Data Protection
Information for Data Subjects (Participants) on Direct Data Collection (Art. 13 GDPR)
1. Introduction
With the following information, we would like to provide you, as the "data subject," with an overview of how we process your personal data and inform you of your rights under data protection laws. The use of our website is generally possible without providing personal data. However, if you wish to use specific services provided by our company through our website, the processing of personal data might be required. If such processing is necessary and there is no legal basis for it, we will generally obtain your consent.
The processing of personal data, such as your name, address, or email address, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations applicable to CONWEAVER GmbH. This privacy policy aims to inform you about the scope and purpose of the personal data we collect, use, and process.
As the data controller, we have implemented numerous technical and organizational measures to ensure the most comprehensive protection of the personal data processed via this website. However, internet-based data transmissions can have security gaps, meaning that absolute protection cannot be guaranteed. For this reason, you are free to transmit personal data to us via alternative means, such as telephone or postal mail.
You can also take simple and easy-to-implement measures to protect yourself against unauthorized access by third parties to your data. We would therefore like to provide you with some tips for securely handling your data:
- Protect your account (login, user, or customer account) and IT system (computer, laptop, tablet, or mobile device) with secure passwords.
- Ensure that only you have access to your passwords.
- Make sure you use your passwords only for one account (login, user, or customer account).
- Do not use the same password for different websites, applications, or online services.
- When using publicly accessible or shared IT systems, always log out after using a website, application, or online service.
Passwords should consist of at least 12 characters and be chosen in such a way that they are not easily guessed. Therefore, they should not contain common everyday words, your own name, or the names of relatives but should include uppercase and lowercase letters, numbers, and special characters.
2. Data Controller
The data controller within the meaning of the GDPR is:
CONWEAVER GmbH
Friedensplatz 12, 64283 Darmstadt, Germany
Phone: +49 6151 59992-0
Representatives of the Controller:
Dr. Thomas Kamps
Richard Stenzel
3. Data Protection Officer
You can reach our Data Protection Officer as follows:
Our Data Protection Officer can be contacted at datenschutzbeauftragter@conweaver.com or via our postal address with the addition "Data Protection Officer."
You can contact our Data Protection Officer at any time with any questions or suggestions regarding data protection.
4. Definitions
This privacy policy is based on the terms used by the European legislator when adopting the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand for both the public and our customers and business partners. To ensure this, we would like to explain the terminology used in advance.
We use the following terms in this privacy policy:
4.1. Personal Data
Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
4.2. Data Subject
A data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.
4.3. Processing
Processing is any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
4.4. Restriction of Processing
Restriction of processing is the marking of stored personal data with the aim of limiting its future processing.
4.5. Profiling
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
4.6. Pseudonymization
Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures ensuring that the personal data is not attributed to an identified or identifiable natural person.
4.7. Processor
A processor is a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.
4.8. Recipient
A recipient is a natural or legal person, public authority, agency, or another body, to which personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry under Union or Member State law shall not be regarded as recipients.
4.9. Third Party
A third party is a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
4.10. Consent
Consent is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
5. Legal Basis for Processing
Art. 6(1)(a) GDPR (in conjunction with Sec. 25(1) TDDDG (previously TTDSG)) serves as the legal basis for our processing operations where we obtain consent for a specific processing purpose.
If the processing of personal data is necessary for the performance of a contract to which you are a party, such as processing operations required for the delivery of goods or the provision of a service, processing is based on Art. 6(1)(b) GDPR. The same applies to processing operations necessary for carrying out pre-contractual measures, such as inquiries about our products or services.
If our company is subject to a legal obligation that requires the processing of personal data, such as for tax compliance, processing is based on Art. 6(1)(c) GDPR.
In rare cases, processing personal data may be necessary to protect the vital interests of the data subject or another natural person. This could be the case, for example, if a visitor is injured at our company and their name, age, health insurance details, or other vital information needs to be passed on to a doctor, hospital, or other third party to protect the vital interests of the data subject or another natural person. In such a case, processing would be based on Art. 6(1)(d) GDPR.
