Privacy Policy
-
The security of your data and the protection of your privacy is important to us. We are committed to protecting your privacy and to complying with statutory data protection provisions. In the following, we explain how we handle your personal data.
Which data is processed in detail and how it is used depends largely on the services requested or agreed in each case.
-
The controller within the meaning of data protection law is
Willy Bogner GmbH
Neumarkter Str. 75
D-81673 Munich
E-Mail: mydata@bogner.com
and
Bogner Commerce GmbH
Neumarkter Str. 75
D-81673 Munich
E-Mail: mydata@bogner.com
In the following, “BOGNER”, “we”, “us” and “our” refer to the above-mentioned companies.
In many areas, data is processed jointly. The joint responsibility is regulated by an agreement between the companies. The companies use the same database system in the course of their activities and access a common data pool where necessary. The companies are each independently responsible for the lawful processing of personal data and the granting of data subject rights, including the provision of mandatory information. Where necessary, the companies shall support each other in this respect.
We have appointed an external data protection officer for the German companies:
c/o activeMind AG
Management and Technology Consulting
Potsdamer Straße 3
D-80802 Munich
E-Mail: dataprotectionofficer@bogner.com
-
You can exercise the following rights at any time using the contact details of our data protection officer:
- Information about your data stored with us and its processing (Art. 15 GDPR),
- Correction of inaccurate personal data (Art. 16 GDPR),
- Deletion of your data stored with us (Art. 17 GDPR),
- Restriction of data processing if we are not yet allowed to delete your data due to legal obligations (Art. 18 GDPR),
- Objection to the processing of your data stored with us (Art. 21 GDPR) and
- Data portability, provided you have consented to the data processing or have concluded a contract with us (Art. 20 GDPR).
If you have given us consent, you can revoke this at any time with effect for the future. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected by this.
You can contact a supervisory authority at any time with a complaint, e.g. the competent supervisory authority in the federal state of your residence or the authority responsible for us as the responsible body.
A list of the regulatory authorities (for the non-public sector) with their address can be found here.
-
4.1 Salesforce Commerce Cloud
Nature and purpose of the processing:
We use the e-commerce platform of Salesforce Commerce Cloud, a service of Salesforce.com Germany GmbH, Erika-Mann-Str. 63, D-80636 Munich.
Salesforce stores this website on its servers (hosting). In connection with hosting, Salesforce processes personal data on our behalf that arises from the following actions of the user:
- when visiting our website;
- as part of an order in our online shop;
- when creating and using a user account;
- in connection with our newsletters.
Further details, in particular on the legal basis and storage period, can be found under the individual processing activities.
Since Salesforce is headquartered in the United States, this does not preclude data processing on Salesforce servers in the United States.
We have entered into a contract with Salesforce for data processing. In addition, we have contractually ensured that the data is hosted by Salesforce on servers based in the European Union. The location of the servers is Frankfurt am Main. With regard to the data processing that takes place within the scope of hosting our website, we have concluded a “Data Protection Addendum” (DPA) with Salesforce. The EU Standard Contractual Clauses form part of this DPA. In addition, Salesforce has implemented approved “Binding Corporate Rules” in the company to ensure compliance with data protection.
Salesforce restricts access to data to those access possibilities permitted by law. Salesforce Commerce Cloud is also certified by reliable security standards, including PCI-DSS, SOC2, and ISO 27001. For more information on privacy related to Salesforce Commerce Cloud, please refer in particular to the Salesforce Privacy Policy.
4.2 Server log files
Nature and purpose of the processing:
Information of a general nature is automatically collected when you access our website, i.e. if you do not register or otherwise transmit information. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your internet service provider, your IP address, referrer URL, the date and time of access and similar.
The data is processed for the following purposes in particular:
- to ensure problem-free connection to the website;
- to ensure the smooth running of our website;
- to ensure and evaluate system security and stability, in particular for the detection of abuse, and
- to ensure the technically error-free presentation and optimisation of our website.
We do not use your data to form conclusions about you personally. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.
Legal basis and legitimate interest:
The processing is carried out in accordance with Art. 6 (1) f) GDPR, on the basis of our legitimate interest in improving the stability and functionality of our website and ensuring system security and detecting abuse.
