1. overview of data protection
The following information will provide you with an easy to navigate overview of what will happen with your personal data when you visit our website. The term “personal data” comprises all data that can be used to personally identify you. For detailed information about the subject matter of data protection, please consult our Data Protection Declaration, which we have included beneath this copy.
Data recording on our website
Who is the responsible party for the recording of data on this website (i.e. the “controller”)?
The data on this website is processed by the operator of the website, whose contact information is available under section “Information Required by Law” on this website.
How do we record your data?
We collect your data as a result of your sharing of your data with us. This may, for instance be information you enter into our contact form.
Our IT systems automatically record other data when you visit our website. This data comprises primarily technical information (e.g. web browser, operating system or time the site was accessed). This information is recorded automatically when you access our website.
What are the purposes we use your data for?
A portion of the information is generated to guarantee the error free provision of the website. Other data may be used to analyse your user patterns.
What rights do you have as far as your information is concerned?
You have the right to receive information about the source, recipients and purposes of your archived personal data at any time without having to pay a fee for such disclosures. You also have the right to demand that your data are rectified, blocked or eradicated. Please do not hesitate to contact us at any time under the address disclosed in section “Information Required by Law” on this website if you have questions about this or any other data protection related issues. You also have the right to log a complaint with the competent supervising agency.
Moreover, under certain circumstances, you have the right to demand the restriction of the processing of your personal data. For details, please consult the Data Protection Declaration under section “Right to Restriction of Data Processing.”
Analytics and third-party tools
You can object to this analysis. We will inform you below about how to exercise your options in this regard.
2. General information and mandatory information
The operators of this website and its pages take the protection of your personal data very seriously. Hence, we handle your personal data as confidential information and in compliance with the statutory data protection regulations and this Data Protection Declaration.
Whenever you use this website, a variety of personal information will be collected. Personal data comprises data that can be used to personally identify you. This Data Protection Declaration explains which data we collect as well as the purposes we use this data for. It also explains how, and for which purpose the information is collected.
We herewith advise you that the transmission of data via the Internet (i.e. through e-mail communications) may be prone to security gaps. It is not possible to completely protect data against third party access.
Information about the responsible party (referred to as the “controller” in the GDPR)
The party responsible for processing data on this website is:
b-next holding AG
Bielefelder Strasse 12
D-32051 Herford, Germany
Phone: +49 5221 99 280-0
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Revocation of your consent to the processing of data
A wide range of data processing transactions are possible only subject to your express consent. You can also revoke at any time any consent you have already given us. To do so, all you are required to do is sent us an informal notification via e-mail. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your revocation.
Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)
In the event that data are processed on the basis of Art. 6 Sect. 1 lit. e or f GDPR, you have the right to at any time object to the processing of your personal data based on grounds arising from your unique situation. This also applies to any profiling based on these provisions. To determine the legal basis, on which any processing of data is based, please consult this Data Protection Declaration. If you log an objection, we will no longer process your affected personal data, unless we are in a position to present compelling protection worthy grounds for the processing of your data, that outweigh your interests, rights and freedoms or if the purpose of the processing is the claiming, exercising or defence of legal entitlements (objection pursuant to Art. 21 Sect. 1 GDPR).
If your personal data is being processed in order to engage in direct advertising, you have the right to at any time object to the processing of your affected personal data for the purposes of such advertising. This also applies to profiling to the extent that it is affiliated with such direct advertising. If you object, your personal data will subsequently no longer be used for direct advertising purposes (objection pursuant to Art. 21 Sect. 2 GDPR).
Right to log a complaint with the competent supervisory agency
In the event of violations of the GDPR, data subjects are entitled to log a complaint with a supervisory agency, in particular in the member state where they usually maintain their domicile, place of work or at the place where the alleged violation occurred. The right to log a complaint is in effect regardless of any other administrative or court proceedings available as legal recourses.
Right to data portability
You have the right to demand that we hand over any data we automatically process on the basis of your consent or in order to fulfil a contract be handed over to you or a third party in a commonly used, machine readable format. If you should demand the direct transfer of the data to another controller, this will be done only if it is technically feasible.
SSL and/or TLS encryption
For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption programme. You can recognise an encrypted connection by checking whether the address line of the browser switches from “http://” to “https://” and also by the appearance of the lock icon in the browser line.
If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.
Information about, blockage, rectification and eradication of data
Within the scope of the applicable statutory provisions, you have the right to at any time demand information about your archived personal data, their source and recipients as well as the purpose of the processing of your data. You may also have a right to have your data rectified, blocked or eradicated. If you have questions about this subject matter or any other questions about personal data, please do not hesitate to contact us at any time at the address provided in section “Information Required by Law.”
