We are very pleased about your interest in our enterprise. Data protection is of great importance to our management. In principle, the Web site of KÖBO can be used without any disclosure of personal data. If a data subject wants to make use of special services of our enterprise via our Web site, however, the processing of personal data might become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we always obtain the informed consent of the data subject.

The processing of personal data, e.g. the name, address, e-mail address and telephone number of a data subject, is always carried out in accordance with the EU General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection provisions applicable to KÖBO. By means of this Privacy Policy, our enterprise wants to inform the public about the nature, extent and purpose of personal data collected, used and processed by us. In addition, data subjects are informed with this Privacy Policy of the rights to which they are entitled.

KÖBO, as the controller responsible for the processing, has implemented numerous technical and organisational measures in order to ensure end-to-end protection of the data processed via this Web site. In spite of this, Internet-based data transmission can, in principle, have security gaps, so that a 100% protection cannot be guaranteed. For this reason, every data subject is at liberty to transmit to us personal data in alternative ways, e.g. over the phone.

1. Name and address of the controller

 

Controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other data protection provisions is:

KÖBO GmbH & Co. KG

Hatzfelder Str. 115

42281 Wuppertal, Germany

North Rhine-Westphalia

Telephone: 0049 202 7093-0

Fax: 0049 202 7093-304

E-mail: info@koebo.com

Website: https://www.koebo.com

For questions regarding their rights and data protection, please contact Mr. Uwe Klein at the following e-mail address:

datenschutz@koebo.com.

 

2. Definitions

 

The Privacy Policy of KÖBO is based on the key terms used by the European legislator in the General Data Protection Regulation (GDPR). Our Privacy Policy is designed to be easily readable and understandable for the public as well as our customers and business partners. In order to ensure this, we would like to explain the key terms used.

We used the following terms in our Privacy Policy:

a)    personal data
Personal data is all information that relates to an identified or identifiable natural person (hereinafter referred to as “data subject”). A natural person is considered to be identifiable if the person can be identified, directly or indirectly, especially by means of attribution to an identifier such as a name, to an identification number, to an online identifier or to one or more specific characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.

b)    data subject
Any identified or identifiable natural person whose personal data is processed by the controller is a data subject.

c)    processing
Processing means any action or set of actions that is performed on personal data or sets of data, whether automated or not, e.g. the collection, registration, organisation, arrangement, storage, adjustment or change, reading, querying, using, disclosure by transmission, dissemination or any other form of provision, comparison or linking, restriction, erasure or destruction.

d)    restriction of processing
Restriction of processing means the marking of stored personal data in order to restrict its processing in the future.

e)    profiling
Profiling means any automated processing of personal data that uses this personal data to evaluate certain personal aspects relating to a natural person, especially to analyse or predict aspects of work performance, economic situation, health, personal preferences, interests, reliability, conduct, place of residence or change of location of this natural person.

f)     pseudonymisation
Pseudonymisation means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without bringing in additional information if this additional information is kept separately and is subject to technical and organisational measures, which ensure that the personal data cannot be attributed to an identified or identifiable natural person.

g)    controller responsible for the processing
The controller responsible for the processing is the natural or legal person, public authority, institution or other body that establishes the purpose and method of the processing of personal data, alone or together with other actors. Where the purposes and means of processing are specified by EU law or the law of the Member States, the controller or the criteria for his appointment according to EU law or the law of the Member States can be designated.

h)    processor
A processor is the natural or legal person, public authority or other body that processes data on behalf of the controller.

i)      recipient
A recipient is a natural or legal person, public authority, institution or other body to which personal data is disclosed, regardless of whether it is a third party or not. However, authorities that receive personal data in the context of a specific investigation mandate under EU law or the law of the Member States are not deemed recipients.

j)      third party
A third party is a natural or legal person, public authority, institution or other body that is not the data subject, the controller, the processor; and those persons who are authorised, under the direct responsibility of the controller or the processor, to process the personal data.

k)    consent
Consent is any informed, unambiguous and freely given permission for the specific case in the form of a declaration or any other unambiguous affirmative action by which the data subject agrees to have the personal data relating to him or her processed. 

