The Controller within the meaning of the relevant data protection legislation is:
CANCOM SE
Erika-Mann-Str. 69
D-80363 Munich (headquarters)
Tel.: +49 89 540 540
Email: ed.mo1660311079cnac@1660311079ofni1660311079
together with the affiliated companies listed below:
CANCOM a+d IT Solutions GmbH
CANCOM Computersysteme GmbH
CANCOM Financial Services GmbH
CANCOM GmbH
CANCOM ICT Service GmbH
CANCOM, Inc.
CANCOM Managed Services GmbH
CANCOM physical infrastructure GmbH
CANCOM Public BV
CANCOM Public GmbH
CANCOM Slovakia s.r.o.
CANCOM (Switzerland) AG
CANCOM VVM GmbH
CANCOM VVM II GmbH
HPM Incorporated
S&L BusinessSolutions GmbH
S&L ITCompliance GmbH
S&L Systemhaus GmbH
– Below they are referred to jointly as “CANCOM”, the “Undertaking” or “We” –
CANCOM’s data protection officer is:
Tonguc Solgun
Messerschmittstraße 20
89343 Jettingen-Scheppach
Germany
Phone: +49 8225 996-1182
E-Mail: ed.mo1660311079cnac@1660311079ztuhc1660311079sneta1660311079d1660311079
The Data Protection Policy ensures data protection-compliant information processing at the companies of the CANCOM Group. You can download the Data Protection Policy here (PDF download, 0.3mb).
1. Scope of personal data processing
As a general rule, We only process personal data about our users where We need to do so in order to provide a functioning website, our content and services and where We are permitted to do so by law.
2. Legal basis for the processing of personal data
Where We obtain the consent of the data subject to process personal data, the legal basis for processing is Article 6 (1) (a) of the EU General Data Protection Regulation (GDPR).
Where We process personal data for the performance of a contract to which the data subject is party, the legal basis for processing is Article 6 (1) (b) GDPR. This is also the case where We process data in order to take steps prior to entering into a contract.
Where We process personal data in order to comply with a legal obligation to which We are subject, the legal basis for processing is Article 6 (1) (c) GDPR.
Where We process personal data in order to protect the vital interests of the data subject or another natural person, the legal basis for processing is Article 6 (1) (d) GDPR.
Where We process personal data for the purposes of the legitimate interests pursued by our Undertaking or a third-party and these interests do not override the interests, fundamental rights and freedoms of the data subject, the legal basis for processing is Article 6 (1) (f) GDPR.
3. Data erasure, retention period
DWe block or erase personal data about data subjects as soon as there ceases to be a need to retain it. We may also retain data where provided for by European or national legislators in EU regulations, laws or other rules to which We, the Controller, are subject. We block or erase data when a retention period stipulated in one of the aforementioned regulations, laws or other rules expires, except where We need to retain the data for longer in connection with the conclusion or performance of a contract.
1. Description and scope of data processing
When you view our website, our system automatically collects data and information from the computer system on the computer you are using. During this process We gather the following data:
(1) information about the browser type and version used
(2) the user’s operating system
(3) the user’s internet Service Provider
(4) the user’s IP address
(5) the date and time of access
(6) websites from which the user’s system accessed our website
(7) websites accessed by the user’s system via our website.
The data is also stored in our system’s log files. This data is not stored together with other personal data about the user.
2. Legal basis for data processing
The legal basis for the temporary storage of this data and the log files is Article 6 (1) (f) GDPR.
3. Purpose of data processing
The system needs to store the IP address to deliver the website to the user’s computer. This means We need to retain the user’s IP address for the length of the session.
We store data in log files to ensure the functionality of the website. We also use this data to optimise the website and ensure the security of our information technology systems. We do not evaluate the data for marketing purposes as part of this process.
These purposes constitute the legitimate interests in data processing pursued by our Undertaking under Article 6 (1) (f) GDPR.
4. Retention period
We erase data as soon as it ceases to be needed for the purpose for which it was collected. When We collect data in order to provide the website, We no longer need it once a particular session has ended.
When we store data in log files, We generally erase it after no more than seven days. In certain circumstances We may retain it for a longer period, in which case users’ IP addresses are erased or masked so that that they can no longer be connected to the retrieving client.
5. Right to object, right of removal
The collection of data to provide the website and the storage of the data in log files is essential to our operation of the website. As a result, the user has no right to object to it.
1. Description and scope of data processing
Our website uses cookies. Cookies are text files that are stored in the Internet browser or the Internet browser on the user’s computer system. When a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is reopened.
We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can also be identified after a page change (technically necessary cookies).
The following data is stored and transmitted in the cookies:
In addition, we use cookies on our website that allow an analysis of users’ browsing behavior (technically unnecessary cookies).
