Privacy Policy

 

We are delighted that you have shown interest in ourenterprise. Data protection is a particularly high priority for the managementof SameDay Car Finance. Any indication of personal data; however, if a datasubject wants to use special enterprise services via our website, processing ofpersonal data may become necessary. If the processing of personal data isnecessary, and there is no statutory basis for such processing, we generallyobtain consent from the data subject.

The processing of personal data, such as the name, address,e-mail address, or telephone number of a data subject shall always be in linewith the General Data Protection Regulation (GDPR), and in accordance with thecountry-specific data protection regulations applicable to SameDay Car Finance.Utilizing this data protection declaration, our enterprise would like to informthe general public of the nature, scope, and purpose of the personal data wecollect, use and process. Furthermore, data subjects are informed through thisdata protection declaration, of the rights to which they are entitled.

As the controller, SameDay Car Finance has implementednumerous technical and organisational measures to ensure the completeprotection of personal data processed through this website. However,Internet-based data transmissions may in principle have security gaps, soabsolute protection may not be guaranteed. For this reason, every data subjectis free to transfer personal data to us via alternative means, e.g. bytelephone.

 

1. Definitions

The data protection declaration of SameDay Car Finance isbased on the terms used by the European legislator for the adoption of theGeneral Data Protection Regulation (GDPR). Our data protection declarationshould be legible and understandable for the general public, as well as ourcustomers and business partners. To ensure this, we would like to first explainthe terminology used.

In this data protection declaration, we use, among otherthings, the following terms:

 

A)    Personal data

Personal data means any information relating to anidentified or identifiable natural person ("data subject"). Anidentifiable natural person is one who can be identified, directly orindirectly, in particular by reference to an identifier such as a name, anidentification number, location data, an online identifier or to one or morefactors specific to the physical, physiological, genetic, mental, economic,cultural or social identity of that natural person.

 

B) Data subject

Data subject is any identified or identifiable naturalperson, whose personal data is processed by the controller responsible for theprocessing.

 

C)    Processing

Processing is any operation or set of operations which isperformed on personal data or on sets of personal data, whether or not by automatedmeans, such as collection, recording, organisation, structuring, storage,adaptation or alteration, retrieval, consultation, use, disclosure bytransmission, dissemination or otherwise making available, alignment orcombination, restriction, erasure or destruction.

 

D)    Restriction ofprocessing

Restriction of processing is the marking of stored personaldata with the aim of limiting their processing in the future.

 

E)    Profiling

Profiling means any form of automated processing of personaldata consisting of the use of personal data to evaluate certain personalaspects relating to a natural person, in particular to analyse or predictaspects concerning that natural person's performance at work, economicsituation, health, personal preferences, interests, reliability, behaviour,location or movements.

 

F)    Pseudonymisation

Pseudonymisation is the processing of personal data in sucha manner that the personal data can no longer be attributed to a specific datasubject without the use of additional information, provided that suchadditional information is kept separately and is subject to technical andorganisational measures to ensure that the personal data are not attributed toan identified or identifiable natural person.

 

G)    Controller or controllerresponsible for the processing

Controller or controller responsible for the processing isthe natural or legal person, public authority, agency or other body which,alone or jointly with others, determines the purposes and means of theprocessing of personal data; where the purposes and means of such processingare determined by Union or Member State law, the controller or the specificcriteria for its nomination may be provided for by Union or Member State law.

 

H)    Processor

Processor is a natural or legal person, public authority,agency or other body which processes personal data on behalf of the controller.

 

I)      Recipient

Recipient is a natural or legal person, public authority,agency or another body, to which the personal data are disclosed, whether athird party or not. However, public authorities which may receive personal datain the framework of a particular inquiry in accordance with Union or MemberState law shall not be regarded as recipients; the processing of those data bythose public authorities shall be in compliance with the applicable dataprotection rules according to the purposes of the processing.

 

J)      Third party

Third party is a natural or legal person, public authority,agency or body other than the data subject, controller, processor and personswho, under the direct authority of the controller or processor, are authorisedto process personal data.

 

K)    Consent

Consent of the data subject is any freely given, specific,informed and unambiguous indication of the data subject's wishes by which he orshe, by a statement or by a clear affirmative action, signifies agreement tothe processing of personal data relating to him or her.

 

2. Name and Address of the controller

Controller for the General Data Protection Regulation(GDPR), other data protection laws applicable in Member states of the EuropeanUnion and other provisions related to data protection is:

 

SameDay Car Finance

366 Shirley Rd

Southampton

Hampshire

SO15

 

finance@samedaycarfinance.co.uk

02382 025888

samedaycarfinance.co.uk

 

3. Name and Address of the Data Protection Officer

The Data Protection Officer of the controller is:

 

Brendan Budden

SameDay Car Finance

366 Shirley Rd

Southampton

Hampshire

SO15

 

finance@samedaycarfinance.co.uk

02382 025888

samedaycarfinance.co.uk

 

Any data subject may, at any time, contact our DataProtection Officer directly with all questions and suggestions concerning dataprotection.

 

4. Cookies

The Internet pages of SameDay Car Finance use cookies.Cookies are text files that are stored in a computer system via an Internetbrowser.