 

 

 

 

3. Legitimacy of processing

 

The processing of personal data is only legitimate when a legal basis for the processing is in place. Under Section 6 (1) lit. a–f GDPR, the following in particular can constitute the legal basis for the processing:

a.) The data subject has given his/her consent to the processing of the personal data concerning him/her for one or more specific purposes;

b.) the processing is required for executing a contract of which the data subject is a party or for the implementation of pre-contractual measures that are taken at the request of the data subject;

c.) the processing is required to fulfil a legal obligation the controller must comply with;

d.) the processing is required in order to protect vital interests of the data subject or another natural person;

e.) the processing is required for the exercise of a task that is in the public interest or is due to a public authority that was assigned to the controller;

f.) processing is required to protect legitimate interests of the controller or a third party unless the interests or fundamental rights and liberties of the data subject, which require the protection of personal data, outweigh them; especially if the data subject is a child.

 

4. Rights of the data subject

a)    Right of confirmation

Every data subject has the right granted by the European legislator to request a confirmation from the controller as to whether the personal data concerning him/her is processed. If the data subject wants to exercise this right to confirmation, he/she can contact an employee of the controller in this matter at any time.

b)    Right of access
Every data subject affected by the processing of personal data has the right granted by the European legislator to obtain from the controller free information on the data stored about him/her and obtain a copy of this information. Furthermore, the European legislator has granted the data subject the right to obtain information on the following:

• processing purposes
• the categories of personal data that are processed
• the recipients or categories of recipients to whom the personal data has been disclosed or will be disclosed, in particular recipients in third countries or at international organisations
• if possible, the planned period for which the personal data is stored, or, if this is not possible, the criteria for the determination of this storage period
• the existence of a right to rectification or erasure of personal data concerning him/her; of the right to restriction of processing by the controller; of a right to an objection to this processing;
• the existence of a right to file a complaint with a supervisory authority;
• if the personal data is not collected from the data subject: all available information about the origin of the data
• the existence of an automated decision-making process, including profiling, according to Section 22 (1, 4) GDPR, and – at least in these cases – meaningful information on the logic involved as well as the scope and desired impact of such processing for the data subject.

Furthermore, the data subject has a right to information as to whether personal data was transmitted to a third country or an international organisation. If this is the case, the data subject also has the right to obtain information about suitable guarantees in relation to the transmission.

Furthermore, the data subject has a right to information as to whether personal data was transmitted to a third country or an international organisation. If this is the case, the data subject also has the right to obtain information about suitable guarantees in relation to the transmission.

If the data subject wants to exercise this right to information, he/she can contact an employee of the controller in this matter at any time.

c)    Right to rectification
Every data subject affected by the processing of personal data has the right granted by the European legislator to demand the immediate rectification of incorrect personal data concerning him/her. In addition, the data subject has the right to demand the completion of incomplete personal data — also by means of a supplementary statement — taking in due consideration the purposes of the processing.

If the data subject wants to exercise this right to rectification, he/she can contact an employee of the controller in this matter at any time.

d)    Right to erasure (right to be forgotten)

Every data subject affected by the processing of personal data has the right granted by the European legislator to demand from the controller the immediate erasure of the personal data concerning him/her if one of the following reasons is applicable and to the extent that the processing is not required:

• The personal data was collected or otherwise processed for such purposes for which they are no longer needed.
• The data subject withdraws his/her consent on which the processing in accordance with Section 6 (1) lit. a or Section 9 (2) lit. a GDPR was based, and there is no other legal basis for the processing.
• The data subject objects to the processing in accordance with Section 21 (1) GDPR, and there are no overriding legitimate reasons for the processing; or the data subject objects to the processing in accordance with Section 21 (2) GDPR.
• The personal data has been processed unlawfully.
• The erasure of the personal data is required to meet a legal obligation under EU law or the law of the Member States with which the controller must comply.
• The personal data was collected in terms of offered information society services pursuant to Section 8 (1) GDPR. 

If one of the aforementioned reasons applies and a data subject wants to initiate the erasure of personal data stored by KÖBO, he/she can contact an employee of the controller at any time. The KÖBO employee will then take care that the erasure is immediately carried out.