In this way, the following data can be transmitted:
When you visit our website, you are informed about the use of cookies and your consent to the processing of the personal data used in this context is obtained. In this context, there is also a reference to this privacy policy.
2. Legal basis for data processing
The legal basis for the processing of personal data using technically necessary cookies is Article 6 (1) lit. f. DSGVO.
The legal basis for the processing of personal data using cookies for analysis purposes is the consent of the user Art. 6 para. 1 lit. a GDPR.
3. Purpose of data processing
The purpose of using technically necessary cookies is to facilitate the use of websites for users. Some features of our website can not be offered without the use of cookies. For these it is necessary that the user is recognized by an ID even after a page break. We require cookies for the following applications:
The use of the analysis cookies is for the purpose of improving the quality of our website and its contents for the user. Through the analysis cookies, we learn how the website is used and so we can constantly optimize our offer and the user experience.
4. Retention period, Right to object, right of removal
Cookies are stored on the computer of the user and transmitted by this on our side. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Already saved cookies can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, it may not be possible to use all the functions of the website to the full.
1. Description and scope of data processing
Users are able to subscribe to our free newsletter. When they sign up, the following data from the sign-up form is sent to us:
We also collect the following data during the sign-up process:
(1) the IP address of the computer from which the site is being viewed
(2) the date and time of registration.
On the sign-up form We ask for your consent to process the data. The sign-up form also contains a reference to this privacy notice.
The service providers We use to help provide our services may have access to your data. They are primarily service providers We engage to help provide the newsletter and the software we use to do so (Software-as-a-Service, ASP service). We allow them access to your data only in so far as is necessary to provide their services and for the necessary period. They undertake to use only people who have signed a confidentiality undertaking or are subject to an appropriate statutory duty of confidentiality to provide their services.
The processing of data on behalf of other parties is governed by data processing agreements as stipulated in Article 28 GDPR.
We disclose data to third parties (Mapp Digital Germany GmbH, Dachauer Straße 63, 80335 Munich) in connection with the processing of data for the mailing out of newsletters. This data is used exclusively to mail out the newsletter.
2. Legal basis for data processing
Where we have obtained the user’s consent, the legal basis for processing data after he or she has signed up to the newsletter is Article 6 (1) (a) GDPR.
The legal basis for mailing out newsletters following the purchase of goods and services is section 7 (3) of the German Law Against Unfair Competition [Gesetz gegen den unlauteren Wettbewerb, UWG].
3. Purpose of data processing
We collect the user’s title, surname and email address so that We can personalise the newsletter.
We collect other personal data during the sign-up process in order to prevent any abuse of the services and the email address used.
4. Retention period
We erase data as soon as it ceases to be needed for the purpose for which it was collected. As a result, we store the user’s email address for as long as his or her newsletter subscription remains active.
Other personal data collected during the sign-up process is generally erased after a period of seven days.
5. Right to object, right of removal
Users can cancel their newsletter subscription at any time. Each newsletter contains a specific link for this purpose.
This link also allows you can withdraw your consent for us to store personal data collected during the sign-up process.
1. Description and scope of data processing
Our website contains forms for contacting us, registering for events and advertising and forms for feedback and processing support requests. They can be used to contact us electronically. When a user completes one of these forms, the data entered into the form is sent to us and stored.
The data entered is as follows:
As the message is sent, the following data is also stored:
(1) the user’s IP address
(2) the time and date of registration.
We ask for your consent to process this data during the sending process and provide a reference to this privacy notice with the necessary duties of information.
Alternatively, you can contact us using the email address provided. If you do this, We store the personal data about you sent with the email.
We do not pass the data collected during this process on to third parties. It is used for the stated purpose only.
2. Legal basis for data processing
Where we have obtained the user’s consent, the legal basis for data processing is Article 6 (1) (a) GDPR.
The legal basis for processing data provided when an email is sent is Article 6 (1) (f) GDPR. Where email contact leads to the conclusion of a contract, Article 6 (1) (b) GDPR provides another legal basis for processing.
3. Purpose of data processing
We only use personal data collected from contact forms to process the contact request. If you contact us by email, this in itself constitutes our legitimate interest in processing the data.
Other personal data collected during the sending process is used to prevent any misuse of the contact form and ensure the security of our information technology systems.
4. Retention period
We erase data as soon as it ceases to be needed for the purpose for which it was collected. This means that we erase personal data entered in a contact form or sent by email once the conversation with the user has finished. The conversation is deemed to have finished when the circumstances indicate that the matter at issue has been resolved.
Other personal data collected during the sending process is erased after a period of no more than seven days.
5. Right to object, right of removal
Users can withdraw their consent for us to process personal data at any time. If a user contacts us by email, he or she can object to the storage of his or her personal data at any time. Where this is the case, however, it is impossible to continue the conversation.
