Privacy policy
Privacy Statement
General Introduction:
We take the protection of your personal data very seriously and want to ensure your safety when visiting our Internet page. We handle data protection, in particular, in compliance with the provisions of the European General Data Protection Regulation, the Federal Data Protection Act (BSDG - new) and the German Telemedia Act (TMG). We would herewith like to inform you of the nature, scope and purpose of the processing of your personal data. To begin with, we would like to point out that this Privacy Statement solely refers to our own web pages and does not apply to any third-party websites to which we may refer in the form of a link.
Object of protection:
The object of this Privacy Statement is to protect personal data. This includes all information that refers to an identified or identifiable natural person (hereinafter referred to as the “data subject”). This includes, in particular, all information that allows conclusions to be drawn as to your identity (e.g. details such as your name, postal address, email address and telephone number).
Technical requirements:
In order for you to be able to set up a connection to our website, your browser transfers specif-ic data to the webserver of our website. This is a technical requirement that allows the infor-mation you called up to be made available to you by our website. This is achieved by storing your IP address, the date and time of your request, your operating system type and other in-formation which is then stored and used for a maximum period of 30 days. We reserve the right to store these data for a limited period in order to safeguard our legitimate interests so as to be able to derive information from personal data in the case of unauthorized access or the attempt to deliberately cause damage to our company through this route (Art. 6, para. 1 (f) GDPR). These data shall be solely stored or transferred for this and no other purpose, whereby we shall not inform you of this or ask for your consent in advance
Cookies:
Cookies Cookies are small text files that are stored by your browser on your computer or mobile end device to detect, for example, whether you visit the same websites repeatedly from the same end device or browser. In general, we set cookies to analyze the interest in our website as well as to improve the user-friendliness of our website. In principle, however, you can also call up our website without using cookies.
As a rule, cookies can be deactivated or removed with the aid of special tools which are of-fered by most commercial browsers. For each browser that you use, you have to determine the settings separately and configure these individually. The different browsers offer a range of functions and options to this purpose.
For full and easy usage of our website, you should accept those cookies that allow the use of specific functions, resp. make it easier to use. You can review which cookies are used by us and to which purpose - and how long these are stored - in the following overview:
Cookie-List:
Name: _ga
Website: ces.eu
Function: Registers an unambiguous ID that is used to generate statistical data with regard to how the visitor uses the web-site.
Validity: 2 years
Name: _gid
Website: ces.eu
Function: Registers an unambiguous ID that is used to generate statistical data with regard to how the visitor uses the web-site.
Validity: Until the end of the session
Name: _gat_gtag_UA_114414553_1
Website: ces.eu
Function: Is used by Google Analytics to limit the request rate.
Validity: Until the end of the session
When calling up our website, you will be informed about the use of these cookies by way of an informative text in our cookie banner. You automatically accept these cookies, if you continue to use them or by clicking on the “Accept” button.
Cookie types:
In order to be able to explain the most common cookie types in more detail, we have provided explanations of these in the following to help you to understand
1. Session cookies:
The usage of session cookies allows users and the changes they make on a website to be identified. They allow the website to track their movements across individual pages so that information that has already been entered/stored does not have to be re-entered/stored again. Webshop shopping baskets are a good example of this. The session cookie stores the selected products in the shopping basket so that this contains the correct articles when payment is made at checkout. Session cookies are deleted when the user logs off or become invalid once the session has automatically expired.
2. Permanent or protocol cookies:
A permanent or protocol cookie stores the user’s information and settings on the user’s computer for the duration of the period defined by the respective expiration date. This al-lows quicker and easier access as you do not, for example, have to repeat the language settings or re-enter your login data. These cookies are automatically deleted when the storage period expires.
3. Third party cookies:
As a rule, third party cookies have no influence on the usage of the page as they do not originate from the operator of the website. They fulfill, for example, the purpose of collecting information for advertising purposes, personalized content and web statistics and for passing these on to the respective third party provider.
4. Tracking Cookies:
Tracking cookies are special text files which open up the possibility of collecting data on the behavior of the internet users. This is aimed at gaining information on what the user’s main points of interest are, for example, to be able to launch made-to-measure promotional offers. Therefore, tracking cookies are not only set during the login process but are automatically set whenever the website is visited.
The examples of the most common types of cookies in the above representation is intended to provide you with a global overview of this type of data collection. The information contained therein does not claim to be complete. As a result of technical developments in the IT sector, it is to be assumed that further cookie types will be developed during the course of time. Prior to using our website, please refer at regular intervals to the Privacy Statement on our website to find out about the latest changes.