If personal data was made public by KÖBO and our enterprise is the controller pursuant to Section 17 (1) GDPR, KÖBO and is obligated to erase the personal data, KÖBO takes appropriate actions – taking in due consideration the available technology and the costs of implementation, including technical ones – in order to inform the controllers, who process the personal data, that the data subject has demanded from these other controllers responsible for the data processing the erasure of all links to this personal data or any copies and replications of this personal data, unless the processing is required. The KÖBO employee will take the necessary action on a case-by-case basis.

e)    Right to restriction of processing

Every data subject affected by the processing of personal data has the right granted by the European legislator to demand from the controller the restriction of the processing if one of the following prerequisites applies:

• The data subject disputes the accuracy of the personal data, namely for a period that allows the controller to verify the accuracy of the personal data.
• The processing is unlawful; the data subject rejects the erasure of the personal data and demands, instead, the restriction of the use of the personal data.
• The controller no longer needs the personal data for purposes of processing but the data subject needs it to assert, exercise or defend legal claims.
• The data subject has filed an objection to the processing according to Section 21 (1) GDPR and it is not yet clear whether the legitimate reasons of the controller outweigh those of the data subject.

If one of the aforementioned prerequisites applies and a data subject wants to demand the restriction of personal data stored by KÖBO, he/she can contact an employee of the controller at any time. The KÖBO employee will arrange for the restriction of processing.

f)     Right to data portability

Each data subject affected by the processing of personal data has the right granted by the European legislator to receive the personal data concerning them, which was provided to a controller by the data subject, in a structured, common and machine-readable format. They also have the right to transmit the personal data to another controller without being hindered therein by the controller to whom the personal data was provided, if the processing is based on consent pursuant to Section 6 (1) lit. a GDPR or Section 9 (2) lit. a GDPR or on a contract under Section 6 (1) lit. b GDPR or if the processing is done by means of automated processes, unless the processing is required for the performance of a task in the public interest or in exercise of a public authority that was assigned to the controller.

Furthermore, when exercising his/her right to data portability under Section 20 (1) GDPR, the data subject has the right to seek that the personal data concerning him/her is transmitted directly from one controller to another controller, insofar as this is technically feasible and the rights and liberties of other persons are not affected.

The data subject can contact an employee of KÖBO at any time to assert their right to data portability.

g)    Right to objection

Each data subject affected by the processing of personal data has the right granted by the European legislator to object at any time, for reasons arising from their specific situation, to the processing of personal data concerning him/her that is carried out on the basis of Section 6 (1) lit. e or f GDPR. This also applies to profiling based on these provisions.

In the event of an objection, KÖBO no longer processes the personal data unless we can give proof of reasons worthy of protection for the processing that outweigh the interests, rights and liberties of the data subject; or if the processing serves for the assertion, exercise or defence of legal claims.

If KÖBO processes personal data for the purpose of direct advertising, the data subject has the right to object at any time to the processing of the personal data for the purpose of such advertising. This also applies to profiling if it is associated with such direct advertising. If the data subject objects to KÖBO processing for purposes of direct marketing, KÖBO will no longer process the personal data for such purposes.

In addition, the data subject has the right, for reasons arising from his/her specific situation, to object to the processing of personal data concerning the data subject that is performed at KÖBO for scholarly or historical research purposes or for statistical purposes within the meaning of Section 89 (1) GDPR, unless such processing is necessary for the fulfilment of a task in the public interest.

To exercise the right to objection, the data subject can contact directly any employee of KÖBO at any time. Regardless of Directive 2002/58/EC, the data subject is free, in the context of the use of information society services, to exercise his/her right to objection by way of automated procedures for which technical specifications are used.

h)    Automated decisions on a case-by-case basis, including profiling 

Each data subject affected by the processing of personal data has the right granted by the European legislator not to be subject to a decision that is solely based on automatic processing, including profiling, and is legally effective with respect to the data subject or significantly affects the data subject in a similar way, unless the decision (1) is required for the conclusion or fulfilment of a contract between the data subject and the controller; or (2) is permitted on the basis of legal provisions of the European Union or the Member States, with which the controller must comply, and these legal provisions contain adequate measures for the protection of the rights and liberties as well as the legitimate interests of the data subject; or (3) is made with the express consent of the data subject.

