Concepture Group GmbH
Mannheim District Court
VAT ID No. DE 316964278
Tel. + 49 (0) 7223-808479-0
Fax. + 49 (0) 7223-808479-9
Manuel Bohe MBA
1. An overview of data protection
Data collection on our website
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator. The operator’s contact details can be found in the website’s required legal notice.
How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.
What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.
Analytics and third-party tools
You can object to this analysis. We will inform you below about how to exercise your options in this regard.
2. General information and mandatory information
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
Notice concerning the party responsible for this website
The party responsible for processing data on this website is:
Concepture Gruppe GmbH
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
3. Data protection officer
Statutory data protection officer
We have appointed a data protection officer for our company.
4. Data collection on our website
Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
Cookie Consent with Usercentrics
Our website uses the Usercentrics cookie consent technology to obtain your consent to the storage of certain cookies on your device and data protection legislation compliant documentation of the former. The party offering this technology is Usercentrics GmbH, Rosental 4, 80331 München, Germany, website: https://usercentrics.com/ (hereinafter referred to as “Usercentrics”). Whenever you visit our website, the following personal data will be transferred to Usercentrics:
– Your declaration(s) of consent or your revocation of your declaration(s) of consent
– Your IP address
– Information about your browser
– Information about your device
– The date and time you visited our website
basis for the use of such cookies is Art. 6 Sect. 1 Sentence 1 lit. c GDPR.
Contract data processing agreement
Our company has executed a Contract Data Processing Agreement with Usercentrics. This is an Agreement mandated by data privacy protection legislation that warrants that Usercentrics processes all personal data of our website visitors exclusively in compliance with our instructions and in compliance with the GDPR.
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:
– Browser type and browser version
– Operating system used
– Referrer URL
– Host name of the accessing computer
– Time of the server request
– IP address
These data will not be combined with data from other sources.
The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
If you send us enquiries via the contact form, your details from the enquiry form, including the contact data you provided there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. Personal data that you provide to us via the contact form is processed and maintained by us using a customer relationship management (CRM) system. The currently used CRM system is operated by Zoho Corporation ,4141 Hacienda Drive Pleasanton,
Your personal data will only be passed on to other third parties if this is necessary for the execution of the contract with you, if the passing on is permissible on the basis of a weighing of interests within the meaning of Art. 6 Para. 1 lit. f) DSGVO, if we are legally obliged to pass it on or if you have given your consent to this. The data entered in the contact form will be processed on the basis of Art. 6 para. 1 lit. b DSGVO if your enquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures or in our legitimate interests (Art. 6 para. 1 lit. f DSGVO), as we have a legitimate interest in the effective processing of enquiries addressed to us. The data you send us via contact requests will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions – in particular legal retention periods – remain
unaffected. Request by e-mail, telephone or fax If you contact us by e-mail, telephone or fax, your request including all personal data (name, request) will be stored and processed by us for the purpose of processing your request. Personal data that you communicate to us by telephone, e-mail or fax will be processed and maintained by us with the help of a customer relationship management system (CRM system).
Your personal data will only be passed on to third parties if this is necessary for the execution of the contract with you, if the passing on is permissible on the basis of a weighing of interests within the meaning of Art. 6 Para. 1 lit. f) DSGVO, if we are legally obliged to pass it on or if you have given your consent to this. This data is processed on the basis of Art. 6 para. 1 lit. b DSGVO if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on your consent (Art. 6 para. 1 lit. a DSGVO) and / or on our legitimate interests (Art. 6 para. 1 lit. f DSGVO), as we have a legitimate interest in the effective
processing of enquiries addressed to us. The data you send us via contact requests will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has
been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.
Processing of data (customer and contract data)
We collect, process and use personal data only when it is necessary for the establishment, content or modification of the legal relationship (inventory data). Your personal data is processed and maintained by us with the help of a customer relationship management system (CRM system). The currently used CRM system is operated by Zoho Corporation, 4141 Hacienda Drive Pleasanton, CA 94588, USA and ZOHO CORPORATION PVT. LTD based in India (Estancia IT Park, Plot No. 140 & 151, GST Road, Vallancherry Village, Chengalpattu Taluk, Kanchipuram District 603 202, INDIA (Zoho India)).