Contact form users:
Our website includes contact forms which can be used to contact us electronically. To ensure that your data are transferred securely, we use a connection which uses state of the art en-cryption with an SSL certificate during the transfer process. By clicking on the “Send request” button, you automatically consent to the transfer of the data that you entered in the entry form over to us. We store you name and email address, and possibly other information that you have provided us with, in order to be able to contact you and provide you with the best-possible answer to your enquiry. On the one hand, this allows us to offer you the service that you expect from us and, on the other, it provides us with the opportunity to continually improve (Art. 6, para. 1 (f) GDPR). You can object to the processing of your data at any time. All the details concerning your right to object in accordance with Art. 21 GDPR can be found at the end of this Privacy Statement.
Google Maps:
Our website uses the Google Maps map service via an API (application programming interface). The provider of this map service is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. In order to be able to use the Google Maps functions, your IP address needs to be saved. According to Google, this information is generally transferred to and stored on a server in the USA. We, as the operator of the website, have no influence on the transfer of these data. The information is not transmitted until you click the “activate” button on the map. Upon activating the map, you automatically consent to the transfer of this information. If you do not wish to consent to the transfer of this information, please do not click on the “activate” button on the map. You can then continue to use the page without a transfer taking place. Google Maps is used with a view to presenting our online portfolio in an attractive way and to make it easy to find us at the locations stated on our website. This constitutes a legitimate interest as provided for in Art. 6, para. 1 (f) GDPR.
More information on the handling of user data can be found in Google’s Privacy Statement: https://policies.google.com/privacy?hl=de&gl=de
Google reCaptcha:
To protect your orders when you enter them using an Internet form, our company uses the reCAPTCHA service offered by Google Inc. (Google). This query serves to differentiate whether the entry was made by a human being or in a fraudulent manner through automated machine-processing. This query includes sending your IP address, and possibly other data required by Google for their reCAPTCHA service, to Google which is why your entry is transmitted to Google where it will be further processed.
When you use the Google reCAPTCHA service, you automatically declare that you agree to the dispatching of your data to Google. However, should IP anonymization be activated on the website, your IP address will be shortened by Google within the Member States of the European Union and other signatories to the Agreement on the European Economic Area prior to being dispatched. Only in exceptional cases will your full IP address be transmitted to a Google server in the USA where it will then be shortened.
On behalf of the provider of this website, Google will use this information to evaluate your usage of this service. Google will not combine the IP address transmitted by your browser during the reCAPTCHA process with any other data. Google’s deviating data protection rules apply to these data.
More information on Google’s data protection rules can be found at https://policies.google.com/privacy?hl=de&gl=de
You Tube:
We use YouTube to integrate videos to make our webpage attractive and informative for you.
As a rule, when you visit one of our pages which incorporates a YouTube plugin, a connection to the YouTube servers is normally established. However, we use Heise’s embetty tool on our website to prevent this from happening. All of our videos have been embedded on our pages using “embetty” so that your IP address is not actually transmitted to the YouTube servers until you actively click on the video in question. Should you fail to do this, however, no data will be sent to YouTube whilst you are visiting our website.
Our legitimate interests, as described in Art. 6, para. 1 (f) GDPR, provide the legal basis for our data processing activities (in as far as such processing actually takes place).
YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, is the company that operates YouTube.
YouTube sets cookies to collect information on those who visit their Internet page. Among other things, YouTube uses these to record video statistics, to avoid and investigate cases of fraud and to improve user-friendliness. This may also result in a connection being made to Google’s DoubleClick Network. If you launch a YouTube video, this may initiate further data processing processes. We have no influence on this.
If you have a YouTube account and are logged in to this account when you call up our webpages, you are basically allowing YouTubeto directly associate your surfing behavior with your personal YouTube profile. You can avoid this by logging out of your YouTube account.
More information on data protection at YouTube can be found in their Privacy Statement at: https://www.youtube.de/t/privacy resp. at:
https://policies.google.com/privacy?hl=de&gl=de
TRACKING TOOLS:
Use of Matomo
Our website uses Matomo, an open source web analysis service. Matomo uses your device fingerprint to analyze your behavior on our website. The device fingerprint stores information that Matomo recognizes as a unique "fingerprint" the next time you visit our website. During this process, your data is immediately anonymized and randomly changed every 24 hours, so that you as a user remain anonymous to us. The information used for website optimization is stored on our server. We carry out this type of analysis within the scope of our legitimate interest in accordance with Art. 6 Paragraph 1 f GDPR. The server on which the data is stored is hosted by a service provider. The legal basis for forwarding the data for this purpose is data processing addendum in accordance with Art. 28 GDPR.
