We are pleased that you are visiting our website prof-schumann.com and are interested in our company.
The protection of your personal data, for example your name, date of birth, telephone number, address etc. is an important issue for us.
The purpose of this data protection declaration is to inform you about the processing of the personal data that we collect from you when you visit our website. Our data protection practices conform to the legal regulations of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG). The following data protection declaration serves to fulfil the requirements to provide information that result from the GDPR. These can be found, for example, in Art. 13 and Art. 14 onward GDPR.
Responsibility
The responsible person in the sense of Art. 4 No. 7 GDPR is the person who, alone or together with others, decides on the purpose of, and methods used for, the processing of person-related data.
In relation to our website, responsibility lies with:
Prof. Schumann GmbH
Jutta-Limbach-Straße 1
37073 Göttingen
E-mail: info@prof-schumann.de
Tel.: +49 (0) 551 - 383150
Fax: +49 (0) 551 - 3831520
Contacting the Data Protection Officer
We have appointed a Data Protection Officer according to Art. 37 GDPR. Our Data Protection Officer can be contacted using the following contact data:
Thomas Floß
Parkstr. 1a
33775 Versmold
E-mail: info@floss-consult.de
Tel.: +49 5423 964 900
Fax: +49 5423 964 9030
Website: http://www.floss-consult.de/
Provision of the Website and Creation of Log Files
Every time our internet site is called up, our system automatically compiles data and information about the device calling up the website (e.g. computer, mobile telephone, tablet, etc.).
Which Person-Related Data Is Collected and to What Extent is This Data Processed?
(1) Information about the browser type and version in use;
(2) The operating system of the device calling up the website;
(3) Host name of the device calling up the website;
(4) The IP address of the device calling up the website;
(5) Date and time of access to the website;
(6) Web pages and resources (pictures, data, further page content) that are called up from our internet site;
(7) Website from which the user's system accesses our internet site (referrer tracking);
(8) Message as to whether access was successful;
(9) Quantity of data transferred
This data is stored in the log files of our system. Storage of this data together with person-related data about a specific user does not take place, so that the identification of individual website visitors does not happen.
Legal Basis for the Processing of Person-Related Data
Art. 6 Para. 1 lit. f GDPR (legitimate interest). Our legitimate interest lies in enabling the achievement of the following purposes.
Purpose of the Data Processing
The temporary (automated) storage of the data is necessary for the procedure of visiting the website in order to make the delivery of the website possible. The storage and processing of the person-related data also takes place in order to maintain the compatibility of our internet site for as many visitors as possible, to combat misuse and for the removal of problems. For this purpose it is necessary to log the technical data of the computer calling up the website in order to be able to react as soon as possible to presentation errors, attacks on our IT systems and/or errors in the functionality of our internet site. Furthermore, the data serves to help us with the optimization of the website and the general security of our information technology systems.
Duration of Data Storage
The deletion of the technical data detailed above takes place as soon as it is no longer needed to guarantee the compatibility of our internet site for all visitors, but at the latest three months after our internet site was called up.
Possibility for Objections and Deletion
You can object to this processing according to Art. 21 GDPR at any time and demand deletion of the data according to Art. 17 GDPR. Which rights you have and how you can assert these rights can be found in the lower area of this data protection declaration.
Special Functions of the Internet Site
Our site offers you various functions through which, when they are used, we collect, process and store person-related data. What happens to this data is explained in the following:
Contact Form(s)
- Which person-related data is collected and to what extent is this data processed?
The data entered by you in our contact forms, which you have entered in the entry fields of the respective contact form will be processed by us in order to fulfil the purpose given below.
- Legal basis for the processing of person-related data
Art. 6 Para. 1 lit. a GDPR (consent through clearly confirmatory actions or behaviour).
- Purpose of the data processing
We will only use the data collected via our contact form or forms for the processing of the specific inquiry received via the contact form. Please note that for the fulfilment of your inquiry we may send E-mails to the address you have entered.
- Duration of data storage
After processing your inquiry the data collected will be deleted immediately insofar as there is no legal requirement to store the data for a particular period of time.
- Possibility for objections and deletion
The possibilities for objections and deletion of data are regulated according to the general regulations for the right to objection and deletion according to data protection legislation that are explained in the following in this data protection declaration.
- Necessity of providing person-related data
The use of the contact forms takes place on a voluntary basis and is neither contractually nor legally compulsory. You are not obliged to make contact with us using the contact form but can also use the other contact possibilities detailed on our website. If you wish to use our contact form, you need to fill in the fields that are designated as mandatory. If you do not fill in the necessary entries on the contact form, then either you will be unable to send the inquiry or we are unfortunately not able to process your inquiry.
SCHUMANN Portal - Login Section
- Which person-related data is collected and to what extent is this data processed?
We only process the data you entered in the input mask during registration on the SCHUMANN portal.
- Legal basis for the processing of person-related data
Art. 6 Para. 1 lit. a GDPR (consent through clearly confirmatory actions or behaviour).