If the decision is (1) required for the conclusion or fulfilment of a contract between the data subject and the controller or (2) made with the express consent of the data subject, KÖBO takes appropriate measures in order to protect the rights and liberties as well as the legitimate interests of the data subject, which include, at a minimum, the right to seek the intervention of a person on the part of the controller; the right to present one’s own standpoint; and the right to dispute the decision.

If the data subject wants to exercise rights relating to automated decisions, he/she can contact an employee of the controller in this matter at any time.

i)      Right to withdraw data protection consent

Each data subject affected by the processing of personal data has the right granted by the European legislator to withdraw his/her consent to the processing of personal data at any time.

If the data subject wants to exercise his/her right to withdraw the consent, he/she can contact an employee of the controller in this matter at any time.

 

 

5. Cookies

 

(1) In addition to the aforementioned data, cookies are stored on your computer when you visit our Web site. Cookies are small text files that are allocated to the browser used by you and stored on your hard disk; placing the cookie makes certain information available to the site that places it. Cookies cannot execute programs or transmit viruses to your computer. They only serve to make the Web site more user-friendly and efficient.

(2) This Web site uses the following types of cookies, whose scope and functionality will be explained in the following:

– Transient cookies (Item a.)

– Persistent cookies (Item b.).

a. Transient cookies are deleted automatically when you close your browser. They include, in particular, session cookies. These session cookies store a so-called session ID with which various requests from your browser can be attributed to the joint session. With this, your computer is recognised when you visit our Web site again. The session cookies are deleted when you log out or close your browser.

b. Persistent cookies are deleted automatically after a specified period, which differs from cookie to cookie. You can delete the cookies in the security settings of your browser at any time.

c. You can configure the browser settings according to your wishes and reject, for example, the acceptance of third-party cookies or of all cookies. So-called “third-party cookies” are cookies that were used by a third party, i.e. not by the actual Web site you are visiting. We would like to point out to you that you might not be able to use all the features of this Web site when you disable cookies.

 

 

 

6. Collection of personal data when you visit our Website

 

If you use our Web site merely for information purposes, i.e. if you don’t register or provide us with information in any other way, we collect only the personal data that your browser transmits to us. If you want to look at our Web site, we collect the following data that is technically necessary in order to show you the Web site and guarantee its stability and security (legal basis: Section 6 [1] page 1 lit f GDPR).

• IP address
• date and time of access
• time zone difference from the Greenwich Mean Time (GMT)
• content of the request (specific page)
• access status/HTTP status code
• respective data volume transmitted
• Web site from which the request comes
• browser
• operating system and its user interface
• language and version of the browser software.

 

7. Subscription to our newsletter

 

On the Web site of KÖBO, the user has the option of subscribing to the newsletter of our enterprise. Which personal data is transmitted to the controller when the newsletter is subscribed to can be seen from the input mask used for the purpose.

KÖBO informs its customers and partners at regular intervals of the enterprise’s offers by means of a newsletter. The newsletter of our enterprise can be received by the data subject only if (1) the data subject has a valid e-mail address and (2) the data subject registers for the sending of the Newsletter. For legal reasons, a confirmation e-mail is sent in the double opt-in procedure to the e-mail address entered by the data subject for the first time for sending the newsletter. This confirmation e-mail is used to check whether the owner of the e-mail address as the data subject has authorised the receipt of the newsletter.

When the data subject subscribes to the newsletter, we also store the IP address of the computer system used by the data subject at the time of the subscription, which is assigned by the Internet Service Provider (ISP). The collection of this data is required in order to be able to trace any (possible) misuse of the e-mail address of a data subject at a later time, i.e. it serves the legal safeguard of the controller.

The personal data collected in the context of a subscription to the newsletter is only used for sending our newsletter. Subscribers of the newsletter can also be informed by e-mail if it is required for the operation of the newsletter service or an associated registration, e.g. in the case of changes to the newsletter offer or changes in the technical conditions. The personal data collected in the context of the newsletter service is not disclosed to third parties. The subscription to our newsletter can be cancelled by the data subject at any time. The consent to the storage of personal data given to us by the data subject for the sending of the newsletter can be withdrawn at any time. A link is included in each newsletter for the purpose of withdrawing the consent. In addition, there is a possibility to unsubscribe from the sending of the newsletter directly on the Web site of the controller or to notify the controller of it in another way.

