PRIVACY POLICY

Luksens Data Protection Policy

At Luksens, data protection is a top priority. We are committed to processing personal data strictly within the framework of legal provisions and by implementing robust technical and organizational data security measures.

1. General Information

1.1 Objective and Responsibility

This Data Protection Policy outlines the type, scope, and purpose of personal data processing within our online offerings, including all associated websites, features, and content (collectively referred to as “online offering” or “website”). This policy applies regardless of the domains, systems, platforms, or devices (e.g., desktop or mobile) used to access our online offering.

Please note: This Data Protection Policy does not apply to our e-commerce web shops.

The provider of this online offering and the data controller under data protection law is:

Luksens Technologie GmbH An der Holzung 9, 40668 Meerbusch, Germany (Hereinafter referred to as “provider,” “we,” or “us”).

You can reach our Data Protection Officer at: info@Luksens.com.

The term “user” encompasses all customers, their employees, and visitors to our online offering. All terms used are to be understood as gender-neutral.

Luksens’ products and services are exclusively intended for businesses. Our websites, including advertising and business contact forms, are not directed at children or young persons (individuals under 18 years of age). Persons under 18 are not authorized to complete and submit these contact forms to Luksens. Except as stated below, we do not knowingly collect personal data from individuals under 18. Luksens will only request data from individuals under 18 when they apply for a job, training, or student placement through a separately established Luksens application portal. The data requested in such cases will be used solely for the application process and will be deleted in accordance with data protection regulations once the process is complete.

1.2 Legal Basis for Data Processing

We collect and process personal data based on the following legal grounds, as defined by the General Data Protection Regulation (GDPR):

• Consent (Article 6(1) lit. a GDPR): We process your data when you have given us clear, informed, and unambiguous consent. This means you have freely agreed to the processing of your personal data for a specific purpose through a statement or a clear affirmative action.

• Contractual Necessity (Article 6(1) lit. b GDPR): Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract. This applies when the data is essential for us to fulfill our contractual obligations to you or to prepare for a contract’s conclusion.

• Legal Obligation (Article 6(1) lit. c GDPR): We may process your data where it’s necessary for compliance with a legal obligation to which we are subject (e.g., tax or commercial law requirements).

• Legitimate Interests (Article 6(1) lit. f GDPR): We may process your data when it’s necessary for the purposes of our legitimate interests or those of a third party, except where your interests or fundamental rights and freedoms, which require the protection of personal data, override those interests.

1.3 Your Data Protection Rights

As a data subject, you have the following rights regarding your personal data under the GDPR:

• Right of Access (Article 15 GDPR): You can request confirmation of whether your personal data is being processed. If so, you have the right to access the data we hold about you, free of charge.

• Right to Withdraw Consent (Article 7 GDPR): If our processing of your personal data is based on your consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.

• Right to Object (Article 21 GDPR): If the processing of your personal data is based on our legitimate interests, you have the right to object to such processing at any time.

• Right to Erasure (“Right to be Forgotten”) (Article 17 GDPR): You can request the deletion of your personal data if:

  • You withdraw your consent.

  • You object to the processing (and there are no overriding legitimate grounds for us to continue processing).

  • The data is no longer necessary for the purposes for which it was collected.

  • There is a legal obligation for us to delete it.

  • The data has been unlawfully processed.

• Right to Rectification (Article 16 GDPR): If your personal data is inaccurate, you have the right to request its immediate correction.

• Right to Restriction of Processing (Article 18 GDPR): Under specific conditions, you have the right to request that we restrict the processing of your personal data.

• Right to Data Portability (Article 20 GDPR): You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format. You also have the right to transmit that data to another controller where technically feasible.

• Right to Lodge a Complaint (Article 77 GDPR): You have the right to lodge a complaint with a competent supervisory authority if you believe that the processing of your personal data infringes the GDPR.

1.4 Data Retention and Deletion

We retain personal data only as long as necessary for the purpose for which it was collected or as required by law.

