1. Name and contact data of body responsible for processing (‘data controller’) and company data protection officer
EOS Holding GmbH
20099 Hamburg, Germany
Phone: +49 40 2532-8657
Fax: +49 40 2532-8658
Managing Directors: Klaus Engberding (Chairman), Justus Hecking-Veltman, Andreas Kropp, Marwin Ramcke and Dr Andreas Witzig
Court of registration: Hamburg HRB 124 966
VAT ID no.: DE 813 348 056
The data protection officer for the company EOS Holding GmbH can be contacted at the above address (please include the line ATTENTION: EOS Holding GmbH – eos-globalcolletion.com or by email at email@example.com.
3. Privacy policies of the other companies of EOS Group
The other companies of EOS Group will provide you with separate privacy policies for specific data processing activities on a case-by-case basis.
4. Collection and storage of personal data and nature and purpose of their processing
a. When you visit the website
When you retrieve our website eos-globalcollection.com the browser used on your device automatically sends information to our website’s server. This information is temporarily saved in a log file. The following information is collected without your intervention and saved until it is is automatically deleted after three (3) days:
- IP address of retrieving computer,
- date and time of access,
- name and URL of retrieved file,
- website from which access occurred (referrer URL),
- website retrieved from our website,
- your computer’s browser and possibly operating system as well as name of your access provider.
The aforementioned data are processed by us for the following purposes:
- to ensure trouble-free connection establishment to the website,
- to ensure comfortable use of our website,
- to analyse the system security and stability, and
- for other administrative purposes.
The legal basis for processing of the data is Art. 6(1) Sent. 1 (f) of the GDPR. Our legitimate interest follows from the purposes for data collection listed above. Under no circumstances do we use the collected data for the purpose of drawing conclusions about you.
b. When you contact us by email
You can contact us with questions of any kind via the provided email address(es).
If you do so the personal data transmitted via the email are saved. The legal basis for data processing for the purpose of making contact is Art. 6(1)(f) of the GDPR. If contact is made for the purpose of concluding a contract an additional legal basis for processing is Art. (6)(1)(b) of the GDPR.
We delete the personal data collected by us after processing your enquiry provided we are not legally entitled or obligated to process it further.
5. Passing on of data
We only pass your personal data on to other companies of EOS Group or other third parties (recipients) if:
- you have provided your explicit consent for one or more specific purposes pursuant to Art. 6(1) Sent. 1 (a) of the GDPR,
- disclosure pursuant to Art. 6(1) Sent. 1 (f) of the GDPR is necessary for the assertion, exercising or defence of legal claims and there is no reason to assume that you have a primary protection-worthy interest in not having your data disclosed,
- for the case that there is a legal obligation for disclosure pursuant to Art. 6(1) Sent. 1 (c) of the GDPR and
- it is legally permissible and necessary for fulfilment of contractual obligations pursuant to Art. 6(1) Sent. 1 (b) of the GDPR.
- we have the data processed on our behalf in compliance with Art. 28 of the GDPR.
Transmission of your personal data for purposes other than those listed above does not occur.
Data respectively yielded from the combination with the specific device used are saved in the cookie. However, this does not mean that we immediately become aware of your identity through this.
We also use temporary cookies that are stored on your device for a specified time period to improve usability. If you visit our website again to use our services you are automatically recognised as a repeat visitor and the entries and settings you made previously are automatically recognised so you do not have to make them again.
The data processed by cookies are necessary for the purposes mentioned for safeguarding our legitimate interests as well as the legitimate interests of third parties pursuant to Art. 6(1) Sent. 1 (f) of the GDPR.
Most browsers accept cookies automatically, but you can configure your browser to prevent cookies being stored on your computer or to display a notice before a new cookie is saved. If you completely deactivate cookies, you may not be able to use all the features of our website.
7. Analysis tools
The tracking measures listed below and used by us are carried out on the basis of Art. 6(1) Sent. 1 (f) of the GDPR. We use these tracking measures to ensure that our website is designed according to requirements and optimised on an ongoing basis. We also use the tracking measures to collect statistics on the use of our website and analyse them for the purpose of optimising our offering for you. These interests are to be considered as being legitimate in the sense given in the aforementioned regulation.
The respective purposes for data processing and data categories can be found in the corresponding tracking tools in this section.
