1. General Information
We, CETONI GmbH, as the operator of this website, take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations (in particular the General Data Protection Regulation – GDPR – and the Federal Data Protection Act – BDSG) as well as this privacy policy.
The following information provides an overview of what happens to your personal data when you visit our website. Personal data are all data with which you can be personally identified.
We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) can be subject to security gaps. A complete protection of the data against access by third parties is not possible.
2. Controller
The responsible body for data processing on this website is:
CETONI GmbH
Wiesenring 6
07554 Korbußen
Phone: +49 36602 338-0
Fax: +49 36602 338-11
Email: info@cetoni.de
Objection to advertising mail
We hereby object to the use of the contact data published within the framework of the imprint obligation for sending unsolicited advertising and information materials. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam e-mails.
3. Data protection officer
We have appointed a data protection officer for our company.
Theresa Queitsch
Wiesenring 6
07554 Korbußen
Phone: +49 36602 338-0
Fax: +49 36602 338-11
Email: datenschutz@cetoni.de
4. General Information on Data Processing
In principle, we only process personal data insofar as this is necessary to provide a functional website as well as our content and services.
Processing takes place in particular for the following purposes:
- Ensuring trouble-free operation of the website
- Ensuring system security and stability
- Processing inquiries and implementing pre-contractual and contractual measures
Depending on the processing, the legal bases are in particular:
- Art. 6 para. 1 lit. 1 (a) GDPR (Consent)
- Art. 6 para. 1 lit. 1 (b) GDPR (Contract/Contract initiation)
- Art. 6 para. 1 lit. 1 (c) GDPR (Legal obligation)
- Art. 6 para. 1 lit. 1 (f) GDPR (Legitimate interest)
Personal data is only stored for as long as is necessary for the respective purposes or as long as statutory retention periods exist.
Personal data is only passed on if:
- You have given your express consent
- There is a legal obligation
- This is necessary for the fulfillment of a contract
If data is transferred to third countries, this is done exclusively in compliance with Art. 44 et seq. GDPR.
5. Data Collection on Our Website
SSL or TLS encryption
For security reasons, this site uses SSL or TLS encryption so that data you transmit to us cannot be read by third parties.
We also use suitable technical and organizational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser transmits automatically. These are:
- IP address
- Date and time of the request
- Browser type and browser version
- Operating system used
- Referrer URL
- HTTP status code
This data is not merged with other data sources. Processing is based on Art. 6 para. 1 (f) GDPR. 1 lit. f DSGVO. The data is stored by the provider for 7 days.
6. Cookies
Our website uses cookies. Cookies are small text files that are stored on your end device and saved by your browser.
We distinguish between:
- Technically necessary cookies (required for the operation of the website)
- Preference cookies (e.g., for storing language settings)
- Statistics Cookies
- Marketing Cookies
Technically necessary cookies are stored on the basis of Art. 6 para. 1 lit. 1 (f) GDPR, as they are required for the technically error-free operation of the website.
All other cookies are set exclusively on the basis of your consent in accordance with Art. 6 para. 1 lit. 1 (a) GDPR. You can revoke or adjust this consent at any time via the consent tool used.
We do not use marketing cookies ourselves. However, we have included links to social media platforms. When accessing the corresponding content, these providers may set cookies and process personal data. Additional details can be found in Section 9 “Social Media Links”.
Further information on the cookies used and how they work can be found in our Cookie Policy:
https://cetoni.com/de/cookie-richtlinie-eu-2/
7. Analysis Tools
To improve our website, we carry out statistical evaluations of usage behavior. Insofar as technically implemented, these are carried out in anonymized or pseudonymized form and without direct personal reference.
8. Contact and Communication
General
If you contact us by email or telephone, the personal data you transmit (e.g., name, email address, telephone number, and the content of your inquiry) will be processed for the purpose of handling your request.
Depending on the context, processing is based on Art. 6 para. 1 lit. 1 (b) GDPR (contract initiation or fulfillment) or on the basis of Art. 6 para. 1 lit. 1 (a) GDPR (consent).
The processing of your inquiry may be supported by the use of internal, automated systems. For this purpose, the information transmitted can be processed in a structured manner and transferred to internal systems (e.g., databases). Your personal data is processed exclusively within our own IT infrastructure; it is not passed on to third parties.
The data will be deleted as soon as the purpose for storage no longer applies and there are no statutory retention obligations.
Telephone Recordings
In the context of consultation meetings, it may be useful to record telephone calls (e.g., for documentation purposes). This is done exclusively after prior express consent.