• Data stored by us will be deleted once it is no longer required for its intended purpose and no legal obligations (e.g., commercial or tax law) mandate its retention. We review the necessity for retention every two years.

• If user data cannot be deleted because it is required for other legally permissible purposes, its processing will be restricted. This means the data will be blocked and not processed for other purposes.

1.5 Security Measures

We implement state-of-the-art organizational and technical security measures to ensure compliance with relevant legal provisions and to protect the data we process against accidental or intentional manipulation, loss, destruction, or unauthorized access.

Our security measures include, in particular, the encrypted transmission of data between your browser and our server.

1.6 Data Transfer to Third Parties and Third-Party Providers

Luksens transmits data to third parties exclusively within the framework of legal provisions. We only share user data with third parties if it is necessary (e.g., for billing purposes) or for other purposes essential to fulfilling our contractual obligations to users or meeting legal requirements.

• Where we use subcontractors to provide our services, we take appropriate legal precautions and technical and organizational measures to ensure personal data protection in accordance with legal requirements.

• If content, tools, or other resources from other providers (collectively referred to as “third-party providers”) are used within this data protection policy and their registered office is located in a third country (countries outside the EU or European Economic Area where the GDPR is not directly applicable), a data transfer to those third countries is presumed.

• Data transfer to third countries occurs only if there is an adequate level of data protection, with your explicit consent, or based on other legal permissions (e.g., Standard Contractual Clauses).

1.7 External References and Links

Our online offering may contain cross-references or links to content provided by other providers. By providing a link to external websites (“hyperlinks”), Luksens does not endorse these external websites or their content. Should Luksens become aware of any legal violation by an external website, we will remove the link immediately.

Luksens accepts no responsibility for the availability or content of these external websites. Your access to and use of these other websites, including their content, elements, or services, is entirely at your own risk. Luksens’ liability for external references and links is governed by the provisions outlined in our Disclaimer section.

2. Cookies & Reach Measurement

2.1 General Information

Cookies are small pieces of information transmitted from our web server or third-party web servers to your web browser and stored for later retrieval. Cookies can be small files or other types of information storage. We will inform you about the use of cookies, including for pseudonymous reach measurement, within this data protection policy.

You can find detailed information about the cookies used on our website on our cookie information page: https://www.luksens.com/De_Ck_index_gci_1.html.

We only use non-essential cookies if you have given us your explicit consent (opt-in). Additionally, if you prefer not to have cookies stored on your computer, you can deactivate the corresponding option in your browser’s system settings. Stored cookies can also be deleted in your browser’s system settings. Please be aware that excluding cookies may lead to functional limitations of our online offering.

2.2 Options for Objection (Opt-Out)

You can object to the use of cookies for reach measurement and advertising purposes via the opt-out pages of the Network Advertising Initiative (http://optout.networkadvertising.org/), the US website (http://www.aboutads.info/choices), or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

3. Specific Data Processing Activities

3.1 Contacting Us

When you contact us (e.g., via contact form or email), your details are processed solely for the purpose of handling and responding to your inquiry. Your details may be stored in one of our Customer Relationship Management (CRM) systems. The legal basis for the further processing of this data is the preparation of a business transaction (pursuant to Article 6(1) lit. b GDPR).

3.2 Cookie Consent Management

The cookie set on your device stores only the consents you have given upon entering our website. If you wish to revoke these consents, simply delete the cookie in your browser. We obtain your consent for the deployment of cookies for all web pages within the www.Luksens.com domain.

3.3 Google Tag Manager

If you provide us with your consent, we use Google Tag Manager. This solution allows us to manage various website tags (such as Google Analytics and other Google marketing services) through a single interface. The Tag Manager itself (which implements the tags) does not process any personal data of users. For information regarding the processing of your personal data by Google services, please refer to the following sections. Usage policies: https://www.google.com/intl/de/tagmanager/use-policy.html.

