Data privacy statement for Laetus GmbH
Welcome to our website and thank you for your interest in our company. We take the protection of your personal data very seriously. We process your data in accordance with the applicable legal provisions on the protection of personal data, in particular the EU General Data Protection Regulation (GDPR), and the country-specific implementation laws applicable to us. This data privacy statement serves to inform you of how Laetus GmbH processes your personal data and to make you aware of your rights.
Personal data is all information that makes it possible to identify a natural person. This includes name, date of birth, address, telephone number, e-mail address and also IP address.
Anonymous data is data that does not include any personal references to the user.
Responsible office/data protection
Tel.: +49 6257 5009-0
Fax: +49 6257 3119
Data protection contact: firstname.lastname@example.org
Your rights as data subject
First we would like to inform you of your rights as data subject. These rights are standardised in Art. 15 – 22 of the GDPR. These include:
- Right of access by the data subject (Art. 15 of the GDPR),
- Right of erasure (‘right to be forgotten’) (Art. 17 of the GDPR),
- Right to rectification (Art. 16 of the GDPR),
- Right to data portability (Art. 20 of the GDPR),
- Right to restriction of processing (Art. 18 of the GDPR),
- Right to object (Art. 21 of the GDPR).
To enforce these rights, please contact: email@example.com
Use the same e-mail address for any questions you may have about how data is processed within our company. You also have the right to appeal to a data protection supervisory authority.
Rights of objection
Please note the following with regard to rights of objection:
If we process your personal data for direct marketing purposes, you have the right to object to this type of data processing at any time without having to specify a reason. The same applies to profiling that is related to direct marketing.
If you object to the use of your data for direct marketing, we will no longer process your personal data for such purposes. You can object free of charge and informally by contacting firstname.lastname@example.org.
If we process your data in order to safeguard legitimate interests, you can object to such processing for reasons relating to your particular situation at any time; the same applies to profiling pursuant to these conditions.
In this case, we will no longer process your personal data, unless we can provide compelling and legitimate reasons for such processing that outweigh your interests, rights and freedoms or unless such processing is necessary for the assertion, exercise or defence of legal claims.
Purposes and legal bases of data processing
Your personal data is processed in accordance with the provisions of the GDPR and all other applicable data protection regulations. The legal bases for data processing are specified in Art. 6 of the GDPR.
We use your data for initial business contact, to fulfil contractual and legal obligations, to implement the contractual relationship, to offer products and services and to strengthen customer relationships, which can also include analyses for marketing and direct marketing purposes. This applies to the business activities listed in the commercial register.
Your consent also constitutes a legal provision under data protection law. The following serves to inform you of the purposes of data processing and your right to object. If consent also refers to the processing of special categories of personal data, we will expressly notify you of this in the consent, Art. 88 Para. 1 of the GDPR.
Processing of special categories of personal data according to Art. 9 Para. 1 of the GDPR only takes place if this is required by legal regulations and there is no
reason to assume that your legitimate interest in the exclusion of the processing prevails, Art. 88 Para. 1 of the GDPR.
Transfer of data to third parties
We will only pass on your data to third parties within the framework of legal regulations or with appropriate consent. Otherwise, data will not be passed on to third parties unless we are obliged to do so by mandatory legal provisions (transfer to external bodies such as supervisory authorities or law enforcement authorities).
Data recipients/categories of recipients
Within our company, we ensure that only those persons receive your data who need such data to fulfil contractual and legal obligations.
In many cases, service providers support our specialist departments in performing their tasks. The necessary data protection agreements have been concluded with all service providers. These are generally: Service providers tasked with the shipping of products or credit assessment.
Transfers of personal data to third countries/data intended for processing after transfer to a third country
Data is only transferred to third countries (countries outside the European Union or the European Economic Area) if this is necessary for the performance of the obligation, if we are required to do so by law or if you have given us your consent.
We transfer your personal data to a service provider or group companies outside the European Economic Area with the exception of service providers for goods delivery or credit assessment. Compliance with the data protection level is ensured by EU standard contractual clauses and binding company data protection regulations.
Erasure of data
We store your data only for as long as it is needed for the purposes for which it was collected. Please note that numerous retention periods require that data (must) continue to be stored. This applies in particular to commercial or tax storage obligations (e.g. German Commercial Code, Fiscal Code, etc.). If there are no further storage obligations, the data will be routinely deleted once the purpose has been achieved.
