Privacy Policy

1. Data Protection at a Glance

 

General Notes

The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is all data with which you can be personally identified. For detailed information on the subject of data protection, please refer to our data protection declaration listed below this text.

 

Data Collection on this Website

 

Who is responsible for data collection on this website?

The data processing on this website is carried out by the website operator. You can find the contact details in the imprint of this website.

 

How do we collect your data?

One way, data is being collected is when you provide it to us. This, as an example might be data that you enter in a contact form.

Other data is automatically collected by our IT systems when you visit the website. This is mainly technical data (e.g. your internet browser, the operating system or time of your visit). This data is collected automatically as soon as you visit this website.

 

What are we using your data for?

Parts of the data are collected to ensure that the website can be provided for you without any errors. Other data can be used to analyse your user behavior in order to improve our information offerings.

 

What rights do you have regarding your data?

At any time, you have the right to receive information about the origin of data, recipients of data and the purpose of storing personal data free of cost. You also have the right to demand the correction or deletion of this data. For this purpose, as well as for further questions regarding data protection, you can contact us at any time at the contact details presented in our imprint. Furthermore, you have the right to complain to the responsible authority.

Under certain circumstances you may also have the right to restrict the processing of your personal data. For more details, please refer to the data protection declaration – “Right to restrict processing”.

 

Analysis tools and third-party tools

When you visit this website, your browsing behaviour may be evaluated for statistics. This is mainly done with cookies and with specialized analysis-tools. The analysis of your browsing behaviour is usually anonymous; the browsing behaviour cannot be used to trace back to you.

You can object to this analysis or prevent it by not using certain tools. You can find detailed information about these tools and about your options to object to them in the following data protection declaration.

 

2. Hosting

 

External Hosting

This website is hosted by an external service provider (Hoster). The personal data collected on this website is stored on the hoster’s servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website visits and other data that might be generated by a website.

The use of the hoster is for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 par. 1 lit. b GDPR) and in our interest of a secure, fast and efficient provision of our online offerings, supported by a professional and reliable provider (Art. 6 par. 1 lit. f GDPR).

Our hoster will only process your data to the extent that is necessary to fulfil its performance obligations and will follow our instructions with regard to this data.

 

Conclusion of a contract on order processing

In order to guarantee data protection compliant processing, we have concluded a contract for order processing with our hoster.

 

3. General Information and Compulsory Information

Data Protection

The operators of this website / these pages take the protection of your personal data very seriously. We treat your personal data confidentially and according to the legal data protection regulations and this privacy policy.

When you are visiting this website, various personal data will be collected. Personal data is data, which you can be personally identified with. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that online data transmission (e.g. communication by e-mail) can have security flaw. A complete protection of data against access by third parties is not possible.

 

Note on the responsible organization

Responsible for this websites data processing is:

 

lineo Künstlerpinselfabrik

Mesko-Pinsel GmbH

Sport- und Gewerbestraße 1

91632 Wieseth

Telefon: +49 (9822) 8285 – 0

E-Mail: office@mesko.eu

 

Responsibility lies with a natural or a legal person who alone or jointly with others determines the purposes and means of the processing operation.

 

Data protection officer as required by law

We have appointed a data protection officer for our company.

 

Jörg Hermann

jmh datenschutzberatung Atelierstr. 29

81671 München

Telefon: 0170/1131871 E-Mail: dsb@lineo-pinsel.eu

 

Revocation of your consent to data processing

Many data processing operations are only possible with your explicit consent. You can revoke a previously given consent at any time. For this purpose an informal notification per e-mail will be sufficient. The legality of the data processing carried out up to the time of revocation remains unaffected by any revocation.

 

Right to object to data collection in certain cases and to direct advertising (Art. 21 GDPR)

If the data processing is carried out on the basis of Art. 6 par. 1 lit. E or f GDPR, you have the right to object to the processing of your personal data at any time and for good reasons arising from your particular situation; this also applies to profiling based that might be done. The legal basis on which processing of data is based, can be found within our Data Protection Declaration. If you object, we will no longer process your personal data unless we can prove that there are compelling reasons for processing which are worthy of protection and which outweigh your interests, rights and freedoms, or unless the processing serves to assert, exercise or to defend legal claims (objection under Art. 21 par. 1 GDPR).