- Purpose of the data processing
The information you provide for registration on the SCHUMANN portal is collected and stored electronically to enable you to participate in the portal. We use the data provided for the manual release of the specific registration request. In addition, a confirmation email will be sent to your email address when you send your registration.
- Duration of data storage
Your data will be stored until the purpose of the processing ceases to apply or until you object to further processing or exercise your right to deletion. This applies insofar as there are no statutory retention periods.
- Possibility for objections and deletion
The possibilities for objections and deletion of data are regulated according to the general regulations for the right to objection and deletion according to data protection legislation that are explained in the following in this data protection declaration.
- Necessity of providing person-related data
The provision of your data is voluntary and is neither contractually nor legally required. However, if you wish to use the login-protected area of our website (e.g. for conference stream, current product information), the fields marked as mandatory must be filled in by you. If you do not fill in the required information in the registration form, you will not be able to use our login area.
- Passing on of data
The information provided on the SCHUMANN portal will not be passed on to third parties.
Statistical Evaluation of the Visits to This Internet Site – Web Trackers
When this internet site or individual files from this internet site are called up, we collect, process and store the following data: IP address, website from which the file was called up, name of the file, date and time it was called up, quantity of data transferred and notifications regarding the success of this action (so-called web-log). We use this data on internet access exclusively in non-personalized form for the continual improvement of our internet presence and for statistical purposes. For the evaluation of visits to our internet site we also use the following web trackers:
On our website we use the service Google from the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, E-mail: support-deutschland@google.com, website: http://www.google.com/. Person-related data is also transferred to the USA. In relation to the transfer of person-related data to the USA there is an adequacy resolution relating to the EU-US Data Privacy Framework of the European Commission in the sense of Art. 45 GDPR (in the following: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified within the framework of the DPF, so that the level of protection that is usual for the GDPR is provided.
The legal basis for the processing of person-related data is your consent according to Art. 6 para. 1 lit. a GDPR and/or Art. 9 para. 2 lit. a GDPR, which you have given on our internet site.
We use Google in order to load further services from the company Google on the website. The service is used in order to make further Google services available, such as the necessary data processing when providing streams and fonts as well as relevant content from the Google search. It is technically necessary in order to exchange the information about the web page visitor that is already available between the Google services and to provide the web page visitor with individual content adapted to his Google account.
For the processing itself, we and the service collect the following data: background data about the web page visitor that is stored in the Google user account or by other Google services, Background data for the provision of Google services such as streaming data or advertising data, data on the site user's use of the Google search, information on the end device used, the IP address and the user's browser and other data from Google services for the provision of Google services related to our website.
If the service has been activated on our website, our website establishes a connection to the servers of Google Ireland Limited and transmits the required data. In the context of contracted data processing, personal data may also be transmitted to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When the Google service is in use on our website, Google may transmit and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google Apis, Doubleclick, Google Cloud, Google Ads and Google Fonts in accordance with the Google data protection declaration. You can view the certification of the provider within the framework of the EU-US Data Privacy Framework at: https://www.dataprivacyframework.gov/list.
You can withdraw your consent at any time. Further information on withdrawing your consent can be found either in the consent function itself or at the end of this data protection declaration.
Further information on the handling of the transmitted data can be found in the data protection declaration of the provider at https://policies.google.com/privacy.
Additionally, at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de the provider offers an opt-out possibility.
Google Tag Manager
On our website we use the service Google Tag Manager from the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, E-mail: support-deutschland@google.com, website: http://www.google.com/. Person-related data is also transferred to the USA. In relation to the transfer of person-related data to the USA there is an adequacy resolution relating to the EU-US Data Privacy Framework of the European Commission in the sense of Art. 45 GDPR (in the following: DPF -https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified within the framework of the DPF, so that the level of protection that is usual for the GDPR is provided.
The legal basis for the transmission of person-related data is your consent according to Art. 6 para. 1 lit. a GDPR and/or Art. 9 para. 2 lit. a GDPR, which you have given on our internet site.
Google Tag Manager offers a technical platform for running other web tools and web tracking programs using so-called "tags" and to control them in a centralized way. In this context, Google Tag Manager stores cookies on your computer and, insofar as web-tracking tools are run by Google Tag Manager, analyses your web surfing behaviour (so-called "tracking"). The data created by the "tags" is compiled under a unified user interface and is stored and processed. All the included "tags" are listed in this data protection declaration. In the context of the use of our website and the activated integration of "tags" from Google-Tag-Manager, data such as your IP address and your user activities is transmitted to servers of the company Google. Through IP anonymization of the source code, the tracking tools used in Google Tag Manager ensure that the IP address is anonymized by Google Tag Manager before it is transmitted. With Google Tag Manager data from various service providers (Google and third-party providers) can be linked and evaluated on the basis of so-called tag management. Google Tag Manager helps us to put together reports about website activities and to control the web tools of our internet site.
For the processing itself, the service/we collect the following data: cookies, web tracking data, incoming or outgoing links, information arising from the integration and activation of JavaScript code on the website from Google Tag Manager and the web tools triggered by Google Tag Manager.