Finally, processing operations could be based on Art. 6(1)(f) GDPR. This legal basis applies to processing operations that do not fall under any of the aforementioned legal grounds if the processing is necessary for the purposes of legitimate interests pursued by our company or a third party, provided these interests are not overridden by the interests, fundamental rights, and freedoms of the data subject. Such processing operations are particularly permitted because they have been specifically mentioned by the European legislator. It was considered that a legitimate interest could be assumed if you are a customer of our company (Recital 47, Sentence 2 GDPR).
6. Technology
6.1. SSL/TLS Encryption
This website uses SSL or TLS encryption to ensure secure data processing and to protect the transmission of confidential content, such as orders, login credentials, or inquiries sent to us as the website operator. You can recognize an encrypted connection by the change in the browser address line from "http://" to "https://" and by the lock symbol in your browser bar.
We use this technology to protect your transmitted data.
6.2. Data Collection When Visiting the Website
When you visit our website for informational purposes only, without registering or otherwise providing us with information or consenting to data-processing activities requiring explicit consent, we only collect data necessary for the provision of the service. These are typically data that your browser transmits to our server (so-called server log files). Our website collects various general data and information every time a page is accessed, either by you or through an automated system. This data is stored in the server log files and may include:
- Browser types and versions used,
- The operating system used by the accessing system,
- The website from which an accessing system reaches our website (so-called referrer),
- The subpages accessed on our website via an accessing system,
- The date and time of access to the website,
- A truncated Internet Protocol address (anonymized IP address), and
- The Internet service provider of the accessing system.
We do not draw conclusions about the data subject from these general data and information. Instead, this information is needed to:
- Deliver the content of our website correctly,
- Optimize our website content and advertising,
- Ensure the long-term functionality of our IT systems and website technology, and
- Provide law enforcement authorities with the necessary information for prosecution in case of a cyberattack.
We evaluate these collected data and information both statistically and with the aim of increasing data protection and security within our company to ensure an optimal level of protection for the personal data we process. The anonymous data from the server log files are stored separately from any personal data provided by a data subject.
The legal basis for data processing is Art. 6(1)(f) GDPR. Our legitimate interest arises from the purposes of data collection listed above.
6.3. Amazon CloudFront (Content Delivery Network)
We use Amazon CloudFront, a web service provided by Amazon Web Services Inc., 410 Terry Avenue North, 98109, Seattle, Washington, USA.
Amazon CloudFront is a Content Delivery Network (CDN). It routes the transfer of information between your browser and our website through CloudFront’s network, reducing latency and improving load times for both static and dynamic web content. It also enhances our website’s security by encrypting traffic and providing access controls.
Additionally, CloudFront stores cookies on your device to optimize its service. You can configure your browser to delete cookies, allow cookies only in specific cases, or automatically delete cookies when closing the browser.
Amazon Web Services receives and processes personal data as our data processor under EU Standard Contractual Clauses. CloudFront collects statistical data about website visits, including:
- IP address
- Accessed website
- Referrer URL
- Browser type
- Operating system
- Device type
If you have given your consent for the use of CloudFront, the legal basis for the processing of personal data is Art. 6(1)(a) GDPR. Additionally, it is in our legitimate interest under Art. 6(1)(f) GDPR to use CloudFront to optimize our website, enhance its security, and avoid operating our own content delivery network (CDN). Personal data collected through Amazon Web Services will be retained only as long as necessary to fulfill the described purpose.
Amazon Web Services Inc. is certified under the EU-US Data Privacy Framework. This certification qualifies as an adequacy decision under Art. 45 GDPR, allowing the transfer of personal data without additional safeguards.
For more details about CloudFront, visit: https://aws.amazon.com/de/cloudfront/.
6.4. Amazon Web Services (AWS) – Hosting of Specific Components
Our website incorporates components hosted by Amazon Web Services (AWS), a cloud computing platform operated by Amazon.com Inc., Seattle, 410 Terry Ave N, USA.
