Privacy policy
Thank you for visiting our website. Below we would like to inform you about the handling of your data in accordance with Art. 13 of the General Data Protection Regulation (GDPR).
Responsible party
The controller responsible for the data collection and processing described below is the body named at Impressum
Storage of the IP address
We store the IP address transmitted by your web browser strictly for a specific purpose and for a maximum period of seven days, in the interest of being able to recognize, limit and eliminate attacks on our websites. After this period, we delete the IP address. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR.
Usage data
When you visit our websites, so-called usage data is temporarily stored on our web server as a log for statistical purposes in order to improve the quality of our websites. This data record consists of
- the page from which the file was requested
- the name of the file,
- the date and time of the request,
- the amount of data transferred,
- the access status (file transferred, file not found),
- the description of the type of web browser used,
- the referral link, which indicates from which page you came to our site,
- the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established.
The aforementioned log data is only analyzed anonymously.
The legal basis for the processing of usage data is Art. 6 para. 1 sentence 1 lit. f GDPR. The processing is carried out in the legitimate interest of providing the content of the website and ensuring a device- and browser-optimized display.
Data security
We take technical and organizational measures to protect your data from unwanted access as comprehensively as possible. We use an encryption process on our websites. Your data is transmitted from your computer to our server and vice versa via the Internet using TLS encryption. You can usually recognize this by the fact that the lock symbol in the status bar of your browser is closed and the address line begins with https://.
Required cookies
We use cookies on our websites that are necessary for the use of our websites.
Cookies are small text files that are stored on your end device and can be read. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session.
We do not use these necessary cookies for analysis, tracking or advertising purposes.
Some of these cookies only contain information on certain settings and are not personally identifiable. They may also be necessary to enable user guidance, security and implementation of the site.
We use these cookies on the basis of our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.
You can set your browser to inform you about the placement of cookies. You can also delete them at any time via the corresponding browser setting and prevent the setting of new cookies. Please note that our websites may then not be displayed in full and some functions may no longer be technically available.
Consent banner
We use a consent management platform (consent or cookie banner) on our websites. The processing in connection with the use of the consent management platform and the logging of the settings you have made is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR, in our legitimate interest to display our content according to your preferences and to be able to prove the consent(s) you have given. The settings you have made, the consent you have given and parts of your usage data are stored in a cookie. This means that it is retained for subsequent page requests and your consent can still be tracked. You can find further information on this under the heading "Required cookies".
The provider of the consent management platform works for us as a strictly instruction-bound service provider (processor). An order processing contract in accordance with Art. 28 GDPR has been agreed.
Tracking tools
Matomo
We use Matomo to design our website in line with requirements. Matomo is an open source tool for web analysis. With Matomo, all data collected is transferred to servers under the control of neuland. Data is not stored on computers outside Germany.
Matomo uses cookies that are stored on your end device and can be read by us. In this way, we are able to recognize returning visitors and count them as such. Data processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR or § 15 para. 3 TMG and in the interest of finding out how often our websites are accessed by different users.
You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
Tracking technologies from third-party providers for advertising purposes
We use cross-device tracking technologies so that you can be shown targeted advertising on other websites based on your visit to our websites and so that we can recognize how effective our advertising measures were.
Data processing takes place on the basis of your consent, provided you have given your consent via our banner. Your consent is voluntary and can be revoked at any time.
*How does the tracking work?
When you visit our websites, it is possible that the third-party providers mentioned below may retrieve recognition features for your browser or your end device (e.g. a so-called browser fingerprint), evaluate your IP address, store or read recognition features on your end device (e.g. cookies) or gain access to individual tracking pixels.
The individual features can be used by third-party providers to recognize your device on other websites. We can commission the relevant third-party providers to place advertisements based on the pages you visit on our website.
*What does cross-device tracking mean?
If you log in to the third-party provider with your own user data, the respective recognition features of different browsers and end devices can be linked together. If, for example, the third-party provider has created a separate feature for the laptop, desktop PC or smartphone or tablet you are using, these individual features can be assigned to each other as soon as you use a service of the third-party provider with your login data. In this way, the third-party provider can also target our advertising campaigns across different end devices.
*Which third-party providers do we use in this context?
Below we list the third-party providers with whom we work for advertising purposes. If the data is processed in this context outside the EU or the EEA (in particular in the USA), we provide information on the level of data protection in the following table.