To object to the storage of your personal data, simply send a message via cancom.com/objection.
In this case, all the personal data stored when you made contact will be erased.
6. terms of use
When you register for webinars and other events, our terms of use also apply. You can find them here.
1. Description and scope of data processing
When you apply to us, we collect personal data. This includes, in particular, your contact data (such as first name, last name, name affixes, private address, (mobile) phone number, e-mail address) as well as other data provided by you regarding your career (e.g., curriculum vitae, qualifications and degrees, work experience) and your person (e.g., cover letter, personal interests). This may also include special categories of personal data (e.g. information on a severe disability). As a rule, your personal data is collected directly from you as part of the application process and is encrypted during electronic transmission. The data originates from the application form to be completed online and from the uploaded files.
If you voluntarily use the option to implement your master data from one of your social media accounts, we process the account data of your external social media platform. This data is processed for the purpose of importing your profile information into the CANCOM applicant management system.
If you voluntarily use the option to have your application documents analyzed so that your master data is automatically transferred to the fields of the application form (CV upload), your data will be processed by the order processor rexx Systems GmbH. This processor is contractually obligated to comply with the provisions of data protection law.
2. Legal basis for data processing
We process personal data in accordance with the provisions of the EU Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG):
3. Purpose of data processing
The processing of personal data is necessary to achieve the above purposes, including the fulfillment of a contractual relationship or a pre-contractual activity (initiation of an employment relationship).
If the aforementioned personal data is not provided or not provided to the extent required, or if CANCOM is unable to collect such data, the individual purposes described cannot be fulfilled or the application cannot be processed.
If your application does not result in employment, a recognition data record is stored (so-called truncated data reduction). We need this data record for further statistical evaluation. All of your professional qualifications are deleted in this data record.
The recognition data record contains the following information:
– Title
– First name
– Job ID
The regular record is reduced to the recognition record after six months and stored without a time limit.
4. Passing on the data
Within our company, only those persons and departments (e.g. Human Resources) have access to your personal data that absolutely need it to carry out the application process or to fulfill our legal obligations. If necessary, your applications will be forwarded to the relevant responsible persons for review. Under no circumstances will your personal data be passed on to third parties without authorization.
We use the software and services of rexx systems GmbH as part of the CANCOM applicant management system. This order processor is contractually obligated to comply with the provisions of data protection law.
When your data is transferred to our applicant management system, it is automatically encrypted. The precautions for data security always correspond to the current state of the art.
5. Participation „JobAlert
You can sign up to participate in „JobAlert”, where you will be automatically notified by e-mail as soon as a new job offer appears that matches your search specifications. Personal data is collected and processed solely for the purpose of contacting you and sending you job vacancies. Data is not passed on outside CANCOM and the order processor rexx systems GmbH. This data is stored until a final status is reached (recruitment or rejection) or until you unsubscribe from JobAlert.
6. Invitations to career events and evaluation of the recruitment processes.
You can sign up for invitations to career events as well as to be contacted for the evaluation of recruitment processes. Personal data is collected and processed solely for the purpose of contacting you between the successful application process and the start of employment. Data is not passed on outside CANCOM and the order processor rexx systems GmbH. The data is stored for twelve months.
7. Recommendation by employees of the CANCOM Group
Depending on the target position and the advertising company, it may be possible to provide the name of an employee who recommended the job offer to you. By providing this name, you agree that the employee will be informed whether your application results in an employment relationship. The reason for this is the payment of referral bonuses to the recruiting employee.
8. Duration of storage
Your data relating to an application for a specific job posting will be stored and processed by us during the ongoing application process. After completion of the application process (e.g. in the form of an acceptance or rejection), the application process including all personal data is deleted from the system six months after completion of the application process. After that, the results are only stored in the form of the truncated data reduction for further statistical evaluation. This statistical data record does not allow any conclusions to be drawn about the natural person and serves as the basis for statistical evaluations.
In case of acceptance, we reserve the right to keep your application for a longer period of time, provided that the entry date is more than six months in the future.
9. Possibility of objection and elimination
If the processing of your data is based on consent, you have the right to revoke this consent at any time with effect for the future. In such a case, the application process cannot be continued.
For this purpose, it is sufficient to send a message to ed.mo1660311079cnac@1660311079sboj1660311079.
All personal data that was stored in the course of the application process and is no longer subject to a legal retention obligation will be deleted in this case.
1. Description and scope of data processing
In our webshop you can order products around information technology as a company (business customer) and public client. For order processing
needed.
These are generally taken from our ERP system in which you are already registered. In general, this is personal data in B2B business that CANCOM processes. In the course of orders, credit checks may be carried out under certain circumstances. Details of this will be displayed to you during the order process.