You can view the certification within the framework of the EU-US Data Privacy Framework at: https://www.dataprivacyframework.gov/s/participant-search/participant- detail?id=a2zt000000001L5AAI&status=Active.
You can withdraw your consent at any time. Further information on withdrawing your consent can be found either in the consent function itself or at the end of this data protection declaration.
Further information on the handling of the transmitted data can be found in the data protection declaration of the provider at https://policies.google.com/privacy.
Additionally, at https://policies.google.com/privacy the provider offers an opt-out possibility.
Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyse the behaviour of website visitors. The website operator receives various usage data such as page call-ups, duration of access, operating system used and the location of the user. This data is compiled in a user-ID and assigned to the respective device of the website visitor.
Furthermore, with Google Analytics we can record your mouse and scroll movements, among other things. Google Analytics also uses various modelling techniques to complement the compiled data sets and uses machine learning technologies for data analysis.
Google Analytics uses technologies that enable recognition of the user for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information compiled by Google about the use of this website is usually transferred to a Google server in the USA, where it is stored.
The use of this service takes place on the basis of your consent according to Art. 6 para. 1 lit. a GDPR and §25 para. 1 TDDDG. Consent can be withdrawn at any time. The transfer of data to the USA is supported by the standard contractual clauses of the EU Commission.
Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.
The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to guarantee compliance with European data protection standards when data is processed in the USA. Every company certified according to the DPF has committed itself to maintaining these data protection standards. Further information on this can be obtained from the provider via the following link: https://www.dataprivacyframework.gov/s/participant‑search/participantdetail?contact=true&id=a2zt000000001L5AAI&status=Active.
IP anonymization
The Google Analytics IP anonymization is active. This means that your IP address will be shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before it is transmitted to the USA. Only in exceptional circumstances will the complete IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use the collected information in order to evaluate your use of the website, to compile reports about website activity and to perform further services relating to website usage and internet usage for the website operator. The IP address transmitted by your browser within the framework of Google Analytics will not be combined with other Google data.
Browser Plug-in
You can prevent the collection and processing of your data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
More information on the handling of user data by Google Analytics can be found in Google's data protection declaration:
https://support.google.com/analytics/answer/6004245?hl=de.
Demographic characteristics in Google Analytics
This website uses the "demographics" function from Google Analytics in order to show website visitors suitable advertisements within the Google advertising network. This enables reports to be created that contain information on age, gender and interests of the website visitor. This data originates from interest-related advertising from Google as well as from visitor data from third-party providers. This data cannot be assigned to a particular person. You can deactivate this function at any time through the advertising settings in your Google account or generally prevent the collection of data by Google Analytics as described under the point "Objection to data collection".
Contracted data-processing
We have concluded a contract with Google for contracted data-processing and implement the strict requirements of the German data protection authorities to their complete extent in the use of Google Analytics.
LinkedIn Analytics
On our website we use the service LinkedIn Analytics of the company LinkedIn Ireland Unlimited Company, Wilton Place, 2 Dublin, Ireland, E-mail: info_impressum@cs.linkedin.com, website: https://www.linkedin.com/. The transfer of person-related data to the USA also takes place. In relation to the transfer of person-related data to the USA there is an adequacy resolution from the European Commission for the EU-US Data Privacy Framework according to Art. 45 GDPR (referred to in the following as the DPF - https://commission.europa.eu/d... be03fcb0fddf_en ). The operator of the service is certified within the framework of the DPF, so that the usual level of protection according to the GDPR applies to the data transfer.
The legal basis for the transmission of person-related data is your consent according to Art. 6 para. 1 lit. a GDPR and/or Art. 9 para. 2 lit. a GDPR, which you have given on our internet site.
This service is a website analysis tool that supports us in understanding the behaviour of users on our website. It automatically tracks activities such as clicks, scrolling and the filling in of forms, without us needing to implement code for this. With the generated data we can analyse exactly how visitors interact with our website and gain insights from this in order to optimize our online presence.
You can view the certification of the provider according to the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/list .
You can withdraw your consent at any time. Further information on withdrawing your consent can be found either in the consent procedure itself or at the end of this data protection declaration.
Further information on the handling of the transmitted data can be found in the data protection declaration of the provider at https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy.
Additionally, at https://www.linkedin.com/linkedin/answer/a1340485?lang=en the provider offers an opt-out possibility.
Matomo (local)
On our website we use the service Matomo (local) of the company InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, E-mail: privacy@matomo.org, Website: https://matomo.org/. The transmission of person-related data takes place exclusively to servers in the European Union.
The legal basis for the processing of person-related data is our legitimate interest according to Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in achieving the purposes described in the following.
Matomo is hosted on our own server infrastructure and is configured by us so that transfer of data to Matomo, InnoCraft Ltd. or other third parties does not take place. The purpose of the collection of statistical data is to monitor the functionality and user-friendliness of our website and to optimize it by analysing anonymized user flows. We can thus identify which content is relevant for our website visitors and users and extend it accordingly. Using the data collected, we can also create anonymous use profiles and consider general statistical information. The data collected in this context will not be combined with other person-related data without individual consent.
