The controller for the data processing described below is EW GROUP GmbH, Hogenbögen 1, D-49429 Visbek, Telefon: +49 4445 950 59 0, E-Mail: firstname.lastname@example.org
When you visit our websites, our web server temporarily evaluates so-called usage data for statistical purposes in order to improve the quality of our website. This data consists of the following data categories:
- the name and address of the requested content,
- the date and time of the query,
- the amount of data transferred,
- the access status (content transferred, content not found),
- the description of the used web browser and operating system used,
- the referral link, which indicates from which page you reached ours,
The legal basis for the processing of usage data is Art. 6 (1) (f) GDPR. The processing is based on the legitimate interest of providing the contents of the website and ensuring a device- and browser-optimised display.
Storage of IP adresses for security purposes
In addition, we store the complete IP address transmitted by your web browser with strict purpose limitation for a period of seven days in the legitimate interest of being able to detect, limit and eliminate attacks on our websites. We delete or anonymize the IP address when this period has expired.The legal basis for the processing is Art. 6 (1) (f) GDPR.
In order to protect your data as comprehensively as possible from unwanted access, we implement technical and organisational measures. These measures include encryption procedures on our websites. Your data is transferred from your computer to our server and vice versa via the internet using TLS encryption. You can usually recognize this by the fact that the lock symbol in the status bar of your browser is closed and the address line begins with https://.
Cookies are small text files that can be stored on and extracted from your device. There is a difference between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored for more than the duration of the session.
We do not use these necessary cookies for analysis, tracking or advertising purposes.
In some cases, these cookies only contain information on certain settings and are not linked to a person. They may also be necessary to enable user guidance, security and operating of the site.
The legal basis for using these cookies is our legitimate interest according to Art. 6 (1) (f) GDPR.
|Maximum storage period
|Adequate level of data protection
|Storage of language settings
|Data processing within the EU/EEA
|Storage of cookie settings
|Data processing within the EU/EEA
We use a consent management platform (consent or cookie banner) on our websites. The processing in connection with the use of the consent management platform and the logging of the settings you have made is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR, in our legitimate interest to display our content according to your preferences and to be able to prove the consent(s) you have given. The settings you have made, the consent you have given and parts of your usage data are stored in a cookie. This means that it is retained for subsequent page requests and your consent can still be tracked. You can find further information on this under the heading “Necessary cookies”.
Unless we have already informed you in detail about the storage period, we delete personal data when they are no longer required for the aforementioned processing purposes and no legitimate interests or other (legal) reasons for storage prevent deletion.
We use the web analysis tool “Google Analytics” for the user-oriented design of our websites. Google Analytics creates user profiles on the basis of pseudonyms. For this purpose, permanent cookies are stored on your end device and read by us. In this way, we are able to recognize returning visitors and count them as such. The data collected is stored for a maximum period of 2 months.
As part of the Google Analytics service, Google Ireland Limited supports us as a processor in accordance with Art. 28 GDPR. Data processing may also be carried out by Google outside the EU or the EEA (in particular in the USA). With regard to Google, an adequate level of data protection is guaranteed on the basis of the adequacy decision (EU-U.S. Data Privacy Framework). Google also undertakes to conclude standard contractual clauses with other sub-processors.
Data processing takes place on the basis of your consent, provided that you have given your consent via our banner. You can withdraw your consent at any time. To do so, please follow this link and make the appropriate settings via our banner.
We share your data with service providers that support us in the operation of our websites and the associated processes as part of data processing on behalf of the controller pursuant to Art. 28 GDPR. These are, for example, hosting service providers. Our service providers are strictly bounded by our instructions and are contractually obligated accordingly.
In the following, we will name the processors with whom we work, if we have not already done so in the above text of the data protection declaration. If data may be processed outside the EU or the EEA in this context, we inform you about this in the following table.
|Adequate level of data protection
|Webhosting and Support
|Processing only within EU/EEA
Your rights as a data subject
When processing your personal data, the GDPR grants you certain rights as a data subject:
Right of access (Art. 15 GDPR)
You have the right to obtain confirmation as to whether personal data of you is being processed; if this is the case, you have the right to obtain information about the processed personal data and to receive the information listed in detail in Art. 15 GDPR.
Right to rectification (Art. 16 GDPR)
You have the right to request the rectification of any inaccurate personal data relating to you and, where applicable, the completion of any incomplete data, without delay.
Right to erasure (Art. 17 GDPR)
You have the right to request the erasure of your personal data without delay, provided that one of the reasons listed in detail in Art. 17 GDPR applies.
Right to restriction of processing (Art. 18 GDPR)
You have the right to request the restriction of processing, for the duration of the assessment by the controller, if one of the requirements listed in Art. 18 GDPR is met, e.g. if you have objected to the processing.
Right to data portability (Art. 20 GDPR)
In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive your personal data in a structured, commonly used and machine-readable format or to request the transfer of this data to a third party.
Right to withdraw consent (Art. 7 GDPR)
If the processing of data is based on your consent, you are entitled to withdraw your consent to the processing of your personal data at any time in accordance with Art. 7 (3) GDPR. Please note that the withdrawal of the consent only effective for the future. Processing that took place before the withdrawal is not affected.
Right to object (Art. 21 GDPR)
If data is collected on the basis of Art. 6 (1) (f) GDPR (data processing for the protection of legitimate interests) or on the basis of Art. 6 (1) (e) GDPR (data processing for the protection of public interests or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your data violates data protection regulations. The right to lodge a complaint can be asserted in particular with a supervisory authority in the Member State of your habitual residence, your place of work or the place of the suspected infringement.
Asserting your rights
Unless otherwise described above, please contact the controller of the data processing named in the imprint to assert your rights as a data subject.
Contact details of our data protection officer
Our external data protection officer will be happy to provide you with information on the subject of data protection under the following contact details:
If you contact our data protection officer, please also state the controller for the data processing named in the imprint.