Of course, you can provide even more data on your own if you wish.
2. Legal basis for data processing
We process the data you provide as part of the order form only for the implementation or processing of the contractual relationship, Art. 6 para. 1 p. 1 lit. b) GDPR, unless you consent to further use. The credit assessment takes place in accordance with Art. 6 para. 1 p. 1 lit. f) GDPR within the framework of our legitimate interest in the solvency of the purchaser.
3. Purpose of data processing
We process the data provided by you in the order form only for the purpose of implementing or processing the contractual relationship.
The principle of data economy and data avoidance is observed in that you only have to provide us with the data that we absolutely need to execute the contract or fulfill our contractual obligations (i.e. your name, address, e-mail address and the payment data required for the selected payment method) or which we are legally obligated to collect.
4. Duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected and there are no longer any legal retention obligations. In the case of the implementation or settlement of the contractual relationship, this is usually the case after ten years.
Through our whistleblower tool, CANCOM ensures greater protection for whistleblowers who want to report violations of EU or German law. Through this tool, CANCOM has established a secure channel for whistleblowing.
The data subjects are primarily the persons to whom the notification relates, including employees, partners or other persons professionally associated with CANCOM, depending on who is mentioned in the notification.
In addition, CANCOM processes personal data about the reporting person if the reporting person submits his/her contact information or other information from which the reporting person can be directly or indirectly identified. As the reporting person, you must therefore be aware that CANCOM may process personal data about you in connection with the processing of the reported case.
The notification can be made on a 100% anonymous basis. In this case, no personal data of the reporting person will be processed.
The categories of personal data that are processed depend on the information reported.
With regard to the reporting person who has opted out of anonymity, CANCOM mainly processes general personal data such as name, e-mail address (optional) and telephone number (optional), unless the reporting person himself provides further personal data.
If the reporting person reports personal data about another person, including the reported person or persons, CANCOM also processes this personal data. Which personal data is processed in this case depends on which personal data is included in the notification. The following categories of personal data may be processed:
CANCOM advises the reporting person to report only information that is of concrete relevance to the reported case and, in particular, not to report information about criminal acts and special categories of personal data unless these are of central importance to the processing of the reported case.
The processing of personal data is necessary for compliance with a legal obligation to which CANCOM is subject, see Article 6 (1) sentence 1 lit. c) GDPR. This is the German “Gesetz für einen besseren Schutz hinweisgebender Personen sowie zur Umsetzung der Richtlinie zum Schutz von Personen, die Verstoß gegen das Unionsrecht melden” (Act for better protection of whistleblowers and for the implementation of the Directive on the protection of persons reporting infringements of Union law), which transposes the EU Directive “Directive on the protection of persons reporting infringements of Union law” (2018/0106 COD) into national law.
In addition, the processing is necessary to protect CANCOM’s legitimate interest in detecting serious violations or potential violations of German or EU law or other serious matters that override the interests or fundamental rights and freedoms of the data subject, see Article 6 (1) sentence 1 lit. f) GDPR.
As far as the processing of special categories of personal data is concerned, the processing is necessary for reasons of substantial public interest on the basis of the “Law for Better Protection of Whistleblowers and for the Implementation of the Directive on the Protection of Persons Reporting Breaches of Union Law”, cf. Art. 9 (2) g) GDPR. In addition, the processing of special categories of personal data is necessary for the establishment, exercise or defense of legal claims, cf. Art. 9 (2) (f) GDPR in conjunction with. Art. 6 para. 1 p. 1 lit. f) GDPR.
The processing is also necessary for the performance of a task carried out in the public interest, cf. Art. 6 (1) p. 1 lit. e) GDPR.
The purpose of processing personal data is to manage CANCOM’s whistleblower system, including the detection of serious violations or possible violations of German or EU law or other serious matters.
The reports are forwarded to CANCOM’s compliance team, which processes them. After evaluation, the reports are forwarded internally to the respective management of the responsible CANCOM company by e-mail. The reason for forwarding is that only the respective management can decide on any follow-up measures, not the central Compliance department. In this process, personal data is only forwarded for a specific purpose and in accordance with the principle of data minimization, i.e., only the personal data that is absolutely necessary to process the report is forwarded.
CANCOM discloses personal data about the reporting person to public authorities if this is necessary to deal with serious violations or serious matters or to ensure the right of defense of the data subjects. In other cases, CANCOM will disclose personal data about the reporting individual only with the consent of the reporting individual. CANCOM discloses personal data about persons other than the reporting person only as part of the follow-up to a reported case or to deal with serious violations or serious matters.
