Privacy Policy

DATA PROTECTION

The topic of data protection is very important to us. Therefore, we will inform you below about how we process your personal information and what rights you have in this regard.

§ 1   INTRODUCTION

We,

FLOCERT GmbH
Bonner Talweg 177
53129 Bonn

are the operator (hereinafter "we" or "operator") of the website www.flocert.net (hereinafter "website") and the services offered thereon and thus responsible for the collection, processing and use of personal data.

Our company data protection officer can be contacted in writing at dhpg IT-Services GmbH, Bunsenstr. 10a, D-51647 Gummersbach, FAO Dr Christian Lenz, or to datenschutz@dhpg.de or under +49 2261-8195-0.

The principle of data economy is already of great importance to us in the data collection stage. We collect and process personal data only to the extent that you have given us your consent or the legislator expressly permits or requires us or you authorise us to do so. The following is to explain to you what kind of data we collect, how we use such data and what rights you have against us regarding the use of your data:

 

§ 2   COLLECTION AND RETENTION OF PERSONAL DATA

1.           Personal data

Personal data is individual details about personal or material circumstances of an identified or identifiable natural person. This thus includes, for ex., your real name, address, e-mail address, phone number or date of birth. This term further covers company-related data.

2.           Collection

a) your visit of our website

Unless stated otherwise in the following paragraphs, personal data is basically not collected, processed or used when you use our websites.

When you visit our website, our servers will temporarily save every access in a log file. In this context, the following data will be collected without any action on your part and will be retained by a computer centre engaged by us on a server in Germany until its automated erasure after 30 days at the latest:
– the IP address allocated to your computer,
– the name and URL of the requested file,
– the referrer URL (the previously visited page),
– the request date and time,
– the browser version used by you.

The legal basis for data processing is the 1st sentence of point (f) of Art. 6(1) GDPR.

b ) contact form

When you contact us by contact form or complete our complaint form online, we will retain your e-mail address, name, country and IP address. We cooperate with the "Form Assembly" software provider to create the online form structure allowing you to transfer your request. The personal data entered by you using this format will be gathered to enable the relevant department to process your request and to contact you regarding the subject of the request. Data processing for contacting us is based on the 1st sentence of point (a) of Art. 6(1) GDPR and the consent given voluntarily by you. The personal data collected by us when you use the contact form will be erased automatically once the request submitted by you has been dealt with.

c) newsletter subscription

To dispatch the newsletter following your explicit consent (1st sentence of point (f) of Art. 6(1) GDPR), we use the double opt‐in procedure, i.e. we will not send any newsletter to you by e‐mail until you have explicitly confirmed to us beforehand that we should enable the newsletter service. We will then send a confirmation e‐mail to you, asking you to click on a link contained in this e‐mail to confirm that you would like to receive our newsletter.

By opening the first automatically generated confirmation e‐mail to receive the newsletter, and by opening each newsletter e‐mail, further data will be collected and transferred to us to manage the newsletter dispatch. This includes, for ex.,

– the subscriber who has opened the newsletter or clicked on links (incl. number of clicks),
– the registration time and, if applicable, whether subscribers have unsubscribed from the newsletter,
– any occurring returns (e.g. if e‐mail accounts are overfilled or do not exist).

We evaluate such data only for statistical purposes in order to further optimise our offerings. By subscribing to the newsletter, you consent to the use of such data. Your data will not be used for any other purposes.

We will use the personal data collected from you as part of the e‐mail newsletter only internally to optimise and send the newsletter expressly requested by you. We will neither sell nor forward your personal data to third parties for advertising, market or opinion research processes.

If you do no longer want to receive any newsletters from us at any later time, you may object to such receipt at any time. To do so, a notification in text form to the contact details stated above (e.g. e‐mail, letter) is sufficient. Of course, you can also find an ‘unsubscribe' link in each newsletter.

d) applicant portal

It is particularly important to us to ensure the highest possible protection of your personal data. Any personal data which is collected and processed by us in the course of an application is protected against unauthorised accesses and manipulations through appropriate technical and organisational measures. Your data will be collected only to fill vacancies in our company. If you have given your express consent pursuant to the 1st sentence of point (a) of Art. 6(1) GDPR, we will use your personal data to process your application in our company and to send you relevant messages. The consent may be withdrawn at any time. You may send your consent by e-mail to [info@flocert.net] at any time.

