Data protection is a high priority at Luksens. We therefore process personal data exclusively within the framework of the statutory provisions and in compliance with appropriate technical and organisational data security measures.
1 General information
1.1 Objective and responsibility
(1) This data protection declaration informs users about the type, scope and purpose of the processing of personal data within our online offer and the websites, functions and content connected with it (hereinafter jointly referred to as “online offer” or “website”). The data protection declaration applies regardless of the domains, systems, platforms and devices (e.g. desktop or mobile) used on which the online offer is executed. This data protection declaration does not apply to the e-commerce web shops.
(2) The provider of the online offer and responsible under data protection law is Luksens Technologie GmbH, An der Holzung 9, 40668 Meerbusch, Germany, (hereinafter referred to as “provider”, “we” or “us”).
(3) Our data protection officer can be reached at the following e-mail address: info@Luksens.com.
(4) The term “user” includes all customers and their employees as well as visitors to our online offer. The terms used, such as “user”, are to be understood as gender-neutral.
(5) Luksens’ products and services are exclusively intended for businesses. Luksens’ websites, including advertising and business contact forms on Luksens’ websites, are not directed at children and young persons (persons under 18 years of age). Persons under the age of 18 are not authorised to complete and submit these contact forms to Luksens. Except as set out below, no personal data is knowingly collected from persons under the age of 18. Luksens will only request data from persons under the age of 18 when such persons apply for a job, training or student placement with Luksens in a Luksens application portal set up separately for such persons. The requested data will only be used for the purpose of the application process. It will not be used for any other purpose and will be deleted after the application process has been completed in accordance with data protection regulations.
1.2 Legal basis
We collect and process personal data based on the following legal bases:
(1) Consent in accordance with Article 6 paragraph (1) lit. a of the General Data Protection Regulation (DSGVO). Consent is any voluntary, specific, informed and unambiguous expression of will in the form of a statement or other unambiguous affirmative act by which the data subject indicates his or her agreement to the processing of personal data relating to him or her.
(2) Necessity for the performance of a contract or for carrying out preparatory measures pursuant to Article 6(1)(b) of the GDPR, i.e. the data are necessary for us to be able to fulfil our contractual obligations towards users or we need the data in order to prepare for the conclusion of a contract with users.
(3) Processing for compliance with a legal obligation pursuant to Article 6(1)(c) of the GDPR, i.e. processing of the data is required, for example, by law or other regulation.
(4) Processing for the purposes of legitimate interests pursuant to Article 6(1)(f) of the GDPR, i.e. that the processing is necessary to protect our legitimate interests or the legitimate interests of third parties, except where such interests are overridden by the interests or fundamental rights and freedoms of users which require the protection of personal data.
1.3 Rights of the data subjects
(1) Right of access: Users may request confirmation as to whether their data concerned are being processed, in accordance with Article 15 of the GDPR. If this is the case, users have the right to be informed free of charge about the information processed.
(2) Right to withdraw consent: If the processing of personal data is based on consent, users have the right to withdraw this consent at any time in accordance with Article 7 of the GDPR.
(3) Right to object: If the processing of personal data is necessary to protect the legitimate interests of our company, users may object to the processing at any time in accordance with Article 21 of the GDPR.
(4) Right to erasure: If users have withdrawn their consent, objected to the processing of their personal data (and there are no overriding legitimate grounds for the processing), their personal data is no longer necessary for the purposes of the processing, there is a legal obligation to do so or personal data has been processed unlawfully, users have the right to request erasure of their personal data pursuant to Article 17 GDPR.
(5) Right to rectification: Where personal data have been processed inaccurately, users have the right to request rectification of such data without undue delay in accordance with Article 16 of the GDPR.
(6) Right to restriction of processing: Under the conditions of Article 18 of the GDPR, users have the right to request the restriction of the processing of their personal data.
(7) Right to data portability: Users have the right to receive personal data provided by them in a structured, commonly used and machine-readable format in accordance with Article 20 GDPR.
(8) Right to complain: Users have the right to complain to the competent supervisory authority in accordance with Article 77 of the GDPR.
1.4 Deletion of data
(1) The data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no legal obligations to retain the data. We review the necessity every two years.
(2) If the user data is not deleted because it is required for other and legally permissible purposes, its processing is restricted. I.e. the data is blocked and not processed for other purposes. This applies, for example, to user data that must be retained for reasons of commercial or tax law.
1.5 Security measures
(1) We take organisational and technical security measures in accordance with the state of the art to ensure that the relevant statutory provisions are complied with and thus to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons.
(2) The security measures include in particular the encrypted transmission of data between the user’s browser and our server.
1.6 Transfer of data to third parties and third-party providers
(1) Luksens transmits data to third parties exclusively within the framework of the legal provisions. We only pass on user data to third parties if this is necessary (e.g. for billing purposes) or for other purposes that are necessary to fulfil our contractual obligations to users or to meet legal requirements.
(2) Where we use subcontractors to provide our services, we will take appropriate legal precautions and technical and organisational measures to ensure the protection of personal data in accordance with the relevant legal requirements.