 

8. Contacts via the Website

 

Based on legal provisions, the Web site of KÖBO contains information that allows for quick electronic contact with our enterprise and immediate communication with us; this also includes a general address of so-called electronic mail (e-mail address). When a data subject contacts the controller by e-mail or through a contact form, the personal data transmitted by the data subject is automatically stored. Such personal data voluntarily transmitted by a data subject to the controller is stored for purposes of processing or for contacting the data subject. This personal data is not disclosed to third parties.

 

 

9. Data protection for applications and in the application procedure

 

KÖBO collects and processes the personal data of applicants to process the application procedure. Processing can be done electronically. This is specifically the case when an applicant sends corresponding application documents electronically to the controller, e.g by e-mail or through a form on the Web site. When KÖBO concludes an employment contract with the applicant, the data transmitted is stored for the purpose of processing the employment relationship in compliance with statutory provisions. If no employment contract is concluded between the controller and the applicant, the application documents are automatically deleted two months after the rejection decision was made known, unless other legitimate interests of the controller conflict with an erasure. A burden of proof in proceedings under the General Equal Treatment Act (AGG), for example, is such a legitimate interest.

 

 

10. Data protection rules for the use of Google Analytics (with anonymisation function)

 

KÖBO has integrated the component Google Analytics on this Web site (with anonymisation function). Google Analytics is a Web analysis service. Web analysis means the collection and evaluation of data on the behaviour of visitors to Web sites. A Web analysis service collects data, inter alia, on the question from which Web site a data subject has gotten to the Web site (so-called referrers); which sub-pages of the Web site were accessed; and how often and for how long a sub-page was looked at. A Web analysis is primarily used for the optimisation of a Web site and for the cost-benefit analysis of Internet advertising.

The operating company of the Google Analytics component is Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, United States.

KÖBO uses the suffix “_gat._anonymizeIp” for the Web analysis with Google Analytics. With this suffix, the IP address of the Internet connection of the data subject is abbreviated and anonymised by Google if the access to our Web sites comes from a Member State of the European Union or of another signatory state of the Agreement on the European Economic Area.

The purpose of the Google Analytics component is the analysis of the stream of visitors to our Web site. Google uses the collected data and information, among other things, to evaluate the use of our Web site, to create online reports for us on the activities on our Web site and to provide further services associated with the use of our Web site.

Google Analytics places a cookie on the IT system of the data subject. It was already explained above what cookies are. With the placing of the cookie, Google is able to analyse the use of our Web site. With every access to an individual page of this Web site operated by the controller, on which a Google Analytics component was integrated, the Internet browser on the IT system of the data subject is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. Within the scope of this technical process, Google receives knowledge of personal data, e.g. the IP address of the data subject, which helps Google, among other things, to trace the origin of visitors and clicks and make subsequent commission calculations possible.

By means of the cookie, personal information is stored, e.g. time of access, location from which an access was made and the frequency of visits to our Web site on the part of the data subject. With every visit to our Web pages, this personal data, including the IP address of the Internet connection used by the data subject, is sent to Google in the United States of America. This personal data is stored by Google in the United States. Under certain circumstances, Google discloses this personal data collected in the technical process to third parties.

As presented above, the data subject can prevent the placement of cookies at any time by changing the settings in his/her Internet browser, thus objecting to the placement of cookies on a permanent basis. Such a setting in the Internet browser used would also prevent Google from placing a cookie on the IT system of the data subject. In addition, a cookie already placed by Google Analytics can be deleted via the Internet browser or other software programs at any time.

Furthermore, the data subject has the option of objecting to and preventing the collection of the data generated by Google Analytics and relating to this Web site as well as to the processing of this data by Google. To do so, the data subject must download a browser add-on at the link tools.google.com/dlpage/gaoptout and install it. This browser add-on tells Google Analytics via JavaScript that it is no longer allowed to transmit data and information to Google about visits to Web sites. The installation of the browser add-on is considered an objection by Google. If the IT system of the data subject is deleted, formatted or re-installed at a later time, the data subject must re-install the browser add-on in order to disable Google Analytics. If the browser add-on is uninstalled or disabled by the data subject or another person in the sphere of influence of the data subject, the browser add-on can be reinstalled or enabled again.