You also have the option to have new, suitable job offers sent to you by e-mail via a form provided on the website. This requires the specification of a valid e-mail address. Data processing for sending job offers is based on the 1st sentence of point (a) of Art. 6(1) GDPR and the consent given voluntarily by you. The personal data collected by us when you use the contact form will be erased automatically with just one click once the consent has been withdrawn.

3.          Retention

We will retain and process your personal data on servers in Germany. We and the computer centres engaged by us will protect your data by technical and organisational safeguards to minimise risks in connection with any kind of loss, misuse, unauthorised access, unauthorised forwarding and amendment of and to such data. To do so, we use, for ex., firewalls and data encryption, but also physical data access restrictions and authorisation controls. We take measures to ensure that the personal data collected by us is correct and up to date.

You may withdraw your consent to the use or utilisation of your personal data informally at any time. If you withdraw your consent to the use or transfer of your personal data for the purposes stated in this privacy policy, we might no longer be able to enable you to access our website, applications or tools or to provide the services and customer services offered to our users and authorised pursuant to this privacy policy and our terms of use.

 

§ 3   USE OF PERSONAL DATA

Your personal data will be collected and processed to handle the mutual contractual relationship, especially for the purpose of

– knowing who our contracting partner is,
– checking the entered data for plausibility and the users' legal capacity,
– establishing, formulating the contents of, handling and, if applicable, modifying the contractual relationships with you in relation to the use of the website and the services offered thereon,
– contacting you in case of enquiries,
– receiving acknowledgements of receipt and read receipts of e‐mails,
– newsletter subscriptions,
– being informed about the date and time our website is visited.

Such data will not be evaluated before it has been pseudonymised. This enables us to evaluate the user behaviour without any specific personal reference to improve our website and services. You may object to the use of your personal data for advertising purposes in whole or for individual measures at any time. To do so, an informal notification in text form to the contact details stated above (e.g. e‐mail, letter) is sufficient.

 

§ 4   DATA DISCLOSURE

1.           Transmission of personal data to third parties

Your personal data will be forwarded or otherwise transferred to third parties only if this is required for contract handling purposes or if you have given your consent beforehand.Apart from that, we will not forward your data to third parties without your consent. Exceptions apply only where this is based on a legal obligation (e.g. information to specific public authorities as part of your legal duties) or necessary to enforce our rights, especially to enforce claims from the contractual relationship with you.

2.           Integration of third party services and contents

It may be the case that third-party contents, such as YouTube videos, Google map material, RSS feeds or graphics from other websites will be embedded in our website. This always requires that the providers of such contents ("third‐party providers") know the users' IP address, since they would not be able to send the contents to the browser of the respective user without the IP address. The IP address is thus required to display such contents. We endeavour to only use contents of those providers who use the IP address only to provide such contents. However, we have no influence over whether the third‐party provider retains the IP address, e.g. for statistical purposes. Where we are aware of this, we will inform the users accordingly.

 

§ 5   COOKIES AND WEB ANALYSIS SERVICES

1.          Cookies

Interactions with our websites are tracked using cookies and the technologies specified below in order to adapt them for you. Cookies are small files that are stored on your hard drive. This enables our website to be more easily navigated and to be more user friendly. The cookie is used to store information resulting in connection with the terminal specifically used in each case. However, this does not mean that we obtain direct knowledge of your identity. We use session cookies to determine whether you have already visited individual pages of our website. These will be erased automatically after you have left our website.

Furthermore, for the purpose of optimising user-friendliness, we also use temporary cookies which will be retained on your terminal for a certain fixed time period. If you revisit our website to make use of our services, these can automatically tell if you have already visited our website and can recognise your entries and settings, so as to save you from repeatedly having to enter such data. Moreover, we use cookies to analyse the use of our website statistically and to evaluate it to optimise our offering for you. When you revisit our website, these cookies allow us to recognise whether or not you have already accessed our website. These cookies will be automatically erased after a time period defined in each case.

