Skip to navigationSkip to main content

Privacy Policy

We are pleased to welcome you to our website. Below, we would like to inform you about how we handle your data in accordance with Article 13 of the General Data Protection Regulation (GDPR).

Data Controller

The entity named in the legal notice is responsible for the data collection and processing described below.

Storage of the IP address

We store the IP address transmitted by your web browser strictly for the specified purpose and for a maximum of seven days, in order to detect, limit, and eliminate attacks on our websites. After this period expires, we delete the IP address. The legal basis is Art. 6(1)(f) of the GDPR.

Usage data

When you visit our websites, so-called usage data is temporarily stored on our web server as a log for statistical purposes to improve the quality of our websites. This data record consists of

  • the page from which the file was requested,

  • the name of the file,

  • the date and time of the request,

  • the amount of data transferred,

  • the access status (file transferred, file not found),

  • a description of the type of web browser used,

  • the referral link indicating which page you came from,

  • the IP address of the requesting computer, which is truncated so that a personal reference can no longer be established.

The aforementioned log data is evaluated only in anonymized form.
The legal basis for the processing of usage data is Art. 6(1)(f) GDPR. The processing is carried out in the legitimate interest of providing the website’s content and ensuring a display optimized for the device and browser.

Data Security

We take technical and organizational measures to protect your data from unauthorized access as comprehensively as possible. We use an encryption method on our websites. Your information is transmitted from your computer to our server and vice versa over the Internet using TLS encryption. You can usually recognize this by the fact that the lock icon in your browser’s status bar is closed and the address bar begins with https://.

Essential Cookies

We use cookies on our websites that are necessary for their use.
Cookies are small text files that are stored on your device and can be read. A distinction is made between session cookies, which are deleted as soon as you close your browser, and persistent cookies, which are stored beyond the individual session.

We do not use these necessary cookies for analysis, tracking, or advertising purposes.

In some cases, these cookies contain only information about specific settings and are not personally identifiable. They may also be necessary to enable user navigation, security, and the functionality of the site.

We use these cookies based on our legitimate interest pursuant to Art. 6(1)(f) of the GDPR.
You can configure your browser to notify you when cookies are placed. Additionally, you can delete them at any time via the appropriate browser settings and prevent new cookies from being set. Please note that our websites may then not be displayed in full and some functions may no longer be technically available.

Consent Banner

On our websites, we use a consent management platform (consent or cookie banner). The processing related to the use of the consent management platform and the logging of the settings you have made is based on Art. 6(1)(f) GDPR, in our legitimate interest to display our content according to your preferences and to be able to prove the consent(s) you have givenconsent(s). Your settings, the consents you have granted, and parts of your usage data are stored in a cookie. This ensures that the cookie remains available for subsequent page requests and that your consents can continue to be tracked. Further information on this can be found under the heading “Essential Cookies.”

The provider of the consent management platform acts on our behalf as a service provider strictly bound by our instructions (data processor). A data processing agreement pursuant to Art. 28 GDPR has been concluded.

Tracking Tools

Matomo

We use Matomo to tailor our website to your needs. Matomo is an open-source web analytics tool. With Matomo, all collected data is transferred to servers under the control of neuland. No data is stored on servers outside of Germany.

Matomo uses cookies that are stored on your device and can be read by us. This allows us to recognize returning visitors and count them as such. Data processing is based on Art. 6(1)(f) of the GDPR and § 15(3) of the German Telemedia Act (TMG), and is carried out in the interest of determining how frequently our web pages are accessed by different users.

You can prevent the storage of cookies by adjusting your browser settings accordingly; however, we would like to point out that in this case, you may not be able to use all functions of this website to their full extent.

Third-Party Tracking Technologies for Advertising Purposes

We use cross-device tracking technologies so that targeted advertising can be displayed to you on other websites based on your visit to our websites and so that we can determine how effective our advertising measures have been.
Data processing is based on your consent, provided you have given your consent via our banner. Your consent is voluntary and can be revoked at any time.

How does tracking work?
When you visit our websites, the third-party providers listed below may retrieve identification features for your browser or device (e.g., a so-called browser fingerprint), analyze your IP address, store or read identification features on your device (e.g., cookies), or gain access to individual tracking pixels.
These individual features may be used by the third-party providers to recognize your device on other websites. We may commission the relevant third-party providers to display advertisements based on the pages you have visited on our site.

What does cross-device tracking mean?
If you log in to the third-party provider using your own user data, the respective identification features of different browsers and devices can be linked together. So, for example, if the third-party provider has created a unique identifier for each of the laptop, desktop PC, smartphone, or tablet you use, these individual identifiers can be matched to one another as soon as you use a third-party service with your login credentials. In this way, the third-party provider can also target our advertising campaigns across different devices.

