PRIVACY POLICY

We accord highest priority to the protection of your privacy and appreciate the confidence you have shown in us by sharing your personal data with us.

1. Name and contact details of the controller

The entity which determines the purposes and means of the processing of personal data (controller) pursuant to GDPR and the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) is:

 

ElectronicPartner Handel SE
Mündelheimer Weg 40
40472 Düsseldorf
Tel.: +49 (0)211 41560
E-mail: info@electronicpartner.de

2. Contact details of the data protection officer

Please contact our data protection officer if you have any questions about data protection:

 

ElectronicPartner Handel SE
Data Protection Officer
Mündelheimer Weg 40
40472 Düsseldorf
E-mail: datenschutz@electronicpartner.de

3. Collection, processing and use of personal data

When we collect personal data we ensure stringent compliance with the principles of data avoidance and data economy. Personal data are only processed for the purposes for which they were collected.

 

The personal data concerning you that we process depend on whether you only visit our website, or whether you send us a message or job application.

3.1 Website visit

When you visit our website we collect and process the following data:

  • Your internet service provider
  • Referrer URL (previously visited website)
  • Your browser type and operating system
  • Your IP address
  • Requested files, transferred data volume, downloads/file exports
  • Name of accessed websites, including data and time of access
  • Screen size
  • Plug-ins used
  • Language

We store these data pursuant to Art. 6 (1) f) GDPR for the purpose of technical security (in particular, to prevent attempts to hack into our web servers).

3.2 E-mail contact

If you contact us via one of the e-mail addresses that we provide we will collect personal data concerning you. These data are stored for the purpose of processing your enquiry. We delete all data relating to your contact with us when it is no longer necessary to store it, or we restrict the processing of that data if we are required to comply with statutory archiving requirements. The legal basis for the processing of your personal data is Art. 6 (1) b) GDPR if you contact us in order to conclude a contract with us. It is also in our legitimate interest to process the data for the purpose of responding to your enquiry on the legal basis of Art. 6 (1) f) GDPR.

3.3 Contact form 

When you send us an enquiry using our contact form, the information contained in the contact form, including the contact data you provide in the form, are processed by us to deal with the enquiry and any follow-up correspondence. The legal basis is Art. 6 (1) b) GDPR. These data are not transferred to other parties or used for other purposes.

3.4 Online application form

If you want to send us a job application via our website, please take note of the separate privacy policy for online applications

3.5 Cookies

When you visit our website it is possible that we will place information on your computer in the form of cookies. Cookies are small text files that are stored on your computer’s hard disk.

This information contained in the cookies makes it possible for you to be automatically recognised next time you visit our website and makes the navigation of our website easier for you. The legal basis is our legitimate interest pursuant to Art. 6 (1) f) GDPR.

Naturally, you can also view our web pages without cookies. If you don’t want us to recognise your computer, you can prevent cookies from being stored on your hard disk by disabling cookies in your browser. Check your browser provider’s instructions for use to find out how to disable cookies. Disabling cookies may have an effect on our website’s functions.

3.6 Open Street Map

We use “OpenStreetMap” maps on our website (https://www.openstreetmap.org). They are provided by the OpenStreetMap Foundation (OSMF) on the basis of the Open Data Commons Open Database License (ODbL). You can find information about the handling of user data in the privacy policy at: https://wiki.openstreetmap.org/wiki/Privacy_Policy.

The legal basis for the use of the OpenStreetMap service is Art. 6 (1) f) GDPR. The data is processed for the purpose of enhancing the user experience on our website.

4. Google Analytics 4

If you have given your consent, Google Analytics 4, a web analysis service from Google LLC, will be used on this website. The responsible one for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

 

4.1 Extent of processing

Google Analytics uses cookies that enable your use of our websites to be analyzed. The information collected by cookies about your use of this website is usually transmitted to a Google server in the USA and stored there.

We use the User ID function. User ID allows us to assign a unique, persistent ID to one or more sessions (and the activities within those sessions) and analyze user behavior across devices.

