Privacy Statement / Version May 2018
We are pleased about your interest in our company and that you have taken the time to visit our website. Protecting your personal data is very important to us.
With the information below, we would like to take the opportunity to inform you on how your personal data is processed when you visit our website. It goes without saying that in doing so we comply with legal regulations, in particular with the European General Data Protection Regulation (EU GDPR) and the German Federal Data Protection Act (BDSG).
1. Who is responsible for data processing and who can I contact?
The controller is:
Refer to our Imprint page for more information.
Data Protection Officer:
You can reach our data protection officer at firstname.lastname@example.org or by writing to our postal mail address by including "To the attention of the data protection officer".
2. Personal data processed when visiting our website
Personal data is such that can identify you directly or indirectly, for example your name, address, e-mail address, account details or your date of birth.
If you use the website solely for information purposes, i.e., if you do not register or transfer information with us otherwise, we collect the usage data that Google Analytics, the web analysis service we use, collects. The legal basis is Art. 6 (1.1f) GDPR.
In addition to the purely informative use of our website, we also offer various services that you may use if interested and for which you provide your personal data voluntarily.
For more information on this, refer to item 4 and following.
We use "cookies" on this website. A cookie is a small file that may be stored on your computer when you visit a website. Generally, cookies are stored so that users can be offered additional functions on our website.
We use the following type of cookies, the scope and function of which is explained in the following:
• Transient cookies (see 3.1)
• Persistent cookies (see 3.2)
3.1 Transient cookies
Transient cookies are automatically deleted when you close the browser. This includes session cookies in particular. They store what is known as a session ID, with which various requests by your browser can be assigned to the shared session. This way, your computer can be recognized when you return to our website. Session cookies are deleted when you log out or close the browser.
3.2 Persistent cookies
Persistent cookies are automatically deleted after a predetermined time, which may vary depending on the cookie. You can delete these cookies at any time in the security settings of your browser.
You can configure your browser settings as you wish and, for example, you may refuse to accept third-party or all cookies. Please use the Help function in your browser to learn more.
Please be advised that if cookies are blocked or deleted, it is possible that you may not be able to use all of this website's functions.
The flash cookies we use are not collected by your browser, but instead by your Flash plugin. We also use HTML5 storage objects that are stored on your end device. These objects store the necessary data irrespective of the browser you use and do not have an automatic expiration date. If you do not want flash cookies to be processed, you must install the relevant add-on, such as Better Privacy for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the Adobe Flash Killer Cookie for Google Chrome. You can prevent the use of HTML storage objects by setting your browser to private mode. In addition, we also recommend manually deleting your cookies and browser history regularly.
4. Use of Google Analytics
The IP address transmitted by your browser as a part of the Google Analytics process is not consolidated with any other Google data.
We utilize Google Analytics so that we can regularly analyze and improve use of our website. We can improve our web pages with the statistics we collect and make it more interesting for you as the user. In exceptional cases when personal data is transmitted to the USA, Google has subjected itself to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework
The legal basis for the use of Google Analytics is Art. 6 (1.1f) GDPR.
This website also uses Google Analytics for a cross-device analysis of visitor flows, which are analyzed with a user-ID. You can set your browser software accordingly to prevent cookies from being stored. Please note, however, that in this case you may then not be able to use all the functions of this website.
You can prevent Google Analytics from collecting your data on this website by clicking on the link below. This will set an opt-out cookie that prevents your data from being collected in the future when you visit this website: Disabling Google Analytics
5. Our website accesses Google fonts
Google Fonts is a library with over 800 freely available fonts, an interactive web index that allows you to search the library and APIs for easy use of fonts via CSS and Android. The Google Fonts (API) programming interface was developed in order to limit the collection, storage and use of end user data to what is necessary for an efficient provision of character sets.
The use of Google Fonts in not authenticated. Our website visitors do no send any cookies to Google Fonts API. Queries to Google Fonts API are sent to resource-specific domains such as fonts.googleapis.com or fonts.gstatic.com and as a result, the requests for fonts are separate from the logon information that you send to google.com.
In order to be able to work with the fonts quickly and efficiently with the least amount of requests, the responses are temporarily stored by the browser to minimize the number of loops to the Google servers.
Requests for CSS assets are temporarily stored for one day. This ensures that our website uses the latest version of each font.
The font files themselves are temporarily stored for a year, with the result that cumulatively the entire site runs faster.
Google Fonts logs datasets of the CSS and font file requests, and access to this data remains safe. Aggregated usage numbers track how popular font families are and are published on the Google Analytics page. Google uses data from the Google web crawler to determine which websites use Google fonts. This data is published and is available in the Google Fonts Big Query database.
6. Other functions and services of our website
In addition to the purely informative use of our website, we also offer various services that you may use if interested. Generally, you must provide your personal data to do so, which we use to offer the relevant service and for which data processing principles naturally apply.
In part, we use third-party service providers to operate our website and the associated processes. In this regard, we comply with the requirements of Art. 28 GDPR, Section 62 BDSG - new. We have entered into a contract with each order processor with respect to data processing that is subject to instruction.
If your data needs to be processed by a service provider in a third country with poor data protection security (countries without a relevant data protection law), the order processing is safeguarded by international contracts pursuant to the European requirements.
Information on suitable or appropriate guarantees and on the option to obtain a copy of such may be requested from the data protection officer.
Our website also uses functions from other service providers. To use such, you are transferred to the service providers' own website. You are informed before any data is shared. Refer to their relevant privacy policies on their websites.
