Privacy Policy
The controller defined by the General Data Protection Regulation (GDPR) is:
cellcentric GmbH & Co. KG („we“)
Neue Straße 95
73230 Kirchheim / Teck-Nabern
Germany
E-Mail: dataprotection@cellcentric.net
1. Data protection
We are pleased about your visit on our web pages and your interest in our offers. The protection of your personal data is an important concern for us. In these Privacy Policy we explain how we collect your personal data, what we do with it, for what purposes and on what legal basis this is done, and which rights and claims are associated with it for you.
Our Privacy Policy for the use of our websites and the Data Protection Policy of cellcentric GmbH & Co. KG do not apply to your activities on the websites of social networks or other providers that you can reach via the links on our websites. Please check the websites of these providers for their data protection regulations.
2. Collection and processing of your personal data
When you visit our website, we store certain information about the browser and operating system you use, the date and time of your visit, the access status (e.g. whether you were able to access a website or received an error message), the use of website functions, the search terms you may have entered, the frequency with which you access individual websites, the designation of files accessed, the amount of data transferred, the website from which you accessed our websites and the website which you visit from our websites, either by clicking on links on our websites or by entering a domain directly in the input field of the same tab (or the same window) of your browser in which you opened our websites. This is done for statistical purposes.
We also store your IP address and the name of your Internet service provider for seven days for security reasons, in particular to prevent and detect attacks on our websites or attempts at fraud.
We only store other personal data if you provide this data, e.g. as part of a registration, a contact form, a survey, a price competition or for the execution of a contract, and even in these cases only insofar as this is permitted to us on the basis of a consent given by you or in accordance with the applicable legal provisions (further information on this can be found below in the section “Legal bases of processing”).
You are not legally or contractually obliged to make available your personal data. However, it is possible that certain functions of our websites depend on the availability of personal data. If you do not make available personal data in these cases, this may result in functions not being available or only being available to a limited extent.
3. Tracking within the website usage
We use the website analysis tool Plausible to customize the design of our websites. The provider is Plausible Insights OÜ, Västriku tn 2, 50403 Tartu, Estonia.
Plausible collects the following information, among other things, for this purpose Date and time of the visit, title and URL of the pages visited, incoming links, the country you are in, the user agent of the browser software. It is possible to recognize you as a returning user within a time frame of one day. Your IP address is re-encrypted daily using a hash function so that it is not possible for us to uniquely identify you.
Data processing takes place on the basis of your consent, provided you have given your consent via our banners. You can revoke your consent at any time via the settings in the banner.
4. Use of service providers
Below we list the service providers with whom we work in the context of our website. If the data is processed outside the EU or the EEA (in particular in the USA) in this context, we provide information on the level of data protection in the following table.
Vercel Inc
- Provider: Vercel Inc., 440, N Barranca Ave #4133, Cov 91723, USA
- Purpose: Hosting
- Legal basis: Art. 6 para. 1 lit. b, f GDPR
- Personal data: IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access and similar data
- Third country transfer: Yes, based on standard contractual clauses
Algolia Inc.
- Provider: Algolia Inc., Instantsearch 301, Howard St, 3rd floor, San Francisco, CA 94105, USA.
- Purpose: Search integration for improved and delay-free search results
- Legal basis: Art. 6 para. 1 lit. a GDPR
- Personal data: Search entries, click behavior, device information, referrer URL, usage data, geographical data
- Third country transfer: Yes, based on standard contractual clauses
SendGrid Twilio Inc.
- Provider: SendGrid Twilio Inc., 101 Spear Street, 1. Floor, SF, CA 94105
- Purpose: E-Mail marketing and communications
- Legal basis: Art. 6 para. 1 lit. f GDPR
- Personal data: Contact details
- Third country transfer: Yes, based on the Data Privacy Framework
Prismic
- Provider: Prismic, 9 Rue de la Pierre Levée, 75011 Paris, France
- Purpose: Headless CMS System
- Legal basis: Art. 6 para. 1 lit. b, f GDPR
- Personal data: IP address, referrer URL, user agent, device information, geographical data
- Third country transfer: No
5. Embedded videos
We embed videos on our websites that are not stored on our servers. When you visit our website – for reasons of data protection no content from the third-party provider is loaded and the third-party provider does not receive any information.
Only when you give your consent via our banner will content from the third-party provider be loaded. As a result, the third-party provider receives the information that you have accessed our site and the usage data technically required in this context. In addition, the third-party provider is then able to implement tracking technologies. We have no influence on further data processing by the third-party provider. Your consent includes the reloading of content from the third-party provider.
Embedding takes place on the basis of your consent, provided that you have given your consent via our banner. If the data is processed in this context outside the EU or the EEA (in particular in the USA), we provide information on the level of data protection in the following paragraph.
Vimeo
Cookies: Vimeo uses strictly necessary and functional cookies to play videos on the website. These cookies are, for example necessary to provide basic functions of the player. Strictly necessary and functional cookies are normally so-called session cookies, which are deleted after the browser is closed.
Adequate level of data protection: Processing also possible outside the EU/EEA. No adequate level of data protection. The transfer takes place on the basis of Art. 49 para. 1 lit. a GDPR.
Revocation of consent: If you wish to revoke your consent, please click on this icon on the bottom left of the homepage and make the appropriate setting via our banner.
6. Purposes of use
We use the personal data collected when you visit our website in order to operate it in the most convenient manner for your use and to protect our IT systems from attacks and other illegal activities.
If you provide us with further personal data, e.g. within the scope of a registration, a contact form, a survey, a price competition or for the execution of a contract, we use this data for the purposes mentioned, for the purposes of customer administration and – if necessary – for the purposes of processing and accounting of any business transactions, in each case to the extent necessary for this.