We use Google Signals. This means that Google Analytics collects additional information about users who have activated personalized ads (interests and demographic data) and ads can be delivered to these users in cross-device remarketing campaigns.

In Google Analytics 4, IP address anonymization is enabled by default. Due to IP anonymization, your IP address will be shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

During your website visit, your user behavior is recorded in the form of “events”. Events can be:

  • Page views
  • First time visit to the website
  • Start of the session
  • Your “click path”, interaction with the website
  • Scrolls (whenever a user scrolls to the bottom of the page (90%))
  • Clicks on external links
  • internal search queries
  • Interaction with videos
  • File Downloads
  • ads seen/clicked
  • Language setting

It also records:

  • Your approximate location (region)
  • Your IP address (in shortened form)
  • technical information about your browser and the devices you use (e.g. language settings, screen resolution)
  • Your internet provider
  • the referrer URL (via which website/advertising medium you came to this website)
  • Processes to optimize the user journey

4.2 Purposes of processing

On behalf of the operator of this website, Google will use this information to evaluate your use of the website and to compile reports on website activities. The reports provided by Google Analytics are used to analyze the performance of our website and the success of our marketing campaigns.

 

4.3 Recipients

Recipients of the data are/can be

  • Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor according to Art. 28 GDPR)
  • Google LLC, 1600 Amphitheater Parkway Mountain View, CA 94043, USA
  • Alphabet Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA

It cannot be ruled out that US authorities will access the data stored by Google.

 

4.4 Third country transfer

If data is processed outside the EU/EEA and there is no data protection level corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to ensure an appropriate level of data protection. Google Ireland's parent company, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not have any legal remedies against access by authorities.

 

4.5 Storage period

The data we send and linked to cookies is automatically deleted after 14 months. The deletion of data whose retention period has been reached occurs automatically once a month.

 

4.6 Legal basis

The legal basis for this data processing is your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR Article 49a GDPR.

 

4.7 Revocation

You can revoke your consent at any time with future effect by accessing the cookie settings and changing your selection there. The lawfulness of the processing carried out based on consent until its revocation remains unaffected.

You can also prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to reject all cookies, functionality on this and other websites may be restricted. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by

a. not giving your consent to the setting of the cookie or

b. downloading and installing the browser add-on to deactivate Google Analytics HERE.

Further information on the terms of use of Google Analytics and data protection at Google can be found at https://marketingplatform.google.com/about/analytics/terms/de/ and at https://policies.google.com/?hl=de.

5. Erasure

Personal data are erased or blocked when the purpose for which they were stored no longer applies or if you request it. Data are also erased if a mandatory statutory retention period expires unless it is necessary to continue storing the data in order to enter into or execute a contract, or you have consented to its continued storage.

6. Transfers to third countries

We do not transfer personal data to third countries or international organisations.

7. Data subject rights

When personal data concerning you is processed you have the following rights as the data subject pursuant to GDPR.

7.1 Right to obtain information

You can request confirmation from the data controller of whether personal data concerning you are being processed by us.

If personal data concerning you is being processed, you can request the following information from the controller:

  • the purposes for which the personal data are being processed;
  • the categories of personal data being processed;
  • the recipients or categories of recipients to whom the personal data has been or will be disclosed;
  • the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period;
  • the existence of the right to obtain from the controller rectification or erasure of personal data concerning you, the right to restriction of processing by the controller or the right to object to processing;
  • the right to lodge a complaint with a supervisory authority;
  • all available information about the origin of the data if the personal data were not collected from the data subject.

7.2 Right to rectification

You have the right to obtain the rectification of personal data concerning you and the supplementation of incomplete personal data from the data controller. The data controller will comply without undue delay.

7.3 Right to restriction of processing

When one of the following applies you have the right to obtain from the controller restriction of processing:

  • if you contest the accuracy of the personal data, for a period enabling the controller to verify the accuracy of the personal data;
  • if you have objected to processing pursuant to Article 21 (1) GDPR pending the verification of whether the legitimate grounds of the controller override your grounds;
  • if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
  • if the controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims or;
  • where processing has been restricted, such personal data shall, with the exception of storage, only be processed with the data subject’s consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

If you have obtained restriction of processing pursuant to the above the data controller will inform you before the restriction of processing is lifted.