Because these service providers offer their services in their own name and for their own purposes, HEKUMA has no influence on such, nor can it assume any responsibility.
6.1 Use during the ordering process
Where your data is used and processed during the ordering procedure, all of the mandatory details that we need to process contracts are especially marked; all other details are optional.
Payments are processed internally by HEKUMA GmbH itself.
Due to regulations under commercial and tax law, we are obligated to store your address, payment and order data for a period of ten years.
To prevent unauthorized access by third parties to your personal data, your banking details in particular, the order process is encrypted using SSL technology.
6.2 Use of social media icons
We have installed social media icons on our website. You can go to the following social media platforms with a single click of the mouse: Facebook, YouTube, Twitter, Xing, LinkedIn and induux. Generally, we do not share any personal data with these providers when you visit our website. You can recognize the provider of the platforms based on the logo. We provide you with the option to get to HEKUMA articles on their website directly by clicking on the icon.
We neither have influence on the data collection and the data processing procedures nor do we have full knowledge of the scope of the data collection, the purposes of processing or the storage periods. We also have no information on their erasure policies.
By clicking on the icon, we offer you the option to receive information from HEKUMA on the relevant platform. The legal basis for the use is Art. 6 (1.1f) GDPR. The content on the respective platform is the sole responsibility of the operator.
Listed below are the addresses of the social media platforms and where you can find their respective privacy policies.
• Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA https://www.facebook.com/policy.php; more
information on data collections:
https://www.facebook.com/help/186325668085084, https://www.facebook.com/about/privacy/your-info-on-other and https://www.facebook.com/about/privacy/your-info.
Facebook has subjected itself to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework
• YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066 USA, https://policies.google.com/privacy, Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA,
• Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy Twitter has subjected itself to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework
• Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; https://www.xing.com/privacy
• LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; https://www.linkedin.com/legal/privacy-policy
• LinkedIn has subjected itself to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework induux international GmbH, Schulze-Delitzsch-Str. 38, 70565 Stuttgart https://de.induux.com/induux/impressum/
6.3 Lead Forensics
For marketing and website optimization purposes, we use wiredminds GmbH products and services (https://www.leadforensics.com)
on this website. Lead Forensics' headquarters is in Communication House 26 York Street, London, W1U 6PZ, Great Britain. Lead Forensics determines details about your organization, including your phone number, web address, SIC code and a description of your company. In the process, Lead Forensics displays the progression of your visit on this website in real time, including all of the pages that you visited and viewed and how much time you spent on a particular page. Under no circumstances is the data used to personally identify an individual visitor. If IP addresses are collected, they are anonymized immediately after they have been collected. Lead Forensics uses this information collected on behalf of the operator of this website in order to evaluate your visit to the website, compile reports about website activities and provide additional services associated with website and Internet use to the website operator. If you do not agree to this, you may object to the data collection, processing and storage at any time with effect for the future by clicking on the following link: http://lfwebproxy.westeurope.cloudapp.azure.com:5000/?clientID=75051
For marketing and website optimization purposes, we use WiredMinds products and services (https://www.wiredminds.de/) on this website. WiredMinds headquarters is located on Lindenspürstr 32, 70176 Stuttgart Germany. Our page uses the wiredminds GmbH tracking pixel technology to analyze visitor behavior. In the process, data may be collected, processed and stored, which are used to create a user profile under a pseudonym. Where possible and expedient, these user profiles are completely anonymized. Here as well, cookies may be used. Cookies are small text files that are stored in the visitor's Internet browser for the purpose of recognizing the Internet browser. The collected data, which may also include personal data, is transmitted to wiredminds or collected by wiredminds directly. Wiredminds may use the data, which is stored when users visit the web pages, to create anonymized user profiles. The data obtained in this manner are not used without the consent specifically given by the data subject to personally identify the visitor of this web page and they are not combined with the personal data via the carrier of the pseudonym. If IP addresses are collected, they are anonymized without undue delay by deleting the last blocks of numbers.
If you do not agree to this, you may object to the data collection, processing and storage at any time with effect for the future on the WiredMinds website directly: https://www.wiredminds.de/datenschutzhinweis/ For any additional questions, contact WiredMinds support (email@example.com).
6.5 Career portal
Our website informs you of all positions available at HEKUMA throughout Germany. If you cannot find the right position for you, you may alternatively take the initiative. To do so, you may submit your application to us directly through our website. We use this e-mail for this purpose: firstname.lastname@example.org where you will be automatically sent to.
7. Duration of storage
We only store your personal data for as long as needed for the specific data collection purpose or as provided for by law. If storage periods under commercial and/or tax law must be observed, the storage period for certain data may be up to ten years. You can find more information under the individual functions listed on our website.
8. Objection or revocation of consent to processing your data
If you have given us your consent to the processing of your personal data, you have the right to revoke your consent at any time with effect for the future. You may submit your revocation to email@example.com. Please keep in mind that despite your objection or revocation, we may be obligated to continue to store your data.
Of course, you may object to the processing of your personal data for the purposes of direct marketing at any time. Refer to item 1 for contact details.
9. Your rights
With respect to personal data that concern you, you have the following rights:
• Right to information
• Right to rectification or erasure
• Right to restriction of processing
• Right to object to processing
• Right to data portability
You have the right to lodge a complaint with a supervisory authority with respect to our processing of your personal data.
10. Amendments to the privacy statement
As a result of the dynamic expansion of the Internet and potential changes to the law, from time to time, we may need to adjust our privacy statement. For this reason, please refer to the updated version of our privacy statement as amended.