If you consent or another legal basis permits this, we track your user behaviour during your visit to our website in the manner described in this privacy policy in order to be able to adapt to your needs and constantly improve ourselves.
7. Security
We use technical and organisational security measures to protect your data managed by us against manipulation, loss, destruction and against access by unauthorised persons. We are constantly improving our security measures in line with technological developments.
8. Legal bases of processing
Insofar as you have given us your consent for the processing of your personal data, that consent is the legal basis for the processing (Art. 6 para. 1 letter a GDPR).
For the processing of personal data for the purposes of initiating or fulfilling a contract with you, Art. 6 para. 1 letter b GDPR is the legal basis.
Insofar as the processing of your personal data is necessary for the fulfilment of our legal obligations (e.g. for the retention of data), we are authorized to do so pursuant to Art. 6 para. 1 letter c GDPR.
In addition, we process personal data for the purposes of safeguarding our legitimate interests and the legitimate interests of third parties pursuant to Art. 6 para. 1 letter f GDPR. Maintaining the functionality of our IT systems, (direct-) marketing our own and third-party products and services as well as documenting business contacts as required by law are such legitimate interests. As part of the consideration of interests required in each case, we take into account various aspects, in particular the type of personal information, the purpose of processing, the circumstances of processing and your interest in the confidentiality of your personal information.
9. Deletion of your personal data
Your IP address and the name of your Internet service provider, which we only store for security reasons, will be deleted after seven days. Otherwise, we delete your personal data as soon as the purpose for which we have collected and processed the data ceases to apply.
Beyond this time period, data storage only takes place to the extent made necessary by the legislation, regulations or other legal provisions to which we are subject in the EU or by legal provisions in third-party countries if these have an appropriate level of data protection. Should it not be possible to delete data in individual cases, the relevant personal data are flagged to restrict their further processing.
10. Rights of the data subjects
As a data subject, you have the right of access (Art. 15 GDPR), right to rectification (Art. 16 GDPR), right to erasure (Art. 17 GDPR), right to restriction of processing (Art. 18 GDPR) and right to data portability (Art. 20 GDPR).
If you have consented to the processing of your personal data by us, you have the right to revoke your consent at any time with effect for the future (Art. 7 para. 3 GDPR). The legality of processing your personal data before revocation remains unaffected. We may further process such data pursuant to another applicable legal basis, e.g. for the fulfilment of our legal obligations (see section “Legal bases of processing”).
Right to object
You have the right to object at any time to the processing of your personal data pursuant to Art. 6 para. 1 letter e GDPR (data processing in the public interest) or Art. 6 para. 1 letter f GDPR (data processing on the basis of a balance of interests) on grounds relating to your particular situation. If you object, we will only process your personal data if we can prove compelling legitimate reasons that outweigh your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims.
If we process your personal data for direct marketing purposes, you have the right to object to this at any time without giving reasons.
We ask you to address your claims or declarations to the following contact address if possible: dataprotection@cellcentric.net
If you believe that the processing of your personal data violates legal requirements, you have the right to lodge a complaint with a competent data protection supervisory authority (Art. 77 GDPR).
11. Data transmission to recipients outside the European Economic Area
When using service providers (see section “Use of service providers”), personal data may be transferred and processed by recipients in countries outside the European Union (“EU”), Iceland, Liechtenstein and Norway (= European Economic Area), in particular the USA and India.
With recipients in other countries, we agree to apply EU standard contractual clauses, binding corporate rules or other applicable instruments (if any) to provide an adequate level of protection in accordance with legal requirements. For further information, please contact us using the contact details provided in the “Rights of the data subject” section above.
12. Cookies
Information on the cookies we use and their functions can be found in our cookie banner. We, cellcentric GmbH & Co. KG use cookies and similar software tools such as HTML5 Storage or Local Shared Objects (together “cookies”) that are absolutely necessary to provide this website to you, including all of its functions and services that you use.
Functions and use of cookies
Cookies are small files that are placed on your desktop, notebook or mobile device by a website you visit to make the user experience more efficient. Cookies may also contain personal data (such as a pseudonymous sequence of characters identifying your browsing session).
We use a consent management platform (consent or cookie banner) on our websites. The processing in connection with the use of the consent management platform and the logging of the settings you have made is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR, in our legitimate interest to display our content according to your preferences and to be able to prove the consent(s) you have given. The settings you have made, the consent you have given and parts of your usage data are stored in a cookie. This means that it is retained for subsequent page requests and your consent can still be tracked.
The provider of the consent management platform works for us as a strictly instruction-bound service provider (processor). An order processing contract in accordance with Art. 28 GDPR has been agreed.
By law, we can store cookies on your device if they are strictly necessary for the operation of this site. We need your permission for all other types of cookies.
You can also visit our website at any time without the use of cookies, but this will mean that you will not be able to use all the functions of the website.
You can set the acceptance or blocking of third-party cookies and all other cookies at any time via the cookie settings. In addition, you can configure the use of cookies at any time in your browser settings according to your wishes. You are also free to delete all cookies via the settings in your browser.
13. Contact details of the data protection officer
Our external data protection officer can provide you with information on the subject of data protection under the following contact details:
FIRST PRIVACY GmbH
Konsul-Smidt-Straße 88
28217 Bremen
Web: www.first-privacy.com
E-Mail: office@first-privacy.com
If you contact our data protection officer, please also indicate the responsible body named in the imprint.
Stand: August 2024
© 2024 cellcentric GmbH & Co. KG