Settings for data protection

1. Data protection at a glance

GENERAL INFORMATION

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data are all data with which you can be personally identified. You can find comprehensive information on data protection from the Data Protection Declaration provided below this text.

DATA COLLECTION ON OUR WEBSITE

Who is responsible for data collection on our website?

Data processing on this website is carried out by the website operator. You can find the operator’s contact information on the Legal Notice of this website.

How do we collect your data?

Your data are collected when you provide them to us. This includes e.g. data you enter into a contact form.

Other data are automatically collected by our IT system when you visit the website. These are primarily technical data (e.g. internet browser, operating system or time of website retrieval). The collection of this data is automatic as soon as you visit our website.

What do we use your data for?

Some of the data are collected in order to ensure the smooth operating of the website. Other data can be used to analyse your user behaviour.

What rights do you have with regard to your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data at any time. You also have a right to demand the correction, blocking or deletion of this data. For this or for other questions regarding data protection, you can contact us any time at the address provided in the Legal Notice. Furthermore, you have a right to complain to the responsible supervisory authority.

ANALYSIS TOOLS AND TOOLS FROM THIRD-PARTY PROVIDERS

When you visit our website, your surfing behaviour can be statistically evaluated. This is done primarily through cookies and so-called analytical programs. The analysis of your surfing behaviour is generally carried out anonymously; the surfing behaviour cannot be traced back to you. You may refuse this analysis or prevent it by using certain tools. Detailed information in this regard can be found in the Data Protection Declaration below.

You may refuse this analysis. You can find out your options for refusal in this Data Protection Declaration.

2. GENERAL INFORMATION AND MANDATORY INFORMATION

DATA PROTECTION

The operators of this website take the protection of your personal data very seriously. We handle your personal data confidentially and in accordance with the legal data protection requirements, as well as this Data Protection Declaration.

When you use this website, various personal data are collected. Personal data are data with which you can be personally identified. The present Data Protection Declaration explains which data we collect and what they are used for. They also explain how and for what purpose this is done.

We would like to point out that data transfers over the internet (e.g. when communicating via email) may have security holes. A seamless protection for data against third-party access is not possible.

INFORMATION ON THE RESPONSIBLE AUTHORITY

The responsible authority for data processing on this website is:

Gubener Plastinate GmbH
Rurik von Hagens
Im Bosseldorn 17
D- 69126 Heidelberg

Telephone: 06221 / 33 11 10
Email: info@plastinarium.de

The responsible authority is the natural or legal person who, alone or in conjunction with others, decides as to the purposes and means for processing personal data (e.g. names, email addresses, etc.)

REVOCATION OF YOUR CONSENT FOR DATA PROCESSING

Many data processing procedures are only possible with your express consent. You can revoke previously given consent at any time. An informal email to us is sufficient. The legality of the data processing carried out prior to revocation remains unaltered by the revocation.

RIGHT TO COMPLAIN TO THE RESPONSIBLE SUPERVISORY AUTHORITY

In cases of violations of data protection laws, there is a right to complain to the responsible data protection authority.
For questions in connection with data protection law, the responsible data protection authority is the state data protection officer of the federal state in which our company is headquartered. A list of data protection officers and their contact information can be found under the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_linksnode.
html.

RIGHT TO DATA PORTABILITY

You have the right to have data which we automatically process based on your consent or in fulfilment of a contract send to yourself or a third party in a common, machine-readable format. . If you demand the direct transfer of the data to another responsible party, this only takes place to the extent that it is technically feasible.

SSL OF TLS ENCRYPTION

For security reasons and to protect the transfer of sensitive data, such as orders or quires, this website uses SSL or TLS encryption.
You can recognise an encrypted connection when the address bar of your browser switches from “http://” to “https://” and the lock symbol appears in the bar.

When the SSL or TLS encryption is activated, data which you send to us cannot be read by third parties.

INFORMATION, BLOCKING, DELETION

Within the applicable legal regulations, you have the right – at any time and free of charge – to receive information about your stored personal data, their origin and recipients and the purpose of the data processing, as well as the right to correct, block or delete this data. For any additional questions relating to personal data, you can contact us at any time via the address provided in the Legal Notice.

OBJECTION TO ADVERTISING EMAILS

The use of the contact information published in the Legal Notice as per the legal requirements for unsolicited advertising and informational materials is hereby explicitly rejected.
The operators of the website expressly reserve the right to take legal steps in the case of the unsolicited receipt of advertising information, e.g. in the form of spam emails.

3. DATA PROTECTION OFFICER

LEGALLY REQUIRED DATA PROTECTION OFFICER

We have appointed a data protection officer for our company.