The following information is stored in the device fingerprint:
• Information on location (continent, country, city, browser language)
• Device (type, model, screen resolution)
• Software (operating system, browser, browser plugins)
• (anonymized) IP address
• Times of the server request
• References from other websites (referrer)
If you do not agree to the storage and evaluation of this data from your visit, you can object to the storage and use of your data below. In this case, a so-called opt-out cookie is stored in your browser, which means that Matomo does not collect any session data. Attention: If you delete your cookies, this means that the opt-out cookie will also be deleted and may have to be reactivated. You can deactivate data collection by Matomo at the end of this privacy policy. If your browser supports the "Do-Not-Track" technology and you have activated it, your visit will be automatically ignored.
Use of Google Tag Manager
We deploy Google Tag Manager which is supplied by Google. Google Tag Manager can manage a broad range of different website tags used by marketers via one single interface. The tool (Tag Manager which implements the tags) is a cookie-free domain which does not collect any personal data. This solely activates tags that may, in turn, possibly collect data. However, Google Tag Manager does not access these data. If a deactivation takes place at domain or cookie level, this remains unchanged for all tracking tags that were implemented using Google Tag Manager.
Social Media-Plugins:
Our website does not use any social media plugins. However, we do set links to the social media platforms on which we are represented. You can use these links to directly get to our presence at, for example, Facebook, Twitter or Google+. The respective providers are themselves responsible for data protection on these social media platforms. In the following, we will be providing you with information on the various social media platforms, resp. on the respective function of the social media plugins, although we do not actually deploy these:
The “XING share button” is used on this website. If you visit this website, your web browser will briefly connect to the servers of XING AG (“XING”) which make the functions of the “XING share button” available (including a visitor count). XING does not store any personal data on your person or your visit when you call up this webpage. XING does not store IP addresses - neither does XING use cookies to observe your visitor behavior in connection with the “XING share button”. Please visit the following webpage for the current version of the Privacy Statement applying to the “XING share button” and for further information: https://dev.xing.com/plugins/share_button/privacy_policy
Plugins from the LinkedIn social network of the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA - hereinafter referred to as “LinkedIn” - are integrated into this website. These can be typically recognized by the LinkedIn logo (the letters “in” in white on a blue background) and the inclusion of text, such as, for example, “share”. Full details on the appearance of the LinkedIn plugin is available at: https://developer.linkedin.com/plugins.
LinkedIn logs information from the moment you call up our page and makes a connection between your browser and the LinkedIn servers. We, as the operator of the website, have no influence on the scope of the data or which data are transferred to LinkedIn through this plugin. According to LinkedIn, your logins, cookies, device information and IP addresses are used to identify you and log your usage. However, as soon as you click on one of the plugins, additional information is transferred which can directly link you to your LinkedIn account (in as far as you own such an account and are logged in). More information on this can be found in LinkedIn’s Privacy Statement at: https://www.linkedin.com/legal/privacy-policy
Our website contains functions (plugins) belonging to the Twitter microblogging service which is provided by Twitter Inc., 1355 Marktet Street, Suite 900, San Francisco, CA 94103, USA - hereinafter referred to as “Twitter”. These plugins can be recognized by their Twitter logo (white bird outline on a light blue background - or the other way around with an additional “tweet” text). If you visit our website, a direct connection is made between your browser and the Twitter servers. So-called “log data” are sent to Twitter via this connection - even if you do not own a Twitter account. According to Twitter, these can include your IP address, browser type, operating system or information on the websites that you have called up. No connection is made between your web activities and your name, your email address, telephone number or Twitter user name. Twitter deletes, veils or aggregates your log data after a maximum period of 30 days. According to Twitter, all the information collected serves to personalize, evaluate and improve their own services.
Information on Twitter’s data protection guidelines are available at: https://twitter.com/de/privacy
You can set your personalization settings at: https://twitter.com/personalization
You can change your data protection settings at Twitter in your account settings at https://twitter.com/login?redirect_after_login=%2Faccount%2Fs
Further general information:
Changes to this Privacy Statement
We check this Privacy Statement on a regular basis to ensure that it complies with the legal provisions, the jurisprudence and the statements of the supervisory authorities, as well as to align it to emerging trends and the technological state of the art. In this respect, we reserve the right to change this Privacy Statement, in order to adjust this in line with new legal data protection requirements or other changes in the factual or legal circumstances. We kindly ask, therefore, that you always check the information on our Privacy Statement applicable at the time prior to using our website.