For more information and the applicable data protection provisions of Google, please refer to www.google.de/intl/de/policies/privacy/ and www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail at this link: https://www.google.com/intl/de_de/analytics/.

 

11. Data protection provisions for the use of YouTube

KÖBO has integrated components of YouTube on this Web site. YouTube is an Internet video portal that allows video publishers the free uploading of video clips and other users the free watching, evaluating and commenting on these clips. YouTube allows the publication of all kinds of videos, which is why both complete film and TV shows but also music videos, trailers or videos made by users themselves can be accessed on this Internet portal. The operating company of YouTube is YouTube, LLC., 901 Cherry Ave., San Bruno,

 

CA 94066, United States. YouTube, LLC, is a subsidiary of the Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, United States.

With every access to an individual page of this Web site operated by the controller, on which a YouTube component (YouTube video) was integrated, the Internet browser on the IT system of the data subject is automatically prompted by the respective YouTube component to download a representation of the corresponding YouTube component from YouTube. For more information on YouTube, please refer to: www.youtube.com/yt/about/de/. Within the context of this technical process, YouTube and Google obtain knowledge on which specific sub-pages of our Web site were visited by the data subject.

Provided that the data subject is simultaneously logged into YouTube, YouTube recognises upon accessing a sub-page containing a YouTube video which specific sub-page of our Web site is visited by the data subject. This information is collected by YouTube and Google and assigned to the respective YouTube account of the data subject.

YouTube and Google receive information via the YouTube component that the data subject has visited our Web site when the data subject is logged into YouTube at the time he/she visits our Web site; this takes place in any case, whether the data subject clicks on a YouTube video or not. If the data subject does not wish the information to be transmitted to YouTube and Google, the data subject can prevent it by logging out of his/her YouTube account before accessing our Web site.

The data protection provisions published by YouTube, which are available at: www.google.de/intl/de/policies/privacy/, provide information on the collection, processing and use of personal data by YouTube and Google. 

12. Data protection provisions for the use of LinkedIn

KÖBO has integrated components of LinkedIn on this Web site. LinkedIn is an Internet-based social network that allows users to connect with existing business contacts and to establish new ones. More than 400 million registered people use LinkedIn in more than 200 countries. With this, LinkedIn is currently the largest platform for business contacts and one of the most visited Web sites in the world.

The operating company of LinkedIn is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, United States. LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible for data protection matters outside of the United States.

With each individual access to our Web site, which is furnished with a LinkedIn component (LinkedIn plug-in), this component prompts the browser used by the data subject to download a corresponding representation of the component of LinkedIn. More information on the LinkedIn plug-ins are available at: developer.linkedin.com/plugins. Within the context of this technical process, LinkedIn obtains knowledge on which specific sub-pages of our Web site were visited by the data subject.

Provided that the data subject is simultaneously logged into LinkedIn, LinkedIn recognises with every access to our Web site by the data subject and during the entire stay on our Web site which specific sub-page of our Web site is visited by the data subject. This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of the data subject. If the data subject clicks on a LinkedIn button integrated on our Web site, LinkedIn assigns this information to the personal LinkedIn user account of the data subject and stores this personal data.

LinkedIn receives information via the LinkedIn component that the data subject has visited our Web site when the data subject is logged into LinkedIn at the time he/she visits our Web site; this takes place in any case, whether the data subject clicks on a LinkedIn component or not. If the data subject does not wish the information to be transmitted to LinkedIn, the data subject can prevent it by logging out of his/her LinkedIn account before accessing our Web site.

LinkedIn offers at: www.linkedin.com/psettings/guest-controls the option to unsubscribe from e-mail messages, SMS messages and targeted advertising and to manage the display settings. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame, which may use cookies. Such cookies can be rejected under www.linkedin.com/legal/cookie-policy. The applicable data protection provisions of LinkedIn are available at: www.linkedin.com/legal/privacy-policy. The cookie policy of LinkedIn is available at: https://www.linkedin.com/legal/cookie-policy.

 

https://www.linkedin.com/legal/cookie-policy.