If your personal data is processed for the purpose of direct marketing, you have the right to object to the processing of personal data concerning you for the purpose of marketing at any time; this also applies to profiling, insofar as it is related to such direct marketing activities. If you object, your personal data will subsequently no longer be used for the purpose of direct advertising (objection as per Art. 21 par. 2 GDPR).

 

Right of appeal to the responsible authority

In the event of infringements of the GDPR, those concerned have a right of appeal to a supervisory authority, in particular in the state of their habitual residence, place of work or the place where the alleged infringement has been committed. This right of appeal stands without prejudice to other administrative or judicial remedies.

 

Right to data portability

You have the right to have data, which we process automatically and on the basis of your consent or in fulfilment of a contract, handed over to you or to a third party in a common, digitally processible format. If you request the direct transfer of your data to another responsible party, this will only take place to the extent that it is technically feasible.

 

SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the sites operator, this site uses SSL or TLS encryption. In your browsers address bar, you can see the connection is being encrypted:

“http://” changes to “https://” and a lock symbol will be shown in your browser bar.

If SSL or TLS encryption is activated, the data you transmit to us is protected against third parties.

 

Information, deletion and correction

Within the applicable legal provisions, you have the right to obtain information about your stored personal data free of charge and at any time. You can request its origin and recipients and the purpose of the data processing and, if applicable, have the right to correct or delete this data. For this purpose, as well as for further questions regarding personal data, you can contact us at any time at the address presented in our imprint.

 

Right to limitation of processing

You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time at the address presented in our imprint. In below mentioned cases you may have the right to restrict processing of your data:

If you dispute the accuracy of your personal data stored with us, we usually need time to verify this. For the duration of the review, you have the right to demand the restriction of the processing of your personal data.

If the processing of your personal data was/is unlawful, you may request the restriction of data processing instead of deletion.

If we no longer need your personal data, but you need them in order to exercise, defend or assert legal claims, you have the right to request restriction of the processing of your personal data instead of its deletion.

If you have lodged an objection in accordance with Art. 21 Paragraph 1 GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests outweigh the interests of both parties, you have the right to demand that the processing of your personal data to be restricted.

If you have restricted the processing of your personal data, this data – apart from its storage – may only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or one of its Member States.

 

Objection to advertising e-mails

The use of contact data published within the scope of the imprint obligation for the transmission of not explicitly requested advertising and information material is hereby contradicted. The operators of the website explicitly reserves the right to take legal action in the event of unsolicited sending of advertising information, such as spam e-mails.

 

4. Data Collection on this Website

Cookies

Our Website partly uses so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are being stored on your computer and are being saved by your browser.

Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser on your next visit and help us improve browsing experience.

You can change the settings of your browser so that you will be informed about the usage of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. By disabling cookies, you may limit the functionality of this website.

Cookies that are required to carry out the electronic communication process or to provide certain functions you have requested (e.g. shopping basket function) are stored on the basis of Art. 6 par. 1 lit. f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of his services. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 par. 1 lit. a GDPR; the consent can be revoked at any time.

Insofar as other cookies (e.g. cookies for analysing your browsing behaviour) are stored, these are treated separately in this Data Protection Declaration.

 

Server Log Files

The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These include:

  • Browser type and browser version Operating system used Referrer URL
  • Host name of the accessing computer & time of the server request
  • IP address

This data is not being merged with other data sources.

This data is getting processed as per Art. 6 par. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of his website – for this purpose the server log files shall be recorded.

 

Contact form

If you send us inquiries via our contact form, your details from the contact form, including the contact data you provide there, will be stored for the purpose of processing the enquiry and in the event of follow-up, for further contact. We will not pass this data on to others without your explicit consent.