Provider: LinkedIn
Maximum storage period: 90 days
Adequate level of data protection: For transfers to the USA, an adequate level of data protection is guaranteed due to the provider's certification under the adequacy decision (EU-U.S. Data Privacy Framework)
Withdrawal of consent: If you wish to withdraw your consent, please click here and make the appropriate setting via our banner.
Newsletter
We offer you the option of subscribing to our newsletter on our website. If you have given us separate consent to inform you by email about our company's own products and services, the corresponding processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. a GDPR.
The newsletter will only be sent if you have given us your express consent. Once you have subscribed, you will receive a confirmation email to the email address you have provided (double opt-in). You can revoke your consent at any time. An uncomplicated way to withdraw your consent is, for example, via the unsubscribe link provided in every newsletter. As part of the newsletter registration, we store further data in addition to the data already mentioned, insofar as this is necessary so that we can prove that you have ordered our newsletter. This may include the storage of the complete IP address at the time of the order or confirmation of the newsletter, as well as a copy of the confirmation e-mail sent by us. The corresponding data processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR and in the legitimate interest of being able to account for the legality of the newsletter dispatch.
We use the mailchimp tool from The Rocket Science Group, LLC d/b/a Mailchimp (Intuit Group) to send our newsletter or mailings after you have provided your email address. This provider is strictly bound by instructions as a processor in accordance with a concluded data protection agreement pursuant to Art. 28 GDPR and the SCCs. For transfers to the USA, an adequate level of data protection is guaranteed due to the provider's certification under the adequacy decision (EU-U.S. Data Privacy Framework).
If you no longer wish to receive the newsletter in future, you can unsubscribe at any time, e.g. by sending an email to activecampaign@neuland-bfi.de or via the link to unsubscribe from the newsletter, which you will find in every newsletter email. If you give us the corresponding consent when you register, we will analyze your personal use of the offer or the newsletter by evaluating when the newsletter sent to you was accessed or opened and individualizing the links in the newsletter in order to be able to evaluate when you clicked on which link and which content you clicked on. We use this to improve our content and to create tailored, personalized offers for you. If you wish to withdraw your consent, please use the link provided in every newsletter to unsubscribe or change your consent.
Storage period
Unless we have already informed you in detail about the storage period, we delete personal data when it is no longer required for the aforementioned processing purposes and no legitimate interests or other (legal) reasons for storage prevent deletion.
Contact form (whitepaper download)
You have the option of getting in touch with us via our contact form. To use our contact form and to send the selected content (whitepaper downloads), we first need the data marked as mandatory fields.
We use this data on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR to answer your request.
In addition, you can decide for yourself whether you would like to provide us with further information. This information is provided voluntarily and is not mandatory for making contact. We process your voluntary information on the basis of your consent.
Your data will only be processed to answer your request. We will delete your data if it is no longer required and there are no legal obligations to retain it.
If your data transmitted via the contact form is processed on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR, you can object to the processing at any time. You can also withdraw your consent to the processing of voluntary information at any time. To do so, please contact the e-mail address provided in the legal notice.
For this purpose, we use a contact form and CRM from the processor Pipedrive, Inc., which supports us in data processing on the basis of the data protection contract concluded in accordance with Art. 28 GDPR.
If you have given your consent, we reserve the right to contact you by email.
Further processors
We pass on your data to service providers who support us in the operation of our websites and the associated processes as part of order processing in accordance with Art. 28 GDPR. These are e.g. hosting service providers. Our service providers are strictly bound by our instructions and contractually obligated accordingly.
In the following, we will name the processors with whom we work if we have not already done so in the above text of the privacy policy. If data may be processed outside the EU or the EEA in this context, we will inform you of this in the following table.
Pipedrive Inc - CRM - For transfers to the USA, an adequate level of data protection is guaranteed due to the provider's certification under the adequacy decision (EU-U.S. Data Privacy Framework).
Applications
We process your personal data in accordance with the applicable data protection regulations on the basis of § 26 BDSG-new. We process the data that you disclose to us as part of your online application exclusively for the purpose of selecting applicants. Data will not be processed for any other purpose.
You yourself determine the scope of the data that you wish to transmit to us as part of your online application. Online applications are transmitted electronically to the responsible persons and processed there as quickly as possible. The transmission is encrypted. As a rule, applications are forwarded to the employees responsible for the position for which you are applying. Your data will not be passed on beyond this. Your details will be treated confidentially in our company. If your application is unsuccessful, your documents will be deleted after 6 months.