Recipient:
The recipients of the data may be technical service providers who act as contract processors for the operation and maintenance of our website.
Third country transfer:
The use of Salesforce Commerce Cloud does not preclude processing in the United States.
Storage period:
Data is stored in server log files in a form that allows identification of the data subjects for a maximum period of 14 days, unless a security-relevant event occurs (e.g. a DDoS attack). In the event of such an event, server log files are stored until the security-relevant event is resolved and fully clarified.
Provision prescribed or required:
The provision of the aforementioned personal data is neither legally nor contractually required. However, without the data, the service and functionality of our website cannot be guaranteed. In addition, individual services and services in general may not be available or may be limited.
Objection:
Please read the information about your right to object according to Art. 21 GDPR.
4.3 Email contact
Nature and purpose of the processing:
The data you enter will be stored for the purpose of individual communication with you. This requires a valid email address, first and last name, and the selection of the concern. This is used for the assignment of the enquiry and the subsequent response to it. The provision of further data is optional.
It is possible to contact us via the email addresses provided. In this case, the user’s personal data transmitted with the email will be stored. This includes the date and time of the email, email address, IP addresses,information on the servers involved in the email communication and content of your request.
Legal basis and legitimate interest:
We process data on the basis of our legitimate interest to enable you to contact us easily (Art. 6 (1) f) GDPR). The information you provide will be stored for the purpose of processing the enquiry and for possible follow-up questions.
If you contact us to request a quote, the data will be processed to carry out pre-contractual measures (Art. 6 (1) b) GDPR).
Recipient:
The recipients of the data may be technical service providers who act as contract processors for the operation and maintenance of our website and our mail server. In addition, an externally contracted service team is available for your enquiries.
Third country transfer:
The use of Salesforce Commerce Cloud does not preclude processing in the United States.
Storage period:
We only process your personal data for as long as is necessary to fulfil the intended purposes. In addition, we are subject to statutory retention periods stipulated in the German Commercial Code (Handelsgesetzbuch) or the German Fiscal Code (Abgabenordnung), which generally last 6 to 10 years.
Provision prescribed or required:
The provision of your personal data is voluntary. However, we can only process your enquiry if you provide us with your name, email address and the reason for the enquiry.
Objection:
Please read the information about your right to object according to Art. 21 GDPR.
4.4 Cookies
A cookie is a small set of data created when you visit a website and temporarily stored on the system of the user of the website. If the server of this website is accessed again by the user of the website, the browser of the user of the website sends the previously received cookie back to the server. The server can evaluate the information obtained by this method. Cookies can in particular make it easier to navigate a website.
For detailed information about cookies and what cookies are used on this website (after consent), see Cookie settings.
-
5.1 Newsletter
Nature and purpose of the processing:
For the delivery of our newsletter, we collect personal data that is transmitted to us via an input mask. We need a valid email address in order to register you successfully.
In order to verify that a registration is actually made by the owner of a particular email address, we use the “double opt-in” (DOI) procedure for online registrations. This means that you will receive an email after registering for the newsletter in which you must reconfirm your newsletter registration.
When signing up for a newsletter in one of our BOGNER stores, we only need your signature (“single opt-in”) to confirm the accuracy of your data. A renewed confirmation of the newsletter registration by email is therefore not required.
At the time of DOI confirmation, the following data will also be stored:
- Date and time
- Country and language
- Channel: Webshop or Store ID
In addition, we evaluate your reading and usage behaviour in order to constantly improve our newsletter and adapt it to your interests and requirements. For this purpose, we analyse whether and what you read or click on in the BOGNER News by email in order to make it even more attractive, to form customer groups and to design special offers for these groups.
Legal basis:
We send our newsletter and evaluate it on the basis of your consent (Art. 6 (1) a) GDPR).
Recipient:
We use a service provider, who acts as our contract processor, for its dispatch and any evaluations that may take place.
We also use service providers to evaluate your usage behaviour and click data.
Third country transfer:
The use of Salesforce Commerce Cloud does not preclude processing in the United States.