This data is processed as per Art. 6 par. 1 lit. b GDPR, insofar as your enquiry is connected with the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 par. 1 lit. f GDPR) or on your consent (Art. 6 par. 1 lit. a GDPR), if requested.

The data being entered in the contact form from your side, will remain with us until you request us to delete it, revoke your consent to its storage or the purpose for which it was stored ceases to apply (e.g. after your enquiry has been processed). Mandatory legal provisions – in particular retention periods – are not being affected.

 

Inquiry by e-mail, telephone or fax

If you contact us per e-mail, telephone or fax, your inquiry including all personal data (name, inquiry) will be stored and processed for the purpose of processing your request. We will not pass this data on without your explicit consent.

The processing of this data is carried out as per Art. 6 par. 1 lit. b GDPR, insofar as your enquiry is connected with the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on your consent (Art. 6 par. 1 lit. a GDPR) and/or on our legitimate interests (Art. 6 par. 1 lit. f GDPR), as we have a legitimate interest in the effective processing of the inquiries addressed to us.

The data sent to us by you via contact requests will remain with us until you request us to delete it, revoke your consent to its storage or the purpose for which it was stored ceases to apply (e.g. after your request has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

 

5. Social Media

 

Data processing through social networks

We maintain publicly accessible profiles in social networks. You can find the social networks we use in detail below.

Social networks such as Facebook, Google+ etc. can usually analyse your user behaviour comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media sites triggers numerous data protection-relevant processing procedures. In detail:

If you are logged in to your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies that are stored on your device or by saving your IP address.

With the help of the data thus collected, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-related advertising can be displayed to you both inside and outside the respective social media presence. If you have an account with the respective social network, interest-based advertising can be displayed on all devices on which you are or were logged in.

Please also note that we cannot track all processing on the social media portals. Depending on the provider, further processing may be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection regulations of the respective social media portals.

 

Legal basis

Our social media appearances are designed to ensure the most comprehensive presence possible on the Internet. This is a legitimate interest within the meaning of Art. 6 par. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 par. 1 lit. a GDPR).

 

Responsibility and assertion of rights

If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. You can assert your rights (information, correction, deletion, restriction of processing, data transferability and complaints) both against us and against the operator of the respective social media portal (e.g. against Facebook).

Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing procedures of the social media portals. Our possibilities depend largely on the corporate policy of the respective provider.

 

Storage period

The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for storing them no longer applies, you request for us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on your device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

 

Social networks in detail

 

Facebook

We have a profile on Facebook. The provider is Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA. Facebook is certified according to the EU-US Privacy Shield.

We have a joint processing agreement (Controller Addendum) with Facebook. This agreement defines the data processing operations for which we or Facebook are responsible when you visit our Facebook page. You can view this agreement at the following link:

https://www.facebook.com/legal/terms/page_controller_addendum

You can adjust your advertising settings independently in your user account. To do so, click on the following link and log in: https://www.facebook.com/settings?tab=ads

For details, please see the Facebook Privacy Policy: https://www.facebook.com/about/privacy/

 

Instagram

We have a profile with Instagram. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. For details on how they handle your personal information, please see Instagram’s Privacy Policy: https://help.instagram.com/519522125107875

 

XING

We have a profile on XING. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Details on how they handle your personal data can be found in the XING Privacy Policy:

https://privacy.xing.com/de/datenschutzerklaerung

 

LinkedIn

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn is certified under the EU-US Privacy Shield. LinkedIn uses advertising cookies. If you wish to disable LinkedIn advertising cookies, please use the following link:

https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

For details about how LinkedIn handles your personal information, please see the LinkedIn Privacy Policy.

 

Facebook Plugins (Like & Share button)

On this website plugins of the social network Facebook are integrated. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.