Rolf Poschmann
An der Dünung 48
23968 Wismar

4. DATA COLLECTION ON OUR WEBSITE

Cookies

Some websites use so-called cookies.
Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offering more user-friendly, effective and secure. Cookies are small text files which are stored on your computer and saved by your browser.

Most of the cookies used by us are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain saved on your device until you delete them. These cookies make it possible for us to recognise your browser the next time you visit.

You can set up your browser in such a way that you are informed about cookies and you can allow cookies on a case-by-case basis, allow the acceptance of cookies in certain cases, or generally reject the storage of cookies, as well as activate the automatic deletion of cookies when you close your browser. Deactivating cookies may limit the functionality of this website.

Cookies necessary for carrying out electronic communication processes or the provision of certain functions desired by you (e.g. the shopping trolley function) are saved based on Art. 6 para. 1 letter f GDPR. The website operators have a justified interest in the storage of cookies for technical error-free functionality and the optimised provision of their services. To the extent that other cookies (e.g. cookies for the analysis of your surfing behaviour) are stored, the are handled separately in this Data Protection Declaration.

SERVER LOG FILES

The provider of the webpages automatically collects and saves information in so-called server log files which your browser automatically transmits to us. These include:

• browser type and browser version
• operating system used
• referrer URL
• host name of the accessing computer
• time of the server query
• IP address

These data are not combined with other data sources. The basis for this data processing is Art .6 para. 1 letter f GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual activities.

Contact form

When you send us a query via the contact form, your entries from the contact form, including the contact information entered there by you, are saved by us for the purpose of processing your query and in case of further queries.
We do not forward these data without your consent.

The processing of data entered into the contact form is therefore carried out exclusively on the basis of your consent (Art. 6 para. 1 letter a GDPR). You can revoke your consent at any time. An informal email to us is sufficient. The legality of the data processing completed up to the point of revocation remains unaffected.

The data entered by you in to the contact form remains with us until you request its deletion, your consent to storage is revoked or the purpose of the data storage ends (e.g. after completion of your query). Mandatory legal requirements – particularly storage terms – remain unaffected.

5. ANALYTICAL TOOLS AND ADVERTISING

Google Analytics

Diese Website nutzt Funktionen des Webanalysedienstes Google Analytics. Anbieter ist die Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called “cookies”. These are text files which are stored on your computer and are make it possible to analyse your usage of the website.
The information generated via the cookie about your usage of this website is generally transferred to a Google server in the USA and stored there.

The storage of Google Analytics cookies takes place on the basis of Art. 6 para. 1 letter f GDPR. The website operators have a justified interest in the analysis of user behaviour in order to optimise both their internet offerings and advertising.

IP anonymisation

We have activated the IP anonymisation function on this website. This shortens your IP address from Google within member states of the European Union and other signatory states to the Agreement on the European Economic Area prior to transmission to the USA. The full IP address is only transmitted to a Google server in the USA and shortened there in exceptional cases. Google uses this information on behalf of the operators of this website to analyse your use of the website, prepare reports on website activities and provide further services connected to the usage of the website and internet. The IP address transmitted within the scope of Google Analytics is not combined with other Google data.

Browser plug-in

You can prevent the storage of cookies through corresponding settings in your browser software; however, we would like to point out that you will not be able to fully make use of all functions of this website. Furthermore, you can prevent the collection of the data related to your usage of the website generated by the cookies (incl. your IP address) for Google, and the processing of this data by Google, by downloading and installing the browser plug-in available at this link: https://tools.google.com/dlpage/gaoptout?hl=de.

Objection to data collection

You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie is then stored which prevents the collection of your data upon future visits to this website: deactivate Google Analytics.

For more information on the handling of user data in Google Analytics can be found in Google’s Data Protection Declaration: https://support.google.com/analytics/answer/6004245?hl=de.

Contractual data processing

We have concluded a contract with Google for contractual data processing and fully implement the strict requirements of the German data protection authorities in the use of Google Analytics.

GOOGLE ANALYTICS REMARKETING

Our websites use the functions of Google Analytics Remarketing in connection with the cross-device functions of Google AdWords and Google DoubleClick. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

These functions make it possible to combine the advertising target groups created with Google Analytics Remarketing with the cross-device functions of Google AdWords and Google DoubleClick. In this way, interest-related and personalised advertising messages can be adapted for you based on your previous usage and surfing behaviour (e.g. on your smartphone) and displayed on another of your devices (e.g. tablet or PC).

If you can provided the corresponding consent, Google connects your web and app browser histories with your Google account. In this way, the same personalised advertising messages can be displayed on every device on which you sign into your Google account.