The recordings are processed internally and serve for the follow-up of conversations and the creation of summaries. Internally operated, AI-supported systems are also used here. Data is not passed on to third parties. The storage period for the audio recording is a maximum of 30 days.
Online Meetings (3CX)
We use the 3CX video conferencing solution to conduct online meetings. Depending on the technical conditions, communication takes place directly between the participants or via server infrastructure within the European Union.
The following data is processed during use:
- Name or participant designation
- Audio and video data
- Chat content, if applicable
Meetings are not recorded automatically. A recording will only take place if it supports further processing and consultation, and only after the prior consent of all participants.
In the event of a recording, the corresponding data is stored for a maximum of 7 days on servers of the provider 3CX within the European Union.
An order processing agreement in accordance with Art. 28 GDPR exists with the provider 3CX.
Processing is based on Art. 6 para. 1 lit. 1 (b) GDPR (contract/contract initiation) or Art. 6 para. 1 lit. 1 (a) GDPR (consent).
Support and Remote Access
To provide assistance with support requests, it is possible to establish remote access to your system during online meetings using the aforementioned 3CX software.
For this purpose, a link to install a corresponding plugin will be provided to you during the meeting. By downloading the software and actively confirming the support session, you consent to the implementation of remote access and the associated processing of your personal data.
After installation, it is possible to temporarily access your system, view your screen, and perform mouse and keyboard inputs. Access is granted exclusively for the duration of the support session. After the online meeting has ended, you will be asked to uninstall the plugin again.
Remote maintenance serves exclusively to provide the support service you have requested. No further processing or storage of personal data takes place.
To ensure the protection of your personal data and any sensitive or business-critical content, we recommend that you close all applications and windows not required for support and deactivate automatic notifications (e.g., email pop-ups) before starting remote maintenance.
You can cancel the remote maintenance yourself at any time by ending the connection (“Close connection”).
If we become aware of personal data during remote maintenance, this is done exclusively for the purpose of providing the support service and not for our own purposes.
Processing is based on Art. 6 para. 1 lit. 1 (b) GDPR (fulfillment of a contract or implementation of pre-contractual measures) and – where necessary – on the basis of your consent in accordance with Art. 6 para. 1 lit. 1 (a) GDPR.
9. Social Media Links
On our website, you will find links to external social media platforms (e.g., YouTube, LinkedIn).
By clicking on these links, you will be redirected to the pages of the respective providers. The respective providers are exclusively responsible for the data processing there.
We would like to point out that the providers collect personal data about their users in accordance with their own data protection guidelines and use them for business purposes.
If you are logged in to one of the providers, clicking on the corresponding link may allow information to be directly assigned to your user account there. Depending on the settings of your user account, this information may also be visible to other users.
If you wish to avoid assignment to your user account, you should log out of the respective provider before clicking on the link.
10. Applications
If you apply to us, we process the personal data you transmit (e.g., email address, name, and application documents) confidentially and in accordance with the applicable data protection regulations.
The processing is carried out for the purpose of conducting the application process, in particular to review your application and to contact you.
The legal basis for this is Art. 6 para. 1 lit. 1 (b) GDPR in conjunction with Section 26 BDSG.
After completion of the application process, i.e., also in the event of a rejection, your personal data will be stored for a maximum period of 3 months and then deleted, provided that no statutory retention obligations prevent this.
11. Rights of the Data Subject
Within the framework of the legal provisions, you have the following rights:
- Access in accordance with Art. 15 GDPR
- Rectification in accordance with Art. 16 GDPR
- Erasure in accordance with Art. 17 GDPR
- Restriction of processing in accordance with Art. 18 GDPR
- Data portability in accordance with Art. 20 GDPR
- Objection in accordance with Art. 21 GDPR
- Withdrawal of consent given in accordance with Art. 7 para. 3 GDPR
For all matters in this regard, please send an informal email to datenschutz@cetoni.de
You also have the right to lodge a complaint with a data protection supervisory authority. The competent supervisory authority for data protection issues is:
The Thuringian State Commissioner for Data Protection and Freedom of Information
Häßlerstraße 8, 99096 Erfurt
12. International Use of the Website
This website is primarily intended for users within the European Union. If you access our website from outside the European Union, please note that the processing of your personal data is carried out in accordance with the provisions of the General Data Protection Regulation (GDPR).
For users from the United States, additional rights may exist under local law. For corresponding inquiries, please use the contact details provided above.
13. Validity and Amendment of this Privacy Policy
This privacy policy is currently valid and is dated April 2026. Due to the further development of our website or due to changed legal requirements, it may become necessary to adapt this privacy policy.