You can recognize the Facebook plugins by the Facebook logo or the “Like Button” (“Like”) on this website. You can find an overview of the Facebook plugins here: https://developers.facebook.com/docs/plugins/?locale=de_DE

When you visit this website, the plugin establishes a direct connection between your browser and a Facebook server. Facebook thereby receives the information that you have visited this website with your IP address. If you click the Facebook “Like-Button” while you are logged in to your Facebook account, you can link the contents of this website on your Facebook profile. This allows Facebook to associate the visit to this website with your user account. We would like to point out that we, as the provider of the website, have no knowledge of the content of the transmitted data or its use by Facebook. You can find further information on this in the Facebook privacy policy under:

https://de-de.facebook.com/privacy/explanation

If you do not want Facebook to be able to assign your visit to this website to your Facebook user account, please log out of your Facebook user account.

The use of the Facebook plugins is based on Art. 6 par. 1 lit. f GDPR. The website operator has a legitimate interest in the widest possible visibility in the social media.

 

LinkedIn plugin

This website uses features of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

Each time you access a page on this site that contains LinkedIn features, a connection to LinkedIn’s servers is established. LinkedIn will be notified that you have visited this site using your IP address. When you click on LinkedIn’s “Recommend” button and are logged into your LinkedIn account, LinkedIn is able to associate your visit to this site with you and your account. We would like to point out that we, as the provider of these pages, have no knowledge of the content of the transmitted data or its use by LinkedIn.

The LinkedIn plugin is used on the basis of Art. 6 Par. 1 lit. f GDPR. The website operator has a legitimate interest in the widest possible visibility in the social media.

Further information can be found within the LinkedIn privacy policy: https://www.linkedin.com/legal/privacy-policy.

 

6. Analysis Tools and Advertising

 

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics uses so-called “cookies”. These are text files which are stored on your computer and enable an analysis of your usage of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.

The storage of Google Analytics cookies and the use of this analysis tool is based on Art. 6 par. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user behaviour in order to optimize both, his website and his advertising. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 Par. 1 lit. a GDPR; the consent can be revoked at any time.

 

IP Anonymisation

For this website, we have activated the IP anonymization function. This ensures that your IP address is shortened by Google within member states of the European Union or within other contracting states of that Agreement on the European Economic Area before it is transmitted to the USA. Only in exceptional cases the full IP address will be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the website activities and to provide further services to the website operator in connection with the use of the website and browsing. The IP address transmitted by your browser within the framework of Google Analytics is not being merged with other data from Google.

 

Browser Plugin

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de

 

Order Processing

We have a contract with Google for order processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

 

Storage Period

User and event-level data stored by Google that is linked to cookies, user IDs (e.g. User ID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) is anonymized or deleted after 14 months. Please see the following link for details: https://support.google.com/analytics/answer/7667196?hl=de

 

Google DoubleClick

This website uses features of Google DoubleClick. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (hereinafter “DoubleClick”).

DoubleClick is used to show you interest-based ads across the Google advertising network. DoubleClick allows you to tailor the ads to the interests of the viewer. For example, our ads may appear in Google search results or in banner ads associated with DoubleClick.

In order for DoubleClick to display ads to users based on their interests, DoubleClick must be able to recognize the viewer. For this purpose, a cookie is stored in the user’s browser, behind which the websites visited by the user, clicks and various other information is stored. This information is combined into a pseudonymous user profile in order to display advertising that is relevant to the user’s interests.

Google DoubleClick is used in the interest of targeted advertising. This constitutes a legitimate interest in the sense of Art. 6 par. 1 lit. f GDPR. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 par. 1 lit. a GDPR; the consent can be revoked at any time.

You can change the settings of your browser so that it no longer stores cookies. However, this may result in a restriction of the accessible website functions. In addition, we would like to point out that DoubleClick may also use other technologies to create user profiles. Disabling cookies therefore does not guarantee that user profiles will no longer be created.

For more information about how to opt-out of Google’s ads, please see the following links: https://policies.google.com/technologies/ads and https://adssettings.google.com/authenticated

 

Facebook pixels

This website uses the visitor action pixel of Facebook to measure conversion. This service is provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.