CANCOM cooperates with the software manufacturer Whistleblower Software ApS, which acts as a platform supplier and immediately encrypts the personal data before it is passed on. Since commissioned processing within the meaning of Art. 28 GDPR takes place here by Whistleblower Software ApS, we have concluded a commissioned processing agreement in accordance with the statutory provisions. For more information about Whistleblower Software ApS, please visit: https://whistleblowersoftware.com/en/personal-data-policy
Personal data that proves irrelevant to CANCOM’s handling of a reported case, as well as reports that CANCOM deems unfounded or that do not fall within the scope of the whistleblower regulation, will be deleted within three months of CANCOM’s decision.
Notifications and personal data collected by CANCOM in the course of processing a notification that forms the basis for further processing will be deleted five years after the case has been closed, i.e. on the day on which CANCOM has made a decision in the case, unless special circumstances or legal as well as official requirements require a shorter or longer period.
1. Description and scope of data processing
This website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses “cookies”. Cookies are text files that are stored on your computer and allow us to analyse how you use our website. Information on how you use the website generated by the cookie, including:
is generally transmitted to a Google server in the USA, where it is stored. Google does not combine the IP address transmitted by your browser via Google Analytics with any other data. In addition to Google Analytics, we have also installed “anonymizeIP” on this website. This masks your IP address so that all data is collected anonymously. If, in exceptional circumstances, the full IP address is sent to a Google server in the USA, it is abbreviated.
2. Legal basis for data processing
Where we have obtained the user’s consent, the legal basis for data processing is Article 6 (1) (a) GDPR.
3. Purpose of data processing
On behalf of the provider of this website, Google uses this information to assess how you use our website, to compile reports on website activity and to provide the website provider with other services connected with website and internet use.
4. Retention period
Data sent by us which is linked to cookies, login details (e.g. a user ID) or advertising IDs is erased automatically after 26 months. Data which has reached its storage limit is erased automatically once a month.
5. Right to object, right of removal
You can set your browser software to block the installation of cookies. If you do this, however, you may be unable to use all the functions of our website fully. You can also prevent Google from collecting and processing data generated by cookies relating to your use of the website (including your IP address) by downloading and installing the browser-add-on Opt-out cookies stop your data being collected when you visit a website in the future. Click here to install the opt-out cookie: deactivate Google Analytics
6. Further information
You will find further information on our terms of use and data protection at:
https://www.google.com/analytics/terms/de.html and https://policies.google.com/?hl=de
FACEBOOK PIXEL
1. Description and Scope of Data Processing
On its websites, CANCOM uses Facebook Pixel, a service of Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA (hereinafter referred to as “Facebook”).
Facebook Pixel enables Facebook to display our Facebook ads only to Facebook users who have visited our website, especially those who have shown interest in our online content or certain topics or products. Facebook Pixel makes it possible to check whether a user was redirected to our website after clicking on our Facebook ads. Facebook Pixel uses cookies, which are small text files that are stored locally in the cache of your web browser on your end device.
If you are logged into Facebook with your user account, your visit to our online offerings is recorded in your user account. The data collected about you is anonymous to us and therefore does not give us any information about the identity of users. However, Facebook may link this data to your Facebook user account. We have no control over the extent and further use of data collected by Facebook through the use of Facebook Pixel. To the best of our knowledge, Facebook receives information that you have visited the relevant part of our website or clicked on an ad from us. If you have a Facebook user account and are registered with Facebook, Facebook can assign the visit to your user account. Even if you are not registered with Facebook or have not logged in, Facebook may collect and store your IP address and other identifiers.
2. Purpose of Data Processing
CANCOM uses Facebook Pixel for marketing and optimization purposes, in particular to place relevant and interesting ads on Facebook and thus improve our content, make it more interesting for you as a user, and avoid annoying ads. This also includes our legitimate interest in the processing of the above data by the third-party provider. The legal basis is article 6, paragraph 1, sentence 1, point (f),of the GDPR.
3. Objection and Possibility of Removal
You may object to the collection of data by Facebook Pixel as described above and to the use of your information to display Facebook ads. You can adjust settings about what types of advertisements you see within Facebook on the following Facebook website: https://www.facebook.com/settings?tab=ads. Please note that this setting will be deleted if you delete your cookies. In addition, you can deactivate cookies used for measuring reach and advertising purposes via the following websites:
Please note that this setting will also be deleted if you delete your cookies.
Third-party information: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
4. More Information
For more information from the third-party provider about privacy, please visit the following Facebook website: https://www.facebook.com/about/privacy. Information about Facebook Pixel can be found on the following Facebook website: https://www.facebook.com/business/help/651294705016616.