To support this function, Google Analytics collects the Google-authenticated IDs of the users, which are temporarily connected to out Google Analytics data in order define and create target groups for cross-device advertising.

You can permanently reject cross-device remarketing/targeting by deactivating personalised advertising in your Google account; to do so, follow this link: https://www.google.com/settings/ads/onweb/.

The combination of the collected data in your Google account takes place exclusively on the basis of your consent, which you provided to Google and can revoke at any time (Art. 6 para. 1 letter a GDPR). For data collection processes which are not combined with your Google account (e.g. because you do not have a Google account or have rejected the combination), this collection is based on Art. 6 para. 1 letter f GDPR. The justified interest arises because the website operators have an interest in the anonymised analysis of website visitors for advertising purposes.

For further information and data protection regulations, please see Google’s Data Protection Declaration at: https://www.google.com/policies/technologies/ads/.

GOOGLE RECAPTCHA

We use “Google reCAPTCHA” (hereafter referred to as “reCAPTCHA”) on our websites. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

The purpose of reCAPTCHA is to check whether data entered on our website (e.g. via a contact form) has been entered by a human or an automated program. To do so, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, length of the website visitor’s stay on the website or mouse movements made by the user). The data collected by the analysis is sent to Google.

The reCAPTCHA analyses take place entirely in the background. Website visitors are not informed that there is an analysis taking place.

The data processing takes place on the basis of Art. 6 para. 1 letter f GDPR. The website operators have a justified interest in protecting their internet offerings against abusive, automated spying and spam.

Further information on reCAPTCHA and Google’s Data Protection Declaration can be found under the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.

6. Newsletter

NEWSLETTER DATA

If you would like to receive the newsletter offered on our website, we require your email address as well as information allowing us to check whether you are the owner of the email address provided and agree to the receipt of the the newsletter. Additional data are not collected, or only collected on a voluntary basis.
We use these data exclusively for sending the requested information and do not forward them to third parties.

The processing of the data entered into the newsletter form takes place exclusively on the basis of your consent (Art. 6 para. 1 letter a GDPR). You can revoke your consent provided for the storage of the data, the email address and its use for sending the newsletter at any time, for example, by clicking the “unsubscribe” link in the newsletter. The legality of data processing already completed at the time of revocation remains unaffected.

The data from you stored by us for purpose of receiving the newsletter are stored by us until you unsubscribe from the newsletter and are deleted after you have cancelled your receipt of the newsletter. Data stored by us for other purposes (e.g. email address for the member area) remain unaffected.

CLEVERREACH

This website uses CleverReach for sending newsletters. The provider is CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede. CleverReach is a service with which the sending of newsletters can be organised and analysed. The data entered by you for the purpose of receiving the newsletter (e.g. email address) are stored on CleverReach’s servers in Germany and/or Ireland.

Our newsletter send using CleverReach makes it possible for us to analyse the behaviour of the newsletter recipients, such as how many recipients have opened the newsletter message and how often which link in the newsletter is clicked on. With the help of so-called conversion tracking, it is also possible to analyse whether after clicking on a link in the newsletter, a pre-defined action (e.g. the purchase of a product on our website) takes place. Further information on the data analysis via CleverReach-Newsletter is available at: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/.

The data processing takes place based on your consent (Art. 6 para. 1 letter a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of data processing already completed at the time of revocation remains unaffected.

If you do not want any analysis by CleverReach, you must unsubscribe from the newsletter. To do so, we provide a corresponding link in every newsletter message.
Furthermore, you can also unsubscribe from the newsletter directly on our website.

The data from you stored by us for purpose of receiving the newsletter are stored by us until you unsubscribe from the newsletter and are deleted both from our servers and CleverReach’s servers after you have cancelled your receipt of the newsletter.
Data stored by us for other purposes (e.g. email address for the member area) remain unaffected.

For more information, please see CleverReach’s Data Protection Declaration at: https://www.cleverreach.com/de/datenschutz/.

Conclusion of a contract for contractual data processing

We have concluded a contract with CleverReach for contractual data processing and fully implement the strict requirements of the German data protection authorities in the use of CleverReach.

7. PLUG-INS AND TOOLS

YouTube

Our website uses plug-ins from the Google-operated website YouTube. The operator of the website is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our websites equipped with YouTube, a connection is made with the YouTube servers. The YouTube server is told which of our websites you visited.

If you are logged in with your YouTube, you make it possible for YouTube to directly assign your surfing behaviour to your personal profile. You can prevent this by logging out of your YouTube account. The use of YouTube is in the interest of an appealing presentation of our online offerings. This represents a justified interest in the sense of Art. 6 para. 1 letter f GDPR.