This is done on the basis of Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. We collect, process and use personal data relating to the use of our Internet pages (usage data) only to the extent necessary to enable the user to make use of the service or to bill the user. The collected customer data will be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.
Data transfer upon closing of contracts for services and digital content
Your personal data is processed and maintained by us with the help of a customer relationship management system (CRM system). The currently used CRM system is operated by Zoho Corporation ,4141 Hacienda Drive Pleasanton, CA 94588, USA and ZOHO CORPORATION PVT. LTD based in India (Estancia IT Park, Plot No. 140 & 151, GST Road, Vallancherry Village, Chengalpattu Taluk, Kanchipuram District 603 202, INDIA (Zoho India)).
We transmit personal data to third parties only if this is necessary in the context of contract processing, for example to the bank commissioned with payment processing. A further transmission of the data does not take place or only if you have expressly agreed to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes. The basis for data processing is Art. 6 Para. 1 lit. b DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
This is an e-commerce service. Processing company Shopify International Limited, Victoria Buildings, 2. Etage, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland
This list represents all (personal) data that is collected by or through the use of this service.
– Phone number
– Payment details
– Company name
– Information about the Shopify-supported merchant stores visited
– IP address
– Shipping and billing address
– Information about orders initiated
In the following the legal basis for the processing of personal data required by Art. 6 I 1 GDPR is listed.
– Art. 6 (1) (a) GDPR
5. Social media
Data processing through social networks
We maintain publicly available profiles in social networks. The individual social networks we use can be found below. Social networks such as Facebook, Google+ etc. can generally analyse your user behaviour comprehensively if you visit their website or a website with integrated social media content (e.g. like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered.
In detail: If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.
Using the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. This way you can see interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have logged in to.
Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) (a) GDPR).
Responsibility and assertion of rights
If you visit one of our social media sites (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g. Facebook).
Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.
The data collected directly from us via the social media presence will be deleted from our systems as soon as the purpose for their storage lapses, you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory provisions – in particular, retention periods – remain unaffected.
Individual social networks
We have a profile on Facebook. The provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Facebook is certified under the EU-US Privacy Shield.
You can customise your advertising settings independently in your user account. Click on the following link and log in: https://www.facebook.com/settings?tab=ads
We have a profile on Google+. The provider is Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA. Google has EU-US Privacy Shield certification:
You can customise your advertising settings independently in your user account. Click on the following link and log in: https://adssettings.google.com/authenticated
We use the short message service Twitter. The provider is Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, United States. Twitter is certified under the EU-US Privacy Shield.
You can customise your Twitter privacy settings in your user account. Click on the following link and log in: https://twitter.com/personalization
We have a LinkedIn profile. The provider is the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn is certified under the EU-US Privacy Shield. LinkedIn uses advertising cookies.
If you want to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
6. Analytics and advertising
This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses so-called cookies. Cookies are text files, which are stored on your computer and that enable an analysis of the use of the website by users. The information generated by cookies on your use of this website is usually transferred to a Google server in the United States, where it is stored.
The storage of Google Analytics cookies and the utilization of this analysis tool are based on Art. 6 Sect. 1 lit. a GDPR, the agreement can be revoked at any time.
On this website, we have activated the IP anonymization function. As a result, your IP address will be abbreviated by Google within the member states of the European Union or in other states that have ratified the Convention on the European Economic Area prior to its transmission to the United States. The full IP address will be transmitted to one of Google’s servers in the United States and abbreviated there only in exceptional cases. On behalf of the operator of this website, Google shall use this information to analyse your use of this website to generate reports on website activities and to render other services to the operator of this website that are related to the use of the website and the Internet. The IP address transmitted in conjunction with Google Analytics from your browser shall not be merged with other data in Google’s possession.