 

 

 

13. Data protection provisions for the use of Google+

KÖBO has integrated the component Google+ on this Web site. Google+ is a so-called social network. A social network is an Internet-operated social meeting point, an online community that usually allows users to communicate with one another and interact in the virtual space. A social network can serve as a platform for the exchange of opinions and experiences or it makes it possible for the Internet community to provide personal or business-related information. Google+ allows users of the social network, inter alia, the creation of private profiles, to upload photos and network through friend requests.
The operating company of Google + is Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, United States.
With every access to an individual page of this Web site operated by the controller, on which a Google+ button components was integrated, the Internet browser on the IT system of the data subject is automatically prompted by the respective Google+ button to download a representation of the corresponding Google+ button from Google. Within the context of this technical process, Google obtains knowledge on which specific sub-pages of our Web site were visited by the data subject. For more detailed information on Google+, refer to developers.google.com/+/.
Provided that the data subject is simultaneously logged into Google+, Google recognises with every access to our Web site by the data subject and during the entire stay on our Web site which specific sub-page of our Web site is visited by the data subject. This information is collected by the Google+ button and assigned by Google to the Google+ account of the data subject.
If the data subject clicks on a Google+ button integrated on our Web site and thus gives a Google+1 recommendation, Google assigns this information to the personal Google+ user account of the data subject and stores this personal data. Google stores the Google+1 recommendation of the data subject and makes it publicly accessible in compliance with the conditions accepted by the data subject in this respect. A Google+1 recommendation given by the data subject on this Web site is then stored and processed – together with other personal data, e.g. the name of the Google+1 account used by data subject and the photo stored in it – in other Google services such as the search engine results of the Google search engine, the Google account of the data subject or in other places, e.g. on Web sites or in the context of advertising. In addition, Google+ is able to link the visit to this Web site to other personal data stored at Google. Google also records this personal information for the purpose of improving or optimising various services provided by Google.
Google receives information via the Google+ button component that the data subject has visited our Web site when the data subject is logged into Google+ at the time he/she visits our Web site; this takes place in any case, whether the data subject clicks on a Google+ button or not.
If the data subject does not wish personal data to be transmitted to Google, the data subject can prevent it by logging out of his/her Google+ account before accessing our Web site.
For more information and the applicable data protection provisions of Google, please refer to: www.google.de/intl/de/policies/privacy/. More information by Google on the Google+1 button can be accessed at: https://developers.google.com/+/web/buttons-policy.

 

 

 

 

14. Data protection provisions for the use of Google AdWords

 

KÖBO has integrated Google AdWords on this Web site. Google AdWords is a service for Internet advertising that allows advertisers to place ads both in the search engine results of Google and in the Google advertising network. Google AdWords allows advertisers to define certain key words in advance by means of which an ad is shown in the search engine results of Google only when the user accesses a key word-relevant search result with the search engine. In the Google advertising network, the ads are distributed to subject-related Web sites using an automatic algorithm and in accordance with the previously determined key words.

The operating company of the services of Google AdWords is Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, United States.

The purpose of Google AdWords is advertising for our Web site by showing interest-relevant ads on the Web sites of third-party enterprises and in the search engine results of the Google search engine as well as by showing third-party ads on our Web site.

If a data subject gets to our Web site through a Google ad, a so-called conversion cookie is placed by Google on the IT system of the data subject. It was already explained above what cookies are. A conversion cookie loses its validity after thirty days and is not intended for the identification of the data subject. As long as it has not lapsed, the conversion cookie helps to find out whether certain sub-pages, e.g. the shopping cart of an online shop system, was accessed on our Web site. With the conversion cookie, both our enterprise and Google can trace whether a data subject who got to our Web site via an AdWords advertisement has generated sales, i.e. bought goods, or has aborted the transaction.

The data and information collected by the use of the conversion cookie is used by Google to create visit statistics for our Web site. These visit statistics in turn are used by us in order to determine the total number of users who came to us through AdWords advertisements, i.e. to measure the success or failure of the respective AdWords ad and to optimise our AdWords ads in the future. Neither our enterprise nor other advertising customers of Google AdWords receive information from Google by means of which the data subject could be identified.

