Adjusting your consent

1. An overview of data protection

General

The following gives a simple overview of what happens to your personal information when you visit our website. Personal information is any data with which you could be personally identified. Detailed information on the subject of data protection can be found in our privacy policy found below.

Data collection on our website

Who is responsible for the data collection on this website?

The data collected on this website are processed by the website operator. The operator's contact details can be found in the website's required legal notice.

How do we collect your data?

Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.

Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.

What do we use your data for?

Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.

What rights do you have regarding your data?

You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.

Analytics and third-party tools

When visiting our website, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy.

You can object to this analysis. We will inform you below about how to exercise your options in this regard.

2. General information and mandatory information

Data protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy.

If you use this website, various pieces of personal data will be collected. Personal information is any data with which you could be personally identified. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.

Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.

Notice concerning the party responsible for this website

The party responsible for processing data on this website is:

Kassel Marketing GmbH
Obere Königsstraße 15
34117 Kassel

Vertretungsberechtigt im Sinne des TDG:
Geschäftsführer Andreas Bilo

Telephone: +49 561 7077 07
Email: info@kassel-marketing.de

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).

Revocation of your consent to the processing of your data

Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

Right to file complaints with regulatory authorities

If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability

You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.

If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

Encrypted payments on this website

If you enter into a contract which requires you to send us your payment information (e.g. account number for direct debits), we will require this data to process your payment.

Payment transactions using common means of payment (Visa/MasterCard, direct debit) are only made via encrypted SSL or TLS connections. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon in your browser line is visible.

In the case of encrypted communication, any payment details you submit to us cannot be read by third parties.

Information, blocking, deletion

As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.

Opposition to promotional emails

We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.

3. Data protection officer

Statutory data protection officer

We have appointed a data protection officer for our company.

Manfred Schneider
Datenschutz und Datensicherheitsberatung proDS
Sonnenberg 12
33100 Paderborn

Telephone: +49 5293 9327900
Email: manfred.schneider@pro-ds.de

4. Data collection on our website

Cookies

Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called "session cookies." They are automatically deleted after your visit. Other cookies remain in your device's memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.

You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.

Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to Art. 6 paragraph 1, letter f of DSGVO. The website operator has a legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behavior) are also stored, they will be treated separately in this privacy policy.

Server log files

The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files". These are:

Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address

These data will not be combined with data from other sources.

The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

Contact form

Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.

We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.

Privacy policy for prospects and customers

We collect, process and use personal data only insofar as they are necessary for the establishment, content or modification of the legal relationship.

The processing of your personal data (contract master data, billing and account data, etc.) is carried out in compliance with data protection regulations, etc.:

for the fulfillment of a contract or pre-contractual measures (Art. 6 (1) b General Data Protection Regulation (GDPR)), based on your request.
to safeguard legitimate interests of Kassel Marketing GmbH or a third party and after consideration of the interests or fundamental rights and fundamental freedoms of the data subject (Art. 6 para. 1 f GDPR). For example, for the investigation of criminal offenses (Article 6 (1) (f) of the GDPR in conjunction with Section 26 (1) Sentence 2 BDSG).
on the basis of your consent to the processing of your personal data for one or more specific purposes. You can revoke your consent at any time for the future (Article 6 (1) c of the GDPR). Please use the above contact information in that case.

The collected customer data will be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.

Disclosure of your data
Your personal data will be disclosed within Kassel Marketing GmbH only to departments and employees who need this information to carry out contractual and/or legal obligations. Within the framework of order processing, some external service providers (creditworthiness checkers, EDP, printing and logistics service providers, etc.) who process personal data for Kassel Marketing GmbH with instructions may also be commissioned to process personal data.

Storage period
Personal data is deleted if it is no longer needed for the fulfillment of the contractual relationship and no legal requirement prescribes further storage.

Data disclosure to third countries
We do not disclose any personal data to a third country (non-EU country).

Your rights
If you believe that the processing of your data violates GDPR, you can contact our data protection officer or a data protection supervisory authority. The competent data protection supervisory authority for Kassel-Marketing GmbH is the Hessian Commissioner for Data Protection and Freedom of Information, P.O. Box 3163, 65021 Wiesbaden, Germany, phone: +49 611 1408 – 0.