You do have the option to prevent the archiving of cookies by making pertinent changes to the settings of your browser software. However, we have to point out that in this case you may not be able to use all of the functions of this website to their fullest extent. Moreover, you have the option prevent the recording of the data generated by the cookie and affiliated with your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Objection to the recording of data
You have the option to prevent the recording of your data by Google Analytics by clicking on the following link. This will result in the placement of an opt out cookie, which prevents the recording of your data during future visits to this website: click here. For more information about the handling of user data by Google Analytics, please consult Google’s Data Privacy Declaration at: https://support.google.com/analytics/answer/6004245?hl=en.
Contract data processing
We have executed a contract data processing agreement with Google and are implementing the stringent provisions of the German data protection agencies to the fullest when using Google Analytics. Demographic parameters provided by Google Analytics. This website uses the function “demographic parameters” provided by Google Analytics. It makes it possible to generate reports providing information on the age, gender and interests of website visitors. The sources of this information are interest-related advertising by Google as well as visitor data obtained from third party providers. This data cannot be allocated to a specific individual. You have the option to deactivate this function at any time by making pertinent settings changes for advertising in your Google account or you can generally prohibit the recording of your data by Google Analytics as explained in section “Objection to the recording of data”.
Data on the user or incident level stored by Google linked to cookies, user IDs or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) will be anonymized or deleted after 14 month. For details
please click the following link: https://support.google.com/analytics/answer/7667196?hl=en.
Google Analytics (Google AdWords) Remarketing
This website uses the functions of Google Analytics Remarketing in combination with the functions of Google Ads and Google DoubleClick, which work on all devices. The provider of these solutions is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. This function makes it possible to connect the advertising target groups generated with Google Analytics Remarketing with the functions of Google Ads and Google DoubleClick, which work on all devices. This makes it possible to display interest-based customized advertising messages, depending on your prior usage and browsing patterns on a device (e.g. cell phone) in a manner tailored to you as well as on any of your devices (e.g. tablet or PC).
If you have given us pertinent consent, Google will connect your web and app browser progressions with your Google account for this purpose. As a result, it is possible to display the same personalized advertising messages on every device you log into with your Google account. To support this function, Google Analytics records Google authenticated IDs of users that are temporarily connected with our Google Analytics data to define and compile the target groups for the ads to be displayed on all devices. You have the option to permanently object to remarketing/targeting across all devices by deactivating personalized advertising. To do this, please follow this link: https://www.google.com/settings/ads/onweb/. The consolidation of the recorded data in your Google account shall occur exclusively based on your consent, which you may give to Google and also revoke there (Art. 6 Sect. 1 lit. a GDPR). Data recording processes that are not consolidated in your Google account (for instance because you do not have a Google account or have objected to the consolidation of data), the recording of data is based on Art. 6 Sect. 1 lit. f GDPR. The legitimate interest arises from the fact that the operator of the website has a legitimate interest in the anonymized analysis of website visitor for advertising purposes. For further information and the pertinent data protection regulations, please consult the Data Privacy Policies of Google at:https://policies.google.com/technologies/ads?hl=en.
Google Ads and Google Ads Conversion-Tracking
This website uses Google Ads. Google Ads is an online promotional program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. In conjunction with Google Ads, we use a tool called Conversion Tracking. If you click on an ad posted by Google, a cookie for Conversion Tracking purposes will be placed. Cookies are small text files the web browser places on the user’s computer. These cookies expire after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, Google and we will be able to recognise that the user has clicked on an ad and has been linked to this page. A different cookie is allocated to every Google Ads customer. These cookies cannot be tracked via websites of Google Ads customers. The information obtained with the assistance of the Conversion cookie is used to generate Conversion statistics for Google Ads customers who have opted to use Conversion Tracking. The users receive the total number of users that have clicked on their ads and have been linked to a page equipped with a Conversion Tracking tag. However, they do not receive any information that would allow them to personally identify these users. If you do not want to participate in tracking, you have the option to object to this use by easily deactivating the Google Conversion Tracking cookie via your web browser under user settings. If you do this, you will not be included in the Conversion Tracking statistics. The storage of “Conversion” cookies and the use of this tracking tool are based on Art. 6 Sect. 1 lit. a GDPR, the agreement can be revoked at any time. To review more detailed information about Google Ads and Google Conversion Tracking, please consult the Data Privacy Policies of Google at: https://policies.google.com/privacy?hl=en. You can set up your browser in such a manner that you will be notified anytime cookies are placed and you can permit cookies only in certain cases or exclude the acceptance of cookies in certain instances or in general and you can also activate the automatic deletion of cookies upon closing of the browser. If you deactivate cookies, the functions of this website may be limited.