7.4 Right to erasure

 

7.4.1. Erasure obligation

You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller has the obligation to erase personal data without undue delay where one of the following grounds applies:

  • The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
  • You withdraw your consent on which the processing is based according to Article 6 (1) a), or Article 9 (2) a) GDPR, and where there is no other legal ground for the processing.
  • You object to the processing pursuant to Article 21 (1) and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21 (2) GDPR.
  • The personal data concerning you have been unlawfully processed.
  • The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
  • The personal data have been collected in relation to the offer of information society services referred to in Article 8 (1) GDPR.

 

7.4.2. Information to third parties

Where the controller has made the personal data public and is obliged pursuant to Article 17 (1) GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

7.4.3. Exceptions

The right to obtain erasure does not apply if the processing is necessary

  • for exercising the right of freedom of expression and information;
  • for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  • for reasons of public interest in the area of public health in accordance with Article 9 (2) h) and i) as well as Article 9 (3) GDPR;
  • for the establishment, exercise or defence of legal claims.
 

7.4.4. Notification obligation

If you have exercised your right of any rectification or erasure of personal data or restriction of processing vis-a-vis the controller, the controller is required to communicate any rectification, erasure or restriction of processing of personal data to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. You have to right to obtain information from the controller about those recipients.

7.5 Right to data portability

You have the right to receive your personal data which you have provided to a controller, in a structured, commonly used and machine-readable format and the right to transmit those data to another controller without hindrance from the controller to which the personal data had been provided, where

  • the processing is based on consent pursuant to Article 6 (1) a GDPR or Article 9 (2) a GDPR or on a contract pursuant to Article 6 (1) b GDPR; and
  • the processing is carried out by automated means.

In exercising this right to data portability you also have the right to have the personal data transmitted directly from one controller to another, where technically feasible. This may not adversely affect the rights and freedoms of others.

7.6 Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you on the basis of Article 6 (1) e) or f) GDPR; including profiling based on those provisions.

The controller will no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is necessary for the establishment, exercise or defence of legal claims.

Where personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to processing of personal data for such marketing purposes, which includes profiling to the extent that it is related to such direct marketing.

If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for such purposes.

In the context of the use of information society services, and notwithstanding Directive 202/58/EC, you may exercise your right to object by automated means using technical specifications.

7.7 Right to revoke consent

When personal data is processed because you have provided your consent, you have the right to revoke that consent at any time. This does not affect the lawfulness of processing up to the time of revocation.

7.8 Right to lodge a complaint with a supervisory authority

If you consider that the processing of personal data relating to you infringes the GDPR, you have the right at any time to lodge a complaint with the competent supervisory authority. The supervisory authority where the complaint is lodged informs the complainant about the status and outcome of the complaint process, including the right to an effective judicial remedy pursuant to Article 78 GDPR.

8. Legal requirements

The provision of personal data is not prescribed by law. You are not legally required to provide your personal data to us. However, if you do not provide your personal data to us, you will only be able to use our anonymous services.

9. Profiling

We do not undertake any automated processing or profiling pursuant to Art. 22 (1) and (4) GDPR.

10. Further information

10.1 Data security

We have implemented technical and organisational measures to ensure the security of your data. Our employees have undertaken to maintain data confidentiality. We also use an encryption process. The information that you provide is transferred in encrypted format via SSL (Secure Socket Layer).

Our security technology is regularly optimised and upgraded to reflect the state-of-the-art.

 

10.2 Links

If you use links to external websites which are provided on our website, this data policy does not apply to the websites that you access via the links. If we provide links we endeavour to ensure that the linked website providers comply with our privacy and security standards. However, we have no influence over external providers’ compliance with our privacy and security policy. Please therefore read the external website providers’ privacy policies.

11. Changes to our privacy policy

We reserve the right to revise our security and data protection measures if this becomes necessary as a result of technical and/or legal developments. In such cases, we will also amend our privacy policy appropriately. Please always read the latest version of our privacy policy.