Many Internet sites and servers use cookies. Many cookiescontain a so-called cookie ID. A cookie ID is a unique identifier of thecookie. It consists of a character string through which Internet pages andservers can be assigned to the specific Internet browser in which the cookiewas stored. This allows visited Internet sites and servers to differentiate theindividual browser of the data subject from other Internet browsers thatcontain other cookies. A specific Internet browser can be recognised andidentified using the unique cookie ID.

Through the use of cookies, SameDay Car Finance can providethe users of this website with more user-friendly services that would not bepossible without the cookie setting.

By means of a cookie, the information and offers on ourwebsite can be optimised with the user in mind. Cookies allow us, as previouslymentioned, to recognise our website users. The purpose of this recognition isto make it easier for users to utilise our website. The website user that usescookies, e.g. does not have to enter access data each time the website isaccessed, because this is taken over by the website, and the cookie is thusstored on the user's computer system. Another example is the cookie of ashopping cart in an online shop. The online store remembers the articles that acustomer has placed in the virtual shopping cart via a cookie.

The data subject may, at any time, prevent the setting ofcookies through our website employing a corresponding setting of the Internetbrowser used, and may thus permanently deny the setting of cookies.Furthermore, already set cookies may be deleted at any time via an Internetbrowser or other software programs. This is possible in all popular Internetbrowsers. If the data subject deactivates the setting of cookies in theInternet browser used, not all functions of our website may be entirely usable.

 

5. Collection of general data and information

The website of SameDay Car Finance collects a series ofgeneral data and information when a data subject or automated system calls upthe website. This general data and information are stored in the server logfiles. Collected may be (1) the browser types and versions used, (2) theoperating system used by the accessing system, (3) the website from which anaccessing system reaches our website (so-called referrers), (4) thesub-websites, (5) the date and time of access to the Internet site, (6) anInternet protocol address (IP address), (7) the Internet service provider ofthe accessing system, and (8) any other similar data and information that maybe used in the event of attacks on our information technology systems.

When using these general data and information, SameDay CarFinance does not draw any conclusions about the data subject. Rather, thisinformation is needed to (1) deliver the content of our website correctly, (2)optimize the content of our website as well as its advertisement, (3) ensurethe long-term viability of our information technology systems and websitetechnology, and (4) provide law enforcement authorities with the informationnecessary for criminal prosecution in case of a cyber-attack. Therefore,SameDay Car Finance analyses anonymously collected data and informationstatistically, with the aim of increasing the data protection and data securityof our enterprise, and to achieve an optimal level of protection for thepersonal data we process. The anonymous data of the server log files are storedseparately from all personal data provided by a data subject.

 

6. Registration on our website

The data subject has the ability to register on the websiteof the controller with the indication of personal data. Which personal data aretransmitted to the controller is determined by the respective input mask usedfor the registration. The personal data entered by the data subject arecollected and stored exclusively for internal use by the controller, and forhis own purposes. The controller may request transfer to one or more processors(e.g. a parcel service) that also uses personal data for an internal purpose,which is attributable to the controller.

By registering on the website of the controller, the IPaddress—assigned by the Internet service provider (ISP) and used by the datasubject—date and time of the registration are also stored. The storage of thisdata takes place against the background that this is the only way to preventthe misuse of our services, and, if necessary, to make it possible toinvestigate committed offences. Insofar, the storage of this data is necessaryto secure the controller. This data is not passed on to third parties unlessthere is a statutory obligation to pass on the data, or if the transfer servesthe aim of criminal prosecution.

The registration of the data subject, with the voluntaryindication of personal data, is intended to enable the controller to offer thedata subject contents or services that may only be offered to registered usersdue to the nature of the matter in question. Registered persons are free tochange the personal data specified during the registration at any time, or tohave them completely deleted from the data stock of the controller.

The data controller shall, at any time, provide informationupon request to each data subject as to what personal data are stored about thedata subject. In addition, the data controller shall correct or erase personaldata at the request or indication of the data subject, insofar as there are nostatutory storage obligations. A Data Protection Officer particularlydesignated in this data protection declaration, as well as the entirety of thecontroller's employees, are available to the data subject in this respect ascontact persons.

 

7. Subscription to our newsletters

On the website of SameDay Car Finance, users are given theopportunity to subscribe to our enterprise's newsletter. The input mask usedfor this purpose determines what personal data are transmitted, as well as whenthe newsletter is ordered from the controller.

SameDay Car Finance informs its customers and businesspartners regularly through a newsletter about enterprise offers. Theenterprise's newsletter may only be received by the data subject if (1) thedata subject has a valid e-mail address and (2) the data subject registers forthe newsletter shipping. A confirmation e-mail will be sent to the e-mailaddress registered by a data subject for the first time for newslettershipping, for legal reasons, in the double opt-in procedure. This confirmatione-mail is used to prove whether the owner of the e-mail address as the datasubject is authorised to receive the newsletter.

During the registration for the newsletter, we also storethe IP address of the computer system assigned by the Internet service provider(ISP) and used by the data subject at the time of the registration, as well asthe date and time of the registration. The collection of this data is necessaryin order to understand the (possible) misuse of the e-mail address of a datasubject at a later date, and it, therefore, serves the aim of the legalprotection of the controller.