By means of the conversion cookie, personal information, e.g. the Web sites visited by the data subject, is stored. With every visit to our Web pages, personal data, including the IP address of the Internet connection used by the data subject, is therefore sent to Google in the United States of America. This personal data is stored by Google in the United States. Under certain circumstances, Google discloses this personal data collected in the technical process to third parties.

As presented above, the data subject can prevent the placement of cookies at any time by changing the settings in his/her Internet browser, thus objecting to the placement of cookies on a permanent basis. Such a setting in the Internet browser used would also prevent Google from placing a conversion cookie on the IT system of the data subject. In addition, a cookie already placed by Google AdWords can be deleted via the Internet browser or other software programs at any time.

The data subject also has the possibility of objecting to the interest-based advertising by Google. To do so, the data subject must access www.google.de/settings/ads for each Internet browser he/she uses and adjust the settings there as desired.

For more information and the applicable data protection provisions of Google, please refer to: https://www.google.de/intl/de/policies/privacy/.

https://www.google.de/intl/de/policies/privacy/.

 

 

15. Data protection provisions for the use of Getty Images

 

KÖBO has integrated components of Getty Images on this Web site. Getty Images is an American stock photo agency. A stock photo agency is an enterprise that offers photos and pictorial material on the market. Photo agencies usually market photographs, illustrations and film material. A wide range of customers, including advertisers, editorial offices of print and TV media as well as advertising agencies, use photo agencies to have the pictures used by them licensed.

The operating company of the Getty Images components is Getty Images International, 1st floor, The Herbert Building, The Park, Carrickmines, Dublin 18, Ireland.

Getty Images allows the (free, if applicable) embedding of stock pictures. Embedding means the integration of a specific third-party content, e.g. text, video or picture data, provided by a third-party Web site and then displayed on one’s own Web site. So-called embedding codes are used for the embedding. An embedding code is an HTML code that is integrated by a Web site operator in a Web site. If the Web site operator has integrated an embedding code, the external contents of the other Web site are immediately displayed by default as soon as the Web site is visited. For the display of the third-party contents, the external contents are downloaded directly from the other Web site. Under the link: www.gettyimages.de/resources/embed, Getty Images provides more information on the embedding of content.

Via the technical implementation of the embedding code, which makes the display of pictures from Getty Images possible, the IP address of the Internet connection from which the data subject accesses our Web site is transmitted to Getty Images. In addition, Getty Images records our Web site, the browser type used, the time and the duration of the access. Furthermore, Getty Images can collect navigation information, i.e. information on which sub-pages were visited by the data subject and which links were clicked, as well as other interactions conducted by the data subject when visiting our Web site. This data can be stored and evaluated by Getty Images.

For more information and the applicable data protection provisions of Getty Images, please refer to: http://www.gettyimages.de/enterprise/privacy-policy.

 

 

16. Period for which the personal data is stored

The criterion for the storage period of personal data is the applicable statutory retention period. Once this period has expired, the respective data is routinely deleted if it is no longer required for fulfilling or initiating a contract.

 

17. Statutory or contractual provisions for the provision of personal data; requirement for conclusion of contract; obligation of the data subject to provide the personal data; possible consequences of non-provision

We inform you that the provision of personal data is, in part, required by law (e.g. tax regulations) or can arise from contractual arrangements (e.g. information on the contract partner). Sometimes, it may be necessary for the conclusion of a contract for a data subject to provide us with personal data, which then must be processed by us. For example, the data subject is obligated to provide us with personal data when our enterprise enters into a contract with him/her. Non-provision of the personal data would mean that the contract with the data subject cannot be concluded. Before providing personal data, the data subject must contact one of our staff. Our employee explains to the data subject, on a case-by-case basis, whether the provision of the personal data is prescribed by the law or by contract; whether it is required for the conclusion of the contract; whether there is an obligation to provide the personal data; and what consequences non-provision of the personal data would have.

 

18. Updating the Privacy Policy

We reserve the right always to adjust the content of this Privacy Policy to applicable statutory requirements. Hence, when you visit the Web site of KÖBO, you should always see the latest updated version of the Privacy Policy. If you see that the Privacy Policy has been updated when you visit our Web site the next time, please read it again.

Status: 18 May 2018