The purpose of using AWS is, among other things, to host applications and services as well as to rent resources for computationally intensive tasks.
If you have consented to the use of AWS-hosted services, the legal basis for processing personal data is Art. 6(1)(a) GDPR. Additionally, our legitimate interest under Art. 6(1)(f) GDPR supports the use of AWS hosting to ensure a secure and reliable website.
Amazon Inc. is certified under the EU-US Data Privacy Framework. This certification qualifies as an adequacy decision under Art. 45 GDPR, allowing the transfer of personal data without additional safeguards.
For AWS privacy policies, visit: https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice_German_2023-08-11.pdf.
6.5. Hosting by Webflow
Our website is hosted by Webflow, Inc., 398 11th St., Floor 2, San Francisco, CA 94103, USA.
When you visit our website, your personal data (such as IP addresses in log files) is processed on Webflow servers.
We rely on Webflow under Art. 6(1)(f) GDPR due to our legitimate interest in ensuring a reliable, high-performance website.
We have entered into a data processing agreement (DPA) with Webflow per Art. 28 GDPR. This agreement ensures that Webflow processes personal data strictly according to our instructions and in compliance with GDPR.
For Webflow’s privacy policy, visit: https://webflow.com/legal/privacy.
6.6. Anonymous Analytics With Fathom
We use the Fathom web analytics service, provided by Conva Ventures Inc., BOX 37058 Millstream PO, Victoria, British Columbia, V9B 0E8, Canada. Fathom does not use cookies and does not store any personally identifiable information about you.
The use of this analytics tool is based on Art. 6(1)(f) GDPR, as we have a legitimate interest in analyzing user behavior in an anonymous manner to improve both our website and advertising efforts.
The data is processed exclusively on servers within the European Union (EU). This ensures that all data remains within the jurisdiction of the GDPR and is subject to European data protection regulations. No data is transferred to Canada.
When you load our website, a connection is established to Fathom Analytics’ EU-based servers to retrieve the JavaScript file required for analysis. No personal data is transmitted or stored during this process.
For more details about Fathom’s privacy policy, visit: https://usefathom.com/privacy.
6.7. Locally Hosted Google Fonts
Our website uses fonts from Google Fonts. To protect your privacy, we have downloaded and stored these fonts on our own server. As a result, no connection to Google’s servers is established when you visit our website, and no personal data is transmitted to third parties.
7. Cookies
We use cookies on our website. These are small files that your browser automatically creates and stores on your IT system (laptop, tablet, smartphone, etc.) when you visit our website.
Cookies contain information related to the specific device you use. However, this does not mean that we can directly identify you.
The use of cookies serves, on the one hand, to make the use of our services more convenient for you. For this purpose, we use so-called session cookies, which allow us to recognize that you have visited individual pages of our website before. These cookies are automatically deleted when you leave our site.
Additionally, we use temporary cookies to enhance user-friendliness, which are stored on your device for a specified period. If you revisit our site to use our services, these cookies automatically recognize that you have visited us before and recall any preferences or settings you have made, so you do not have to enter them again.
You can configure your browser to inform you when cookies are set, allowing you to decide individually whether to accept them or to exclude cookies for specific cases or in general. If you choose to disable cookies, the functionality of this website may be restricted.
Cookies that are necessary for electronic communication processes or for providing specific functions you requested (e.g., shopping cart functionality) are stored based on Art. 6(1)(f) GDPR. We have a legitimate interest in storing cookies to ensure the technically flawless and optimized provision of our services. Other cookies (e.g., cookies used for analyzing your browsing behavior) are addressed separately in this privacy policy.