In addition, we may retain data if you have given us permission to do so or if legal disputes arise and we use it as evidence within statutory limitation periods of up to thirty years; the regular limitation period is three years.
Secure data transfer
In order to protect data stored by us from accidental or deliberate manipulation, loss, destruction or access by unauthorised persons, we have taken appropriate technical and organisational security measures. The levels of security are continually tested and adjusted to reflect new standards in security, in collaboration with security experts.
Data transferred to and from our website is always encrypted. We offer HTTPS as the transmission protocol for our website, using the current encryption protocols. In addition, we offer our users content encryption for applications. Only we are able to decrypt this data. It is also possible to use alternative communication channels (e. g. post).
Obligation to provide data
Various personal data is necessary for the establishment, execution and termination of the obligation and the fulfilment of the associated contractual and legal duties. The same applies to the use of our website and the various functions it provides.
We have summarised the details for you in the above point. In certain cases, data must also be collected or made available on the basis of legal regulations. Please note that it is not possible to process your request or to perform the underlying obligation without providing this data.
Data categories, sources and origins
The data we process depends on the context: This depends on whether you place an online order, send an enquiry using our contact form, send us application or make a complaint, for example.
Please note that we may also make information available separately at a suitable location for special processing situations, e.g. when uploading application documents or making a contact request.
When you visit our website, we collect and process the following data:
- Name of the Internet service provider
- The address of the previous website where you accessed our site
- The IP address assigned by your Internet service provider
- Requested files, transferred data volume, downloads/file export
- Websites accessed from our website, incl. date and time
- For reasons of technical security (and in particular to prevent attempts to attack our web server), this data is stored in accordance with Art. 6 Para. 1 lit. F of the GDPR. This data is anonymised after 7 days at the latest by shortening the IP address in order to remove any reference to the user.
When you contact us with an enquiry, we collect and process the following data:
- Surname, first name
- Contact details
- Details of your requests and interests
When you subscribe to a newsletter, we collect and process the following data:
- E-mail address
- If necessary Analytical data from newsletter evaluation
Contact form/contact via e-mail (Art. 6 Para. 1 lit. a, b of the GDPR)
A contact form is available on our website which can be used to contact us electronically. If you write to us using the contact form, we will process the information you provide to contact you and answer your questions and requests.
All data required to complete the form is subject to the principles of data reduction and data economy, meaning you only have to provide the data that is absolutely necessary for us to contact you. This includes your e-mail address, your name, your company and the message field itself. Due to technical and legal reasons, we will also process your IP address. All other information is voluntary and optional (e.g. to enable us to give a more tailored answer to your question).
If you contact us by e-mail, we will process the personal data provided solely for the purpose of processing your enquiry. If you choose not to use the forms provided to contact us, no further data is collected.
Newsletter (Art. 6 Para. 1 lit. a of the GDPR)
You can subscribe to a free newsletter via our website. The e-mail address provided during the registration process is used solely to send the newsletter.
The principle of data economy and data reduction is observed, as only the e-mail address and language in which you wish to receive the newsletter are requested from you. Due to technical and legal reasons, we will also process your IP address when you subscribe to the newsletter.
Of course, you can cancel your subscription at any time via the unsubscribe option provided in the newsletter and therefore revoke your consent. You also have the option to unsubscribe from the newsletter directly via our website.
Advertising to existing customers (Art. 6 Para. 1 lit. f of the GDPR)
Laetus GmbH would like to maintain a relationship with you as a customer and send information and offers on our products and services. We therefore process your data to e-mail you relevant information and offers.
If you would prefer us not to do so, you can object at any time to the use of your personal data for direct marketing purposes. This right also applies to profiling as long as it is connected with direct marketing. As soon as we receive your objection, your data will no longer be processed for this purpose.
An objection is free of charge and can be made informally by calling +49 6257 5009 185, by e-mail to email@example.com. de or by post to Laetus GmbH, Sandwiesenstraße 27, 64665 Alsbach-Hähnlein.
Application portal (Art. 6 Para. 1 lit. a, b of the GDPR)
Our website does not feature an application portal. Interested users can send us an application by e-mail. In this case, we offer users content encryption. Only we are able to decrypt this data. It is also possible to use alternative channels for applications (e. g. post).
Automated case-by-case decisions
We do not use purely automated processes to make a decision.