(3) If content, tools or other means from other providers (hereinafter collectively referred to as “third party providers”) are used within the scope of this data protection declaration and their named registered office is located in a third country, it is to be assumed that a data transfer to the third party providers’ registered office states takes place.
(4) Third countries are countries in which the GDPR is not directly applicable, i.e. basically countries outside the EU or the European Economic Area. The transfer of data to third countries takes place either if there is an adequate level of data protection, user consent or otherwise legal permission.
1.7 External references and links
A distinction must be made between our own content and cross-references or links to content provided by other providers. By providing a link to external websites (“hyperlinks”), Luksens does not adopt these external websites or their content as its own. Should Luksens become aware of a violation of the law by the external website, Luksens will remove the link immediately. Luksens accepts no responsibility for the availability or content of these external websites. Access to and use of these other websites, including the content, elements or services on these websites, is entirely at your own risk. With regard to Luksens’ liability for external references and links, the provisions under the Disclaimer section apply accordingly.
2 Cookies & Reach Measurement
2.1 General information
(2) Users can find detailed information about cookies on our website on our cookie information page (see https://www.luksens.com/De_Ck_index_gci_1.html ).
(3) We only use non-essential cookies if you have expressly consented (opt-in). In addition, users who do not want cookies to be stored on their computer can deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.
2.2 Options for objection
3 Specific data processing
(1) When contacting us (via contact form or e-mail), the user’s details are processed for the purpose of handling the contact request and its processing.
(2) The user’s details may be stored in one of our customer relationship management systems (“CRM systems”). The legal basis for the further processing of the data is the preparation of a business transaction (pursuant to Article 6 paragraph (1) lit. b DSGVO.
3.2 Cookie consent management
(1) Only the user’s consents given when entering the website are stored in the cookie set. If the user wishes to revoke these consents, the user simply deletes the cookie in the browser.
(2) We obtain the consent given by the user for the playout of cookies for all web pages of the www.Luksens.com domain.
3.3 Google Tag Manager
If you give us your consent for this, we use Google Tag Manager. Google Tag Manager is a solution with which we can manage so-called website tags via an interface (and thus, for example, integrate Google Analytics and other Google marketing services into our online offer). The tag manager itself (which implements the tags) does not process any personal data of the users. With regard to the processing of users’ personal data, please refer to the following information on Google services. Usage guidelines: https://www.google.com/intl/de/tagmanager/use-policy.html
3.4 Google Analytics
(2) Google will use this information on our behalf for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. In doing so, pseudonymous user profiles of the users can be created from the processed data.
(3) We only use Google Analytics with IP anonymisation activated. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
(4) The IP address transmitted by the user’s browser will not be merged with other data from Google. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent the collection of the data generated by the cookie and related to their use of the online offer to Google as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
(5) Users can find out more information about Google’s use of data, setting and objection options on Google’s websites: https://www.google.com/intl/de/policies/privacy/partners (“Data use by Google when using websites or apps of our partners”), http://www.google.com/policies/technologies/ads (“Data use for advertising purposes”), http://www.google.de/settings/ads (“Manage information Google uses to show you ads”).
3.5 Targeting with Google Analytics
(1) We use Google Analytics for targeting purposes, insofar as you give us your consent for the use of Google Analytics, in order to display the ads placed within advertising services of Google and its partners only to those users who have either shown an interest in our online offer or have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited), which we transmit to Google (so-called “Remarketing Audiences” or “Google Analytics Audiences”). With the help of the Remarketing Audiences, we also want to ensure that our advertisements correspond to the potential interest of the users.
(2) Users can find further information on Google’s use of data, setting options and objection options on Google’s websites: https://www.google.com/intl/de/policies/privacy/partners (“Data use by Google when using websites or apps of our partners”), http://www.google.com/policies/technologies/ads (“Data use for advertising purposes”), http://www.google.de/settings/ads (“Manage information that Google uses to show you ads”).
3.6 Google Re/Marketing Services
(1) If you give us your consent to do so, we will use the marketing and remarketing services (Google marketing services for short) of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, (“Google”).
(2) User data is processed pseudonymously as part of the Google marketing services. This means that Google does not store and process the name or email address of the user, for example, but processes the relevant data on a cookie basis within pseudonymous user profiles. I.e. from Google’s perspective, the ads are not managed and displayed for a specifically identified person, but for the cookie holder, regardless of who this cookie holder is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymisation. The information collected by Google marketing services about users is transmitted to Google and stored on Google’s servers in the USA.
(3) The Google marketing services we use include the online advertising programme “Google AdWords”. In the case of Google AdWords, each AdWords customer receives a different “conversion cookie”. Cookies can therefore not be tracked via the websites of AdWords customers. The information obtained with the help of the cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. The AdWords customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information with which users can be personally identified.
(6) If users wish to object to interest-based advertising by Google marketing services, users can use the settings options provided by Google: http://www.google.com/ads/preferences .
4 Changes to the data protection declaration
4.1 We reserve the right to change the data protection declaration in order to adapt it to changed legal situations or in the event of changes to the service and data processing. However, this only applies with regard to declarations on data processing.
4.2 Insofar as user consent is required or components of the data protection declaration contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users.
4.3 Users are requested to inform themselves regularly about the content of the data protection declaration.