This allows the behavior of site visitors to be tracked after they have clicked on a Facebook advertisement to be redirected to the provider’s website. This allows the effectiveness of Facebook Ads to be evaluated for statistical and market research purposes and to optimize future advertising efforts.

The collected data is anonymous for us as the operator of this website, we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, according to Facebook’s Data Usage Policy. This allows Facebook to allow ads to be posted on pages within Facebook and outside of Facebook. This use of data cannot be influenced by us as a site operator.

The use of Facebook pixels is based on Art. 6 par. 1 lit. f GDPR. The website operator has a legitimate interest in effective advertising measures, including social media.

If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 par. 1 lit. a GDPR; the consent can be revoked at any time.

You will find further information on the protection of your privacy in the Facebook data protection information: https://de-de.facebook.com/about/privacy/

You can also deactivate the remarketing function “Custom Audiences” in the Advertising Settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You must be logged in to Facebook to do this.

 

If you do not have a Facebook account, you can disable usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/

 

7. Newsletter

Newsletter data

If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as personal information that allows us to verify that you are the owner of the provided e-mail address and that you agree to receive newsletters. Further data will not be collected or only on a voluntary basis. We use these data exclusively for sending the requested information and do not pass it on to third parties.

The data entered in the newsletter registration form will be processed exclusively on the basis of your consent (Art. 6 par. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example by clicking the “unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

The data you have provided us for the purpose of subscribing to the newsletter will be stored from us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have cancelled your subscription. Data which is being stored for other purposes remains unaffected.

After you have been removed from the newsletter distribution list, your e-mail address may be kept by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data.

This serves both, your interest and our interest in compliance with the legal requirements when sending newsletters (legitimate interest in the sense of Art. 6 par. 1 lit. f GDPR). The storage in the blacklist is not limited in terms of time. You can object to the storage if your interests outweigh our legitimate interest.

 

8. Plugins and Tools

YouTube

This website incorporates videos from the YouTube website. The website is operated by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

When you visit one of our websites where YouTube is embedded, a connection to the servers of YouTube is established. This tells the YouTube server which of our pages you have visited.

YouTube may also store various cookies on your device. These cookies enable YouTube to obtain information about visitors to this website. This information is used, among other things, to gather video statistics, improve the user experience and prevent fraud. The cookies remain on your device until you delete them.

If you are logged in to your YouTube account, you allow YouTube to associate your browsing habits directly with your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used in the interest of an attractive presentation of our online offers. This represents a legitimate interest in the sense of Art. 6 par. 1 lit. f GDPR. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 par. 1 lit. a GDPR; the consent can be revoked at any time.

Further information on the handling of user data can be found in YouTube’s privacy policy:

https://policies.google.com/privacy?hl=de

 

Google Web Fonts

This website uses so-called web fonts, which are provided by Google and support a uniform display of fonts. When you call visit a page, your browser loads the required web fonts into its browser cache in order to display text and fonts correctly.

To do this, your browser has to connect to Google’s servers. This enables Google to know that this website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and attractive presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 par. 1 lit. f GDPR.

If your browser does not support Web Fonts, a standard font will be used by your computer.

Further information on Google Web Fonts can be found under https://developers.google.com/fonts/faq and within the Google privacy policy: https://policies.google.com/privacy?hl=de

 

Google Maps

This website uses the map service Google Maps via an API. Provider is the Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To use the functions of Google Maps it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of an attractive presentation of our online offers and an easy findability of the places we indicate on the website. This represents a legitimate interest in the sense of Art. 6 par. 1 lit. f GDPR.

More information on the handling of user data can be found in the Google data protection declaration: https://policies.google.com/privacy?hl=de

 

Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

The purpose of reCAPTCHA is to check whether the data input on this website (e.g. in a contact form) is made by a human being or by an automated program. For this purpose, reCAPTCHA analyses the behaviour of the website visitor on the basis of various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For analysis purposes, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.