The data processed by cookies is necessary for the above-mentioned purposes to safeguard our and third parties' legitimate interests pursuant to the 1st sentence of point (a) of Art. 6(1) GDPR.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies will be retained on your computer or that a note will appear each time before a new cookie is placed. However, disabling cookies overall may result in you no longer being able to make full use of all features of our website.

2.          Web Analysis Tools

For statistical evaluation purposes, our website uses Google Analytics, a web analysis service of Google Inc. ("Google"). Google Analytics uses own cookies. In doing so, text files are retained on your computer, allowing to analyse your use of the website. The information generated by the cookie about your use of our website is usually transmitted to a Google server in the US and retained there.

To prevent such data from being personalised, your IP address is truncated and thus anonymised. Only in exceptional cases will the full IP address be transmitted to a Google server in the US and anonymised only there. Google will use this information on our behalf to analyse your use of the website, to compile reports on website activities and to provide us with further services in relation to the use of this website and of the Internet.

Google is obliged to not amalgamate the IP address transferred from your browser as part of Google Analytics with other data. Moreover, you can prevent the retention of cookies by setting your browser software accordingly. Please note, however, that you might not be able to make full use of all functions of our website in this case. You can also prevent the collection of the data generated by the cookie and related to your use of the website (incl. your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en-GB.

For more information on the terms of service and data protection, please see https://www.google.com/analytics/terms/us.html or http://www.google.com/intl/de/analytics/privacyoverview.html and
https://support.google.com/analytics/answer/2838718?hl=en&ref_topic=2790009.

Please note that Google is obliged by law to implement such measures. We cannot accept any liability for compliance with such obligations by Google.

 

§  6   SOCIAL PLUG-INS

1. We use social plug-ins of the short message service Twitter, namely the “Share” button. This plug-in is provided by the Twitter, Inc., 1355 Market St., Suite 900, San Francisco, CA 94103, USA, and provides data on Twitter. The plug-in is marked with the Twitter logo.

By enabling this plug-in, your browser will connect to Twitter’s servers. The content of the plug-in is transmitted directly to your browser. We do not have any influence on the content of the plug-in. At the same time, Twitter sets one or more cookies in your browser. Twitter receives data through the active plug-in and cookies, even if you have not yet clicked on the plug-in itself and even if you do not have a Twitter account. According to Twitter, this data includes the visited website, the previously visited page, the date, the time, the browser type, the operating system, your IP address, search terms used, your location, your mobile service provider, your mobile device, your application ID and Twitter cookies already stored in the browser (so-called Twitter widget data). Twitter can thus understand on which other websites with Twitter content (including these plug-ins) you were. In particular, Twitter uses this data for its “Tailored Suggestions” service, which recommends certain “tweets” for system and product improvement, adapting to user behavior, localizing, recording the way websites are used with Twitter Content and for the purpose of market research.

If you are logged in to Twitter when activating the plug-ins, Twitter can connect to your Twitter account. If you want to avoid this, you must first log out of your Twitter account before activating the Twitter plug-ins and delete all Twitter cookies after visiting websites with Twitter plug-ins.

According to their own statements, Twitter will start deleting the widget data after 10 days, which can take up to 7 days. Thereafter, Twitter uses only aggregated, anonymized data, such as how often a page with Twitter content was accessed.

Twitter’s plug-ins are set up so that we do not receive any of the information submitted using the plug-in or the Twitter cookies. We can only say that you have clicked on the plug-in and shared our content with others.

For more details on how Twitter interacts with your information, see the Twitter Privacy Policy at https://twitter.com/privacy.

2.We use social plug-ins of the Twitter short message service, i.e. the "share" button. This plug-in is offered by Twitter, Inc., 1355 Market St., Suite 900, San Francisco, CA 94103, USA, and transferred to Twitter. The plug-in is marked with the Twitter logo.