The personal data collected as part of registration for thenewsletter will only be used to send our newsletter. In addition, subscribersto the newsletter may be informed by e-mail, as long as this is necessary forthe operation of the newsletter service or registration in question, as thiscould be the case in the event of modifications to the newsletter offer, or inthe event of a change in technical circumstances. There will be no transfer ofpersonal data collected by the newsletter service to third parties. Thesubscription to our newsletter may be terminated by the data subject at anytime. The consent to the storage of personal data, which the data subject hasgiven for shipping the newsletter, may be revoked at any time. For the purposeof revocation of consent, a corresponding link is found in each newsletter. Itis also possible to unsubscribe from the newsletter at any time directly on thewebsite of the controller or to communicate this to the controller in adifferent way.

 

8. Newsletter-Tracking

The newsletter of SameDay Car Finance contains so-calledtracking pixels. A tracking pixel is a miniature graphic embedded in suche-mails, which are sent in HTML format to enable log file recording andanalysis. This allows a statistical analysis of the success or failure ofonline marketing campaigns. Based on the embedded tracking pixel, SameDay CarFinance may see if and when an e-mail was opened by a data subject, and whichlinks in the e-mail were called up by data subjects.

Such personal data collected in the tracking pixelscontained in the newsletters are stored and analysed by the controller in orderto optimise the shipping of the newsletter, as well as to adapt the content offuture newsletters even better to the interests of the data subject. Thesepersonal data will not be passed on to third parties. Data subjects are at anytime entitled to revoke the respective separate declaration of consent issuedby means of the double-opt-in procedure. After a revocation, these personaldata will be deleted by the controller. SameDay Car Finance automaticallyregards a withdrawal from the receipt of the newsletter as a revocation.

 

9. Contact possibility via the website

The website of SameDay Car Finance contains information thatenables a quick electronic contact to our enterprise, as well as directcommunication with us, which also includes a general address of the so-calledelectronic mail (e-mail address). If a data subject contacts the controller by e-mailor via a contact form, the personal data transmitted by the data subject areautomatically stored. Such personal data transmitted on a voluntary basis by adata subject to the data controller are stored for the purpose of processing orcontacting the data subject. There is no transfer of this personal data tothird parties.

 

10. Subscription to comments in the blog on the website

The comments made in the blog of SameDay Car Finance may besubscribed to by third parties. In particular, there is the possibility that acommenter subscribes to the comments following his comments on a particularblog post.

If a data subject decides to subscribe to the option, thecontroller will send an automatic confirmation e-mail to check the doubleopt-in procedure as to whether the owner of the specified e-mail addressdecided in favour of this option. The option to subscribe to comments may beterminated at any time.

 

11. Routine erasure and blocking of personal data

The data controller shall process and store the personaldata of the data subject only for the period necessary to achieve the purposeof storage, or as far as this is granted by the European legislator or otherlegislators in laws or regulations to which the controller is subject.

If the storage purpose is not applicable, or if a storageperiod prescribed by the European legislator or another competent legislatorexpires, the personal data are routinely blocked or erased in accordance withlegal requirements.

 

12. Rights of the data subject

A) Right of confirmation

Each data subject shall have the right granted by theEuropean legislator to obtain from the controller the confirmation as towhether or not personal data concerning him or her are being processed. If adata subject wishes to avail himself of this right of confirmation, he or shemay, at any time, contact our Data Protection Officer or another employee ofthe controller.

B) Right of access

Each data subject shall have the right granted by theEuropean legislator to obtain from the controller free information about his orher personal data stored at any time and a copy of this information.Furthermore, the European directives and regulations grant the data subjectaccess to the following information: the purposes of the processing; thecategories of personal data concerned; the recipients or categories ofrecipients to whom the personal data have been or will be disclosed, inparticular recipients in third countries or international organisations; wherepossible, the envisaged period for which the personal data will be stored, or,if not possible, the criteria used to determine that period; the existence ofthe right to request from the controller rectification or erasure of personaldata, or restriction of processing of personal data concerning the datasubject, or to object to such processing; the existence of the right to file acomplaint with a supervisory authority; where the personal data are notcollected from the data subject, any available information as to their source;the existence of automated decision-making, including profiling, referred to inArticle 22(1) and (4) of the GDPR and, at least in those cases, meaningfulinformation about the logic involved, as well as the significance and envisagedconsequences of such processing for the data subject.

Furthermore, the data subject shall have a right to obtaininformation as to whether personal data are transferred to a third country oran international organisation. Where this is the case, the data subject shallhave the right to be informed of the appropriate safeguards relating to thetransfer.

If a data subject wishes to avail himself of this right ofaccess, he or she may at any time contact our Data Protection Officer oranother employee of the controller.

C) Right to rectification

Each data subject shall have the right granted by theEuropean legislator to obtain from the controller without undue delay therectification of inaccurate personal data concerning him or her. Taking intoaccount the purposes of the processing, the data subject shall have the rightto have incomplete personal data completed, including by means of providing asupplementary statement.

If a data subject wishes to exercise this right torectification, he or she may, at any time, contact our Data Protection Officeror another employee of the controller.

D) Right to erasure (Right to be forgotten)

Each data subject shall have the right granted by theEuropean legislator to obtain from the controller the erasure of personal dataconcerning him or her without undue delay, and the controller shall have theobligation to erase personal data without undue delay where one of thefollowing grounds applies, as long as the processing is not necessary:

The personal data is no longer necessary in relation to thepurposes for which they were collected or otherwise processed.

The data subject withdraws consent to which the processingis based according to point (a) of Article 6(1) of the GDPR, or point (a) ofArticle 9(2) of the GDPR, and where there is no other legal ground for the processing.