For the processing itself, the service/we collect the following data: Parts of your IP address in anonymized form, user activities (e.g. referrer links, time spent on particular URLs, clickstream, shopping basket - or order IDs), data regarding your browser settings, browser provider, browser version, screen resolution and the operating system in use.
Furthermore, the collection of data through our local Matomo instance is set up to be data-protection-friendly. Collected IP addresses are anonymized before they are stored and processed. We have also activated the "do not track" preference in Matomo. This makes sure that a "do not track" command from your browser is observed by Matomo when you call up our website and, independent of our other measures, recording of the website user does not take place. You can prevent Matomo from collecting data at any time by activating your browser's "do not track" setting.
In relation to the processing, you have the right of objection according to Art. 21 GDPR. Further information on this can be found at the end of this data protection declaration.
Further information on the handling of the transmitted data can be found in the data protection declaration of the provider at https://matomo.org/faq/general/faq_18254/.
Integration of External Web Services and Processing of Data Outside the EU
On our internet site we use active content from external providers, so-called web services. When our internet site is called up, these external providers may receive person-related information about your visit to our internet site. Processing of data outside the EU is hereby possible. You can prevent this by installing a suitable browser plug-in or by deactivating the running of scripts in your browser. This can, however, lead to the limitation of functions on internet sites that you visit.
We use the following external web services:
HubSpot Forms by HubSpot
On our website we use the service Hubspot Forms by HubSpot of the company HubSpot, Inc, 25 First Street, 2141 Cambridge MA, United States, E-mail: privacy@hubspot.com, website: https://www.hubspot.de/. Person-related data is also transferred to the USA. In relation to the transfer of person-related data to the USA there is an adequacy resolution relating to the EU-US Data Privacy Framework of the European Commission in the sense of Art. 45 GDPR (in the following: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified within the framework of the DPF, so that the level of protection that is usual for the GDPR is provided.
The legal basis for the processing of person-related data is your consent according to Art. 6 para. 1 lit. a GDPR and/or Art. 9 para. 2 lit. a GDPR, which you have given on our internet site.
With the help of HubSpot Forms we can make questionnaires and forms available on our website in a simple way.
You can view the certification of the provider within the framework of the EU-US Data Privacy Framework at: https://www.dataprivacyframework.gov/list.
You can withdraw your consent at any time. Further information on withdrawing your consent can be found either in the consent function itself or at the end of this data protection declaration.
Further information on the handling of the transmitted data can be found in the data protection declaration of the provider at https://legal.hubspot.com/de/privacy-policy.
HubSpot
On our website we use the service HubSpot of the company HubSpot, Inc, 25 First Street, 2141 Cambridge MA, United States, E-mail: privacy@hubspot.com, website: https://www.hubspot.de/. Person-related data is also transferred to the USA. In relation to the transfer of person-related data to the USA there is an adequacy resolution relating to the EU-US Data Privacy Framework of the European Commission in the sense of Art. 45 GDPR (in the following: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified within the framework of the DPF, so that the level of protection that is usual for the GDPR is provided.
The legal basis for the processing of data is Art. 6 para. 1 lit. c GDPR. The legal basis for the processing is our legitimate interest pursuant to Art. 6 para. 1 lit. c GDPR. Our legitimate interest lies in achieving the purpose described below.
HubSpot is a CRM platform for marketing, sales and service. The service provides us with, among other things, tools for social media marketing, content management, web analytics, customer service and search machine optimization.
You can view the certification within the framework of the EU-US Data Privacy Framework at: https://www.dataprivacyframework.gov/list.
Further information on the handling of the transmitted data can be found in the data protection declaration of the provider at https://legal.hubspot.com/de/privacy-policy.
On our website we use the service LinkedIn of the company LinkedIn Ireland Unlimited Company, Wilton Place, 2 Dublin, Ireland, E-mail: info_impressum@cs.linkedin.com, website: https://www.linkedin.com/. The transfer of person-related data to the USA also takes place. In relation to the transfer of person-related data to the USA there is an adequacy resolution from the European Commission for the EU-US Data Privacy Framework according to Art. 45 GDPR (referred to in the following as the DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified within the framework of the DPF, so that the usual level of protection according to the GDPR applies to the data transfer.
The legal basis for the transfer of this person-related data is your consent according to Art. 6 Para. 1 lit. a GDPR and Art. 9 Para. 2 lit. a GDPR, which you have given on our internet site.
When using the LinkedIn plug-in, we create a connection to the LinkedIn platform in order to give logged-in members of LinkedIn the possibility to interact with us.
You can view the certification of the provider according to the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/list .
You can withdraw your consent at any time. Further information on withdrawing your consent can be found either in the consent function itself or at the end of this data protection declaration.
Further information on the handling of the transmitted data can be found in the data protection declaration of the provider at https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy.
The supplier offers an additional opt-out possibility at https://www.linkedin.com/help/linkedin/answer/68763?lang=de .
Rechtstextsnippet and Module
On our website we use the service Rechtstextsnippet and modules from the company Website-Check GmbH, Beethovenstraße 24, 66111 Saarbrücken, Deutschland, E-mail: support@website-check.de, Website: https://www.website- check.de/. The transfer of person-related data takes place only to servers within the European Union.