Which third-party providers do we use in this context?
Below, we list the third-party providers with whom we collaborate for advertising purposes. If data is processed outside the EU or the EEA (particularly in the U.S.) in this context, we provide information on the level of data protection in the table below.
Provider: LinkedIn
Maximum storage period: 90 days
Adequate level of data protection: For transfers to the U.S., an adequate level of data protection is ensured
due to the provider’s certification under the Adequacy Decision (EU-U.S. Data Privacy Framework) Withdrawal of consent: If you wish to withdraw your consent, please click here and adjust the settings via our banner.

Newsletter

We offer you the option to subscribe to our newsletter on our website. If you have given us separate consent to inform you via email about our company’s products and services, such processing is based on Article 6(1)(a) of the GDPR.

The newsletter will only be sent if you have given us your explicit consent. After subscribing, you will receive a confirmation email at the email address you provided (so-called double opt-in). You may revoke your consent at any time. An easy way to revoke your consent is, for example, via the unsubscribe link included in every newsletter. In connection with your newsletter subscription, we store additional data beyond the information already mentioned, to the extent that this is necessary to prove that you have subscribed to our newsletter. This may include storing the full IP address at the time of subscription or confirmation of the newsletter, as well as a copy of the confirmation email we sent. The corresponding data processing is carried out on the basis of Art. 6(1)(f) GDPR and in the legitimate interest of being able to account for the lawfulness of the newsletter distribution.

To send our newsletter or mailings after you provide your email address, we use the Mailchimp tool from The Rocket Science Group, LLC d/b/a Mailchimp (Intuit Group). This provider acts as a data processor strictly bound by instructions in accordance with a data protection agreement pursuant to Art. 28 GDPR and the SCCs. For transfers to the U.S., an adequate level of data protection is ensured due to the provider’s certification under the Adequacy Decision (EU-U.S. Data Privacy Framework).

If you no longer wish to receive the newsletter in the future, you can unsubscribe at any time, e.g., by emailing sales_marketing@neuland-bfi.de or via the unsubscribe link found in every newsletter email. If you provide us with the appropriate consent upon registration, we analyze your personal use of the service or newsletter by tracking when the newsletter sent to you was accessed or opened, and we customize the links in the newsletter to track which links you clicked on and what content you viewed. We use this information to improve our content and create tailored, personalized offers for you. If you wish to revoke your consent, please use the link provided in every newsletter to unsubscribe or adjust your consent.

Retention Period

Unless we have already provided specific information regarding the retention period, we delete personal data when it is no longer necessary for the aforementioned processing purposes and no legitimate interests or other (legal) retention requirements prevent its deletion.

Contact Form (White Paper Download)

You have the option to contact us via our contact form. To use our contact form and to receive the selected content (whitepaper downloads), we first require the data marked as mandatory fields.
We use this data on the basis of Art. 6(1)(f) GDPR to respond to your inquiry.


In addition, you may decide for yourself whether you wish to provide us with further information. This information is provided voluntarily and is not mandatory for establishing contact. We process your voluntary information based on your consent.

Your data will be processed solely for the purpose of responding to your inquiry. We will delete your data if it is no longer required and there are no legal retention obligations to the contrary.

To the extent that your data submitted via the contact form is processed on the basis of Article 6(1)(f) of the GDPR, you may object to the processing at any time. You may also withdraw your consent to the processing of the voluntary information at any time. To do so, please contact us at the email address listed in the legal notice.
For this purpose, we use a contact form and CRM provided by the data processor Pipedrive, Inc., which supports us in data processing in accordance with our instructions based on the data processing agreement concluded pursuant to Article 28 of the GDPR.
If you have given your consent, we reserve the right to contact you via email.

Other Data Processors

We share your data with service providers within the scope of data processing pursuant to Art. 28 GDPR, who assist us in operating our websites and the associated processes. These include, for example, hosting service providers. Our service providers are strictly bound by our instructions and are contractually obligated accordingly.
Below, we list the data processors with whom we collaborate, unless we have already done so in the preceding text of this Privacy Policy. If data may be processed outside the EU or the EEA in this context, we will inform you of this in the table below.

Pipedrive Inc. - CRM - For transfers to the U.S., an adequate level of data protection is ensured due to the provider’s certification under the Adequacy Decision (EU-U.S. Data Privacy Framework).

Job Applications

We process your personal data in accordance with applicable data protection regulations based on Section 26 of the BDSG-neu. We process the data you provide to us as part of your online application exclusively for the purpose of candidate selection. Data is not processed for any other purposes.