The data subject objects to the processing in accordancewith Article 21(1) of the GDPR, and there are no overriding legitimate groundsfor the processing, or the data subject objects to the processing pursuant toArticle 21(2) of the GDPR.

The personal data have been unlawfully processed.

The personal data must be erased for compliance with a legalobligation in Union or Member State law to which the controller is subject.

The personal data have been collected in relation to theoffer of information society services referred to in Article 8(1) of the GDPR.

If one of the aforementioned reasons applies, and a datasubject wishes to request the erasure of personal data stored by SameDay CarFinance, he or she may at any time contact our Data Protection Officer oranother employee of the controller. The Data Protection Officer of SameDay CarFinance or another employee shall promptly ensure that the erasure request iscomplied with immediately.

Where the controller has made personal data public and isobliged pursuant to Article 17(1) to erase the personal data, the controller,taking account of available technology and the cost of implementation, shalltake reasonable steps, including technical measures, to inform othercontrollers processing the personal data that the data subject has requestederasure by such controllers of any links to, or copy or replication of, thosepersonal data, as far as processing is not required. The Data ProtectionOfficer of SameDay Car Finance or another employee will arrange the necessarymeasures in individual cases.

 

E) Right of restriction of processing

Each data subject shall have the right granted by theEuropean legislator to obtain from the controller restriction of processingwhere one of the following applies:

The accuracy of the personal data is contested by the datasubject, for a period enabling the controller to verify the accuracy of thepersonal data.

The processing is unlawful, and the data subject opposes theerasure of the personal data and requests the restriction of their use instead.

The controller no longer needs the personal data for theprocessing, but they are required by the data subject for the establishment,exercise or defence of legal claims.

The data subject has objected to processing pursuant toArticle 21(1) of the GDPR pending the verification whether the legitimategrounds of the controller override those of the data subject.

If one of the conditions as mentioned above is met, and adata subject wishes to request the restriction of the processing of personaldata stored by Brendan Budden, he or she may at any time contact our DataProtection Officer or another employee of the controller. The Data ProtectionOfficer of Brendan Budden or another employee will arrange the restriction ofthe processing.

 

F) Right to data portability

Each data subject shall have the right granted by theEuropean legislator, to receive the personal data concerning him or her, whichwas provided to a controller, in a structured, commonly used andmachine-readable format. He or she shall have the right to transmit those datato another controller without hindrance from the controller to which thepersonal data have been provided. As long as the processing is based on consentpursuant to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2)of the GDPR, or on a contract pursuant to point (b) of Article 6(1) of theGDPR, and the processing is carried out by automated means, as long as theprocessing is not necessary for the performance of a task carried out in thepublic interest or in the exercise of official authority vested in thecontroller.

Furthermore, in exercising his or her right to dataportability pursuant to Article 20(1) of the GDPR, the data subject shall havethe right to have personal data transmitted directly from one controller toanother, where technically feasible and when doing so does not adversely affectthe rights and freedoms of others.

In order to assert the right to data portability, the datasubject may at any time contact the Data Protection Officer designated bySameDay Car Finance or another employee.

 

G) Right to object

Each data subject shall have the right granted by theEuropean legislator to object, on grounds relating to his or her particularsituation, at any time, to processing of personal data concerning him or her,which is based on point (e) or (f) of Article 6(1) of the GDPR. This alsoapplies to profiling based on these provisions.

SameDay Car Finance shall no longer process the personaldata in the event of the objection, unless we can demonstrate compellinglegitimate grounds for the processing which override the interests, rights andfreedoms of the data subject, or for the establishment, exercise or defence oflegal claims.

If SameDay Car Finance processes personal data for directmarketing purposes, the data subject shall have the right to object at any timeto the processing of personal data concerning him or her for such marketing.This applies to profiling to the extent that it is related to such direct marketing.If the data subject objects to SameDay Car Finance to the processing for directmarketing purposes, SameDay Car Finance will no longer process the personaldata for these purposes.

In addition, the data subject has the right, on groundsrelating to his or her particular situation, to object to processing ofpersonal data concerning him or her by SameDay Car Finance for scientific orhistorical research purposes, or for statistical purposes pursuant to Article89(1) of the GDPR, unless the processing is necessary for the performance of atask carried out for reasons of public interest.

In order to exercise the right to object, the data subjectmay directly contact the Data Protection Officer of SameDay Car Finance oranother employee. In addition, the data subject is free in the context of theuse of information society services, and notwithstanding Directive 2002/58/EC,to use his or her right to object by automated means using technicalspecifications.

 

H) Automated individual decision-making, including profiling

Each data subject shall have the right granted by theEuropean legislator not to be subject to a decision based solely on automatedprocessing, including profiling, which produces legal effects concerning him orher, or similarly significantly affects him or her, as long as the decision (1)is not is necessary for entering into, or the performance of, a contractbetween the data subject and a data controller, or (2) is not authorised byUnion or Member State law to which the controller is subject and which alsolays down suitable measures to safeguard the data subject's rights and freedomsand legitimate interests, or (3) is not based on the data subject's explicitconsent.

If the decision (1) is necessary for entering into, or theperformance of, a contract between the data subject and a data controller, or(2) it is based on the data subject's explicit consent, SameDay Car Financeshall implement suitable measures to safeguard the data subject's rights andfreedoms and legitimate interests, at least the right to obtain humanintervention on the part of the controller, to express his or her point of viewand contest the decision.