For more information on the handling of user data can be found in YouTube’s Data Protection Declaration at: https://www.google.de/intl/de/policies/privacy.

Google Web Fonts

For the uniform presentation of fonts, this website uses so-called web fonts provided by Google. When you load a website, your browser loads the necessary web fonts into your browser cache in order to correctly display texts and fonts.

To this end, the browser you are using must connect with the Google’s servers. In this way, Google is made aware that our website is being loaded via your IP address. The use of Google Web Fonts is in the interest of an uniform and appealing presentation of our online offerings. This represents a justified interest in the sense of Art. 6 para. 1 letter f GDPR.

If your browser does not support web fonts, a standard font stored on your computer will be used.

You can find more information on Google Web Fonts at https://developers.google.com/fonts/faq and in Google’s Data Protection Declaration:
https://www.google.com/policies/privacy/.

Google Maps

Via an API, this website uses the map service Google Maps. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

The use of the functions of Google Maps is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. . The providers of this website have no influence over this data transmission.

The use of Google Maps is in the interest of an appealing presentation of our online offerings and ease in finding the locations given by us on our website. This represents a justified interest in the sense of Art. 6 para. 1 letter f GDPR.

For more information on the handling of user data, please see Google’s Data Protection Declaration at: https://www.google.de/intl/de/policies/privacy/.

OUR SOCIAL MEDIA PRESENCES

DATA PROCESSING BY SOCIAL NETWORKS

We maintain publicly accessible profiles in social networks. The specific social networks we use can be found below. Social networks such as Facebook, Google+, etc. can generally comprehensively analyse your user behaviour when you visit their websites or a website with integrate social media content (e.g. like buttons or advertising banners). By visiting our social media presences, numerous data protection-relevant processing processes are triggered. Specifically: if you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. Your personal data can, under certain circumstance, also be collected when you are not logged in or you do not have an account on the respective social media portal. This data collection takes place in this case via cookies which are saved on your device or by collecting your IP address. With the help data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, you can be shown interest-related advertising on and outside of the respective social media presence. If you have an account on the respective social network, the interest-related advertising can be shown on all devices on which you are or were logged in. Please also note that we cannot trace all processing processes on the social media portals. Depending on the provider, therefore, it is possible that additional processing processes are carried out by the operators of the social media portals. You can find the details in this regard in the Terms of Service and Data Protection Declarations of the respective social media portals.

LEGAL BASIS

Our social media presences are intended to ensure as comprehensive a presence on the internet as possible. This is a justified interest in the sense of Art. 6 para. 1 letter f GDPR. The analytical processes initiated by the social networks may be based on a divergent legal framework which must be provided by the operators of the social networks (e.g. consent in the sense of Art .6 para. 1 letter a GDPR).

RESPONSIBLE PARTY AND THE EXERCISE OF RIGHTS

If you visit our social media presences (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing processes triggered by this visit. As a rule, you can exercise your rights (information, correction, deletion, restriction of processing, data portability and objection) with respect both to us and the operator of the respective social media platform (e.g. Facebook). Please note that despite this joint responsibility with the operators of the social media portals, we do not have complete influence over the data processing processes of the social media portals. Our options are determined by the company policies of the respective provider.

STORAGE PERIOD

The data collected by us directly through our social media presences are deleted from our systems as soon as the purpose for their storage ends, your demand their deletion or the purpose of the data storage ends. Saved cookies remain on your device until you delete them. Mandatory legal requirements – esp. storage periods – remain unaffected. We have no influence over the storage period for your data saved by the operators of the social networks. For details in this regards, please refer directly to the operators of the social networks (e.g. in their Data Protection Declarations, see below).

INDIVIDUAL SOCIAL NETWORKS

Facebook
We possess a profile on Facebook. The provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Facebook possesses a certification according to the EU-US Privacy Shield. We have concluded an agreement regarding joint processing (Controller Addendum). In this agreement, it is stipulated for which data processing processes we are responsible and for which Facebook is responsible when you visit our Facebook page. This agreement can be viewed under the following link: https://www.facebook.com/legal/terms/page_controller_addendum. Naturally you can adjust your advertising settings in your user account yourself. To do so, click on the following link and log in: https://www.facebook.com/settings?tab=ads. Details in this regard can be found in Facebook’s Data Protection Declaration: https://www.facebook.com/about/privacy/.

Instagram
We possess a profile on Instagram. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. Details regarding the handling of your personal data can be found in Instagram’s Data Protection Declaration: https://help.instagram.com/519522125107875.