You yourself determine the scope of the data you wish to submit to us as part of your online application. Online applications are transmitted electronically to the respective responsible persons and processed there as quickly as possible. The transmission is encrypted. As a rule, applications are forwarded to the employees responsible for the position to which you are applying. Beyond that, your data will not be shared. Your information will be treated confidentially within our company. If your application is unsuccessful, your documents will be deleted after 6 months.

If you would like us to consider your application for other or future job openings, please indicate this on your application. We will then process your data based on Article 6(1)(a) of the GDPR. Please refer to the section “Your Rights as a User” for more information.

Embedded YouTube Videos

On some subpages, we embed YouTube videos into our website. Visiting these subpages results in content from YouTube being loaded. In this context, YouTube also receives your IP address, which is technically necessary to retrieve the content. We generally have no influence over further processing by YouTube. However, when embedding the videos, we have ensured that the enhanced privacy mode offered by YouTube is activated.

Podigee Podcast Hosting

We use the Podigee podcast hosting service provided by Podigee GmbH, Revaler Straße 28, 10245 Berlin, Germany. The podcasts are loaded by Podigee or transmitted via Podigee.

This use is based on our legitimate interests, i.e., our interest in the secure and efficient provision, analysis, and optimization of our podcast offerings in accordance with Art. 6(1)(f) of the GDPR.

Podigee processes IP addresses and device information to enable podcast downloads/playbacks and to determine statistical data, such as the number of views. This data is anonymized or pseudonymized before being stored in Podigee’s database, unless it is necessary for the provision of the podcasts.

Further information and options to object can be found in Podigee’s privacy policy: https://www.podigee.com/de/about/privacy/.

Meetergo

We use the online appointment scheduling tool from meetergo GmbH, Hansaring 61, 50670 Cologne (hereinafter “meetergo”) for scheduling appointments.

When you schedule an appointment with us online, the data you enter for this purpose is stored on meetergo’s servers in Germany. Furthermore, meetergo temporarily records your IP address, your referrer URL, and the time of access, and can determine that you have submitted a request to us; this data is used exclusively for the technical provision of the service and is subsequently automatically deleted.

The use of meetergo is based on Art. 6(1)(f) of the GDPR. The website operator has a legitimate interest in making the appointment process as straightforward as possible. If consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR or Art. 9(1)(a); consent may be revoked at any time.

Further information can be found in meetergo’s privacy policy: https://meetergo.com/datenschutz/

Your Rights as a Data Subject

When your personal data is processed, the GDPR grants you, as the data subject, certain rights:


Right of access (Art. 15 GDPR)
You have the right to request confirmation as to whether personal data concerning you is being processed; if this is the case, you have the right to access this personal data and to the information specified in detail in Art. 15 GDPR.


Right to rectification (Art. 16 GDPR)
You have the right to request the immediate rectification of inaccurate personal data concerning you and, where applicable, the completion of incomplete data.


Right to erasure (Art. 17 GDPR)
You have the right to request that personal data concerning you be erased without delay, provided that one of the reasons listed in detail in Art. 17 GDPR applies.


Right to restriction of processing (Art. 18 GDPR)
You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g., if you have objected to the processing, for the duration of the review by the controller.


Right to data portability (Art. 20 GDPR)
In certain cases listed in detail in Article 20 of the GDPR, you have the right to receive the personal data concerning you in a structured, commonly used, and machine-readable format or to request that this data be transmitted to a third party.


Right to Withdraw Consent (Art. 7 GDPR)
If the processing of data is based on your consent, you are entitled under Art. 7(3) GDPR to withdraw your consent to the use of your personal data at any time. Please note that the withdrawal only takes effect for the future. Processing that took place prior to the withdrawal is not affected.


Right to Object (Art. 21 GDPR)
If data is collected on the basis of Art. 6(1)(f) GDPR (data processing to safeguard legitimate interests) or on the basis of Art. 6(1)(e) GDPR (data processing for the performance of a task carried out in the public interest or in the exercise of official authority), you have the right to object to the processing at any time on grounds relating to your particular situation. We will then no longer process the personal data unless there are demonstrable compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.


Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates data protection regulations. In particular, the right to lodge a complaint may be exercised with a supervisory authority in the Member State of your habitual residence, your workplace, or the place where the alleged infringement occurred.


Exercising Your Rights
Unless otherwise described above, please contact the office listed in the legal notice to exercise your rights as a data subject.

Contact details of the Data Protection Officer

Our external Data Protection Officer is available to provide you with information regarding data protection at the following contact details:
datenschutz nord GmbH
Konsul-Smidt-Straße 88
28217 Bremen
Germany
Web: https://www.dsn-group.de/
Email: office@datenschutz-nord.de
When contacting our Data Protection Officer, please also specify the responsible entity listed in the legal notice.