Cookies (Art. 6 Para. 1 lit. f of the GDPR/Art. 6 Para. 1 lit a of the GDPR in case of consent)
Our websites use so-called cookies on various pages. Their purpose is to make our site more user-friendly, more effective and more secure. Cookies are small text files that are saved on your computer and in your browser (locally on your hard drive).
These cookies enable us to analyse how users use our websites. This in turn enables us to design the website content according to visitors’ needs. In addition, cookies enable us to measure the effectiveness of a particular advert and to place it according, for example, to the user’s interests.
Most of the cookies we use are so-called “session cookies”, which are automatically deleted when you leave our site. Permanent cookies are automatically deleted by your computer when the validity period has been reached (usually six months) or you delete them yourself before this period expires.
Most web browsers automatically accept cookies. You can usually change your browser settings if you would prefer not to send such information. However, you will still be able to take full advantage of the offers on our website (with the exception of configurators).
Cookies are saved on the user’s computer and transmitted from there to our website. This means that the user has complete control over how the cookies are used. You can deactivate or limit the transmission of cookies by changing the settings in your Internet browser. Furthermore, cookies can be deleted at any time in the Internet browser or other software programs. This is possible in all common Internet browsers.
Please note: If you choose to disable cookies, the full functionality of our website may not be available to you.
Web tracking process
We use Google Display Network Displays (such as retargeting with Google Analytics, Google Display Network Impression Reporting, DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting) (1) to show you our advertising materials on other websites based on your previous visits to Laetus websites and (2) to better understand the effectiveness of our advertising materials and the use of advertising services. In conjunction with the Google Analytics Demographics and Interest Reporting service, we can use the data from interest-based advertising from Google or audience data from third parties (e. g. age, gender and interests) with Google Analytics to gain a better understanding of and improve our marketing campaigns and website contents.
You can disable Google advertising at http://www.google.com/ads/preferences. If you do not consent to your data being used by Google Analytics, you can install a browser add-on to disable Google Analytics from the website for disabling Google Analytics.
This Laetus website has been designed in such a way that it does not respond to “Do not track” signals sent by web browsers.
Further information on cookies and other tracking technologies, including instructions on how to disable them, can be found at http://www.allaboutcookies.org/. Please note that some cookies are essential for the functionality of our websites and you may not have access to the full functionality of the website should you choose to delete or disable them.
We use HubSpot for our online marketing activities on this website. HubSpot is a software company from the USA with a subsidiary in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Tel.: +353 1 5187500.
This is an integrated software solution that covers various aspects of our online marketing. This includes: Landing pages and contact forms.
Our registration service enables visitors to our website to find out more about our company, download content and view contact information as well as further demographic information. This information and the contents of our website are stored on the servers of our software partner HubSpot. We can use this information to contact users of our website and to determine which of our company’s services are of interest to them. All of the information recorded by us is subject to these data protection regulations. We use the recorded information solely for the purposes of optimising our marketing measures.
The legal basis for the use of services from HubSpot is Art. 6 I f of the GDPR – legitimate interests. Our legitimate interest in the use of this service lies in optimising our marketing measures and improving our service quality on the website.
HubSpot is certified under the conditions of the “EU – U.S. Privacy Shield Framework” and is subject to the TRUSTe Privacy Seal as well as the “U.S. – Swiss Safe Harbor” Framework.
More information on the HubSpot data protection regulations »
More information on HubSpot with regard to EU data protection regulations »
The “YouTube” service is used to embed videos in this website. The operator of the software required for the plugin is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a website with embedded YouTube videos and the YouTube plugin, a connection to YouTube servers is established. This notifies YouTube of the websites you are visiting.
Further information on data protection for “YouTube” can be found in the operator’s data privacy statement at: https://www.google.de/intl/de/policies/privacy/
Use of online services by children
Individuals under the age of 16 may not submit personal data or a declaration of consent to us without the consent of their legal guardian. We ask parents and legal guardians to actively participate in the online activities and interests of their children.
Links to other providers
Our website contains clearly recognisable links to Internet sites of other companies. We do not have any influence over the content of any such links. We cannot, therefore, be held responsible for these websites. The respective provider or operator is always responsible for the content on such websites.
The linked pages were tested for possible legal violations and recognisable infringements at the time at which they were added. No illegal content was detected at the time of creating the links. However, we cannot be expected to continuously check the content of the linked websites without specific knowledge of illegal content. Such links will be removed promptly should we become aware of any illegal content.