Storage period:
The data will only be processed in this context as long as the relevant consent has been given.
Provision prescribed or required:
The provision of your personal data is voluntary and based solely on your consent. Unfortunately, we cannot send you our newsletter or make you customised offers without your consent.
Withdrawal of consent:
You can withdraw your consent to the storage of your personal data and its use for the dispatch of the newsletter, or the evaluation of the newsletter, at any time with effect for the future. You will find a corresponding unsubscribe link in every newsletter.
You can also revoke your consent via the other contact options provided on the website.
Profiling:
We evaluate your use of the newsletters sent to you and the subsequent visits to the BOGNER website in order to further improve the newsletter and the web offer, and to optimise them according to the specific interests of the visitors. You can unsubscribe from website tracking at any time under “My Account”, or in every newsletter you will find a corresponding unsubscribe link.
Objection:
You are entitled to object to the use of your email address for the aforementioned advertising purpose at any time with effect for the future. You will find a link to this effect in every promotional email. You can also revoke your consent via the other contact options provided on the website. We will then include your name and email address in our advertising blacklist.
Profiling:
We evaluate your use of the mailings sent to you and the subsequent visits to the BOGNER website, in order to further improve the mailings and the web offer and to optimise them according to the actual interests of the visitors.
5.3 Advertising by letter post
Nature and purpose of the processing:
We reserve the right to use your contact data (title, name, address) and date of birth - insofar as we have received this additional information from you within the framework of the contractual relationship - to send you interesting offers concerning our products by post. If you have initially objected to the use of your data for this purpose, we will not send any mailings.
Legal basis and legitimate interest:
The processing for sending advertising by letter post is based on our legitimate interest in personalised, direct advertising (Art. 6 (1) f) GDPR).
Recipient:
We use a service provider for the dispatch who acts as our contract processor.
Third country transfer:
The use of Salesforce Commerce Cloud does not preclude processing in the United States.
Storage period:
The data will only be processed in this context as long as you have not objected to such processing.
Provision prescribed or required:
The provision of your personal data is voluntary. If you object to advertising by letter post, we will not be able to send you any interesting offers by letter post.
Objection:
You are entitled to object to the use of your address for the aforementioned advertising purpose at any time with effect for the future. You will find a corresponding contact in each covering letter. You can object via the other contact options provided on the website. We will then include your name and address in our advertising blacklist.
5.4 Advertising blacklist
Nature and purpose of the processing:
After your objection to the processing of your personal data for advertising purposes or the revocation of your consent, we store your email address or your name and address (in the case of postal advertising) in our internal advertising blacklist. We only use your data for matching with our future advertising files. This ensures that your advertising objection or the revocation of your consent is permanently respected.
Legal basis and legitimate interest:
The lawfulness of processing personal data provided to us for the purpose of inclusion in our advertising blacklist is based on a legitimate interest (Art. 6 (1) f) GDPR), so that we can exclude you from advertising (by email or letter post) in the future.
Recipient:
The recipients of the data may be technical service providers who support the processing of our advertising blacklists as contract processors.
Storage period:
Entries in the BOGNER internal advertising blacklist are stored permanently. Deletion of the entry by the data subject is possible at any time by notifying us of your deletion request via email.
Provision prescribed or required:
The provision of your personal data is voluntary. If you object to the inclusion of your data in our advertising blacklist, we cannot guarantee that you will receive advertising from us at a later date (if the legal basis exists).
Objection:
You have the right to object to the use of your email address for the aforementioned purpose at any time with effect for the future. You can also revoke your consent via the other contact options provided on the website.
5.5 Online surveys
Nature and purpose of the processing:
Your personal data will be processed in a pseudonymised form within the scope of the survey. It is not possible for us to draw any direct conclusions about you as a person. The purpose of processing personal data within the scope of the surveys is, for example, to increase customer satisfaction and optimise the shopping experience.
If the survey is linked to a special offer, a voucher for example, you will receive the relevant voucher code at the end of the survey. On the basis of this voucher code, only your participation in a survey can be traced back to you. The result will be provided to us in anonymized form.