8. Website Content
8.1. Contacting Us / Contact Form
When you contact us (e.g., via a contact form or email), personal data is collected. The type of data collected depends on the respective contact form. This data is stored and used exclusively for the purpose of responding to your inquiry and for the technical administration associated with it. The legal basis for processing this data is our legitimate interest in responding to your inquiry, pursuant to Art. 6(1)(f) GDPR. If your contact request is aimed at concluding a contract, an additional legal basis for processing is Art. 6(1)(b) GDPR. Your data will be deleted once your request has been fully processed, provided that there are no legal retention obligations preventing deletion. This applies when it is clear from the circumstances that the relevant matter has been conclusively resolved.
8.2. Application Management / Job Listings
We collect and process personal data from applicants for the purpose of handling the application process. Processing may also be carried out electronically. This is particularly the case when an applicant submits application documents to us electronically, for example, by email or via a web form on our website. If we enter into an employment or service contract with an applicant, the submitted data will be stored for the purpose of managing the employment relationship in compliance with legal requirements. If no contract is concluded with the applicant, the application documents will be automatically deleted two months after the rejection decision has been announced unless deletion conflicts with other legitimate interests of our company. A legitimate interest in this sense could include, for example, the need to provide evidence in a case related to the General Equal Treatment Act (AGG).
The legal basis for processing your data is Art. 6(1)(b), 88 GDPR in conjunction with Sec. 26(1) BDSG (Federal Data Protection Act).
9. Newsletter Dispatch
9.1. Newsletter for Existing Customers
If you have provided us with your email address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services from our range via email. In accordance with Sec. 7(3) of the German Unfair Competition Act (UWG), we do not need separate consent from you for this. The data processing is carried out solely based on our legitimate interest in personalized direct marketing pursuant to Art. 6(1)(f) GDPR. If you initially objected to the use of your email address for this purpose, we will not send any emails. You have the right to object to the use of your email address for the aforementioned advertising purpose at any time with effect for the future by notifying the data controller mentioned at the beginning. You will only incur transmission costs according to the basic rates. Upon receipt of your objection, the use of your email address for advertising purposes will immediately cease.
9.2. Promotional Newsletter
On our website, you have the opportunity to subscribe to our company’s newsletter. The personal data collected when subscribing to the newsletter is evident from the input form used.
We inform our customers and business partners regularly via a newsletter about our offers. You can only receive the company’s newsletter if:
- You have a valid email address, and
- You have registered for the newsletter dispatch.
A confirmation email using the double opt-in procedure will be sent to the email address entered for the first time for legal reasons. This confirmation email serves to verify whether you, as the owner of the email address, have authorized the receipt of the newsletter.
When subscribing to the newsletter, we also store the IP address assigned by your Internet Service Provider (ISP) at the time of registration, as well as the date and time of registration. The collection of this data is necessary to track any possible misuse of an email address at a later date and thus serves our legal protection.
The personal data collected in the course of registering for the newsletter will be used exclusively for sending our newsletter. Furthermore, subscribers to the newsletter may be informed via email if this is necessary for the operation of the newsletter service or for registration purposes, such as in the event of changes to the newsletter offer or changes in technical circumstances. The personal data collected as part of the newsletter service will not be disclosed to third parties. The subscription to our newsletter can be canceled by you at any time. You may withdraw your consent to the storage of personal data given to us for the newsletter dispatch at any time. For this purpose, a corresponding link is included in every newsletter. Furthermore, you can also unsubscribe directly on our website or inform us of this via another method.
The legal basis for data processing for newsletter dispatch is Art. 6(1)(a) GDPR.
9.3. Mailchimp
Our email newsletters are sent via the technical service provider Intuit Inc., The Rocket Science Group, LLC d/b/a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA, to whom we transfer the data provided during the newsletter registration process. This transfer takes place as part of a data processing agreement with MailChimp. Please note that your data is typically transmitted to and stored on a MailChimp server in the USA.
MailChimp uses this information for sending and statistically analyzing the newsletters on our behalf. For analysis purposes, the emails contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website. These allow us to determine whether a newsletter message was opened and which links, if any, were clicked. Additionally, technical information is recorded (e.g., time of retrieval, IP address, browser type, and operating system). This data is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses help us tailor future newsletters better to the interests of recipients.
