Privacy statement

Privacy statement www.lemarit.com

Thank you for your interest in our website. The protection of your personal data (hereinafter also referred to as “data”) is of great and very important concern to us. In the following we would therefore like to inform you in detail about which data is collected when you visit our website and how we use our offers there and how we process or use this data in the following. We would also like to inform you about the accompanying protective technical and organisational measures we have taken.

Please note that this Privacy Policy may be updated from time to time as a result of the implementation of new techniques and/or changes in the law. Of course, we will always take your interests into account in an appropriate manner when making any changes.

Please also refer to our separate Privacy Policy on registration data.
Click here to manage your privacy settings

A. General Information

1. Controller

Controller pursuant to Art. 4 (7) EU General Data Protection Regulation (“GDPR”) is

LEMARIT GmbH
Werkstraße 12
24955 Harrislee
Deutschland

It is represented by the Managing Director Martin Küchenthal.

You can also contact us through the email address info@lemarit.com.

2. Data Protection Officer

In case of questions or comments concerning this privacy statement, please contact our data protection officer:

Rechtsanwalt Thomas Rickert
c/o Rickert Rechtsanwaltsgesellschaft mbH
Colmantstr. 15
D-53113 Bonn
datenschutz@lemarit.com

3. Your rights

You may assert the following rights free of charge against any person responsible for the processing of your personal data:

  • Right to withdraw your consent.
  • Right of access: You may request access to your personal information that we process.
  • Right to object: You have the right to object to the processing of your personal data at any time for reasons relating to your special situation. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defence of legal claims. The collection of data for the provision of the website and the storage of the log files is absolutely necessary for the operation of the website.
  • Right to rectification: If the information concerning you is not (or is no longer) accurate, you may request a rectification. If your data is incomplete, you may request their completion.
  • Right to erasure: You can request the erasure of your personal data.
  • Right to restriction of processing: you have the right to request a restriction on the processing of your personal data.
  • Right to data portability: you have the right to receive or have a third party receive the data that we process automatically on the basis of your consent or in the performance of a contract. This right only applies to (electronically) data processing carried out by automated means whereat the processing is either based on your consent or on a contract pursuant and that you have us provided with the data yourself. Therefore, the right is not applicable to the log files collected via our website.

For the assertion of claims, please contact the controller or data protection officer (find contact details above). Should you wish to contact us by e-mail, please use an address used to access our system so that we can identify you.

You also have the right to lodge a complaint about the controller’s processing of your personal data with a supervisory authority responsible for data protection.

4. Legal Bases for Processing Your Data

In principle, we only process data when a legal basis is available. We specify the legal basis in the segments about data processing, but in general, we are permitted to process your personal data if one of the following conditions applies.

  • The data subject’s consent for the processing of personal data.
  • Processing personal data as a necessity for the fulfilment of a contract in return for payment or free of charge. This shall also apply to processing operations necessary for the implementation of pre-contractual measures.
  • The processing is necessary for the fulfilment of a legal obligation to which we are subject.
  • The processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights, and fundamental freedoms of the data subject do not outweigh the above-mentioned interests.

5. Retention Periods

The data processed by us will be erased or their processing will be restricted in compliance with the legal regulations. Unless expressly stated in the context of this Privacy Policy, we will erase data stored by us as soon as it is no longer required for their intended purpose. Data will only be retained beyond the time it is no longer needed for its intended purpose if this is necessary for other legally permissible purposes or if the data must be retained longer due to statutory retention obligations. In these cases, processing is restricted, i.e. blocked, and the data are not processed for other purposes. For example, a statutory retention obligation exists, due to documentation obligations under tax and corporate law.

Statutory retention obligations arise, for example, from Section 257 (1) HGB (6 years for commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting vouchers, etc.) and from Section 147 (1) AO (10 years for books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.).

6. Children

Our website is not intended for children under the age of 16.

7. Recipients of Data, Third-Country Transfers, Linked Third-Party Websites

We do use external service providers for the processing of your data and hereby want to inform you about the third parties and processors we transfer data to. We use various third-party services on our website. These have different purposes, which we will discuss in more detail in the individual descriptions. These services serve to make our website functional, secure, and visually appealing, as well as to optimise its content on an ongoing basis. In general, we transfer data to the following categories of recipients:

Postal providers, insurances, telecommunications provider, insurance broker and subject matter experts for assessing and regulating of claims, public authorities, provided a justified request, credit institutions and payment service providers, external accountant, auditors and legal counsel.