If the data subject wishes to exercise the rights concerningautomated individual decision-making, he or she may at any time directlycontact our Data Protection Officer of SameDay Car Finance or another employeeof the controller.

 

I) Right to withdraw data protection consent

Each data subject shall have the right granted by theEuropean legislator to withdraw his or her consent to the processing of his orher personal data at any time.

If the data subject wishes to exercise the right to withdrawthe consent, he or she may at any time directly contact our Data ProtectionOfficer of SameDay Car Finance or another employee of the controller.

 

13. Data protection for applications and the applicationprocedures

The data controller shall collect and process the personaldata of applicants for the purpose of the processing of the applicationprocedure. The processing may also be carried out electronically. This is thecase, in particular, if an applicant submits corresponding applicationdocuments by e-mail or by means of a web form on the website to the controller.If the data controller concludes an employment contract with an applicant, thesubmitted data will be stored for the purpose of processing the employmentrelationship in compliance with legal requirements. If no employment contractis concluded with the applicant by the controller, the application documentsshall be automatically erased two months after notification of the refusaldecision, provided that no other legitimate interests of the controller areopposed to the erasure. Other legitimate interest in this relation is, forexample, a burden of proof in a procedure under the General Equal Treatment Act(AGG).

 

14. Data protection provisions about the application and useof Facebook

On this website, the controller has integrated components ofthe enterprise Facebook. Facebook is a social network.

A social network is a place for social meetings on theInternet, an online community, which usually allows users to communicate witheach other and interact in a virtual space. A social network may serve as aplatform for the exchange of opinions and experiences, or enable the Internetcommunity to provide personal or business-related information. Facebook allowssocial network users to include the creation of private profiles, uploadphotos, and network through friend requests.

The operating company of Facebook is Facebook, Inc., 1Hacker Way, Menlo Park, CA 94025, United States. If a person lives outside ofthe United States or Canada, the controller is the Facebook Ireland Ltd., 4Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

With each call-up to one of the individual pages of thisInternet website, which is operated by the controller and into which a Facebookcomponent (Facebook plug-ins) was integrated, the web browser on theinformation technology system of the data subject is automatically prompted todownload display of the corresponding Facebook component from Facebook throughthe Facebook component. An overview of all the Facebook Plug-ins may beaccessed under https://developers.facebook.com/docs/plugins/. During the courseof this technical procedure, Facebook is made aware of what specific sub-siteof our website was visited by the data subject.

If the data subject is logged in at the same time onFacebook, Facebook detects with every call-up to our website by the datasubject—and for the entire duration of their stay on our Internet site—whichspecific sub-site of our Internet page was visited by the data subject. Thisinformation is collected through the Facebook component and associated with therespective Facebook account of the data subject. If the data subject clicks onone of the Facebook buttons integrated into our website, e.g. the"Like" button, or if the data subject submits a comment, thenFacebook matches this information with the personal Facebook user account ofthe data subject and stores the personal data.

Facebook always receives, through the Facebook component,information about a visit to our website by the data subject, whenever the datasubject is logged in at the same time on Facebook during the time of thecall-up to our website. This occurs regardless of whether the data subjectclicks on the Facebook component or not. If such a transmission of informationto Facebook is not desirable for the data subject, then he or she may preventthis by logging off from their Facebook account before a call-up to our websiteis made.

The data protection guideline published by Facebook, whichis available at https://facebook.com/about/privacy/, provides information aboutthe collection, processing and use of personal data by Facebook. In addition, itis explained there what setting options Facebook offers to protect the privacyof the data subject. In addition, different configuration options are madeavailable to allow the elimination of data transmission to Facebook, e.g. theFacebook blocker of the provider Webgraph, which may be obtained underhttp://webgraph.com/resources/facebookblocker/. These applications may be usedby the data subject to eliminate a data transmission to Facebook.

 

15. Data protection provisions about the application and useof Google AdSense

On this website, the controller has integrated GoogleAdSense. Google AdSense is an online service which allows the placement ofadvertising on third-party sites. Google AdSense is based on an algorithm thatselects advertisements displayed on third-party sites to match with the contentof the respective third-party site. Google AdSense allows an interest-basedtargeting of the Internet user, which is implemented by means of generatingindividual user profiles.

The operating company of Google's AdSense component isAlphabet Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, UnitedStates.

The purpose of Google's AdSense component is the integrationof advertisements on our website. Google AdSense places a cookie on theinformation technology system of the data subject. The definition of cookies isexplained above. With the setting of the cookie, Alphabet Inc. is enabled toanalyse the use of our website. With each call-up to one of the individualpages of this Internet site, which is operated by the controller and into whicha Google AdSense component is integrated, the Internet browser on theinformation technology system of the data subject will automatically submitdata through the Google AdSense component for the purpose of online advertisingand the settlement of commissions to Alphabet Inc. During the course of thistechnical procedure, the enterprise Alphabet Inc. gains knowledge of personaldata, such as the IP address of the data subject, which serves Alphabet Inc.,inter alia, to understand the origin of visitors and clicks and subsequentlycreate commission settlements.