Right to demand processing restrictions
You have the right to demand the imposition of restrictions as far as the processing of your personal data is concerned. To do so, you may contact us at any time at the address provided in section “Information Required by Law.” The right to demand restriction of processing applies in the following cases:
- In the event that you should dispute the correctness of your data archived by us, we will usually need some time to verify this claim. During the time that this investigation is ongoing, you have the right to demand that we restrict the processing of your personal data.
- If the processing of your personal data was/is conducted in an unlawful manner, you have the option to demand the restriction of the processing of your data in lieu of demanding the eradication of this data.
- If we do not need your personal data any longer and you need it to exercise, defend or claim legal entitlements, you have the right to demand the restriction of the processing of your personal data instead of its eradication.
- If you have raised an objection pursuant to Art. 21 Sect. 1 GDPR, your rights and our rights will have to be weighed against each other. As long as it has not been determined whose interests prevail, you have the right to demand a restriction of the processing of your personal data.
If you have restricted the processing of your personal data, these data – with the exception of their archiving – may be processed only subject to your consent or to claim, exercise or defend legal entitlements or to protect the rights of other natural persons or legal entities or for important public interest reasons cited by the European Union or a member state of the EU.
Rejection of unsolicited e-mails
We herewith object to the use of contact information published in conjunction with the mandatory information to be provided in section “Information Required by Law” to send us promotional and information material that we have not expressly requested. The operators of this website and its pages reserve the express right to take legal action in the event of the unsolicited sending of promotional information, for instance via SPAM messages.
3. Data protection officer
Statutory data protection officer
We have appointed a data protection officer for our company.
b-next engineering GmbH
Datenschutzbeauftragter / Data Protection Officer
Bielefelder Strasse 12
D-32051 Herford, Germany
Phone: +49 (0) 5221 99280-0
4. Data collection on our website
Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site. These cookies will be created on your device when you log in and move around the back-end of our website or when you navigate to the login form and try to log in. They e. g. save your display preferences in the back-end and thus help to ensure the best user experience.
Deleting or deactivating cookies (Opt-out)
Every browser lets you delete or deactivate cookies. Please refer to the following websites to learn how:
- Internet Explorer: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
- Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
- Google Chrome: https://support.google.com/chrome/answer/95647?hl=en-GB
- Safari: https://support.apple.com/en-gb/HT201265
When you contact us via the contact forms, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. The details you provide will automatically be transferred to our Salesforce customer relationship management software upon contact form submission via an encrypted connection; Salesforce is EU-US-Privacy Shield certified. Your contact details will only be used to get in touch with you. We do not share your data with any other party.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) GDPR. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
The security plugins in use on this website prevent spam robots, and hackers from overloading the website or gaining unauthorised entry. It is possible that on occasion your IP address and browser information may be logged and stored by this system. The legal basis for the processing of this information is our legitimate interest as defined in Art. 6 Sect. 1 lit. f GDPR.
Bad Behavior prevents spam and scrapers from overloading the website. There is a small chance that this plugin will log your IP address and browser information. This is stored in a log file and deleted after 7 days. There is no reason why this information should be processed or be personally identifiable to you.
Live chat services are provided and your personal data are stored by LiveChat, Inc. (One International Place Suite 1400 Boston, MA 02110-2619 United States of America). We are using this live chat service to be able to respond to your inquiries promptly and efficiently. The legal basis for the processing of your data is our legitimate interest as defined in Art. 6 Sect. 1 lit. f GDPR.
As a US-based provider, LiveChat, Inc. is Privacy Shield certified, which means that the company undertakes to comply with the EU data protection regulations. In addition, we have executed a contract data processing agreement with LiveChat, Inc. (Data Processing Agreement, DPA). This ensures that LiveChat, Inc. processes user data received only within the framework of the EU data protection standards and exclusively for the processing of inquiries and that they will not share these data with third parties.
In order to be able to use the live chat service you will be asked for your consent with processing your personal data. While using the live chat to communicate with us, the following user data will be collected and processed by LiveChat, Inc.:
- Email (if provided)
- Geolocation (City, region and country)
- IP address
- Chat transcript
Starting the live chat will also set cookies on your computer. Cookies are pieces of information sent by the server for the purpose of automatic identification of a particular user when using the live chat service on our website. Information stored in cookies will never be linked to any personal data you submit while you use our website.
If you do not want to agree to the processing of your inquiries, you have the alternative option to communicate with us via email, telephone or fax.
Server Log Files
The provider of this website and its pages automatically collects and stores information in so-called server log files, which your browser communicates to us automatically. The information comprises:
- The type and version of browser used
- The used operating system
- Referrer URL
- The hostname of the accessing computer
- The time of the server inquiry
- The IP address
This data is not merged with other data sources.
This data is recorded on the basis of Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in the technically error free depiction and the optimization of the operator’s website. In order to achieve this, server log files must be recorded.
5. Sharing content on social media
The content on our pages can be shared on other social networks like Facebook, Twitter, LinkedIn or XING. This page uses a tool that establishes direct contact between the networks and users only after users click on one of these buttons.