According to GDPR you have the right to information, correction, deletion, restriction of processing and data portability of your personal data. In addition, you have the right to object at any time to the processing of your personal data for direct marketing purposes without giving reasons.

Privacy policy for applicants

We store and process your master data (such as first name, last name, name additions, legal guardians, citizenship), contact data (private address, (mobile) telephone number, e-mail address) as well as the application data (cover letter, certificates , Questionnaires, interviews, qualifications and previous activities) for the processing of the application process. If you have voluntarily provided us with special categories of personal information (such as health information, religious affiliation, degree of disability), processing will only take place if you have consented thereto.

Your personal data is usually collected directly within the course of the hiring process. In addition, we may have received data from third parties (employment agencies).

As part of your application, you must provide the above personal information necessary to complete the application process and the aptitude assessment. Without this data, we cannot carry out the application process and are unable to make a decision on the employment justification.

Legal basis for data processing
We process your personal data in compliance with the provisions of the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and all other relevant laws (e.g. BetrVG, AGG, etc.). The purpose of data processing is to carry out and process the application process and to assess the suitability of the job in question. The processing of your applicant data is necessary in order to be able to decide on the employment justification. The primary legal basis for this is Art. 6 (1) (b) GDPR in conjunction with Section 26 (1) BDSG. We handle your application data confidentially. We will inform you in advance if we ever need to process your personal data for any purpose not mentioned above.

Disclosure of your data
Within our company, your personal data is only disclosed to persons and offices (department/ area, staff representatives, possibly disability representatives) who need this to make recruitment decisions and to fulfill our contractual and legal obligations.

Storage period
Your personal information will usually be deleted six months after completing the application process. This does not apply insofar as statutory provisions preclude the deletion or further storage is necessary for purposes of proof or you have consented to a longer storage. If we cannot offer you a job, but your profile suggests that your application may be of interest for future job postings, we will ask for your permission to keep your personal application data for an additional 6 months.

Data disclosure to third countries
We do not disclose any personal data to a third country (non-EU country).

Privacy policy for video surveillance

As a general rule, your personal data are collected directly by us as part of a video surveillance. The processed personal data includes images and movement data/time data on the grounds of the Kongress Palais (entrances/exits/stay).

Legal basis for data processing
We process your personal data in compliance with the data protection law relevant provisions of the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG).

The legal bases for processing are Section 4 BDSG, as amended, and Art. 6 (1) b. in the context of balancing of interests (Article 6 (1) f GDPR), we process your personal data, inter alia, for the following purposes:

To protect against violence against customers, visitors and employees
To protect against violence against company property
To uphold and enforce the domestic law
To improve law enforcement by preserving evidence in the event of vandalism, property damage, theft and other criminal acts
For the investigation of cases of damage (in particular damage to property and personal injury) and enforcement of claims for damages
To ensure the above purposes, the video recordings made are essential.

We will inform you in advance if we ever need to process your personal data for any purpose not mentioned above.

Disclosure of your data
Your personal information will be shared, if necessary, with the following categories of recipients:

Police
Prosecutor
Courts.

Storage period
Personal data will be deleted as soon as it is no longer required for the above purposes. If no incident is detected - requiring a backup or evaluation – the recording will be deleted without notice of the recorded images immediately, usually after 72 hours.

Data disclosure to third countries
We do not disclose any personal data to a third country (non-EU country).

5. Social media

Facebook plugins (Like & Share buttons)

Our website includes plugins for the social network Facebook, Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. The Facebook plugins can be recognized by the Facebook logo or the Like button on our site. For an overview of Facebook plugins, see https://developers.facebook.com/docs/plugins/.

When you visit our site, a direct connection between your browser and the Facebook server is established via the plugin. This enables Facebook to receive information that you have visited our site from your IP address. If you click on the Facebook "Like button" while you are logged into your Facebook account, you can link the content of our site to your Facebook profile. This allows Facebook to associate visits to our site with your user account. Please note that, as the operator of this site, we have no knowledge of the content of the data transmitted to Facebook or of how Facebook uses these data. For more information, please see Facebook's privacy policy at https://de-de.facebook.com/policy.php.

If you do not want Facebook to associate your visit to our site with your Facebook account, please log out of your Facebook account.