FACEBOOK CONVERSION TRACKING
Description and Scope of Data Processing
On our website, CANCOM uses the “conversion pixel” from Facebook. This makes it possible to track the behavior of users after they are redirected to the provider’s website by clicking on a Facebook advertisement. This process is used to evaluate the effectiveness of Facebook advertisements for statistical and market research purposes and can help to optimize future advertising measures.
The data collected does not allow us to draw any conclusions about the identity of the users. However, Facebook stores and processes the information so that it can be linked to the user’s profile and Facebook can use the information for its own promotional purposes in accordance with the Facebook Data Policy.
OUTBRAIN
1. Description and Scope of Data Processing
On its website, CANCOM uses Outbrain Conversion Tracking from Outbrain UK Ltd, 5 New Bridge Street, London, EC4V 6JA, United Kingdom. The conversion tracking pixel is set when a user connects with an ad placed by Outbrain. The ads integrated by Outbrain are determined based on the content you have read so far. The content is technically controlled and automatically delivered by Outbrain. Outbrain pixels do not contain any information allowing users to be personally identified. Personal data is not be stored. To select suitable content, the pixel uses information about the device source, browser type, and your IP address, which is completely anonymized by removing the last octet.
2. Legal Basis for Data Processing
The processing is carried out on the basis of article 6, paragraph 1, point (f), of the GDPR out of the legitimate interest in targeting advertising and analyzing the effect and efficiency of this advertising.
3. Objection and Possibility of Removal
For reasons relating to your particular situation, you have the right at any time to object to this processing of your personal data based on article 6, paragraph 1, point (f), of the GDPR. You may opt out of tracking to view interest-based recommendations at any time by clicking the Opt Out button under Outbrain’s Privacy Policy, available at https://www.outbrain.com/de/legal/privacy You can find more information about Outbrain’s privacy policies at https://www.outbrain.com/de/legal/privacy.
PLISTA
1. Description and Scope of Data Processing
CANCOM’s websites use plista. This service is offered by plista GmbH, Torstrasse 33–35, 10119 Berlin, Germany (e-mail: moc.a1660311079tsilp1660311079@ofni1660311079, Telephone: +49-30-4737-5370, Fax: +49-30-484-984-411). More information about this provider and the processing of personal data by this company can be found at https://www.plista.com/de and https://www.plista.com/de/about/privacy/.
Based on users’ individual surfing behavior, plista delivers personalized recommendations of editorial content and ads on thousands of websites of its partner network of users. plista compares the reading behavior (e.g. clicks, visits) of different users to find similarities and similar interests among them. You can currently find more information in addition to that provided under paragraph 1 at https://www.plista.com/de/about/opt-out/.
2. Purpose of Data Processing
plista currently collects anonymous usage data. This is anonymous information about website views and clicks of a reader without reference to any person. This data is used by plista for an optimal delivery of recommendations and advertisements according to the interests of the reader. plista can collect information, for example, about your browser choice (e.g. Firefox or Internet Explorer), operating system (e.g. Macintosh or Windows), Internet provider (e.g. Telekom or 1&1), and whether you respond to advertising. In order to provide relevant advertising, the provider may collect information regarding device type, model and version, operating system, user ID, and information that is limited to the browser selected and the applications used. You can currently find more information in addition to that provided under paragraph 1 at https://www.plista.com/de/about/opt-out/.
3. Objection and Possibility of Removal
If you as a user do not wish for your data to be processed by plista in the form described above, please note the following: Simply use the opt-out button. This allows you to delete the plista identification cookie at any time with one click, making you no longer identifiable for plista. Opting out does not prevent any ads or popups on your computer, but only the delivery of adaptive ads from plista. plista widgets, recommendations and ads will thus continue to be displayed on the website. Only targeting, i.e. the matching of recommendations and ads to your personal interests, is no longer provided if you deactivate your cookie by opting out. Please note: in order for plista to recognize you as a user who has decided to opt out, you have to allow cookies to be placed in your browser. Unless you have explicitly deactivated cookies, this is usually already the case. The setting of the opt-out cookie is necessary to prevent plista from again placing its identification cookie the next time a partner accesses the site. If you delete cookies in your browser, you must also repeat the opt-out process. If you are using multiple computers or web browsers, you must opt-out on each one separately. You can currently find more information in addition to that provided under paragraph 1 at https://www.plista.com/de/about/opt-out/.
4. More Information
As an alternative to the opt-out option under paragraph 4, you may also use the preference management system of the EDAA (European Interactive Digital Advertising Alliance) www.youronlinechoices.com. plista is a member of the EDAA and, as part of our membership, complies with the provisions of the IAB Europe EU Framework for Online Behavioral Advertising in the markets to which these self-regulatory provisions apply. In order to receive information about interest-based advertising and the options available to you, and to opt-out of the placement of interest-based third-party advertising by us and other participating EDAA member companies using cookies, please click here: www.youronlinechoices.com.