Legal basis and legitimate interest:
If you are already a BOGNER customer, or have subscribed to our newsletter and have not objected to the use of your data for advertising purposes, the processing is based on a legitimate interest (Art. 6 (1) f) GDPR). We have a legitimate interest in increasing the satisfaction of our customers and optimising their shopping experience.
Recipient:
The recipients of the data may be technical service providers who act as contract processors for the implementation of the survey.
Third country transfer:
The use of Salesforce Commerce Cloud does not preclude processing in the United States.
Storage period:
We do not assign answers to you personally, but only record that you have received a corresponding link to the survey. If you have redeemed a voucher, we record that you have taken part in the survey. These characteristics are stored in your customer profile. You can find information on deleting your customer profile below.
Provision prescribed or required:
The provision of your personal data is voluntary. If you choose not to participate in the customer survey, we will not be able to improve our offer based on your anonymous answers. You may not be able to receive or use any offers, such as vouchers, associated with participation in the customer survey.
Objection:
You are entitled to object to the use of your address for the aforementioned advertising purpose at any time with effect for the future. You will find a corresponding contact in each covering letter. You can also revoke your consent via the other contact options provided on the website.
-
6.1 Creation of customer account in the BOGNER Store
Nature and purpose of the processing:
In our BOGNER stores, you have the option to create a customer account. To do this, we collect your contact details and link your purchases to your account. This has many advantages for you, e.g. we can make recommendations for you in a later purchase or we already know your size.
In addition to the data you have provided, the following data is stored at the time you create your customer account:
- Date and time
- Channel: Store ID
Legal basis:
As part of the account creation process, your consent is obtained for the processing of this data in accordance with Art. 6 (1) a) GDPR.
Recipient:
The recipients of the data may be technical service providers who act as contract processors for the operation and maintenance of our website. The data is not passed on to third parties.
Third country transfer:
The use of Salesforce Commerce Cloud does not preclude processing in the United States.
Storage period:
You can change the data we have on file for you or delete your user account at any time.
Your customer account will be deleted if you make a request via email. Please note, however, that there are legal retention obligations for certain data, at the very least for paid orders you have completed.
Withdrawal of consent:
You have the option to cancel your customer account at any time by contacting us via email.
Provision prescribed or required:
Creating a customer account is voluntary. It is beneficial for the fulfilment of a contract with you (via our online shop), or for the implementation of pre-contractual measures, but not a requirement.
6. 2 Creating a user account/registration in the online shop
Nature and purpose of the processing:
We offer you the option to register on our website. This has many benefits for you, for example, you can view your order history at any time, benefit from a faster checkout and a more personalised shopping experience. Under “My Account”, you can save more information and change it regularly.
If you save your preferred delivery and billing address, you do not have to enter them again when you place a new order. This makes your shopping faster and more convenient. Registration is possible with your title, first and last name and the assignment of a password.
In addition to the data you have provided, the following data is stored at the time of registration:
- Date and time
- Country and language
- Channel: Web shop
Once you have created a user account, you will receive a registration confirmation email.
If you have forgotten your password, you can use a reset link and assign a new password.
Legal basis:
As part of the registration process, your consent is obtained for the processing of this data in accordance with Art. 6 (1) a) GDPR.
Recipient:
The recipients of the data may be technical service providers who act as contract processors for the operation and maintenance of our website. The data is not passed on to third parties.
Third country transfer:
The use of Salesforce Commerce Cloud does not preclude processing in the United States.
Storage period:
You can change the data we have on file for you or delete your user account at any time.
You can delete your account at any time under “My Account” – “Manage Account”. Please note that as an unregistered customer, you are waiving benefits such as a convenient and personal shopping experience thanks to quick checkout, an overview of your complete order history and saved preferences.
Withdrawal of consent:
Alternatively, you have the option to cancel your customer account at any time by contacting us via email.
Provision prescribed or required:
Registration is voluntary. It is beneficial for the fulfilment of a contract with you (via our online shop), or for the implementation of pre-contractual measures, but not a requirement.
6.3 Transaction-based emails
Transaction-based emails are automated emails sent through specific visitor actions or after business transactions. This is not a newsletter, but emails that are sent automatically based on your actions (e.g. registration confirmations).
