Privacy Policy

We are pleased that you have chosen to visit our website. The protection and security of your personal information when using our website is very important to us. We would therefore like take this opportunity to inform you of which personal data we collect when you visit our website and the purposes for which it is used.

This privacy policy applies to the website of Condair Systems GmbH, which can be accessed at the domain www.condair-systems.eu and at the various subdomains (“our website”).

 

Who is responsible and how can I reach you?

Controller

for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)

Condair Systems GmbH
Nordportbogen 5
22848 Norderstedt - Germany
+49 40 85 32 77-0
info@condair-systems.de

 

Data protection officer

AGAD Service GmbH
Waldring 43-47
44789 Bochum - Germany
datenschutz@agad.de

 

What is this about?

This privacy policy fulfils the legal requirements in place with regard to the transparency of processing of personal data. This is any information concerning an identified or identifiable natural person. It includes information such as your name, your age, your address, your telephone number, your date of birth, your e-mail address, your IP address or user behaviour when visiting a website. Information that we cannot relate to your person (or can only do so with disproportionate effort), for example as a result of anonymisation, is not personal data. The processing of personal data (e.g. collection, retrieval, use, storage or transfer) always requires a legal basis and a defined purpose.

Stored personal data will be deleted as soon as the purpose of its processing has been achieved and there are no legitimate grounds for further retention of the data. We will inform you about the specific storage periods and criteria for storage in the individual processing operations. Irrespective of this, we store your personal data in individual cases for the establishment, exercise or defence of legal claims and in the event of statutory retention obligations.

 

Who obtains my data?

We share the personal data that you provide and that we process on our website with third parties only if necessary for the fulfilment of the purposes and covered by the legal basis in the individual case (e.g. consent or for the purposes of legitimate interests). In addition, we disclose personal data to third parties in individual cases if doing so serves to establish, exercise or defend legal claims. In such cases, possible recipients may include for example law enforcement agencies, lawyers, auditors, courts, etc.

In cases where we make use of service providers for the operation of our website as processors of personal data on our behalf pursuant to Article 28 GDPR, these providers may be recipients of your personal data. For more information on our use of processors and web services, please refer to the overview of individual processing operations.

 

Do you use cookies?

Cookies are small text files sent by us when you visit our website to the browser on your device, where they are stored. As an alternative to the use of cookies, information may also be stored in your browser’s local storage. Some features of our website cannot be offered without the use of cookies or local storage (cookies required for technical purposes). However, other cookies enable us to undertake analysis of various kinds, giving us the ability for example to recognise the browser you are using when you visit our website again and to transfer information of various kinds to us (non-essential cookies). Among other things, cookies allow us to make our website more user-friendly and effective for you, for example by understanding how you use our website and determining your preferred settings (e.g. country and language settings). If third parties process information using cookies, they collect the information directly from your browser. Cookies do not cause any damage to your device. They cannot run programs and do not contain viruses.

You will find information about each of the services for which we use cookies in the individual processing operations. You can find detailed information about the cookies used in the cookie settings or in the Consent Manager on this website.

 

What rights do I have?

Under the requirements of the statutory provisions of the General Data Protection Regulation (GDPR), you as the data subject have the following rights:

  • Right of access pursuant to Article 15 GDPR to the stored data concerning you in the form of meaningful information about the details of its processing, and to a copy of your data.
  • Right to rectification pursuant to Article 16 GDPR of inaccurate or incomplete data stored by us.
  • Right to erasure pursuant to Article 17 GDPR of data stored by us, insofar as processing is not necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims.
  • Right to restriction of processing pursuant to Article 18 GDPR, insofar as the accuracy of the data is contested, the processing is unlawful, we no longer need the data and you oppose their erasure because they are required for the establishment, exercise or defence of legal claims, or you have objected to processing pursuant to Article 21 GDPR.
  • Right to data portability pursuant to Article 20 GDPR, insofar as you have provided us with personal data based on your consent pursuant to point (a) of Article 6(1) GDPR or based on a contract pursuant to point (b) of Article 6(1) GDPR and their processing has been carried out by us by automated means. You will receive your data in a structured, commonly used and machine-readable format or we will transmit the data directly to another controller where technically feasible.
  • Right to object pursuant to Article 21 GDPR to processing of your personal data, insofar as the processing is based on point (e) or (f) of Article 6(1) GDPR and there are grounds relating to your particular situation or the objection is to processing for direct marketing purposes. There is no right to object if overriding compelling legitimate grounds for the processing are demonstrated or the processing is carried out for the establishment, exercise or defence of legal claims. If there is no right to object to individual processing operations, this is indicated in each case.
  • Right to withdraw your consent pursuant to Article 7(3) GDPR with effect for the future.
  • Right to lodge a complaint with a supervisory authority pursuant to Article 77 GDPR if you consider that the processing of your personal data infringes the GDPR. As a rule, you can contact the supervisory authority of your habitual residence, your place of work or our place of business.