Who is responsible for the data processing? (Art. 13, para. 1 (a), (b) GDPR)
C.Ed. Schulte GmbH Zylinderschlossfabrik is responsible for data processing on our webpage. Please refer to the imprint for the respective contact details: https://www.ces.eu/en_us/imprint.html
You can reach our Data Protection Officer at the following address:
C.Ed. Schulte GmbH Zylinderschlossfabrik
To the attention of the Data Protection Officer
Friedrichstraße 243
42551 Velbert
Germany
P.O. Box 10 11 80, 42547 Velbert, Germany
Email: datenschutz@ces.eu
Tel.: +49 (0)2051 2040–0
Who receives your personal data? (Art. 13, para. 1 (e), (f) GDPR)
We treat your personal data confidentially and never pass these on to third parties unless you have provided us with your consent to do so or in cases where these are to be made available based on a legal or contractual commitment. In individual cases, we may contract a processor to process your personal data. This would be carried out in accordance with Art. 28 GDPR and on the basis of a respective commissioned data processing contract.
How long are the data stored? (Art. 13, para. 2 (a) GDPR)
The legislator has imposed numerous retention periods and deadlines.
We only store your data as long as this is legally required.
Once these periods have lapsed, we delete the respective data as a matter of routine, in as far as they are no longer required with a view to fulfilling the contract. We store data that are processed based on your consent until this consent is revoked, resp. as long as these data are required. We store data that are processed based on a legitimate interest as long as this legitimate interest continues to exist.
In line with the legal provisions, commercial law data or financially-relevant data ensuing from a closed financial year are deleted after ten years, in as far as no longer retention periods have been stipulated or are required for legitimate reasons. In as far as the data are not subject to specific retention periods, they are deleted when the purpose for which they were processed ceases to exist.
For which purposes and on which legal basis do we process your personal data? (Art. 13, para. 1 (c), (d) GDPR)
We have already outlined the purposes and legal basis for processing data. In addition, the following generally applies:
Where required, we process your data to safeguard our legitimate interests or those of other third parties in accordance with Art. 6, para. 1 (f) GDPR, for example to establish legal claims or to defend ourselves in legal disputes or to uphold our IT operations or security.
Only in cases where we have a legitimate interest or where we have received your written consent to process your personal data do we process your data for purposes of external communications and marketing on the basis of Art. 6, para. 1 (a) or (f) GDPR. You have the right to revoke your consent at any time.
To comply with legal obligations, we are allowed or must, where required, process your data and pass these on to third parties (in accordance with Art. 6, para. 1 (c)).
In no case shall we use your data in an automated decision-making process or for profiling purposes.
Furthermore, we use cookies to be able to offer you an improved service when using our webpage and to make this webpage more convenient for you to use (Art. 6, para. 1 (f) GDPR).
What are your rights and obligations? (Art. 13, para. 2 (b), (c), (d), (e) GDPR)
All data subjects have the following rights:
In accordance with Art. 15 GDPR, you have the right to receive information. This means that you can request confirmation from us as to whether your personal data are being processed by ourselves.
In accordance with Art. 16 GDPR, you have the right to rectification. This means that you can demand that we rectify any incorrect personal data concerning yourself.
In accordance with Art. 17 GDPR, you have the right to erasure (“right to be forgotten”). This means that you can demand that we erase any personal data concerning your person without undue delay - unless we are unable to erase your data due to being required to observe, for example, legal retention periods.
In accordance with Art. 18 GDPR, you have the right to restriction of processing. This means that we are practically no longer allowed to process your personal data - apart from storing them.
In accordance with Art. 20, GDPR, you have the right to data portability. This means that you have the right to receive the personal data concerning yourself and that you have made available to us in a structured, commonly used and machine-readable format and to transmit these data to another controller.
In accordance with Art. 7, para. 3 GDPR, you have the right to withdraw any consent you have provided at any time with future effect.
In accordance with Art. 13 GDPR, you have the right to lodge a complaint with the responsible supervisory authority.
In addition, you also have the right to object which we will be explaining in more detail at the end of this data protection information sheet.
If you would like to exercise any of your above rights, please contact our Data Protection Officer (see contact information listed above).
Responsible supervisory authority
State Data Protection Officer
North Rhine-Westphalia
Office address: Kavalleriestr. 2–4, 40312 Düsseldorf, Germany
Postal address: P.O. Box 200444, 40102 Düsseldorf, Germany
Tel.: +49 (0)211 38424-0
Email address: poststelle@ldi.nrw.de
Information on your right to object in accordance with Art. 21 General Data Protection Regulation (GDPR)
You have the right to object, on grounds resulting from your particular situation, at any time to the processing of personal data concerning your person which is carried out based on Art. 6, para. 1 (f) GDPR (data processing based on the weighing up of legitimate interests); this also applies to profiling based on this provision as described in Art. 4 (4) GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing which override your interests, rights and freedoms or where this processing is for the establishment, exercise or defense of legal claims.
Please direct your objection in writing (via email or post) to the attention of our Data Protection Officer (see contact information listed above).