3.4 Google Analytics

With your consent, we use Google Analytics, a web analytics service provided by Google Ireland Limited (“Google”), to analyze and optimize our online offering. Google Analytics uses cookies. The information generated by the cookie about your use of our online offering is typically transmitted to and stored on a Google server in Ireland.

• Google will use this information on our behalf to evaluate your use of the website, compile reports on website activity, and provide other services related to website activity and internet usage. In doing so, pseudonymous user profiles can be created from the processed data.

• We use Google Analytics with IP anonymization activated. This means your IP address is shortened by Google within member states of the European Union or other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

• The IP address transmitted by your browser will not be merged with other Google data.

• You can prevent the storage of cookies by adjusting your browser software settings. You can also prevent Google’s collection and processing of the data generated by the cookie and related to your use of the online offering by downloading and installing the browser plug-in available at: http://tools.google.com/dlpage/gaoptout?hl=de.

• For more information about Google’s data use, setting, and objection options, please visit Google’s websites:

  • “Data use by Google when using websites or apps of our partners”: https://www.google.com/intl/de/policies/privacy/partners

  • “Data use for advertising purposes”: http://www.google.com/policies/technologies/ads

  • “Manage information Google uses to show you ads”: http://www.google.de/settings/ads

3.5 Targeting with Google Analytics

If you consent to the use of Google Analytics, we utilize it for targeting purposes. This allows us to display advertisements within Google’s advertising services and those of its partners only to users who have shown an interest in our online offering or possess certain characteristics (e.g., interests in specific topics or products determined by websites visited), which we transmit to Google (known as “Remarketing Audiences” or “Google Analytics Audiences”). Through Remarketing Audiences, we aim to ensure our advertisements align with users’ potential interests.

Further information on Google’s data use, setting options, and objection options can be found on Google’s websites:

• “Data use by Google when using websites or apps of our partners”: https://www.google.com/intl/de/policies/privacy/partners

• “Data use for advertising purposes”: http://www.google.com/policies/technologies/ads

• “Manage information Google uses to show you ads”: http://www.google.de/settings/ads

3.6 Google Re/Marketing Services

With your consent, we use the marketing and remarketing services (short for Google marketing services) of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

• User data is processed pseudonymously as part of Google marketing services. This means Google does not store and process your name or email address directly. Instead, it processes relevant data on a cookie basis within pseudonymous user profiles. From Google’s perspective, ads are managed and displayed for the cookie holder, regardless of who that individual is, unless you have explicitly allowed Google to process data without this pseudonymization. Information collected by Google marketing services about users is transmitted to Google and stored on Google’s servers in the USA.

• The Google marketing services we use include the online advertising program “Google Ads” (formerly Google AdWords). Each Google Ads customer receives a unique “conversion cookie.” This prevents cookies from being tracked across the websites of different Google Ads customers. The information obtained via the cookie is used to generate conversion statistics for Google Ads customers who have opted for conversion tracking. Google Ads customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that could personally identify users.

• We may integrate third-party advertisements based on the Google marketing service “Display & Video 360.” This service uses cookies to enable Google and its partner websites to serve ads based on users’ visits to this website or other websites on the Internet.

• You can find more information about Google’s use of data for marketing purposes on the overview page: https://www.google.com/policies/technologies/ads. Google’s privacy policy is available at: https://www.google.com/policies/privacy.

• If you wish to object to interest-based advertising by Google marketing services, you can use the settings options provided by Google: http://www.google.com/ads/preferences.

4. Changes to This Data Protection Policy

We reserve the right to modify this Data Protection Policy to adapt it to changed legal situations or in the event of changes to our services and data processing practices. However, this only applies to declarations concerning data processing.

• If user consent is required, or if parts of this Data Protection Policy contain provisions of the contractual relationship with users, changes will only be made with the explicit consent of the users.

• We encourage users to regularly review the content of this Data Protection Policy to stay informed.