The legal basis for the processing of data is Art. 6 para. 1 lit. c GDPR. The use of the service supports us in fulfilling our legal obligations.
With the help of this service, our legal texts are loaded onto our internet site. Using the arranged interface to our website, the current legal texts are loaded. Using this interface, further technical modules relating to legal texts or legally necessary elements could also be loaded.
The rights you have in relation to the processing can be found at the end of this data protection declaration.
Further information on the handling of the transmitted data can be found in the data protection declaration of the provider at https://www.website-check.de/datenschutzerklaerung/.
Website-Check Siegel
On our website we use the service Website-Check Siegel (seal) of the company Website-Check GmbH, Beethovenstraße 24, 66111 Saarbrücken, Germany, E-mail: support@website-check.de, website: http://www.website-check.de/. The transmission and processing of person-related data takes place exclusively on servers located in the European Union.
The legal basis for the transfer of this person-related data is our legitimate interest in this processing according to Art. 6 Para. 1 lit. f GDPR. Our legitimate interest lies in achieving the aim indicated in the following.
The script from Website-Check GmbH constitutes the technical integration of the Website-Check Siegel (seal). With this seal we would like to show you that we take the theme of data protection very seriously. The transfer of data to Website-Check GmbH takes place to enable the supply and presentation of the seal on our website.
With regard to the processing, you have the right of objection detailed in Art. 21 GDPR. You will find more information at the end of this data protection declaration.
Further information on the handling of the transmitted data can be found in the data protection declaration of the provider at https://www.website-check.de/datenschutzerklaerung/.
LamaPoll
To improve the quality of our work and to learn more about the wishes and requirements of our customers, we conduct surveys on our website. For the technical implementation of these surveys we use the survey tool LamaPoll from Lamano GmbH & Co. KG, (Prenzlauer Allee 36G, 10405 Berlin). The Lamano GmbH & Co. KG processes the data on our behalf within the scope of order processing. The processing takes place on servers in Germany. For further information, you will find the LamaPoll data protection declaration here: https://www.lamapoll.com/Suppo...
The legal basis for data processing is your consent in accordance with Art. 6 para. 1 letter a DSGVO. Your data will be deleted as soon as the purpose for their collection no longer applies.
Information on the Use of Cookies
Which Person-Related Data is Collected and to What Extent is this Processed?
On various pages we integrate and use cookies to enable the use of particular functions of our website and to integrate external web services. The so-called "cookies" are small text files that your browser can place on your computer. These text files contain a chain of characters that clearly identify the browser when you come back to our website again. The process of storing a cookie file is also known as "setting a cookie". Cookies can be set by the website itself or by external Web services. The cookies are set by our website or the external web services in order to obtain the full functionality of our website, to improve user-friendliness or to pursue the purpose stated with your consent. The cookie technology also enables us to identify individual users on the basis of pseudonyms, e.g. individual or random IDs, so that we can offer more individual services. The details are contained in the table below.
Legal Basis for the Processing of Person-Related Data
Insofar as the cookies are processed on the basis of consent according to Art. 6 Para. 1 lit. a GDPR, this consent will also be deemed to be consent in the sense of Section 25 Para. 1 TDDDG (Telecommunications Digital Services Data Protection Act) for the setting of the cookie on the user's device. Insofar as another legal basis is mentioned in accordance with the GDPR (e.g. for the fulfilment of a contract or for the fulfilment of legal obligations), the storage or setting of cookies is carried out on the basis of an exception in accordance with Section 25 Para. 2 TDDDG. This is the case "if the sole purpose of storing information in the end-user's equipment or the sole purpose of accessing information already stored in the end-user's equipment is to carry out the transmission of a communication over a public telecommunications network" or "if the storage of information in the end-user's equipment or the access to information already stored in the end-user's equipment is strictly necessary to enable the provider of a digital service to provide a digital service explicitly requested by the user". Which legal basis applies can be determined from the cookie table shown later in this section.
Purpose of Data Processing
The cookies are set by our website or the external web services in order to maintain the full functionality of our internet site, improve user-friendliness or to pursue the purpose agreed to with your consent. The cookie technology also makes it possible for us to recognize individual users through pseudonyms, e.g. an individual arbitrary ID, so that it is possible for us to offer more Individual services. Details are shown in the table below.
Duration of Storage
The storage of our cookies takes place until deletion in your browser or, in the case of a session cookie, until the session ends. The details are shown in the table below.
Possibilities for Objection and Removal
You can set up your browser so that the setting of cookies is prevented in general. You can then decide from case to case whether to accept cookies or you can generally accept cookies. Cookies can be used for various purposes, e.g. to recognize that your access device is already connected with our website (permanent cookies) or to store recently viewed content (session cookies). If you have specifically given your consent to the processing of your person-related data, you can withdraw this consent at any time. Please be aware that the legality of the processing performed before the withdrawal of consent is not affected by this withdrawal.