The data subject may, as stated above, prevent the settingof cookies through our website at any time by means of a correspondingadjustment of the web browser used and thus permanently deny the setting ofcookies. Such an adjustment to the Internet browser used would also preventAlphabet Inc. from setting a cookie on the information technology system of thedata subject. Additionally, cookies already in use by Alphabet Inc. may bedeleted at any time via a web browser or other software programs.

Furthermore, Google AdSense also uses so-called trackingpixels. A tracking pixel is a miniature graphic that is embedded in web pagesto enable a log file recording and a log file analysis through which astatistical analysis may be performed. Based on the embedded tracking pixels,Alphabet Inc. is able to determine if and when a website was opened by a datasubject, and which links were clicked on by the data subject. Tracking pixelsserve, inter alia, to analyse the flow of visitors on a website.

Through Google AdSense, personal data and information—whichalso includes the IP address, and is necessary for the collection andaccounting of the displayed advertisements—is transmitted to Alphabet Inc. inthe United States of America. These personal data will be stored and processedin the United States of America. The Alphabet Inc. may disclose the collectedpersonal data through this technical procedure to third parties.

Google AdSense is further explained under the following linkhttps://www.google.com/intl/en/adsense/start/.

 

16. Data protection provisions about the application and useof Google Analytics (with anonymisation function)

On this website, the controller has integrated the componentof Google Analytics (with the anonymiser function). Google Analytics is a webanalytics service. Web analytics is the collection, gathering, and analysis ofdata about the behaviour of visitors to websites. A web analysis servicecollects, inter alia, data about the website from which a person has come (theso-called referrer), which sub-pages were visited, or how often and for whatduration a sub-page was viewed. Web analytics are mainly used for theoptimisation of a website and in order to carry out a cost-benefit analysis ofInternet advertising.

The operator of the Google Analytics component is GoogleInc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

For the web analytics through Google Analytics thecontroller uses the application "_gat. _anonymizeIp". By means ofthis application the IP address of the Internet connection of the data subjectis abridged by Google and anonymised when accessing our websites from a MemberState of the European Union or another Contracting State to the Agreement onthe European Economic Area.

The purpose of the Google Analytics component is to analysethe traffic on our website. Google uses the collected data and information,among other things, to evaluate the use of our website and to provide onlinereports, which show the activities on our websites, and to provide otherservices concerning the use of our Internet site for us.

Google Analytics places a cookie on the informationtechnology system of the data subject. The definition of cookies is explainedabove. With the setting of the cookie, Google is enabled to analyse the use ofour website. With each call-up to one of the individual pages of this Internetsite, which is operated by the controller and into which a Google Analyticscomponent was integrated, the Internet browser on the information technologysystem of the data subject will automatically submit data through the GoogleAnalytics component for the purpose of online advertising and the settlement ofcommissions to Google. During the course of this technical procedure, theenterprise Google gains knowledge of personal information, such as the IPaddress of the data subject, which serves Google, inter alia, to understand theorigin of visitors and clicks, and subsequently create commission settlements.

The cookie is used to store personal information, such asthe access time, the location from which the access was made, and the frequencyof visits of our website by the data subject. With each visit to our Internetsite, such personal data, including the IP address of the Internet access usedby the data subject, will be transmitted to Google in the United States ofAmerica. These personal data are stored by Google in the United States ofAmerica. Google may pass these personal data collected through the technicalprocedure to third parties.

The data subject may, as stated above, prevent the settingof cookies through our website at any time by means of a correspondingadjustment of the web browser used and thus permanently deny the setting ofcookies. Such an adjustment to the Internet browser used would also preventGoogle Analytics from setting a cookie on the information technology system ofthe data subject. In addition, cookies already in use by Google Analytics maybe deleted at any time via a web browser or other software programs.

In addition, the data subject has the possibility ofobjecting to a collection of data that are generated by Google Analytics, whichis related to the use of this website, as well as the processing of this databy Google and the chance to preclude any such. For this purpose, the datasubject must download a browser add-on under the linkhttps://tools.google.com/dlpage/gaoptout and install it. This browser add-ontells Google Analytics through a JavaScript that any data and information aboutthe visits of Internet pages may not be transmitted to Google Analytics. Theinstallation of the browser add-ons is considered an objection by Google. Ifthe information technology system of the data subject is later deleted,formatted, or newly installed, then the data subject must reinstall the browseradd-ons to disable Google Analytics. If the browser add-on was uninstalled bythe data subject or any other person who is attributable to their sphere ofcompetence or is disabled, it is possible to execute the reinstallation orreactivation of the browser add-ons.

Further information and the applicable data protectionprovisions of Google may be retrieved underhttps://www.google.com/intl/en/policies/privacy/ and underhttp://www.google.com/analytics/terms/us.html. Google Analytics is furtherexplained under the following Link https://www.google.com/analytics/.

 

17. Data protection provisions about the application and useof Google Remarketing

On this website, the controller has integrated GoogleRemarketing services. Google Remarketing is a feature of Google AdWords, whichallows an enterprise to display advertising to Internet users who havepreviously resided on the enterprise's Internet site. The integration of GoogleRemarketing, therefore, allows an enterprise to create user-based advertisingand thus shows relevant advertisements to interested Internet users.

The operating company of the Google Remarketing services isthe Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, UnitedStates.

The purpose of Google Remarketing is the insertion ofinterest-relevant advertising. Google Remarketing allows us to display ads onthe Google network or on other websites, which are based on individual needsand matched to the interests of Internet users.