TABOOLA
1. Description and Scope of Data Processing
Taboola, Inc., 1115 Broadway, 7th Floor, New York, NY 10010, USA (“Taboola”). Taboola uses cookies/pixels to determine which content you use and which of our pages you visit. The cookie/pixel enables us to create pseudonymous user profiles by collecting device-related data and log data and to recommend and make available to you, the user, content that matches your personal interests. This allows us to individually tailor our offerings for you. These user profiles do not allow any conclusions to be drawn about your person.
The pseudonymous user profile contains the following data: the user’s operating system, web pages/content accessed on our web pages, referrer/link via which you came to our website, time and number of web page accesses, accesses to error pages, location information (city and state) and IP address in truncated form.
2. Objection and Possibility of Removal
Further information on data processing by Taboola and the option to deactivate the Taboola cookie can be found here (opt-out information can be found under “2.4 Interest-Based Advertising”).
MATOMO
1. Description and Scope of Data Processing
This website uses Matomo (formerly Piwik), an open-source software to statistically evaluate visitor access. Matomo uses cookies, which are text files that are placed on your computer and enable an analysis of your use of the website.
The information generated by the cookie about your use of the website will be stored on a Microsoft Azure server in Western Europe.
2. Objection and Possibility of Removal
Your IP address is anonymized immediately after processing and before it is stored. You have the option of preventing the installation of cookies by changing the settings of your browser software. We would like to point out that if you accordingly change the settings, all functions of this website may no longer be available.
You can decide whether a unique web analysis cookie may be stored in your browser in order to enable the website operator to collect and analyze various statistical data.
LINKEDIN MATCHED AUDIENCES/REMARKETING
1. Description and Scope of Data Processing
CANCOM uses the LinkedIn Matched Audiences function of the business network of LinkedIn Ireland Unlimited Company (Wilton Plaza, Wilton Place, Dublin 2, Ireland; “LinkedIn”) for advertising purposes. This enables us to show you, as a user of our website, targeted ads in the future on the websites of the LinkedIn network about our website and our offers that are relevant to your interests.
For this purpose, we use cookies/pixels on our websites, which record the fact that you have visited our website. These cookies enable LinkedIn to recognize you as a user of our website within the LinkedIn network.
2. Objection and Possibility of Removal
You may prevent the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this you may not be able to use the full functionality of this website.
In addition, you may opt out of LinkedIn’s advertising based on your usage patterns at any time by opting out of LinkedIn’s advertising cookie here:https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
3. More Information
LinkedIn’s Privacy Policy can be found here: https://www.linkedin.com/legal/privacy-policy.
4. Legal Basis for Data Processing
The processing of your data takes place on the legal basis of article 6 paragraph 1, point (f) GDPR (balancing of interests) and is in our interest in order to be able to show you advertising about us and our offers based on your interests.
1. YouTube
Our website also includes videos that we (or third parties) have posted on the platform of the social network and video portal “YouTube.” Plug-ins from the websites youtube.de and youtube.com are used to display the videos. The service YouTube is operated by YouTube LLC, 901 Cherry Ave. San Bruno, CA 94066, USA. YouTube LLC is an affiliate of Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA.
Cookie selection pop-up appears upon accessing our websites. Only when the users allows all cookies or explicitly loads a video is a connection to YouTube’s servers automatically established and the integrated video displayed on the website by a transmission to your browser.
YouTube uses cookies to tell the YouTube server which pages of our website you have visited and what actions you have taken (e.g. clicking/starting a video or sending a comment). If you are logged into YouTube as a member, YouTube will also assign this information to your personal YouTube user account. According to YouTube, you can prevent this information from being assigned to your user account if you have logged out of YouTube with the YouTube plug-in before accessing the website.
We would like to point out that we are not aware of the content of the transmitted data and its use by YouTube and that we are not responsible for the collection and processing of data by YouTube. Information on the collection and use of data by YouTube can be found in the YouTube’s Privacy Policy at www.youtube.de/t/privacy.
2. Vimeo
Our websites integrate plug-ins from the video portal Vimeo provided by Vimeo, LLC (555 West 18th Street, New York, NY 10011, USA).
Cookie selection pop-up upon accessing our websites. Only when the users allows all cookies or explicitly loads a video is a connection to Vimeo’s servers automatically established and the integrated video displayed on the website by a transmission to your browser.
Each time you access a page that offers one or more Vimeo video clips, a direct connection is established between your browser and a Vimeo server in the United States. In the process, information about your visit and your IP address is stored there. By interacting with the Vimeo plugins (e.g. clicking the start button), this information is also transmitted to Vimeo and stored there.