Legal basis:
The legal basis for sending these transaction-based emails is Art. 6 (1) b) GDPR or our legitimate interest pursuant to Art. 6 (1) f) GDPR to increase customer retention and satisfaction.
Recipient:
Sending via a specialized service provider is required here, to ensure delivery of the emails to your email account.
Third country transfer:
The use of Salesforce Commerce Cloud does not preclude processing in the United States.
Storage period:
The data for sending emails is only stored for the duration of the sending. The storage duration is thus limited in time. Data content will not be saved.
Provision prescribed or required:
The provision of your data is necessary for the fulfilment of the contract. Without sending transaction-based emails, we cannot offer you various services.
Objection:
Please read the information about your right to object according to Art. 21 GDPR.
6.4 Online-Order (provision of chargeable services)
Nature and purpose of the processing:
We process the data that you provide as part of your order for the purpose of implementing or processing your order together with our partner Global-E NL B.V., Krijn Taconiskade 430, 1087 HW Amsterdam, Niederlande (in the following "Global-E") Global-E processes your order on our behalf and is the registered merchant for these transactions. In order to provide this service, the necessary order data (name, billing and delivery address, email address and telephone number) will be passed on by us to Global-E so that Global-E can process your order and deliver products to you. This also includes the payment, return or exchange and product-related complaints. To view Global-E's privacy policy, please click here.
Your personal data will only be used to the extent necessary to process this order and to deliver the products and services requested.
Legal basis:
In the context of the transfer of your personal data to Global-E the execution of the contract is realized pursuant to Art. 6 para. 1 lit. b) GDPR.
Recipient:
For the provision of the shop, we use technical service providers who act as contract processors for the operation and maintenance of our website.
The recipient of your order data is Global-E NL B.V., Krijn Taconiskade 430, 1087 HW Amsterdam, The Netherlands.
Third country transfer:
The use of Salesforce Commerce Cloud does not preclude processing in the United States.
Storage period:
BOGNER stores this data in our systems until the statutory retention periods have expired. These are generally 6 or 10 years depending on the purpose of proper accounting and tax law requirements. For more information about the storage period at Global-e please click here.
Provision prescribed or required:
The provision of your personal data and the transfer of your order data to Global-E is contractually necessary in order to be able to carry out our purchase contract with you. Without the provision of your personal data, we cannot complete your order.
6.5 In-store purchases (paid services provided)
Nature and purpose of the processing:
We use your personal information to process your purchase and payment processes and manage your claims, returns and reimbursements in a secure and effective manner.
Your personal data will only be used to the extent necessary to complete the purchase.
In addition, payment data collected for the above-mentioned purpose will also be used under certain conditions and restrictions to detect fraud and theft in connection with sales and to comply with applicable laws (e.g., requirements relating to tax laws and statutory accounting procedures).
Our business premises are equipped with video cameras for theft prevention.
Legal basis and legitimate interest:
The processing of the data required for the conclusion of the contract, or as required by law, is based on Art. 6 (1) b) and c) GDPR.
The processing of your personal data to detect fraud and theft is based on our legitimate interest as a company (pursuant to Art. 6 (1) f) GDPR).
Recipient:
Your data will only be passed on to service providers working on our behalf, e. g. for order fulfilment and payment processing.
With regard to the transfer of data to recipients outside our company, it should first be noted that we only transfer necessary personal data in compliance with the applicable data protection regulations.
In order to fulfil our contract with you, we pass on your name and address to shipping and logistics service providers commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods.
Depending on the payment method you select during the order process, we will pass on the payment data collected for this purpose to the credit institution commissioned with the payment and, if applicable, to payment service providers commissioned by us or to the payment service selected by you during the order process.
Other recipients of your personal data are, for example, public bodies and institutions (e.g. tax authorities, law enforcement agencies) in the event of a legal or official obligation, tax advisors, business and payroll tax auditors (statutory audit mandate).
Storage period:
We store this data in our systems until the statutory retention periods have expired. These are generally 6 or 10 years for the purpose of proper accounting and tax law requirements.