The use of this service provider is based on Art. 6(1)(f) GDPR and a data processing agreement pursuant to Art. 28 GDPR. The legal basis for processing your personal data in connection with the newsletter is your consent given under the "double opt-in" procedure pursuant to Art. 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future.
Furthermore, MailChimp may process this data itself pursuant to Art. 6(1)(f) GDPR based on its legitimate interest in tailoring and optimizing its service, as well as for market research purposes, such as determining from which countries recipients originate. However, MailChimp does not use the data of our newsletter recipients to contact them directly or to pass them on to third parties.
If you wish to object to this data processing, you must unsubscribe from the newsletter.
This U.S. company is certified under the EU-US Data Privacy Framework. As a result, an adequacy decision pursuant to Art. 45 GDPR applies, allowing the transfer of personal data without additional guarantees or measures.
You can view MailChimp’s privacy policy here: https://mailchimp.com/legal/privacy/.
10. Social Media Activities
To communicate with you on social media platforms and inform you about our services, we maintain official pages on various networks. When you visit one of our social media pages, we and the respective platform provider are jointly responsible for the processing of personal data within the meaning of Art. 26 GDPR.
We are not the original provider of these platforms; rather, we use them within the scope of the features offered by each respective platform provider.
For this reason, please note that your data may be processed outside the European Union (EU) or the European Economic Area (EEA). This could pose data protection risks for you, as it may be more difficult to exercise your rights (e.g., the right to access, delete, or object to data processing). Additionally, social media providers often process user data for advertising or analytics purposes without our ability to influence this. If a provider creates user profiles, cookies are typically used, and your usage behavior may be linked to the profile you maintain on that platform.
The described processing of personal data takes place in accordance with Art. 6(1)(f) GDPR, based on our legitimate interest and the legitimate interest of the respective platform provider in engaging with users in a contemporary manner and informing them about our services. If a platform provider requires your explicit consent for certain types of data processing, the legal basis will be Art. 6(1)(a) GDPR in conjunction with Art. 7 GDPR.
Since we do not have direct access to the data collected by social media providers, we recommend that you exercise your rights (e.g., access, rectification, deletion, etc.) directly with the respective provider. Below, you will find further information on the processing of your data by the social media platforms we use:
10.1. LinkedIn
Controller for data processing in Europe:
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Privacy policy:
https://www.linkedin.com/legal/privacy-policy
10.2. X (Twitter)
Controller for data processing in Europe:
Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland
Privacy policy:
https://twitter.com/de/privacy
Request access to your data:
https://twitter.com/settings/your_twitter_data
10.3. XING (New Work SE)
Controller for data processing in Germany:
New Work SE, Am Strandkai 1, 20457 Hamburg, Germany
Privacy policy:
https://privacy.xing.com/de/datenschutzerklaerung
Data access requests for XING members:
https://www.xing.com/settings/privacy/data/disclosure
10.4. YouTube
Controller for data processing in Europe:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy policy:
https://policies.google.com/privacy
11. Plugins and Other Services
11.1. Linked In Lead Ads
We have integrated LinkedIn Lead Ads on this website. The service provider is LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
We use LinkedIn Lead Ads to specifically target LinkedIn users with information about our products and solutions and to facilitate contact requests. When you interact with our advertisements and complete the LinkedIn lead form, the data you provide (name, email address, and LinkedIn profile URL) is transmitted to us. These data are used exclusively to respond to your inquiry and, if applicable, to arrange an initial consultation.
These processing operations are carried out exclusively with your explicit consent pursuant to Art. 6(1)(a) GDPR. Your data will be deleted as soon as they are no longer necessary for the purpose for which they were collected or if you withdraw your consent. However, if the email contact is aimed at entering into a contract, the legal basis for processing additionally includes Art. 6(1)(b) GDPR.
The data will be deleted once they are no longer necessary for the purpose for which they were collected. This is the case when the conversation has concluded, and no further contact is desired. A conversation is deemed concluded when it can be inferred from the circumstances that the relevant matter has been definitively resolved.