By enabling this plug-in, your browser will establish a connection to the Twitter servers. The plug-in content will be directly transferred to your browser. We do not have any influence on the plug-in content. At the same time, Twitter will use one or several cookie(s) in your browser. The active plug-in and the cookie(s) will provide Twitter with data, even if you have not yet clicked on the plug-in itself and even if you do not have a Twitter account. According to Twitter, this data includes the visited website, the previously visited website, date, time, browser type, operating system, your IP address, used search terms, your location, your mobile service provider, your mobile device, your application ID and Twitter cookies already stored in the browser ("Twitter widget data"). This allows Twitter to gather information about the websites with Twitter contents visited by you (including these plug-ins). Twitter will use this data, in particular, to provide its "Tailored Suggestions" service, which is used to recommend you specific "tweets", to improve systems and products, to adapt them to the user behaviour, to localise information, to record the way in which websites with Twitter contents are used, and for market research purposes.

If you are logged in to Twitter when enabling the plug-ins, Twitter can establish a connection to your Twitter account. If you want to avoid this, you must first log out of your Twitter account before enabling the Twitter plug-ins and erase all Twitter cookies after visiting websites with Twitter plug-ins.

According to own information, Twitter starts erasing the widget data after ten days, which may take up to seven days. Afterwards, Twitter will use only aggregated, anonymised data, e.g. how often a page with Twitter contents has been accessed.

Twitter plug-ins are set such that we will not receive any information transferred with the plug-in or the Twitter cookies. We can see only that you have clicked on the plug-in at all and have shared our contents with others.

More details on how Twitter handles your data can be found in the Twitter privacy provisions at https://twitter.com/privacy.

3. We use the Google+ plug-in ("+1" on a white background) of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. When visiting a page containing such a plug-in, your browser will establish a direct connection to the Google servers. As a result, information about your website visit will be forwarded to Google. We do not have any influence on the plug-in content. Where you are logged in to a Google+ or Google user account during the visit, Google can allocate the website visit to this account. By interacting with plug-ins, this corresponding information will be directly transferred to Google and retained there. If you want to prevent such data transfer, you must log out of your Google+ or Google account before visiting our online presence. We do not have any influence on the volume and content of the data collected by Google using the button. You can obtain information about the purpose and scope of such data collection from Google.

If you do not want Google to gather data about you and to link such data with your member data retained with Google, you must log out of Google before visiting our website. For further information on the purpose and scope of data collection, its further processing and use by Google+ and your related rights and setting options to protect your privacy, please refer to the Google+ privacy notices ( https://policies.google.com/privacy?hl=en-GB ).

 

§ 7   DATA ACCESS, RECTIFICATION AND ERASURE

You have a right of access to the personal data retained about you and a right to have inaccurate data rectified and to have data blocked and erased.

To access your personal data, to have inaccurate data rectified or to have data blocked or erased and in case of further questions on the use of your personal data, please contact us on info@flocert.net or by mail to the address specified above.

You can withdraw your consent once given to us at any time. This will have the consequence that we will no longer be allowed to continue any data processing that was based on this consent in the future.

In addition, you can lodge a complaint with the relevant supervisory authority. To this end, you can generally contact the supervisory authority at your place of usual residence or place of work or at our place of business.

Where your personal data is processed based on legitimate interests pursuant to the 1st sentence of point (f) of Art. 6(1) GDPR, you have the right, pursuant to Art. 21 GDPR, to object to the processing of your personal data on grounds relating to your personal situation or where such objection is brought against direct marketing. In the latter case, you have a general right to object, which we will implement without any particular situation being indicated. If you wish to make use of your right of withdrawal or objection, simply send an e-mail to info@flocert.net.

 

§  8   DATA SECURITY

When you visit the website, we will use the common SSL procedure (Secure Socket Layer) in combination with the respective highest degree of encryption that is supported by your browser. This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we will use the 128-bit v3 technology instead. You can see whether individual pages of our online presence are transferred in encrypted form by the ‘closed' icon of the key or lock symbol in the lower status line of your browser. Apart from the above, we use appropriate technical and organisational security measures in order to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or access by unauthorised third parties. Our security measures are subject to continuous improvement in line with technological developments.

 

§  9  TOPICALITY OF AND AMENDMENTS TO THE PRIVACY POLICY

This privacy policy is currently valid and dates from July 2018. Due to our website and related offerings being developed further or amended legal or official regulations, it may become necessary to amend this privacy policy. You can access and print out the respective current privacy policy at any time at https://www.flocert.net/privacy-policy/.

 

§  10  MOBILE DEVICES

The provisions of this privacy policy also apply to the mobile access and the use of mobile devices.