Cookie name | AnalyticsSyncHistory |
Server | .linkedin.com |
Provider | |
Purpose | The cookie allocates an ID to the website visitor and compiles statistical data on the website visits of the visitor. This enables the individualization of advertising that the user is shown. |
Legal basis | Art. 6 Para. 1 lit. a GDPR and/or Art. 9 Para. 2 lit. a GDPR (consent) |
Storage duration | Around 30 days |
Type | Marketing |
Cookie name | CSRF_TOKEN |
Server | www.prof-schumann.com |
Provider | Website operator |
Purpose | Using this Cookie we can store individual comfort settings you have selected and make them available for your current and future visits to our website. |
Legal basis | Art. 6 Abs. 1 lit. a DSGVO bzw. Art. 9 Abs. 2 lit. a DSGVO (Consent) |
Storage duration | Session |
Type | Configuration |
Cookie name | CraftSessionId |
Server | www.prof-schumann.com |
Provider | Craft CMS (Pixel & Tonic, Inc, 919 NW Bond St. #203, 97701 Bend, United States) |
Purpose | This cookie stores a unique ID in order to recognize when an anonymous visitor attempts to register. The cookie allocates the ID to a previous anonymous user. |
Legal basis | Art. 6 Para. 1 lit. a GDPR and/or Art. 9 Para. 2 lit. a GDPR (consent) |
Storage duration | Session |
Type | Configuration |
Cookie name | __cf_bm |
Server | .hubspot.com |
Provider | Hubspot |
Purpose | Cloudflare places the __cf_bm cookie on end-user devices that access customer websites which are protected by bot management oder bot fight mode. The __cf_bm cookie is necessary so that this bot-solution functions properly. The cookie contains information for calculating Cloudflare's own bot-score and, if the anomaly recognition is activated in the bot-management, a session identifier. The information in the cookie (with the exception of time-related information) is encrypted and can only be decoded by Cloudflare. |
Legal basis | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
Storage duration | Around 31 minutes |
Type | Security |
Cookie name | __cf_bm |
Server | .hsforms.com |
Provider | HubSpot Forms by HubSpot |
Purpose | Cloudflare places the __cf_bm cookie on end-user devices that access customer websites which are protected by bot management oder bot fight mode. The __cf_bm cookie is necessary so that this bot-solution functions properly. The cookie contains information for calculating Cloudflare's own bot-score and, if the anomaly recognition is activated in the bot-management, a session identifier. The information in the cookie (with the exception of time-related information) is encrypted and can only be decoded by Cloudflare.
|
Legal basis | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
Storage duration | Around 30 minutes |
Type | Security |
Cookie name | UserMatchHistory |
Server | .linkedin.com |
Provider | |
Purpose | The cookie allocates an ID to the website visitor. Using this ID, data on visitor behaviour on multiple websites is collected to enable individual advertising to be shown to the website visitor. |
Legal basis | Art. 6 Para. 1 lit. a GDPR and/or Art. 9 Para. 2 lit. a GDPR (consent) |
Storage duration | Around 30 days |
Type | Marketing |
Cookie name | __hssc |
Server | www.prof-schumann.com |
Provider | Hubspot |
Purpose | This cookie stores the domain, the number of visitors and the time of the start of the visit. It therefore determines whether the number of sessions needs to be increased. |
Legal basis | Art. 6 para. 1 lit. a GDPR and/or Art. 9 para. 2 lit. a GDPR (consent) |
Storage duration | Around 30 minutes |
Type | Marketing |
Cookie name | __hssrc |
Server | www.prof-schumann.com |
Provider | Hubspot |
Purpose | This cookie tests whether the visitor has restarted his browser and therefore determines whether a new website visit is taking place. |
Legal basis | Art. 6 para. 1 lit. a and/or Art. 9 para. 2 lit. a GDPR (consent) |
Storage duration | Session |
Type | Configuration |
Cookie name | __hstc |
Server | www.prof-schumann.com |
Provider | Hubspot |
Purpose | This cookie stores the domain, the user token, the time of the first, last and current visit as well as the number of sessions on the website. |
Legal basis | Art. 6 para. 1 lit. a and/or Art. 9 para. 2 lit. a GDPR (consent) |
Storage duration | Around 6 months |
Type | Analytics |
Cookie name | __cfuvid |
Server | .hubspot.com |
Provider | Hubspot |
Purpose | This cookie is part of the services provided by Cloudflare - including load balancing, delivery of website content and provision of DNS connections for website operators. It is used for rate limiting to distinguish individual users sharing the same IP address. |
Legal basis | Art. 6 para. 1 lit. a and/or Art. 9 para. 2 lit. a GDPR (consent) |
Storage duration | Session |
Type | Configuration |
Cookie name | __cfuvid |
Server | .hsforms.com |
Provider | HubSpot Forms by HubSpot |
Purpose | This cookie is part of the services provided by Cloudflare - including load balancing, delivery of website content and provision of DNS connections for website operators. It is used for rate limiting to distinguish individual users sharing the same IP address. |
Legal basis | Art. 6 para. 1 lit. a and/or Art. 9 para. 2 lit. a GDPR (consent) |
Storage duration | Session |
Type | Configuration |
Cookie name | _gcl_au |
Server | prof-schumann.com |