Provision prescribed or required:
The provision of your personal data is contractually necessary in order for us to be able to carry out our purchase contract with you. Without the provision of your personal data, we cannot complete your order.
Objection:
Please read the information about your right to object according to Art. 21 GDPR.6.6 Setting up a personal customer profile
Nature and purpose of the processing:
We create a customer profile for you for better consideration of your wishes and preferences. For this purpose, we combine the following data into a customer profile:
- contact information (e.g. your first and last name, your address, etc.)
- purchase and contract processing data (e.g. purchase value, return, product interest)
- order history
- newsletter opt-in
- registration in the online shop
- email statistics
- events in BOGNER stores
- participation in sweepstakes
- customer survey responses
We use your customer profile data for our own statistical purposes to make our products and services even more attractive, to form customer groups and to create general and/or customer group-specific offers. In addition, the data will be used to determine your interest in our products and to provide personalised content (e.g. email marketing or letter advertising).
Legal basis and legitimate interest:
The legal basis for the evaluation of your purchase and contract data is based on our legitimate interest (Art. 6 (1) f) GDPR) to optimise and personalise our advertising activities.
The legal basis for the evaluation of your usage behaviour/clicking data is based on your consent, which we have obtained as part of your newsletter registration.
Recipient:
Recipients of the data may be technical service providers who act as contract processors for the operation and maintenance of our website and for retail support.
We also use service providers to evaluate your usage behaviour and click data.
Storage period:
The data will only be processed in this context as long as you have not objected to such processing.
Third country transfer:
The use of Salesforce Commerce Cloud does not preclude processing in the United States.
Provision prescribed or required:
The provision of your personal data is neither legally nor contractually required. However, without this data, we cannot optimise our offer and adapt it to your personal preferences.
Objection:
Please read the information about your right to object according to Art. 21 GDPR.
Profiling:
Using the tracking tools and merging your contact and purchase data, we evaluate your behaviour on our website and analyse your interests. To do this, we create a customer profile.
6.7 Product availability
Nature and purpose of the processing:
If a product is sold out in your size, you can choose to be informed by email as soon as the item becomes available again in the requested size. We need the size you requested as required information as well as a valid email address in order to send you this information. As soon as the item is available again, you will receive a notification of availability via email.
Legal basis and legitimate interest:
The processing of your data is necessary for the implementation of pre-contractual measures (Art. 6 (1) b) GDPR).
Storage period:
Your email address will be stored for 30 days exclusively for this purpose. If the item does not become available again after 30 days, your email address will be automatically deleted.
Recipient:
The recipients of the data may be technical service providers who act as contract processors for the operation and maintenance of our website and for the use of this service.
Provision prescribed or required:
The provision of your personal data is contractually necessary in order to be able to follow up on your request. Without the provision of your personal data, we cannot send you a notification as soon as the requested item is available again.
Objection:
Please read the information about your right to object according to Art. 21 GDPR.
-
BOGNER is represented on various social networks. For information on the storage and use of your data, as well as information on your rights and options regarding the settings for your privacy protection, please refer to the Privacy Policy of the respective network operator:
Facebook and Instagram
BOGNER is represented on the social networks Facebook and Instagram. These platforms are provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. We maintain these Facebook/Instagram pages to provide information to their users, potential users and also to our customers about our products and services.
We cannot rule out that when our company presence on these social networks is accessed, that a third country transfer, e.g. to servers located in the USA, takes place. Furthermore, we would like to point out that as the operator of a Facebook/Instagram fan page with Facebook, we are jointly responsible for the processing of the personal data of the visitors to this page (Art. 26 GDPR). We have concluded corresponding contracts with Facebook for this purpose.
Facebook acknowledges joint responsibility for the Insights data with the operators of the sites and assumes the primary responsibility, see: https://www.facebook.com/legal/terms/page_controller_addendum
If you have a Facebook/Instagram profile and are logged in, Facebook can, for example, analyse your usage behaviour and create a usage profile corresponding to this behaviour. This user data is regularly processed for market research and (personalised) advertising purposes.
The processing of the data is based on your consent in accordance with Art. 6 (1) a) GDPR.