 

How is my data processed specifically?

In the following section, we will inform you about the individual processing operations, the scope and purpose of data processing, the legal basis, the obligation to provide your data, and the storage period in each case. Automated decision-making in individual cases, including profiling, does not take place.

Provision of the website

Nature and scope of processing

When you access and use our website, we collect the personal data that your browser sends automatically to our server. The following information is stored temporarily in a log file:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the file retrieved
  • Website from which access is made (referrer URL)
  • Browser used and your computer’s operating system where applicable, as well as the name of your access provider

[We do not host our website ourselves, it is hosted by a service provider who processes the aforementioned data on our behalf pursuant to Article 28 GDPR]

 

Purpose and legal basis

Processing is for the purposes of our overriding legitimate interest in displaying our website and ensuring security and stability on the basis of point (f) of Article 6(1) GDPR. Collection of the data and storage in log files are essential for the operation of the website. There is no right to object to processing on the basis of the exception set out in Article 21(1) GDPR. Where further storage of the log files is required by law, processing is on the basis of point (c) of Art. 6(1) GDPR. While there is no legal or contractual obligation to provide the data, access to our website without providing the data is not technically possible.

 

Storage period

The data set out above is stored for the period for which the website is displayed, and in addition for a maximum of 7 days for technical reasons.

 

Contact form

Nature and scope of processing

On our website, we offer you the opportunity to contact us using the forms provided. The information collected in mandatory fields is required in order to process the request. You can also provide additional information on a voluntary basis that you consider necessary for processing of the contact request.

When you use the contact form, your personal data will not be passed on to third parties.

 

Purpose and legal basis

Processing of the data you provide through your use of our contact form is for the purpose of communication and processing of your request on the basis of your consent pursuant to point (a) of Article 6(1) GDPR. If your request relates to an existing contractual relationship with us, processing is for the purpose of performance of the contract on the basis of point (b) of Article 6(1) GDPR. While there is no legal or contractual obligation to provide your data, processing of your request without providing the information in the mandatory fields is not possible. If you do not wish to provide this data, please contact us by other means.

 

Storage period

Your personal data will be deleted or made unavailable when the purpose for which it is stored is no longer applicable and there are no statutory retention periods preventing its erasure. The data will then also be made unavailable or deleted when a storage period stipulated by the aforementioned standards expires, unless there is a necessity for further storage of the data in order to conclude or perform a contract.

 

Newsletter

Nature and scope of processing

If you register on our website to receive our newsletter, we collect your e-mail address [as well as your name, etc.] and store this information together with the date of registration and your IP address. You will then receive an e-mail in which you must confirm your registration for the newsletter (double opt-in). If you do not confirm your registration within 24 hours, it will automatically expire and the data will not be processed for the purpose of sending the newsletter.

 

Purpose and legal basis

We process your data for the purpose of sending the newsletter on the basis of your consent pursuant to point (a) of Article 6(1) GDPR. By unsubscribing from the newsletter, you can withdraw your consent at any time with effect for the future pursuant to Article 7(3) GDPR. While there is no legal or contractual obligation to provide your data, it is not possible to send the newsletter without providing your data.

 

Storage period

After registering for the newsletter, we store the data for a maximum of 24 hours until confirmation of your registration. After successful confirmation, we store your data until you withdraw your consent (by unsubscribing from the newsletter), and in addition for a maximum of 7 days for technical reasons.