Google Tag Manager
This is a call tracking service. Processing company MaTelSo GmbH, Heilbronner Str. 150, 70191 Stuttgart, Germany
– Call tracking
– Customer Journey Analytics
– Technologies Used
– Usage data (click path, call action, AdWords keywords)
– Http-Header (IP address, browser information, referrer)
This list represents all (personal) data that is collected by or through the use of this service.
– Date of call
– Duration of call
– Document path
– Destination number
– Time of call
– Browser information
– Remote user agent
– Referrer URL
– Date and time of visit
In the following the legal basis for the processing of personal data required by Art. 6 I 1 GDPR is listed.
– Art. 6 (1) (a) GDPR
Location of Processing
The data will be deleted as soon as they are no longer needed for the processing purposes. Data Protection Officer of Processing Company Below you can find the email address of the data protection officer of the processing
If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) DSGVO. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the “unsubscribe” link in the newsletter. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.
This website uses the services of MailChimp to send newsletters. This service is provided by Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
MailChimp is a service which organizes and analyzes the distribution of newsletters. If you provide data (e.g. your email address) to subscribe to our newsletter, it will be stored on MailChimp servers in the USA.
MailChimp is certified under the EU-US Privacy Shield. The Privacy Shield is an agreement between the European Union (EU) and the US to ensure compliance with European privacy standards in the United States.
We use MailChimp to analyze our newsletter campaigns. When you open an email sent by MailChimp, a file included in the email (called a web beacon) connects to MailChimp’s servers in the United States. This allows us to determine if a newsletter message has been opened and which links you click on. In addition, technical information is collected (e.g. time of retrieval, IP address, browser type, and operating system). This information cannot be assigned to a specific recipient. It is used exclusively for the statistical analysis of our newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to your interests.
If you do not want your usage of the newsletter to be analyzed by MailChimp, you will have to unsubscribe from the newsletter. For this purpose, we provide a link in every newsletter we send. You can also unsubscribe from the newsletter directly on the website.
Data processing is based on Art. 6 (1) (a) DSGVO. You may revoke your consent at any time by unsubscribing to the newsletter. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted from our servers and those of MailChimp. Data we have stored for other purposes (e.g. email addresses for the members area) remains unaffected.
Completion of a data processing agreement
We have entered into a data processing agreement with MailChimp, in which we require MailChimp to protect the data of our customers and not to disclose said data to third parties. This agreement may be viewed at the following link: https://mailchimp.com/legal/forms/data-processing-agreement/sample-agreement/.
8. Plugins and tools
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited. If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO. Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.
Google Web Fonts
To ensure that fonts used on this website are uniform, this website uses so-called Web Fonts provided by Google. When you access a page on our website, your browser will load the required web fonts into your browser cache to correctly display text and fonts. To do this, the browser you use will have to establish a connection with Google’s servers. As a result, Google will learn that your IP address was used to access this website. The use of Google Web Fonts is based on Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in a uniform presentation of the font on the operator’s website. If a respective declaration of consent has been obtained (e.g. consent to the archiving of cookies), the data will be processed exclusively on the basis of Art. 6 Sect. 1 lit. a DGDPR. Any such consent may be revoked at any time. If your browser should not support Web Fonts, a standard font installed on your computer will be used. For more information on Google Web Fonts, please follow this link: https://developers.google.com/fonts/faq and consult Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.
This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO. Further information about handling user data, can be found in the data protection declaration of Google at https://www.google.de/intl/de/policies/privacy/.