If you have a Vimeo user account and do not want Vimeo to collect information about you and link it to your Vimeo member information through this website, you must log out of Vimeo before visiting this website.
On our website we offer the chance to use so-called social media buttons. To protect your data we have chosen to use the Shariff plug-in. This means that the buttons simply appear on the website as icons which contain a link to the relevant button provider. Clicking on an icon takes you to the services offered by the relevant provider and it is only at this point that your data is sent to the provider. If choose not to click on the icon, no data will be exchanged between you and the social media button providers. You can find how social networks collect and use your data in the terms of use published by the various providers.
Our website features social media buttons for the following providers:
XING button, XING SE, Dammtorstraße 30, 20354 Hamburg, Germany
You can find XING’s privacy notice at: https://privacy.xing.com/de/datenschutzerklaerung
LinkedIn button, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
You can find LinkedIn’s privacy notice at: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv
Twitter button, Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”)
You can find Twitter’s privacy notice at: https://twitter.com/privacy
Youtube button, Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Youtube”)
You can find Google’s privacy notice at: http://www.google.com/intl/de/+/policy/+1button.html
Facebook button, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”)
You can find Facebook’s privacy notice at:
http://www.facebook.com/policy.php
Google+ button, Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
You can find Google’s US data protection notice at: http://www.google.com/intl/de/+/policy/+1button.html
Vimeo button, Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA
You can find Vimeo’s privacy notice at: https://vimeo.com/privacy
Instagram button, Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”)
You can find Instagram’s privacy notice at: https://help.instagram.com/155833707900388/
We safeguard our website and other systems against the loss, destruction, access, alteration or dissemination of your data by unauthorised persons by technical and organisational measures. In particular, your personal data is transmitted in encrypted form. On our website we use standard SSL (Secure Socket Layer) technology. Unfortunately, however, the transmission of information via the Internet is never completely safe. For this reason, We are unable to guarantee the security of data transmitted to our Website via the Internet.
Whenever your personal data is processed, you are a Data Subject within the meaning of the GDPR. This gives you the following rights in respect of the Controller:
1. Right of access
Under Article 15 GDPR, you have the right to access any personal data about you that We process. In particular, you have the right to obtain information about the purposes of the processing; about the categories of personal data concerned; about the categories of recipients to whom the data has been or will be disclosed; about the planned retention period; about your right to the rectification or erasure of personal data, to the restriction of processing of personal data and to object to such processing; about the source of data where it was not collected by us; about the existence of automated decision-making including profiling; and, where appropriate, to access detailed and meaningful information on these issues.
2. Right to rectification
Under Article 16 GDPR, you have the right to obtain from the Controller the rectification and/or completion of processed personal data about you that is inaccurate or incomplete. The Controller shall carry out such rectification without undue delay.
3. Right to erasure
Under Article 17 GDPR, you have the right to obtain the erasure of your data where its processing is not necessary to the exercise of the right of freedom of expression and information, to compliance with a legal obligation, for reasons of public interest or to the establishment, exercise or defence of legal claims.
4. Right to restriction of processing
Under Article 18 GDPR, you have the right to obtain restriction of the processing of your personal data where you dispute the accuracy of the data, where the processing is unlawful but you refuse the erasure of the data and where We no longer need the data but you need it for the establishment, exercise or defence of legal claims or where you have objected to the processing under Article 21 GDPR.
5. Right to data portability
Under Article 20 GDPR, you have the right to receive any personal data you have provided to us in a structured, common and machine-readable format or transmit it to another Controller.
6. Right to withdraw consent
Under Article 7 Abs. 3 GDPR, you have the right to withdraw the consent you have given us at any time. Once you have withdrawn your consent, We must cease processing based on this consent for the future.
To exercise your right to withdraw consent, use the contact box by the following link:
cancom.com/objection
In addition, in each newsletter you will find a link that allows you to unsubscribe from further newsletters.
7. Right to object
Where your personal data is being processed on the basis of legitimate interest under Article 6 (1) sentence 1 (f) GDPR, Article 21 GDPR gives you the right to object to this processing on grounds relating to your particular situation or where the objection is against direct marketing.
In the case of direct marketing, you have a general right to object which can be exercised without indicating a particular situation.
To exercise your right to object to processing, use the contact box by the following link:
cancom.com/objection
8. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, if you consider that the processing of personal data about you breaches the GDPR.
The supervisory authority with which the complaint has been lodged will inform you about the progress and outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.
Competent supervisory authority:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Address:
Promenade 18
91522 Ansbach, Germany
Mailing address:
P.O. Box 1349
91504 Ansbach, Germany
Phone: +49 (0) 981 180093-0
Fax: +49 (0) 981 180093-800
E-mail: ed.nr1660311079eyab.1660311079adl@e1660311079llets1660311079tsop1660311079