 

Presence on social media platforms

We maintain so-called fan pages or accounts or channels on the networks set out below with a view to also providing you with information and offers within social networks and to offering you other ways to contact us and find out about our offers. In the following section, we will inform you about which data provided by you we or the respective social networks in each case process in connection with accessing and using our fan pages/accounts.

 

Data provided by you that we process

If you wish to contact us via messenger or direct message through a particular social network, we generally process the user name you use to contact us and store any other data you have provided if that data is required to process/respond to your request.

The legal basis for this is point (f) of Article 6(1) GDPR (processing is necessary for the purposes of the legitimate interests pursued by the controller).

 

(Static) usage data that we receive from the social networks

We receive automated statistics regarding our accounts via insights functionalities. Among other things, these statistics include the total number of page views, likes, details of page activities and post interactions, reach, video views and details of the proportion of men/women among our fans/followers.

The statistics contain only aggregated data that cannot be related to individual persons. This means that we cannot use them to identify you.

 

Data provided by you that the social networks process

You do not have to be a member of a social network to view the content of our fan pages or accounts, which means that no user account is required for the social network in question.

However, please note that when you access a social network, the social networks also collect and store data from website visitors without a user account (e.g. technical data needed to display the website to you), and that they use cookies and similar technologies over which we have no control. For details, please refer to the privacy policies of each of the social networks (see links above).

If you wish to interact with the content on our fan pages/accounts, for example to comment on, share or like our posts and/or to use messenger functions to contact us, you will first need to register with the social network in question and provide personal data.

We have no influence on data processing by the social networks as part of their use by you. As we understand it, your data is stored and processed in particular in connection with the provision of the services offered by each of the social networks, as well as for the analysis of user behaviour (using cookies, pixels/web beacons and similar technologies) which provides the basis for serving you advertising based on your interests, both within and outside the social network in question. The possibility that your data will be stored by the social networks outside the EU/EEA and passed on to third parties cannot be ruled out.

You can find information including the exact scope and purposes of processing of your personal data, storage periods/erasure and policies regarding the use of cookies and similar technologies as part of registration and use of the social networks in the privacy policies/cookie policies of each of the social networks, where you will also find information regarding your rights and how to object.

 

LinkedIn page

LinkedIn is a social network operated by LinkedIn Inc. based in Sunnyvale, California, USA, which allows natural persons and companies to create private and professional profiles. Within the social network, users can maintain their existing contacts and make new contacts. Companies and other organisations can create profiles and upload photos and other company information to present themselves as employers and recruit staff. Other LinkedIn users have access to this information and can write their own articles and share their content with others. The focus of the network is on professional exchange on specialist topics with people who share the same professional interests.

When they use or visit the network, LinkedIn automatically collects data from users or visitors, for example user name, job title and IP address. Various tracking technologies are used to do this. LinkedIn provides benefits in the form of information, offers and recommendations based on the data collected in this way.

We collect your data via our company profile for the exclusive purpose of a possible provision for communication and interaction with us. The data collected generally includes your name, the content of messages and comments, and the “public” profile information you provide.

Processing of your personal data for our purposes as set out above is on the basis of our legitimate business and communication interest in offering an information and communication channel pursuant to point (f) of Article 6(1) GDPR. If you as a user have given your consent to data processing to the provider of a social network, the legal basis of processing extends to point (a) of Article 6(1), Article 7 GDPR.

Given the fact that the actual data processing is carried out by the provider of the social network, our access to your data is limited. Only the provider of the social network has a legitimate interest in full access to your data. As a result, only the provider can directly take and implement appropriate measures to fulfil your rights as a user (request for access, request for erasure, objection, etc.). The most effective way to assert such rights is therefore to contact the respective provider directly.

We share responsibility with LinkedIn for the personal content of our company profile. Rights of data subjects can be asserted with LinkedIn Inc. and with us.

We make no decisions regarding the data collected on the LinkedIn page using tracking technologies.

For more information about LinkedIn, please visit: https://about.linkedin.com.

For more information about data protection at LinkedIn, please visit: https://www.linkedin.com/legal/privacy-policy.

For more information about storage duration/deletion and about policies on the use of cookies and similar technologies in the context of registration and use at LinkedIn, please visit: https://de.linkedin.com/legal/cookie-policy?trk=homepage-basic_footer-cookie-policy.