Twitter plugin

Functions of the Twitter service have been integrated into our website and app. These features are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. When you use Twitter and the “Retweet” function, the websites you visit are connected to your Twitter account and made known to other users. In doing so, data will also be transferred to Twitter. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it will be used by Twitter. For more information on Twitter's privacy policy, please go to https://twitter.com/privacy.

Your privacy preferences with Twitter can be modified in your account settings at https://twitter.com/account/settings.

Google+ plugin

Our pages use Google+ functions. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Collection and disclosure of information: Using the Google +1 button allows you to publish information worldwide. By means of the Google+ button, you and other users can receive custom content from Google and our partners. Google stores both the fact that you have +1'd a piece of content and information about the page you were viewing when you clicked +1. Your +1 can be displayed together with your profile name and photo in Google services, for example in search results or in your Google profile, or in other places on websites and advertisements on the Internet.

Google records information about your +1 activities to improve Google services for you and others. To use the Google + button, you need a globally visible, public Google profile that must contain at least the name chosen for the profile. This name is used by all Google services. In some cases, this name may also replace a different name that you have used to share content via your Google account. The identity of your Google profile can be shown to users who know your email address or other information that can identify you.

Use of collected data: In addition to the uses mentioned above, the information you provide is used in accordance with the applicable Google data protection policies. Google may publish summary statistics about users' +1 activity or share it with users and partners, such as publishers, advertisers, or affiliate websites.

6. Analytics and advertising

Google Analytics Remarketing

Our websites use the features of Google Analytics Remarketing combined with the cross-device capabilities of Google AdWords and DoubleClick. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.

This feature makes it possible to link target audiences for promotional marketing created with Google Analytics Remarketing to the cross-device capabilities of Google AdWords and Google DoubleClick. This allows advertising to be displayed based on your personal interests, identified based on your previous usage and surfing behavior on one device (e.g. your mobile phone), on other devices (such as a tablet or computer).

Once you have given your consent, Google will associate your web and app browsing history with your Google Account for this purpose. That way, any device that signs in to your Google Account can use the same personalized promotional messaging.

To support this feature, Google Analytics collects Google-authenticated IDs of users that are temporarily linked to our Google Analytics data to define and create audiences for cross-device ad promotion.

You can permanently opt out of cross-device remarketing/targeting by turning off personalized advertising in your Google Account; follow this link: https://www.google.com/settings/ads/onweb/.

The aggregation of the data collected in your Google Account data is based solely on your consent, which you may give or withdraw from Google per Art. 6 (1) (a) DSGVO. For data collection operations not merged into your Google Account (for example, because you do not have a Google Account or have objected to the merge), the collection of data is based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analyzing anonymous user behavior for promotional purposes.

For more information and the Google Privacy Policy, go to: https://www.google.com/policies/technologies/ads/.

Google AdWords and Google Conversion Tracking

This website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States ("Google").

As part of Google AdWords, we use so-called conversion tracking. When you click on an ad served by Google, a conversion tracking cookie is set. Cookies are small text files that your internet browser stores on your computer. These cookies expire after 30 days and are not used for personal identification of the user. Should the user visit certain pages of the website and the cookie has not yet expired, Google and the website can tell that the user clicked on the ad and proceeded to that page.

Each Google AdWords advertiser has a different cookie. Thus, cookies cannot be tracked using the website of an AdWords advertiser. The information obtained using the conversion cookie is used to create conversion statistics for the AdWords advertisers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, advertisers do not obtain any information that can be used to personally identify users. If you do not want to participate in tracking, you can opt-out of this by easily disabling the Google Conversion Tracking cookie by changing your browser settings. In doing so, you will not be included in the conversion tracking statistics.

Conversion cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.

For more information about Google AdWords and Google Conversion Tracking, see the Google Privacy Policy: https://www.google.de/policies/privacy/.

Matomo

This website uses the open source web analysis service Matomo.

With the help of Matomo we are able to collect and analyze data about the use of our website by website visitors. This allows us, among other things, Find out when which page views were made and from which region they come. We also collect various log files (e.g. IP address, referrer, browsers used and operating systems) and can measure whether our website visitors carry out certain actions (e.g. clicks, purchases, etc.).

The use of this analysis tool is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising. If appropriate consent has been requested, processing is carried out exclusively on the basis of Article 6 Paragraph 1 Letter a GDPR and Section 25 Paragraph 1 TTDSG, insofar as the consent requires the storage of cookies or access to information on the user's end device (e.g . B. Device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

IP anonymization
When analyzing with Matomo, we use IP anonymization. Your IP address is shortened before analysis so that it can no longer be clearly assigned to you.