As part of processing via LinkedIn, data may be transferred to the USA and Singapore. This US company is certified under the EU-US Data Privacy Framework. Therefore, an adequacy decision pursuant to Art. 45 GDPR exists, allowing the transfer of personal data without additional safeguards or measures. Furthermore, the security of the data transfer is regularly ensured through standard contractual clauses, which guarantee that the processing of personal data is subject to a security level compliant with the GDPR. If the standard contractual clauses do not provide an adequate level of security, your consent will be obtained pursuant to Art. 49(1)(a) GDPR.
For more details on LinkedIn’s privacy policy, please visit: https://de.linkedin.com/legal/privacy-policy.
12. Your Rights as a Data Subject
12.1. Right to Confirmation
You have the right to request confirmation from us as to whether we process personal data concerning you.
12.2. Right to Access (Art. 15 GDPR)
You have the right to obtain information about the personal data we store about you at any time, free of charge, and to receive a copy of this data in accordance with legal provisions.
12.3. Right to Rectification (Art. 16 GDPR)
You have the right to request the correction of incorrect personal data concerning you. You may also request the completion of incomplete personal data, considering the purposes of processing.
12.4. Right to Erasure (Art. 17 GDPR)
You have the right to request the immediate deletion of your personal data if one of the legally stipulated reasons applies and processing is not necessary.
12.5. Right to Restriction of Processing (Art. 18 GDPR)
You have the right to request the restriction of processing if a legally required condition is met.
12.6. Right to Data Portability (Art. 20 GDPR)
You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller without hindrance from us, provided that the processing is based on consent pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, or on a contract pursuant to Art. 6(1)(b) GDPR, and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
Furthermore, when exercising your right to data portability under Art. 20(1) GDPR, you have the right to request that the personal data be transmitted directly from one controller to another, where technically feasible, provided that this does not adversely affect the rights and freedoms of others.
12.7. Right to Object (Art. 21 GDPR)
You have the right, on grounds relating to your particular situation, to object at any time to the processing of your personal data that is based on Art. 6(1)(e) GDPR (processing in the public interest) or Art. 6(1)(f) GDPR (processing based on legitimate interests).
This also applies to profiling based on these provisions within the meaning of Art. 4(4) GDPR.
If you exercise your right to object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves the establishment, exercise, or defense of legal claims.
In some cases, we process personal data for direct marketing purposes. You have the right to object at any time to the processing of your personal data for such advertising purposes, including profiling, where it is related to direct marketing. If you object to processing for direct marketing, we will immediately cease processing your personal data for this purpose.
Additionally, you have the right, on grounds relating to your particular situation, to object to the processing of your personal data for scientific or historical research purposes or for statistical purposes pursuant to Art. 89(1) GDPR, unless such processing is necessary for the performance of a task carried out for reasons of public interest.
You are free to exercise your right to object in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures using technical specifications.
12.8. Right to Withdraw Consent to Data Processing
You have the right to revoke consent to the processing of personal data at any time with future effect.
12.9. Right to Lodge a Complaint with a Supervisory Authority
You have the right to lodge a complaint with a supervisory authority responsible for data protection regarding our processing of personal data.
13. Routine Deletion and Blocking of Personal Data
We process and store your personal data only for the period necessary to achieve the storage purpose or as required by the legal regulations applicable to our company.
If the storage purpose ceases to apply or a legally prescribed retention period expires, personal data will be routinely blocked or deleted in accordance with legal requirements.
14. Updates and Changes to This Privacy Policy
This privacy policy is currently valid as of February 2025.
Due to further development of our website and offerings or due to changes in legal or regulatory requirements, it may be necessary to modify this privacy policy. The latest version of the privacy policy can be accessed and printed at any time at "https://www.conweaver.com/de/data-privacy".
Information for Data Subjects on the Collection of Personal Data as Customers, Prospective Customers, Service Providers, or Suppliers (Art. 13 GDPR)