In the case of cross border transfer (transfer to a third-country or to an international organisation) we do inform you separately about the recipient, and the correspondent legal basis. However, in the case that your data is transferred outside of the European Union either to Controllers or Processors, the transfer is justified by the Standard Contractual Clauses according to the Annex of the Commission Decision EU/2021/914 or by other safeguards.

As far as processors are being used, they are bound by our instructions under data protection law. These service providers are our contractors and assist with processing of your personal data, for example, to provide this website. These contractors have been carefully selected and authorised and are regularly monitored. The authorisations are based on agreements for processing. The processors do not perform any independent processing for their own purposes.

Our website may contain links to third-party websites. If you follow a link to one of these websites, we point out to you that these offers have their own data protection policies and that we are not the controllers for the processing of your data on these websites. Please review each privacy policy before disclosing personal information to those controllers.

8. Data Security

We apply technical and organisational security measures to protect personal data that is collected, in particular against accidental or intentional manipulation, loss, destruction or against the attack of unauthorised persons. Our security measures are continuously improved in line with technological developments. To protect your data in transit we use encryption technologies (TLS).

9. Automated Decision Making

We do not use automated decision making, including profiling.

B. Collection and Processing of your Personal Data when using our Website

1. Technical Provison of the Website, Hosting

For the informational use of our website, you generally do not need to actively provide personal data. Each time you use the internet, your browser is transmitting certain information which we store in so-called log files, such as:

  • Date and time of retrieval of one of our web pages;
  • your IP address;
  • host name of the connecting device;
  • the website from which our website was accessed;
  • following websites that were accessed via our website;
  • the page visited on our website;
  • the transmitted amount of data and the access status (file transmission, file not found etc.);
  • your browser type and version used;
  • the operating system used.

The temporary storage of the data is necessary for the course of a website visit to enable delivery of the website. Further storage of the log files takes place in order to ensure the functionality of the website and the security of the information technology systems (especially to prevent abusive attacks, so-called DDoS attacks). Unless otherwise specified, your IP address will be shortened as soon as possible -after 7 days at the latest- so that it is no longer possible to identify you. The legal basis for the temporary storage is to provide you with our website for the fulfilment of a contract or to process operations necessary for the implementation of pre-contractual measures. The legal basis for further storage with a shortened IP address is our legitimate interest to protect our information technology systems. A personal evaluation of the data, in particular for marketing purposes, does not take place without prior consent.

To operate this website, we use a hosting provider to process meta and communication data of our website users, on our behalf and based on our legitimate interests in an efficient and secure provision of this website.

2. Customer Area (Login)

The use and registration of our customer area is reserved for our current customers. If you are interested in our products and services, you are welcome to contact us under the respective product descriptions. Our staff will tell you which data we need from you in order to grant you online access.

In order for you or your employees to use the customer area, it is then necessary for you to select your personal access data. The processing of the data requested via mandatory fields during registration or other data that is absolutely necessary to set up access is based on Article 6 (1) (b) GDPR. The processing of information provided voluntarily is based on Article 6 (1) (a), Article 7 GDPR. If you wish to delete your account, you can send us an email to the contact details above. Data that we are legally obliged to retain remains unaffected by the deletion.

3. Direct Marketing

We have a legitimate interest (direct marketing, recitals 46/47 GDPR) within the meaning of Article 6 (1) (f) GDPR in advertising to customers (persons with whom we have a business relationship) by e-mail or post. In particular, we may send you news about our company, information about events and invitations to evaluate our services and products.

You can object to receiving advertising at any time by sending an email to our data protection officer or by following the instructions at the end of a marketing email. If possible, please send your email from the same email address that you provided when registering so that we can more easily identify you.

4. Google reCAPTCHA

We use Google reCAPTCHA to prevent automatic programs/bots from using our contact form. This increases the security of our website and avoids SPAM. This is also our legitimate interest and fulfils our legal obligation.

The collected data is hardware and software information, e.g. device and application data as well as the results of security checks. This data is transmitted to Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The data will not be used for personalised advertising.

Further information can be found in Google’s privacy policy at https://policies.google.com/privacy.  Further documentation can be found at https://developers.google.com/recaptcha/ and at https://www.google.com/recaptcha/admin/create.