If you wish to make requests for information or assert your user rights, it is possible to assert these rights against us or Facebook. Further information regarding the collection and use of data, as well as your rights and protection options, can be found at https://facebook.com/about/privacy and https://instagram.com/about/legal/privacy/
YouTube
BOGNER is also represented on YouTube. YouTube is a service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”)).
We cannot rule out that a third country transfer, e.g. to servers located in the USA, takes place when our YouTube channel is accessed. This may allow YouTube to track your visit to our website.
When you use YouTube, your personal data will be collected, transferred, stored, disclosed and used by Google. Google analyses your user behaviour and creates a corresponding usage profile, regardless of whether you have a Google account. This information may be used to tailor content or advertising to you.
The processing of the data is based on your consent in accordance with Art. 6 (1) a) GDPR.
Further information regarding the collection and use of data as well as your rights and protection options can be found at https://policies.google.com/technologies/product-privacy?hl=de and https://policies.google.com/privacy?hl=de&gl=de.
LinkedIn
BOGNER maintains a company presence on LinkedIn. It is located on a platform operated by LinkedIn Unlimited Company, Wilton Place, Dublin 2, Ireland.
On our site, we provide information and offer users the option to communicate with each another. The company presence is used for job applications and information/PR.
When you visit, follow or engage with our LinkedIn company site, LinkedIn processes personal data to provide us with statistics and insights in an anonymised form. This gives us insights into the types of actions that visitors take on our site (so-called “page insights”). LinkedIn processes in particular data that you have already provided to LinkedIn via the information in your profile. In addition, LinkedIn will process information about how you interact with our LinkedIn corporate page, such as whether you are a follower of our LinkedIn corporate page. LinkedIn does not provide us with any personal data. Nor is it possible for us to draw conclusions about individual members using the information provided by page insights.
This processing of personal data within the framework of page insights is carried out by LinkedIn and us as joint controllers. We have entered into a Joint Controller Agreement with LinkedIn that covers data processing and sets out the distribution of the data protection obligations between us and LinkedIn. The agreement can be accessed at the following link. Under this agreement, LinkedIn is responsible for responding to data subject requests. In this regard, you have the option to contact LinkedIn online, or contact LinkedIn via the contact details in the Privacy Policy.
You may contact us regarding the exercise of your rights in connection with the processing of personal data within the scope of page insights, by sending us an email. We will forward your request to LinkedIn in such a case.
The processing of the data is based on your consent in accordance with Art. 6 (1) a) GDPR, which you have granted to LinkedIn as part of your registration.
For more information about LinkedIn’s data processing, please see the LinkedIn Privacy Policy.
We cannot rule out that a third country transfer, e.g. to servers located in the USA, takes place when our LinkedIn page is accessed. This may allow LinkedIn to track your visit to our website.
-
We only handle personal data insofar as data protection regulations allow. In so doing, we also strive to use all the necessary technical and organisational security measures to adequately protect your personal data from unauthorised access and misuse at all times.
Your data will only be passed on to service providers (contract processors) if it is necessary for the fulfilment of our contractual duties. All service providers are obliged to treat your data confidentially on the basis of an order processing agreement.
Insofar as we store or process personal data, this is done within a secure data centre. To protect the security of your data during transmission, we use encryption procedures (e.g. SSL) via HTTPS. Our servers are secured by means of a firewall and virus protection. Back-up and recovery procedures, as well as role and authorisation concepts, are standard for us.
Our employees are obliged to observe the regulations of the GDPR and the BDSG (Federal Data Protection Act) when handling data.
-
We reserve the right to adapt this Privacy Policy so that it always complies with the current legal requirements or in order to implement changes to our services in the Privacy Policy, such as when introducing new services. The new Privacy Policy will then apply to your next visit.
-
Right to object on a case-by-case basis
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Art. 6 (1) f) GDPR (data processing on the basis of a balance of interests); this also applies to profiling based on this provision within the meaning of Art. 4 (4) GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
Recipient of an objection
You can forward your objection informally to us under the subject “Objection”, stating your name, address or other identifiers.
As of April 2024