Data processing is carried out on the basis of Art. 6 par. 1 lit. f GDPR. The website operator has a legitimate interest in protecting his web offers from abusive automated spying and from SPAM.

Further information on Google reCAPTCHA can be found in the Google Privacy Policy and the Google Terms of Use: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de

 

9. Own Services

Handling of applicant data

We offer the opportunity to apply for a job with our company (e.g. by e-mail, by post or via online application form). In the following we will inform you about the scope, purpose and use of your personal data which is being collected during the application process. We assure you that the collection, processing and use of your data will be in accordance with the applicable data protection law and all other legal provisions and that your data will be treated with strict confidentiality.

 

Scope and purpose of data collection

If you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes taken during job interviews, etc.) to the extent that this is necessary to make a decision about a potential employment. The legal basis for this is § 26 BDSG-neu under German law (initiation of an employment relationship), Art. 6 par. 1 lit. b GDPR (general contract initiation) and – if you have given your consent – Art. 6 par. 1 lit. a GDPR. Consent may be revoked at any time. Within our company, your personal data will only be passed on to persons involved in your application process.

If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of § 26 BDSG-neu and Art. 6 Par. 1 lit. b GDPR for the purpose of carrying out the employment.

 

Duration of storage of the data

If we are unable to make you a job offer, you reject a job offer or withdraw your application, we reserve the right to keep the data you have submitted with us for up to 6 months from the end of the application procedure (rejection or withdrawal of the application) on the basis of our legitimate interests (Art. 6 par. 1 lit. f GDPR).

The data will then be deleted and the physical application documents will be destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), the data will not be deleted or destroyed until the purpose for further storage no longer applies.

An extended storage period can also take place if you have given your consent (Art. 6 Par. 1 lit. a GDPR) or if legal storage obligations prevent deletion.

 

Inclusion in the applicant pool

If we do not make you a job offer, there may be the possibility to include you in our pool of applicants. If you are accepted, all documents and details from your application will be transferred to the applicant pool so that we can contact you in the event of suitable vacancies.

Admission to the applicant pool is based solely on your explicit consent (Art. 6 Par. 1 lit. a GDPR). This consent is voluntary and has no effect on other application procedures. The person concerned can revoke his/her consent at any time. In this case, the data will be irrevocably deleted from the pool of applicants, unless there are legal reasons for retention.

The data from the applicant pool will be irrevocably deleted at the latest two years after consent has been given.

 

Data protection information for customers Art 13 GDPR

Handling of Your Data and Your Rights

Information according to Art. 13, 14 and 21 of the EU Data Protection Basic Regulation (GDPR)

 

With the following information we would like to give you an overview of the processing of your personal data and your rights resulting from it. Which data is processed in detail and in which way it is used depends largely on the services requested or agreed upon in each case. Therefore not all statements contained here may apply to you.

 

Who is responsible for data processing and whom can I contact?

 

lineo Künstlerpinselfabrik
Mesko-Pinsel GmbH
Sport- und Gewerbestraße 1
91632 Wieseth

 

Contact of our external data protection officer:

 

Jörg Hermann

jmh Datenschutzberatung

0170/1131871

info@jmh-datenschutz.de

 

Type of personal data collected

 

We process the following personal data that we receive from you in the course of our business relationship:

– Company name with legal form and address

– Title and names

– Telephone numbers, fax numbers and e-mail addresses

– Field of activity or position

– Contract master data

– Payment history

 

We process your data for the following purposes and on the following legal basis

We process personal data in accordance with the provisions of the European Data Protection Basic Regulation (GDPR) and the Federal Data Protection Act (BDSG):

 

For the fulfilment of contractual obligations (Art. 6 par. 1 letter b GDPR)

The processing of data is carried out for execution:

– Of our contract

– Ancillary contractual services (e.g. warranty notifications)

 

Due to legal requirements (Art. 6 par. 1 letter c GDPR)

We are subject to various legal obligations that entail data processing. These include, for example

– Tax laws and the legal bookkeeping

– Meeting requests and requirements of supervisory or law enforcement authorities

– The fulfilment of fiscal control and reporting obligations

In addition, the disclosure of personal data may become necessary in the context of administrative/judicial measures for the purpose of gathering evidence, prosecution or enforcement of civil claims.