Cookieless analysis
We have configured Matomo so that Matomo does not store cookies in your browser.

Hosting
We host Matomo with the following third party provider:
InnoCraft Ltd", 7 Waterloo Quay PO625, 6140 Wellington, New Zealand.
Server location within the EU

EU representative:
ePrivacy Holding GmbH represented by Prof. Dr. Christoph Bauer Große Bleichen 21, 20354 Hamburg Email: eu.rep@eprivacy.eu

Order processing
We have concluded an order processing contract (AVV) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that we only process the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

7. Newsletter

Newsletter data

If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter (Double Opt-in). No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.

We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) DSGVO. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the "unsubscribe" link in the newsletter. The data processed before we receive your request may still be legally processed.

The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.

CleverReach

This website uses CleverReach for the mailing of newsletters. The provider is CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede. CleverReach is a service that can organise and analyse the mailing of newsletters. The data entered by you for the purpose of obtaining a newsletter (e.g. e-mail address) is stored on the CleverReach servers in Germany or Ireland.

Mailing our newsletters with CleverReach enables us to analyse the behaviour of the newsletter recipients. Amongst other things, we can analyse how many recipients have opened the newsletter message and how often each link in the newsletter has been clicked on. With the help of so-called conversion tracking, it is also possible to analyse whether a predefined action (e.g. the purchase of a product on our website) is performed after the link in the newsletter is clicked on. You can obtain further information about the data analysis by CleverReach newsletters at: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/.

The data is processed on the basis of your consent. You can revoke this consent at any time by unsubscribing from the newsletter. The lawfulness of the data processing operations that have already place remains unaffected by the revocation.

If you do not want an analysis by CleverReach, you must unsubscribe from the newsletter. We provide a corresponding link for this in every newsletter message. You can also unsubscribe from the newsletter directly on the website.

The data that you provided for the purpose of obtaining the newsletter shall be stored by us until you cancel the newsletter and shall be deleted both from our servers and from the CleverReach servers after you unsubscribe from the newsletter. Data that has been stored with us for other purposes (e.g. e-mail addresses for the member area) shall remain unaffected by this.

You can find further information in the CleverReach’s privacy policy at: https://www.cleverreach.com/de/datenschutz/.

Measuring open and click rates

The Newsletters contain a so-called “web beacon“, i.e. a file the size of one pixel, which is retrieved from our server or, if a mailing service provider has been assigned, from their server when the Newsletter is opened. In the context of this retrieval, first technical information such as information about the browser and your system is gathered as well as your IP address and the time of access.

This information is used for technical improvements to our Newsletter by means of the technical data or target groups and their reading habits based on your access location (which can be determined from your IP address) or the access dates. This analysis also includes determining whether the Newsletters are opened, when they are opened and which links are clicked. This information is allocated to individual Newsletter recipients and stored in their profiles until they are deleted. The analyses also helps us to recognise our users’ reading habits and adapt our content to these or send out differing contents in line with our users’ interests. This also includes promotions for competitions, birthdays, etc.

Measuring the open and click rates as well as storing the measured results in the users’ profiles as well their further processing occur on the basis of the users’ consent.

Unfortunately, it is not possible to withdraw the performance measurements separately; in this event, the entire Newsletter subscription has to be cancelled or it must be objected to. In this case, the stored profile information will be deleted.

8. Plugins and tools

YouTube

Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.

If you're logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.

Google Maps

This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

Further information about handling user data, can be found in the data protection declaration of Google at https://www.google.de/intl/de/policies/privacy/.

reCaptcha

We use the Google service reCaptcha to establish whether a human or a computer is making a particular entry into our contact or newsletter form. Google uses the following data to check whether you are a human or a computer: IP address of the device used, the webpage that you are visiting on which Captcha is integrated, the date and duration of the visit, the identification data of the type of browser and the type of operating system used, your Google Account if you are logged into Google, the cursor movements on the reCaptcha fields, and tasks in which you have to identify images. The legal basis for the described data processing is Art. 6 (1) f. General Data Protection Regulation. We have a legitimate interest in this data processing to guarantee the security of our website and to protect ourselves from automated entries (attacks).