event of violations of data protection law, the person concerned has the right to lodge a complaint with the competent supervisory authority. The responsible supervisory authority for data protection issues is the Thuringian State Commissioner for Data Protection and Freedom of Information. The contact details of the data protection officer can be found at the following link: https://www.tlfdi.de/kontakt

Right to data portability

A transfer of your personal data to third parties for purposes other than those listed below does not take place.
We only pass on your personal data to third parties if:

  • You have given your express consent according to Art. 6 Para. 1 S. 1 lit. GDPR,
  • the transfer according to Art. 6 para. 1 S. 1 lit. f GDPR is required to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
  • in the event that for the transfer according to Art. 6 para. 1 S. 1 lit. c GDPR there is a legal obligation, and
  • dies gesetzlich zulässig und nach Art. 6 Abs. 1 S. 1 lit. b GDPR is required for the processing of contractual relationships with you.

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract, handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person, this will only be done if it is technically feasible.

Information, blocking, deletion

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, their origin and recipient and the purpose of the data processing, and, if necessary, a right to correct, block or delete this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of personal data.

3. Data protection officer

We have appointed a data protection officer for our company.

Theresa Queitsch
Wiesenring 6
07554 Korbussen

Telephone: +49 36602 338-0
Fax: +49 36602 338-11
E-Mail: datenschutz@cetoni.de

4. Data collection on our website

SSL or TLS encryption

For security reasons, this site uses an SSL or. TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If the SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

We also use suitable technical and organizational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Cookies

This website only uses functional cookies, e.g. to save the language setting. No marketing or statistics cookies are used. Read our cookie policy for more detailed information.

Cookies that are required to provide certain functions you want are stored on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in storing cookies for the error-free and optimized provision of its services.

Server log files

The website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Date and time of the log entry
  • IP address
  • HTTP user
  • Date and time of the server request
  • Request (HTTP request type + HTTP request path + HTTP request parameters + HTTP protocol)
  • HTTP status code
  • amount of data transferred
  • Referrer URL (the previously visited page)
  • operating system used and its interface
  • Browser type and browser version

This data will not be merged with other data sources.

The data is collected in order to enable a smooth connection and convenient use of the website. They also serve to evaluate system security and stability. The basis for data processing is Art. 6 Para. 1 lit. f GDPR, which allows processing to safeguard the legitimate interests of the person responsible or a third party, provided that the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, do not prevail.

Contact

If you send us inquiries by e-mail, your e-mail address and the contact details you provided in the e-mail (name, telephone number, department) will be stored by us for the purpose of processing the request and in case of follow-up questions. If you contact us by phone, we will save the contact details you give us for the same purpose. We do not pass this data on to third parties without your consent.

The data is therefore processed exclusively on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). You can withdraw this consent at any time. An informal e-mail to us is sufficient. The legality of the data processing operations carried out before the withdrawl remains unaffected by the revocation.

The data you transmit will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Mandatory legal provisions – in particular retention periods – remain unaffected.

Analysis Tool – Google AdWords

This website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”). No information is collected with which users can be personally identified.

You can find more information about Google AdWords in Google’s data protection provisions: https://www.google.de/policies/privacy/.

5. Use of social media

You will find links to the following social media sites on our site:

Youtube, LinkedIn

The content is not integrated on our site, but you are forwarded directly to the respective services. These are offers from third parties not affiliated with us. You can recognize the provider by the design of the respective button and by the text when you mouse-over.

We would like to point out that the providers collect personal data about their users in accordance with their own data protection guidelines and use them for business purposes. The respective usage and data protection declarations can be found on the websites of the respective providers:

  • Youtube

https://www.youtube.com/t/terms/

https://policies.google.com/privacy?hl=de

  • LinkedIn

https://de.linkedin.com/legal/user-agreement?trk=homepage-basic_footer-user-agreement

https://de.linkedin.com/legal/privacy-policy

https://de.linkedin.com/legal/l/cookie-table

If you are logged in with the provider, data may be assigned directly to your account. Under certain circumstances (depending on the settings of your user account) information about this is public or can be viewed by your contacts. If you do not wish to be assigned to your profile with the provider, you must log out before activating the link.

Online meetings

In the context of consulting activities or other services requested from us, participation in an online meeting is sometimes expedient. In this case we use the “Zoom” tool. “Zoom” is a service provided by Zoom Video Communications, Inc., which is based in the United States.

As CETONI GmbH, we are responsible for data processing that is directly related to the implementation of “online meetings”.

If you access the “Zoom” website, the “Zoom” provider is responsible for the data processing. Calling up the website is only required to use “Zoom” in order to download the software for using “Zoom”. You can also use “Zoom” if you enter the respective meeting ID and any other access data for the meeting directly in the “Zoom” app. If you do not want to or cannot use the “Zoom” app, the basic functions can also be used via a browser version, which you can also find on the “Zoom” website.

Which data are processed for the use of Zoom?

When using “Zoom” different types of data are processed. The scope of the data also depends on the details of the data you provide before or when participating in an “online meeting”.

The following personal data are processed:

User information if a Zoom user account is used:
First name, last name, telephone (optional), e-mail address, password (if “Single Sign-On” is not used), profile picture (optional), department (optional)

Meeting metadata:
Topic, description (optional), participant IP addresses, device / hardware information

When dialing in with the phone:
Information on the incoming and outgoing phone number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be saved.