 

In the context of balancing interests (Art. 6 par. 1 f GDPR)

As far as necessary, we process your data beyond the actual fulfilment of the contract in order to protect legitimate interests of us or third parties. Examples of such cases are:

– Assertion of legal claims and defence in legal disputes

– Processing in the CRM system

– Advertising and marketing measures

 

Who gets my data?

Within our company

– Employees for the contact with you and the contractual cooperation (including the fulfilment of pre-contractual measures)

Within the scope of order processing

Your data may be passed on to service providers who work for us as order processors:

– Support or maintenance of EDP or IT applications

– Data destruction

– Newsletter dispatch

All service providers are bound by contract and in particular are obliged to treat your data confidentially.

 

Other Third Parties

Data will only be passed on to recipients outside our company in compliance with the applicable data protection regulations. Recipients of personal data can be, for example

– Public bodies and institutions (e.g. financial, customs or criminal prosecution authorities) if there is a legal or official obligation

– Credit and financial service providers (processing of payment transactions)

– Tax consultant or economic and wage tax and tax auditor (statutory audit mandate)

 

Is data transferred to a third country or to an international organisation?

Your data will be processed within the European Union and states within the European Economic Area (EEA). If data is transferred to a third country, the recipient is obliged to comply with data protection regulations by an EU adequacy decision or contractual provisions.

 

How long will my data be stored?

We process and store your personal data for as long as this is necessary to fulfil our contractual and legal obligations. If the data is no longer necessary for the fulfilment of contractual or legal obligations, it will be regularly deleted.

There might be exceptions,

– To the extent that statutory storage obligations must be fulfilled, e.g. German Commercial Code (HGB) and German Tax Code (AO), are required. The periods of retention or documentation specified there are usually six to ten years;

– For the preservation of evidence within the scope of the statutory limitation regulations. According to §§ 195 ff of the German Civil Code (BGB), these periods of limitation can be up to 30 years, whereby the regular period of limitation is 3 years.

If the data processing is carried out in the legitimate interest of us or a third party, the personal data will be deleted as soon as this interest no longer exists. The exceptions mentioned above shall apply.

 

Which data protection rights do I have?

You have the right for information in accordance with Article 15 GDPR, the right of correction in accordance with Article 16 GDPR, the right of deletion in accordance with Article 17 GDPR, the right to restrict processing in accordance with Article 18 GDPR, the right of objection in accordance with Article 21 GDPR and the right of data transferability in accordance with Article 20 GDPR.

With regard to the right to information and the right of deletion, restrictions may apply under Sections 34 and 35 of the Federal Data Protection Act.

In addition, there is a right of appeal to a competent data protection supervisory authority (Article 77 GDPR in conjunction with Article 19 BDSG).

 

Is there an obligation to provide data?

Within the scope of the contractual relationship, you must provide those personal data which is necessary for the commencement, execution and termination of the contractual relationship and for the fulfilment of the associated contractual obligations or which we are legally obliged to collect. Without this data, we will generally not be able to conclude or execute the contract with you.

 

Information about your right of objection according to Article 21 of the Basic Data Protection Regulation (GDPR)

The right of objection based on individual cases.

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6 paragraph 1 letter f) GDPR (data processing based on a balancing of interests), including profiling based on this provision within the meaning of Article 4 No. 4 GDPR.

If you lodge an objection, we will no longer process your personal data unless we can demonstrate compelling reasons for processing that are worthy of protection and outweigh your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.

 

Recipient of objections:

The objection can be made in any form with the subject “Objection”, stating your name, address and date of birth, and should be addressed to

 

Jörg Hermann
Jmh datenschutzberatung
dsb@lineo-pinsel.eu

Spread your passion for art!