Provider | Google Tag Manager |
Purpose | This cookie is used by Google AdSense in order to increase the efficiency of advertising. |
Legal basis | Art. 6 Para. 1 lit. a GDPR and/or Art. 9 Para. 2 lit. a GDPR (consent) |
Storage duration | Around 3 months |
Type | Marketing |
Cookie name | _pk_id. |
Server | prof-schumann.com |
Provider | Website operator |
Purpose | This cookie is a tracking cookie from Matomo. The cookie enables us to record website interactions on the basis of an allocated pseudonym visitor ID and to collect statistics about user behaviour on our website. For this purpose, the cookie stores and analyses information about the actions of visitors on the website during the current session, such as the date and time of the initial visit, the average time spent on the website and the total of all visitors on the website. |
Legal basis | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
Storage duration | Around 13 months |
Type | Analytics |
Cookie name | _pk_ses. |
Server | prof-schumann.com |
Provider | Website operator |
Purpose | This cookie is a tracking cookie from Matomo. The cookie enables us to record website interactions on the basis of an allocated pseudonym visitor ID and to collect statistics about user behaviour on our website. For this purpose, the cookie stores and analyses information about the actions of visitors on the website during the current session, such as the date and time of the initial visit, the average time spent on the website and the total of all visitors on the website. |
Legal basis | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
Storage duration | Around 31 minutes |
Type | Analytics |
Cookie name | bscookie |
Server | .linkedin.com |
Provider | |
Purpose | The cookie allocates an ID to the website visitor and compiles statistical data on the website visits of the visitor. This enables the individualization of advertising that the user is shown. |
Legal basis | Art. 6 Para. 1 lit. a GDPR and/or Art. 9 Para. 2 lit. a GDPR (consent) |
Storage duration | Around 12 months |
Type | Marketing |
Cookie name | Cookie-consent |
Server | www.prof-schumann.com |
Provider | Website operator |
Purpose | This cookie stores information on the status of consent from the website user. Through the integration of the cookie we fulfil our legal obligation in relation to the necessary consent management for cookies. |
Legal basis | Art. 6 para. 1 lit. c GDPR (fulfilment of legal obligations) |
Storage duration | Around 12 months |
Type | Cookie banner |
Cookie name | cookieconsent_status |
Server | www.prof-schumann.com |
Anbieter | Website operator |
Zweck | Cookie which stores the decisions made by the user via the cookie banner. |
Rechtsgrundlage | Art. 6 Para. 1 lit. c GDPR (fulfilment of legal obligations) |
Speicherdauer | Around 12 months |
Typ | Cookie-Banner |
Cookie name | hubspotutk |
Server | www.prof-schumann.com |
Provider | Hubspot |
Purpose | This cookie is used by HubSpot to track visitors to the website. |
Legal basis | Art. 6 para. 1 lit. a and/or Art. 9 para. 2 lit. a GDPR (consent) |
Storage duration | Around 6 months |
Type | Analytics |
Cookie name | li_gc |
Server | .linkedin.com |
Provider | |
Purpose | This cookie is used to store the user's consent to the use of non-essential cookies. |
Legal basis | Art. 6 Para. 1 lit. c GDPR (fulfilment of legal obligations) |
Storage duration | Around 6 months |
Type | Cookie banner |
Cookie name | lidc |
Server | .linkedin.com |
Provider | |
Purpose | The cookie allocates an ID to the website visitor. Using this ID, data on visitor behaviour on multiple websites is collected to enable individual advertising to be shown to the website visitor. |
Legal basis | Art. 6 Para. 1 lit. a GDPR and/or Art. 9 Para. 2 lit. a GDPR (consent) |
Storage duration | Around 24 hours |
Type | Marketing |
Data Security and Data Protection, Communication via E-mail
Your person-related data is protected by technical and organizational measures in the collection, storage and processing so that it is not accessible to third parties. In the case of unencrypted communication via E-mail we cannot guarantee complete data security during transmission to our IT systems so that for information with a high necessity for secrecy we recommend encrypted communication or the use of postal services.
Automatic E-mail Archiving
- Extent of processing of person-related data
We specifically inform you that our E-mail system disposes of an automated archiving procedure. All incoming and outgoing E-mails are archived digitally in a manner that is secure for auditing.
- Legal basis for the processing of person-related data
Art. 6 Para. 1 lit. c GDPR (legal obligation). The legal obligation lies in the observation of taxation and trade legislation (e.g. §§ 146, 147 AO, §§ 238, 257 HGB).
- Purpose of the data processing
The purpose of the archiving lies in the observation of taxation legislation (e.g. §§ 146, 147 AO – obligation to keep taxation-relevant E-mails) and trade legislation (e.g. §§ 238, 257 HGB – obligation to archive business correspondence).
- Duration of data storage
The storage of our E-mail communication takes place until the expiry of the storage obligations according to the taxation and trade legislation. The duration of storage can be up to 10 years.