Text, audio and video data:
If necessary, you have the option of using the chat, question or survey functions in an “online meeting”. In this respect, the text entries you make are processed in order to display them in the “online meeting” and, if necessary, to record them. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and any video camera on the terminal device will be processed accordingly for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time using the “Zoom” applications.

In order to take part in an “online meeting” or to enter the “meeting room”, you must at least provide information about your name.

Scope of processing in online meetings

We use “Zoom” to conduct “online meetings”. We regularly neither record nor log the corresponding meetings via the application. If the content of the meetings is relevant for the fulfillment of a contract or for the implementation of pre-contractual measures, these may be recorded manually and then processed (legal basis Art. 6 Para. 1 lit. b GDPR). If necessary, local recording of individual content, such as jointly developed whiteboard sketches, can be useful. The local storage of the recording is only carried out with the prior express consent of all participants. When a local recording is made, this is immediately visible to you in the application.

If you are registered as a user with “Zoom”, reports on “Online Meetings” (meeting metadata, data on telephone dial-in, questions and answers in webinars, survey function in webinars) can be saved with “Zoom” for up to one month.

Recipient / transfer of data while using Zoom

Personal data that are processed in connection with participation in “online meetings” are generally not passed on to third parties unless they are intended to be passed on. Please note that content from “online meetings”, as well as from personal meeting meetings, is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.

The provider of “Zoom” necessarily receives knowledge of the above data according to the closed www.zoom.us/legal retrievable general order data processing contract.

Data processing outside the European Union when using Zoom

“Zoom” is a service that is provided by a provider from the USA. Processing of personal data also takes place in a third country. We have concluded an order processing contract with the provider of “Zoom” which meets the requirements of Art. 28 GDPR.

On the one hand, an adequate level of data protection is guaranteed by the conclusion of the so-called EU standard contractual clauses. As a supplementary protective measure, we have also configured our zoom in such a way that only data centers in the EU, the EEA or secure third countries such as Canada or Japan are used for conducting “online meetings”.

Support

We may use the ‘TeamViewer’ tool to support support inquiries. In the case of support, you will receive specific instructions by phone or email from our employee. The provider of this software is TeamViewer GmbH, Jahnstr. 30, 73037 Göppingen.

To download the required application, you will be redirected from our website directly to the TeamViewer GmbH website. TeamViewer acts as your contractual partner with regard to the use of the software. The applicable data protection regulations are under https://www.teamviewer.com/de/privacy-policy/ retrievable.

The software allows you to access your system temporarily and thus view your screen and control your mouse and keyboard remotely. In order to protect your personal data as well as any company-critical content as well as possible, please close all windows not directly required for support and deactivate automatic notification windows, e.g. your e-mail program, if necessary. You can terminate remote maintenance at any time by clicking “Close connection”.

Should we become aware of personal data as part of remote maintenance, this will only be done to provide the service you have requested. The data will not be processed or stored on your behalf. We were of course the data secret. The legal basis for processing is Art. 6 Para. 1 b) GDPR.

 

6. Country-specific regulations

For users residing in the Russian Federation, the following applies:

The services mentioned here are not intended for citizens of the Russian Federation who are resident in Russia. If you are a Russian citizen residing in Russia, you are hereby informed that any personal information you enter on the Services is solely at your own risk and responsibility; that you expressly agree that CETONI GmbH may collect your personal data, that this data can be processed in the USA and in other countries and that you do not hold CETONI GmbH responsible for any non-compliance with the laws of the Russian Federation.

For users residing in the People’s Republic of China, the following applies:

The services mentioned herein are not intended for citizens of the People’s Republic of China who are resident in the People’s Republic of China. If you are a Chinese citizen residing in the People’s Republic of China, you are hereby informed that any personal information you enter on the Services is solely at your own risk and responsibility; that you expressly agree that CETONI GmbH may collect your personal data, that this data can be processed in the USA and in other countries and that you do not hold CETONI GmbH responsible for any non-compliance with the laws of the People’s Republic of China.

For US residents:

The content of this website may be restricted for use by individuals within certain geographic regions (including the United States). Die CETONI GmbH erhebt keine Ansprüche darauf, dass die Website oder ihr Inhalt außerhalb dieser Regionen zugänglich oder angemessen ist. Access to the website may not be legal for certain people or in certain countries. If you access the website inspite of these legal provisions, you are doing so on your own initiative and are responsible for compliance with the applicable laws.

The “Shine the Light” law of the state of California enables residents of California to request certain information about which personal data CETONI GmbH shares with third parties for direct marketing purposes.

If you would like to receive further information under the “Shine the Light” law, please contact us as described above or send a request to the address provided with the keyword “California Shine the Light Request” so that we can properly assign this question. We need your postal address, place of residence and an e-mail address so that we can send you an answer.

7. Up-to-dateness and changes to this data protection declaration

This data protection declaration is currently valid and is dated June 2021. Due to the further development of our website and offers, or due to changed legal or official requirements, it may be necessary to change this data protection declaration. You can view and print out the current data protection declaration at any time on the website at www.cetoni.de/datenschutz.