Google Remarketing sets a cookie on the informationtechnology system of the data subject. The definition of cookies is explainedabove. With the setting of the cookie, Google enables recognition of thevisitor of our website if he calls up consecutive web pages, which are also amember of the Google advertising network. With each call-up to an Internet siteon which the service has been integrated by Google Remarketing, the web browserof the data subject identifies automatically with Google. During this technicalprocedure, Google receives personal information, such as the IP address or thesurfing behaviour of the user, which Google uses, among other things, for theinsertion of interest relevant advertising.

The cookie is used to store personal information, e.g. theInternet pages visited by the data subject. Each time we visit our Internetpages, personal data, including the IP address of the Internet access used bythe data subject, is transmitted to Google in the United States of America.These personal data are stored by Google in the United States of America.Google may pass these personal data collected through the technical procedureto third parties.

The data subject may, as stated above, prevent the settingof cookies through our website at any time by means of a correspondingadjustment of the web browser used and thus permanently deny the setting ofcookies. Such an adjustment to the Internet browser used would also preventGoogle from setting a cookie on the information technology system of the datasubject. In addition, cookies already in use by Google may be deleted at anytime via a web browser or other software programs.

In addition, the data subject has the possibility ofobjecting to the interest-based advertising by Google. For this purpose, thedata subject must call up the link to www.google.de/settings/ads and make thedesired settings on each Internet browser used by the data subject.

Further information and the actual data protectionprovisions of Google may be retrieved underhttps://www.google.com/intl/en/policies/privacy/.

 

18. Data protection provisions about the application and useof Google+

On this website, the controller has integrated the Google+button as a component. Google+ is a so-called social network. A social networkis a social meeting place on the Internet, an online community, which usuallyallows users to communicate with each other and interact in a virtual space. Asocial network may serve as a platform for the exchange of opinions andexperiences, or enable the Internet community to provide personal orbusiness-related information. Google+ allows users of the social network toinclude the creation of private profiles, upload photos and network through friendrequests.

The operating company of Google+ is Google Inc., 1600Amphitheatre Pkwy, Mountain View, CA 94043-1351, UNITED STATES.

With each call-up to one of the individual pages of thiswebsite, which is operated by the controller and on which a Google+ button hasbeen integrated, the Internet browser on the information technology system ofthe data subject automatically downloads a display of the corresponding Google+button of Google through the respective Google+ button component. During thecourse of this technical procedure, Google is made aware of what specificsub-page of our website was visited by the data subject. More detailedinformation about Google+ is available under https://developers.google.com/+/.

If the data subject is logged in at the same time toGoogle+, Google recognises with each call-up to our website by the data subjectand for the entire duration of his or her stay on our Internet site, whichspecific sub-pages of our Internet page were visited by the data subject. Thisinformation is collected through the Google+ button and Google matches thiswith the respective Google+ account associated with the data subject.

If the data subject clicks on the Google+ button integratedon our website and thus gives a Google+ 1 recommendation, then Google assignsthis information to the personal Google+ user account of the data subject andstores the personal data. Google stores the Google+ 1 recommendation of thedata subject, making it publicly available in accordance with the terms andconditions accepted by the data subject in this regard. Subsequently, a Google+1 recommendation given by the data subject on this website together with otherpersonal data, such as the Google+ account name used by the data subject andthe stored photo, is stored and processed on other Google services, such assearch-engine results of the Google search engine, the Google account of thedata subject or in other places, e.g. on Internet pages, or in relation toadvertisements. Google is also able to link the visit to this website withother personal data stored on Google. Google further records this personalinformation with the purpose of improving or optimising the various Googleservices.

Through the Google+ button, Google receives information thatthe data subject visited our website if the data subject at the time of thecall-up to our website is logged in to Google+. This occurs regardless ofwhether the data subject clicks or doesn't click on the Google+ button.

If the data subject does not wish to transmit personal datato Google, he or she may prevent such transmission by logging out of hisGoogle+ account before calling up our website.

Further information and the data protection provisions ofGoogle may be retrieved under https://www.google.com/intl/en/policies/privacy/.More references from Google about the Google+ 1 button may be obtained underhttps://developers.google.com/+/web/buttons-policy.

 

19. Data protection provisions about the application and useof Google-AdWords

On this website, the controller has integrated GoogleAdWords. Google AdWords is a service for Internet advertising that allows theadvertiser to place ads in Google search engine results and the Googleadvertising network. Google AdWords allows an advertiser to pre-define specifickeywords with the help of which an ad on Google's search results only thendisplayed, when the user utilises the search engine to retrieve akeyword-relevant search result. In the Google Advertising Network, the ads aredistributed on relevant web pages using an automatic algorithm, taking intoaccount the previously defined keywords.

The operating company of Google AdWords is Google Inc., 1600Amphitheatre Pkwy, Mountain View, CA 94043-1351, UNITED STATES.

The purpose of Google AdWords is the promotion of our websiteby the inclusion of relevant advertising on the websites of third parties andin the search engine results of the search engine Google and insertion ofthird-party advertising on our website.

If a data subject reaches our website via a Google ad, aconversion cookie is filed on the information technology system of the datasubject through Google. The definition of cookies is explained above. Aconversion cookie loses its validity after 30 days and is not used to identifythe data subject. If the cookie has not expired, the conversion cookie is usedto check whether certain sub-pages, e.g. the shopping cart from an online shopsystem, were called up on our website. Through the conversion cookie, bothGoogle and the controller can understand whether a person who reached anAdWords ad on our website generated sales, that is, executed or cancelled asale of goods.