- Objection and data deletion possibilities
You can object to this processing according to Art. 21 GDPR at any time and demand deletion of the data according to Art. 17 GDPR. Which rights you have and how you can assert these rights can be found in the lower area of this data protection declaration.
- Handling of job application documents
If you have questions relating to our E-mail archiving system, please contact our Data Protection Officer. In addition, we would like to point out that we only accept application documents in PDF file format. Zipped files (WinZip, WinRAR, 7Zip, etc.) are filtered out by our security systems and are not delivered. We do not accept applications in Word file format or other file formats and delete them unread. Please note that application documents sent unencrypted by E-mail could possibly be opened by third parties before they reach our IT systems. We assume that unencrypted application E-mails may also be answered in an unencrypted manner. If you do not wish this to happen, please inform us of this in your application E-mail.
Right to Information and Changes – Deletion and Limitation of Data - Withdrawal of Consent – Right to Objection
Right to Information
You have the right to demand confirmation as to whether we process/store person-related data from you. If this is the case, you have the right to information as described in Art. 15 Para. 1 GDPR insofar as the rights and freedoms of other persons are not impaired (see Art. 15 Para. 4 GDPR). We would be pleased to make a copy of the data available to you.
Right to Changes
According to Art. 16 GDPR you have the right to have corrections made to any person-related data stored by us that is incorrect (e.g. address, name etc.) at any time. You can also demand the completion of the data stored by us at any time. Corresponding changes will be made without delay.
Right to Deletion
According to Art. 17 Para. 1 GDPR you have the right that we delete the person-related data that we have collected about you if
- the data is no longer needed;
- due to the withdrawal of your consent the legal basis for processing the data has become invalid, without any replacement;
- you have objected to the processing and there is no legitimate reason for the processing;
- your data is being processed illegally;
- a legal obligation makes this necessary or data collection took place according to Art. 8 Para. 1 GDPR.
According to Art. 17 Para. 3 GDPR this right does not exist if
- the processing is necessary in order to exercise the right to freedom of speech and information;
- your data was collected on the basis of a legal obligation;
- processing is necessary for reasons of public interest;
- the data is necessary for the assertion, exercise or defence of legal rights.
Right to Limitation of Processing
According to Art. 18 Para. 1 GDPR in individual cases you have the right to demand the limitation of the processing of your person-related data.
This is the case if
- the correctness of the person-related data is disputed by you;
- the processing is illegal but you do not agree to deletion;
- the data is no longer needed for the processing purpose but the collected data serves to facilitate the assertion, exercise or defence of legal rights;
- an objection to processing according to Art. 21 Para. 1 GDPR has been made and it is not yet clear which interests predominate.
Right to Withdrawal of Consent
Insofar as you have given us specific consent to the processing of your person-related data (Art. 6 Para. 1 lit. a GDPR or Art. 9 Para. 2 lit a GDPR) you can withdraw this consent at any time. Please note that this does not affect the legality of the processing that took place on the basis of this consent until it was withdrawn.
Right to Objection
According to Art. 21 GDPR you have the right to object at any time to the processing of person-related data that relates to you and was collected on the basis of Art. 6 Para. 1 lit. f (in the context of a legitimate interest). You only have this right when there are special circumstances opposing the storage and processing.
How Do I Exert My Rights?
You can exert your rights at any time using the following contact data:
Prof. Schumann GmbH
Jutta-Limbach-Straße 1
37073 Göttingen
E-mail: info@prof-schumann.de
Tel.: +49 (0) 551 - 383150
Fax: +49 (0) 551 - 3831520
Right to Data Transfer
According to Art. 20 GDPR you have the right to the communication of your person-related data. We will make the data available in a structured, accessible and machine-readable format. You may choose whether the data is sent directly to you or to a responsible third party named by you.
Upon inquiry we will make the following data available to you according to Art. 20 Para. 1 GDPR:
- Data collected on the basis of specific consent according to Art. 6 Para. 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR;
- Data that we have obtained from you according to Art. 6 Para. 1 lit. b GDPR within the framework of existing contracts;
- Data that was processed within the framework of an automated procedure.
We will perform the transfer of the person-related data directly to a responsible third party desired by you insofar as this is technically possible. Please note that we are not allowed to communicate data that affects the rights or freedoms of other persons according to Art. 20 Para. 4 GDPR.
Right to Lodge a Complaint with a Regulatory Authority According to Art. 77 Para. 1 GDPR
If you have the suspicion that your data has been illegally processed on our website, you can of course obtain clarification of the problem through the courts of law at any time. In addition, all other legal possibilities are open to you. Independently of this, you have the possibility to contact a regulatory authority according to Art. 77 Para. 1 GDPR. The right to lodge a complaint according to Art. 77 GDPR is available to you in the EU member state in which you are residing, in which your place of work is located and/or the location of the alleged violation, meaning that you can select the regulatory authority you wish to contact in any of the aforementioned locations. The regulatory authority to which you make the complaint will then inform you about the status and the results of your submissions, including the possibility of obtaining legal help through the courts according to Art. 78 GDPR.