 

XING page

XING is a social network operated by New Work SE based in Hamburg, Germany, which allows natural persons and companies to create private and professional profiles. Within the social network, users can maintain their existing contacts and make new contacts. Companies and other organisations can create profiles and upload photos and other company information to present themselves as employers and recruit staff. Other XING users have access to this information and can write their own articles and share their content with others. The focus of the network is on professional exchange on specialist topics with people who share the same professional interests.

When they use or visit the network, XING or third parties engaged by XING automatically collect data from users or visitors, for example user name, job title and IP address. Various tracking technologies are used to do this. XING provides benefits in the form of information, offers and recommendations based on the data collected in this way.

We collect your data via our company profile for the exclusive purpose of a possible provision for communication and interaction with us. The data collected generally includes your name, the content of messages and comments, and the “public” profile information you provide.

Processing of your personal data for our purposes as set out above is on the basis of our legitimate business and communication interest in offering an information and communication channel pursuant to point (f) of Article 6(1) GDPR. If you as a user have given your consent to data processing to the provider of a social network, the legal basis of processing extends to point (a) of Article 6(1), Article 7 GDPR.

Given the fact that the actual data processing is carried out by the provider of the social network, our access to your data is limited. Only the provider of the social network has a legitimate interest in full access to your data. As a result, only the provider can directly take and implement appropriate measures to fulfil your rights as a user (request for access, request for erasure, objection, etc.). The most effective way to assert such rights is therefore to contact the respective provider directly.

We share responsibility with XING for the personal content of our company profile. Rights of data subjects can be asserted with New Work SE and with us.

We make no decisions regarding the data collected on the XING page using tracking technologies.

For more information about XING, please visit: https://corporate.xing.com/de/unternehmen.

For more information about data protection at XING, please visit: https://privacy.xing.com/de/datenschutzerklaerung.

 

CCM19

Nature and scope of processing

We have integrated CCM19 on our website. CCM19 is a consent solution from Papoo Software & Media GmbH, Auguststr. 4, 53229 Bonn, Germany, which can be used to obtain and document consent to the storage of cookies. CCM19 uses cookies or other web technologies to recognise returning users and to store consent that has been given or withdrawn.

 

Purpose and legal basis

Our use of the service is on the basis of obtaining legally required consent to the use of cookies pursuant to point (c) of Article 6(1) GDPR.

 

Storage period

We have no influence over the specific storage period for the processed data, which is determined by Papoo Software & Media GmbH. You can find more information in the CCM19 data protection notice: https://www.ccm19.de/en/privacyclarification.html.

Google Analytics

Nature and scope of processing

We use Google Analytics operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an analytics service for the statistical analysis of our website. This includes for example the number of views of our website, pages visited and the time visitors spend on the website.

Google Analytics uses cookies and other browser technologies to analyse user behaviour and recognise returning users.

This information is used among other things to compile reports on website activity.

 

Purpose and legal basis

Our use of Google Analytics is on the basis of your consent pursuant to point (a) of Article 6(1) GDPR and Section 25(1) TTDSG (German Telecommunications-Telemedia Data Protection Act).

We propose the transfer of personal data to third countries outside the European Economic Area, in particular the United States. In cases where there is no adequacy decision by the European Commission in place (e.g. in the United States), we have agreed other suitable guarantees within the meaning of Article 44 et seq. GDPR with the recipients of the data. Unless otherwise stated, these are standard contractual clauses of the EU Commission pursuant to Implementing Decision (EU) 2021/914 of 4 June 2021. You can view a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32021D0914&from=EN.

Prior to any such a transfer to a third country, we also obtain your consent pursuant to point (a) of Article 49(1) GDPR, which you provide with your consent in the Consent Manager (or other forms, registrations, etc.). Please be advised that the specifics of transfers to third countries may involve unknown risks (such as data processing by third country security authorities where the exact scope and consequences for you are not known to us, which we have no influence over and which you may not be aware of).

 

Storage period

We have no influence over the specific storage period for the processed data, which is determined by Google Ireland Limited. You can find more information in the Google Analytics privacy policy: https://policies.google.com/privacy.

 

Google Tag Manager

Nature and scope of processing

We use Google Tag Manager operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags through one interface and enables us to control the precise integration of services on our website, allowing us to integrate additional services flexibly with a view to analysing user access to our website.