This tool does not automatically transfer user data to the operators of these platforms. If users are logged into one or more of the social networks, the share buttons for Facebook, Google+1, Twitter, etc. will display an information window in which the user can edit the text before it is sent.
Our users can share the content of this page on social networks without their providers creating profiles of users’ surfing behavior.
6. Analytics and advertising
Matomo (formerly Piwik)
This website uses the open source web analytics service Matomo. Matomo uses so-called “cookies”. These are text files that are stored on your computer and that allow an analysis of the use of the website by you. For this purpose, the information generated by the cookie about the use of this website is stored on our server. The IP address is anonymized before it is stored.
Matomo cookies remain on your device until you delete them.
The storage of Matomo cookies is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.
The information generated by the cookies about your use of this website will not be disclosed to third parties. You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website.
We ask for your consent before any Matomo cookies will be saved on your device. In case you allow us to track your usage of our website, technical Opt-in-cookies will be saved together with the Matomo tracking cookies. Opt-in is valid for 1 month.
If you would like to deny analysis, you have the option to do so at the very beginning of your session. In this case, a technical cookie will be created which tells us that you do not want to be tracked. If you would like to revoke your opt-in later, you can opt-out of tracking by using the following form. In this case, an opt-out cookie will be stored in your browser to prevent Matomo from storing your usage data. If you delete your cookies, this will mean that the opt-out cookie will also be deleted. You will then need to reactivate it when you return to our site if you wish your activity not to be tracked.
This website uses the statistics tool Webalizer. Webalizer collects and saves access and site usage data (e. g. opened URLs, number of page visits, etc.) This data is exclusively evaluated internally for statistical purposes. Your IP address or any other personal data will not be saved in these statistics.
The access and usage data are recorded in a log file on the webservers of our provider in Germany. We do not share these data with any other parties.
If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.
We will, therefore, process any data you enter onto the newsletter subscription form only with your consent per Art. 6 (1) (a) GDPR. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the “unsubscribe” link in the newsletter. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses from an incoming inquiry) remain unaffected.
We keep statistical records of views and click interactions with our newsletters. These statistics help us improve the contents of our newsletters. If you do not agree with providing this data, you have to unsubscribe from our newsletters completely by using the unsubscribe link at the bottom of every newsletter you received.
The collection and analysis of statistics and the recording of sign ups is based on our legitimate interest per Art. 6 (1) (a) GDPR. Our interest is a user friendly, secure newsletter system that serves our commercial interest and meets the user’s expectations.
8. Google Maps (with consent)
This website uses Google Maps, a mapping/location service, via an API. The provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
To warrant data protection on our website, you will find that Google Maps has been deactivated when you visit our website for the first time without giving consent to our cookie banner. A direct connection to Google’s servers will not be established until you have activated Google Maps autonomously at your end (i.e. given your consent pursuant to Art. 6 Sect. 1 lit. a GDPR). This will prevent the transfer of your data to Google during your first visit to our website.
Once you have activated the service, Google Maps will store your IP address. As a rule, it is subsequently transferred to a Google server in the United States, where it is stored. The provider of this website does not have any control over this data transfer once Google Maps has been activated.
For more information about the handling of user data, please consult the Data Privacy Declaration of Google under the following link: https://www.google.de/intl/de/policies/privacy/.
9. Our social media appearances
Data processing through social networks
We maintain publicly available profiles in social networks. The individual social networks we use can be found below.
Social networks such as Facebook, Google+ etc. can generally analyse your user behaviour comprehensively if you visit their website or a website with integrated social media content (e.g. like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail:
If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.
Using the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. This way you can see interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have logged in to.
Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) (a) GDPR).
Responsibility and assertion of rights
If you visit one of our social media sites (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g. Facebook).
Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.
The data collected directly from us via the social media presence will be deleted from our systems as soon as the purpose for their storage lapses, you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory provisions – in particular, retention periods – remain unaffected.
Individual social networks
We have a profile on Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s statement the collected data will also be transferred to the USA and to other third party countries.
We have signed an agreement with Facebook on shared responsibility for the processing of data (Controller Addendum). This agreement determines which data processing operations we or Facebook are responsible for when you visit our Facebook Fanpage. This agreement can be viewed at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
You can customise your advertising settings independently in your user account. Click on the following link and log in: https://www.facebook.com/settings?tab=ads.
We use the short message service Twitter. The provider is Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, United States. Twitter is certified under the EU-US Privacy Shield.
You can customise your Twitter privacy settings in your user account. Click on the following link and log in: https://twitter.com/personalization.
We have a LinkedIn profile. The provider is the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn is certified under the EU-US Privacy Shield. LinkedIn uses advertising cookies.
If you want to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
We have a business profile on Google and a YouTube channel. Provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland.
You can adjust your personal advertising preferences in your own Google account: https://adssettings.google.com/authenticated.