The data and information collected through the use of theconversion cookie is used by Google to create visit statistics for our website.These visit statistics are used in order to determine the total number of userswho have been served through AdWords ads to ascertain the success or failure ofeach AdWords ad and to optimise our AdWords ads in the future. Neither ourcompany nor other Google AdWords advertisers receive information from Googlethat could identify the data subject.

The conversion cookie stores personal information, e.g. theInternet pages visited by the data subject. Each time we visit our Internetpages, personal data, including the IP address of the Internet access used bythe data subject, is transmitted to Google in the United States of America.These personal data are stored by Google in the United States of America.Google may pass these personal data collected through the technical procedureto third parties.

The data subject may, at any time, prevent the setting ofcookies by our website, as stated above, by means of a corresponding setting ofthe Internet browser used and thus permanently deny the setting of cookies.Such a setting of the Internet browser used would also prevent Google fromplacing a conversion cookie on the information technology system of the datasubject. In addition, a cookie set by Google AdWords may be deleted at any timevia the Internet browser or other software programs.

The data subject has a possibility of objecting to theinterest-based advertisement of Google. Therefore, the data subject must accessfrom each of the browsers in use the link www.google.de/settings/ads and setthe desired settings.

Further information and the applicable data protectionprovisions of Google may be retrieved underhttps://www.google.com/intl/en/policies/privacy/.

 

20. Data protection provisions about the application and useof Instagram

On this website, the controller has integrated components ofthe service Instagram. Instagram is a service that may be qualified as anaudio-visual platform, which allows users to share photos and videos, as wellas disseminate such data in other social networks.

The operating company of the services offered by Instagramis Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, UNITEDSTATES.

With each call-up to one of the individual pages of thisInternet site, which is operated by the controller and on which an Instagramcomponent (Instagram button) was integrated, the Internet browser on theinformation technology system of the data subject is automatically prompted tothe download of a display of the corresponding Instagram component ofInstagram. During the course of this technical procedure, Instagram becomesaware of what specific sub-page of our website was visited by the data subject.

If the data subject is logged in at the same time onInstagram, Instagram detects with every call-up to our website by the datasubject—and for the entire duration of their stay on our Internet site—whichspecific sub-page of our Internet page was visited by the data subject. Thisinformation is collected through the Instagram component and is associated withthe respective Instagram account of the data subject. If the data subjectclicks on one of the Instagram buttons integrated on our website, thenInstagram matches this information with the personal Instagram user account ofthe data subject and stores the personal data.

Instagram receives information via the Instagram componentthat the data subject has visited our website provided that the data subject islogged in at Instagram at the time of the call to our website. This occursregardless of whether the person clicks on the Instagram button or not. If suchtransmission of information to Instagram is not desirable for the data subject,then he or she can prevent this by logging off from their Instagram accountbefore a call-up to our website is made.

Further information and the applicable data protectionprovisions of Instagram may be retrieved underhttps://help.instagram.com/155833707900388 andhttps://www.instagram.com/about/legal/privacy/.

 

21. Data protection provisions about the application and useof Jetpack for WordPress

On this website, the controller has integrated Jetpack.Jetpack is a WordPress plug-in, which provides additional features to theoperator of a website based on WordPress. Jetpack allows the Internet siteoperator, among others, an overview of the visitors of the site. By displayingrelated posts and publications, or the ability to share content on the page, itis also possible to increase visitor numbers. In addition, security featuresare integrated into Jetpack, so a Jetpack-using site is better protected againstbrute-force attacks. Jetpack also optimises and accelerates the loading ofimages on the website.

The operating company of Jetpack Plug-Ins for WordPress isthe Automattic Inc., 132 Hawthorne Street, San Francisco, CA 94107, UNITEDSTATES. The operating enterprise uses the tracking technology created byQuantcast Inc., 201 Third Street, San Francisco, CA 94103, UNITED STATES.

Jetpack sets a cookie on the information technology systemused by the data subject. The definition of cookies is explained above. Witheach call-up to one of the individual pages of this Internet site, which isoperated by the controller and on which a Jetpack component was integrated, theInternet browser on the information technology system of the data subject isautomatically prompted to submit data through the Jetpack component foranalysis purposes to Automattic. During this technical procedure, Automatticreceives data that is used to create an overview of website visits. The dataobtained in this way serves the analysis of the behaviour of the data subject,which has access to the Internet page of the controller and is analysed withthe aim of optimising the website. The data collected through the Jetpackcomponent is not used to identify the data subject without a prior obtaining ofa separate express consent of the data subject. The data comes also to thenotice of Quantcast. Quantcast uses the data for the same purposes asAutomattic.

The data subject can, as stated above, prevent the settingof cookies through our website at any time by means of a correspondingadjustment of the web browser used and thus permanently deny the setting ofcookies. Such an adjustment to the Internet browser used would also preventAutomattic/Quantcast from setting a cookie on the information technology systemof the data subject. In addition, cookies already in use byAutomattic/Quantcast may be deleted at any time via a web browser or othersoftware programs.

In addition, the data subject has the possibility ofobjecting to a collection of data relating to a use of this Internet site thatis generated by the Jetpack cookie, as well as the processing of these datapackets by A