In the event that we may also consider your application for other or future job advertisements, please make a corresponding note on the application. We will then process your data on the basis of Art. 6 para. 1 sentence 1 lit. a GDPR. Please refer to the section "Your rights as a user".
Facebook company page
We operate an official Facebook page under the URL https://de-de.facebook.com/neulandbfi on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR. We do not collect, store or process personal data of our users on this page at any time. Furthermore, we do not carry out or initiate any other data processing. The data you enter on our Facebook page, such as comments, videos or images, will not be used or processed by us for any other purpose at any time.
Facebook uses so-called web tracking methods on this page. Please be aware that Facebook may use your profile data, for example to analyze your habits, personal relationships, preferences, etc. We have no influence whatsoever on the processing of your data. We have no influence whatsoever on the processing of your data by Facebook.
Embedded YouTube videos
We embed YouTube videos into our website on some subpages. When these subpages are accessed, content from YouTube is loaded. In this context, YouTube also receives your IP address, which is technically required to retrieve the content. In principle, we have no influence on further processing by YouTube. However, when embedding the videos, we have taken care to activate the extended data protection mode offered by YouTube.
Podigee podcast hosting
We use the podcast hosting service Podigee from the provider Podigee GmbH, Revaler Straße 28, 10245 Berlin, Germany. The podcasts are loaded by Podigee or transmitted via Podigee.
The use is based on our legitimate interests, i.e. interest in the secure and efficient provision, analysis and optimization of our podcast offer in accordance with Art. 6 para. 1 lit. f. GDPR. GDPR.
Podigee processes IP addresses and device information to enable podcast downloads/playbacks and to determine statistical data, such as the number of downloads. This data is anonymized or pseudonymized before being stored in Podigee's database, unless it is necessary for the provision of the podcasts.
Further information and objection options can be found in Podigee's privacy policy: https://www.podigee.com/de/about/privacy/.
Meetergo
We use the online appointment booking tool from meetergo GmbH, Hansaring 61, 50670 Cologne (hereinafter referred to as meetergo).
If you make an appointment with us online, the data you enter for this purpose will be stored on meetergo's servers in Germany. Furthermore, meetergo briefly records your IP address, your referrer URL, the time of access and can determine that you have made an inquiry with us; this data is used exclusively for the technical provision of the service and is then automatically deleted again.
The use of meetergo is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in making appointments as uncomplicated as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR or Art. 9 para. 1 lit. a; the consent can be revoked at any time.
Further information can be found in meetergo's privacy policy: https://meetergo.com/datenschutz/
Your rights as a data subject
When processing your personal data, the GDPR grants you certain rights as a data subject:
Right of access (Art. 15 GDPR)
You have the right to request confirmation as to whether personal data concerning you is being processed; if this is the case, you have a right to information about this personal data and to the information listed in detail in Art. 15 GDPR.
Right to rectification (Art. 16 GDPR)
You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you and, where applicable, to have incomplete personal data completed.
Right to erasure (Art. 17 GDPR)
You have the right to demand that personal data concerning you be deleted immediately if one of the reasons listed in Art. 17 GDPR applies.
Right to restriction of processing (Art. 18 GDPR)
You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g. if you have objected to the processing, for the duration of the examination by the controller.
Right to data portability (Art. 20 GDPR)
In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format or to request the transmission of this data to a third party.
Right of revocation (Art. 7 GDPR)
If the processing of data is based on your consent, you are entitled to withdraw your consent to the use of your personal data at any time in accordance with Art. 7 para. 3 GDPR. Please note that the revocation only takes effect for the future. Processing that took place before the revocation is not affected.
Right to object (Art. 21 GDPR)
If data is collected on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR (data processing to protect legitimate interests) or on the basis of Art. 6 para. 1 sentence 1 lit. e GDPR (data processing to protect the public interest or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.
Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
In accordance with Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of data concerning you violates data protection regulations. The right to lodge a complaint can be exercised in particular with a supervisory authority in the Member State of your habitual residence, place of work or place of the alleged infringement.
Assertion of your rights
Unless otherwise described above, please contact the office named in the legal notice to assert your rights as a data subject.
Contact details of the data protection officer
Our external data protection officer will be happy to provide you with information on the subject of data protection using the following contact details:
datenschutz nord GmbH
Konsul-Smidt-Straße 88
28217 Bremen
Web: https://www.dsn-group.de/
E-mail: office@datenschutz-nord.de
If you contact our data protection officer, please also indicate the responsible body named in the imprint.