The provider of this website uses the services of etracker GmbH, Hamburg, Germany (www.etracker.com) to analyse usage data. Here, cookies are used which enable the statistical analysis of the use of this website by its visitors as well as the display of usage-relevant content or advertising. Cookies are small text files that are stored by the Internet browser on the user's device. etracker cookies do not contain any information that could identify a user.
The data generated with etracker is processed and stored by etracker solely in Germany by commission of the provider of this website and is thus subject to strict German and European data protection laws and standards.In this regard, etracker was checked, certified and awarded with the ePrivacyseal data protection seal of approval.
The data is processed on the legal basis of Art. 6 Section 1 lit f (legitimate interest) of the EU General Data Protection Regulation (GDPR).Our legitimate interest is the optimization of our online offer and our website. As the privacy of our visitors is very important to us, etracker anonymizes the IP address as early as possible and converts login or device IDs into a unique key with which, however,no connection to any specific person can be made with. etracker does not use it for any other purpose, combine it with other data or pass it on to third parties.
You can object to the outlined data processing at any time provided it is related to your person. Your objection has no detrimental consequences for you.
Further information on data protection with etracker can be found here.
8. Social media
We use Shariff buttons from social networks Facebook, Twitter ,Google+, LinkedIn, Xing,on our website. The buttons are simple HTML links. The procedure we use is within the framework of the Shariff solution. With the Shariff solution a script retrieves the number of times, e.g., the share button on a page has been clicked on: for this the script contacts the social network via the programming interfaces and retrieves the numbers. None of your personal data are transmitted in the process. Rather than your IP address, only our server address is transmitted to Facebook, Google and Twitter. You only become directly connected to Facebook, Google or Twitter if you perform an action. Before that the social networks cannot collect any data about you. As long as you do not click on a link to share content, you remain invisible to the networks. If you click on a link, the obligation to provide information about data collection and processing no longer rests with us, but rather with the operator of the social network.
9. Data subject rights
You have the right:
- pursuant to Art. 15 of the GDPR to request information about your personal data processed by us, in particular about the purposes for processing, the personal data category, the categories of the recipients to whom your data have been or will be disclosed, the planned retention duration, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if they were not collected by us and the existence of automated decision-making including profiling and if applicable meaningful information about their details;
- pursuant to Art. 16 of the GDPR to demand the immediate rectification of incorrect or completion of the personal data saved by us about you;
- pursuant to Art. 17 of the GDPR to demand the erasure of the personal data saved by us about you as long as processing is not necessary for exercising of the right to freedom of expression and information, for fulfilment of a legal obligation, for reasons of public interest or for assertion, exercising or defence of legal claims;
- pursuant to Art. 18 of the GDPR to demand the restriction of processing of your personal data as long as the accuracy of the data is questioned by you and processing is unlawful, but you reject their erasure and we no longer need the data, but you require them for assertion, exercising or defence of legal claims or you have filed an objection to the processing in accordance with Art. 21 of the GDPR;
- pursuant to Art. 20 of the GDPR to demand receipt in a structured, standard and machine-readable format of your personal data which you provided to us or transmission to another responsible party;
- pursuant to Art. 7(3) of the GDPR to withdraw the consent you previously granted us at any time. This has the consequence that we may not continue the data processing upon which this consent was based in the future and
- pursuant to Art. 77 of the GDPR to file a complaint with a supervisory authority. Usually you can contact the supervisory authority in your usual place of residence or workplace or our headquarters.
10. Right to object
If your personal data are processed on the basis of legitimate interests in accordance with Art. 6(1) Sent. 1 (f) of the GDPR you have the right pursuant to Art. 21 of the GDPR to object to the processing of your personal data as long as there are reasons arising from your particular situation for this or the objection is directed to direct advertising. In the latter case you have a general objection right which will be implemented by us without statement of any particular situation.
If you would like to make use of your right to withdraw or reject you only need to send an email to firstname.lastname@example.org.
11. Data security
Within the website visit we use the widespread SSL (secure socket layer) method in conjunction with the highest level of encryption supported by your browser. In general this is 256-bit encryption. If your browser does not support 256-bit encryption, we fall back on 128-bit v3 technology instead. You can recognise that an individual webpage in our internet presence is being transmitted in encrypted form by the closed key or padlock icon in the bottom status bar of your browser.
We also take suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are being improved continuously according to technological developments.