 

Purpose and legal basis

Our use of Google Tag Manager is on the basis of your consent pursuant to point (a) of Article 6(1) GDPR and Section 25(1) TTDSG (German Telecommunications-Telemedia Data Protection Act).

 

Storage period

We have no influence over the specific storage period for the processed data, which is determined by Google Ireland Limited. You can find more information in the Google Tag Manager privacy policy: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/.

 

Google reCAPTCHA

Nature and scope of processing

We have integrated components of Google reCAPTCHA on our website. Google reCAPTCHA is a service operated by Google Ireland Limited that enables us to distinguish whether a request for contact is coming from a natural person or is automated by means of a program. When you access this content, you establish a connection to servers operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, transferring your IP address, and if applicable browser data such as your user agent. Google reCAPTCHA also records the time spent by the user and the user’s mouse movements to distinguish automated requests from human ones. This data is processed solely for the purposes set out above and to maintain the security and functionality of Google reCAPTCHA.

 

Purpose and legal basis

Our use of Google reCAPTCHA is on the basis of your consent pursuant to point (a) of Article 6(1) GDPR and Section 25(1) TTDSG (German Telecommunications-Telemedia Data Protection Act).

We propose the transfer of personal data to third countries outside the European Economic Area, in particular the United States. In cases where there is no adequacy decision by the European Commission in place (e.g. in the United States), we have agreed other suitable guarantees within the meaning of Article 44 et seq. GDPR with the recipients of the data. Unless otherwise stated, these are standard contractual clauses of the EU Commission pursuant to Implementing Decision (EU) 2021/914 of 4 June 2021. You can view a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32021D0914&from=EN.

Prior to any such a transfer to a third country, we also obtain your consent pursuant to point (a) of Article 49(1) GDPR, which you provide with your consent in the Consent Manager (or other forms, registrations, etc.). Please be advised that the specifics of transfers to third countries may involve unknown risks (such as data processing by third country security authorities where the exact scope and consequences for you are not known to us, which we have no influence over and which you may not be aware of).

 

Storage period

We have no influence over the specific storage period for the processed data, which is determined by Google Ireland Limited. You can find more information in the Google reCAPTCHA privacy policy: https://policies.google.com/privacy?hl=en-US.

 

YouTube Video

Nature and scope of processing

We have integrated YouTube Video on our website. YouTube Video is a component of the video platform operated by YouTube, LLC that allows users to upload content, share it over the Internet and get detailed statistics.

YouTube Video allows us to integrate content from the platform into our website.

YouTube Video uses cookies and other browser technologies to analyse user behaviour, recognise returning users and create user profiles. This information is used among other things to analyse the activity of the content accessed and to create reports. If a user is registered with YouTube, LLC, YouTube Video can assign the videos played to the profile.

When you access this content, you establish a connection to servers operated by YouTube, LLC, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, transferring your IP address, and if applicable browser data such as your user agent.

 

Purpose and legal basis

Our use of the service is on the basis of your consent pursuant to point (a) of Article 6(1) GDPR and Section 25(1) TTDSG (German Telecommunications-Telemedia Data Protection Act).

We propose the transfer of personal data to third countries outside the European Economic Area, in particular the United States. In cases where there is no adequacy decision by the European Commission in place (e.g. in the United States), we have agreed other suitable guarantees within the meaning of Article 44 et seq. GDPR with the recipients of the data. Unless otherwise stated, these are standard contractual clauses of the EU Commission pursuant to Implementing Decision (EU) 2021/914 of 4 June 2021. You can view a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32021D0914&from=EN.

Prior to any such a transfer to a third country, we also obtain your consent pursuant to point (a) of Article 49(1) GDPR, which you provide with your consent in the Consent Manager (or other forms, registrations, etc.). Please be advised that the specifics of transfers to third countries may involve unknown risks (such as data processing by third country security authorities where the exact scope and consequences for you are not known to us, which we have no influence over and which you may not be aware of).

 

Storage period

We have no influence over the specific storage period for the processed data, which is determined by YouTube, LLC. You can find more information in the YouTube Video privacy policy: https://policies.google.com/privacy.