5. Contact, CRM

In case of contacting by email or telephone, your data is processed, depending on the content of the request, for purely informational inquiries based on your (assumed) consent pursuant to Art. 6 (1) Clause 1 lit. a) GDPR or pursuant to Art. 6 (1) Clause 1 lit. b) GDPR, insofar as contacting is connected to contractual performance obligations. In case of contacting through our form, we require only your company’s name, an email address, a name of a contact person and a telephone number in order to reply to you as soon as possible. Your information may be stored in a customer relationship management system (“CRM system”). This also includes the analysis of your user behavior on our website and serves to optimize our offers for you.

We will delete your contact inquiries from our active systems immediately after final processing, unless legal permissions or storage obligations permit or require further storage.

6. Social-Media

Unless otherwise stated, we process your data on the basis of our legitimate interests in order to improve content and to make it more convenient for you to use. The purposes described coincide with our legitimate interests. If cookies are used in connection with the embedding of social media content, this is done on the basis of your consent.

a. Links to Social-Media Profiles
Our website integrates links to our presences on different social media sites. This is done via a linked graphic of the respective site. This prevents an automatic transfer of data to the site. A transfer will only take place when you click the link ad, being forwarded to the respective site. The respective site will then collect information whereby the data might be processed in the USA.

The following social networks are integrated into our site by linked graphics:

Facebook
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, ein Tochterunternehmen der Meta Platfoms Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA.
Privacy Policy: https://www.facebook.com/policy.php

twitter
Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA
Privacy Policy: https://twitter.com/privacy

LinkedIn
LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Irland, ein Tochterunternehmen der LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085 USA.
Privacy Policy: https://www.linkedin.com/legal/privacy-policy

Xing
New Work SE, Dammtorstraße 30, 20354 Hamburg, Deutschland
Privacy Policy https://privacy.xing.com/en

b. YouTube
This website uses YouTube, a service of the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Holding Company: Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to embed videos.

The embedding improves our online presence by enabling us to provide you with information about our company and products in an easily accessible way.

By integrating the YouTube plugin, information about the use of this website including your IP-address is collected and send to a google server located in the United States. If you are logged into your YouTube or Google account, this data will be assigned to it. Otherwise, it will be assigned to a separate Ad-ID.

We use YouTube in its advanced privacy mode. According to YouTube, this means that data will only be transferred to YouTube servers when you start the video.

Insofar as Google Ireland Limited transfers personal data to the US parent company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, Google guarantees by means of standard contractual clauses to maintain the EU level of data protection.

The legal basis is your consent. Upon the first visit to our website, we ask for your consent. Consent may be withdrawn at any time. This can be done by using the consent manager or by deleting the cookies in your browser.

YouTube permanently stores cookies on your device. If you do not agree to this processing, you have the option of preventing the installation of cookies in the settings in your browser.

Further information about purpose and extent of processing and the storage time can be found at https://policies.google.com/privacy.

7. Applications

If you apply for a job with us, we will process your personal data in accordance with the information below. We process your application data in order to be able to assess whether you have the suitability, qualifications and professional performance for the position for which you are applying. For us, the legal requirements for the selection procedure result in particular from the German General Equal Treatment Act (Allgemeines Gleichbehandlungsgesetz). The legal basis for processing within the scope of the selection procedure for the establishment of an employee or trainee relationship is Art. 88, Article 6 (1) (b) GDPR in conjunction with Section 26 (1) BDSG.

If your application documents contain special categories of personal data, e.g. information on health, religious conviction or ethnic origin, we also base our processing on Art. 9 (2) (b), Art. 88 GDPR, Section 26 (3) BDSG due to our legal obligations as an employer and the associated protection of your fundamental rights.

In the application process, we will use all the information you provide to progress your application and to check whether we can offer you a job with us. In addition, we have to fulfil our legal obligations as an employer. The provision of the personal data is necessary for the lawfulness of the selection process to be carried out. Failure to include relevant personal data in the application documents may result in your not being considered for the vacant position.

We will only use your contact data to contact you and inform you about the progress of the application procedure. We will only use other information contained in the application documents to determine your suitability for the vacant position.

Your personal data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the event that an employment relationship, training relationship, internship or other employment relationship is established following the application process, the data will initially continue to be stored and transferred to the personnel file. Otherwise, the application procedure ends for you with the receipt of a negative reply. This also applies in the case of a unsolicited application.

In this case, your personal data will be deleted six months after the end of the application process, unless longer storage is necessary for the defence of legal claims. The defence or assertion of legal claims is also our legitimate interest within the meaning of Article 6 (1) (f) GDPR.

We will inform you separately about the storage period of your personal data in the event of the establishment of an employment relationship.

If, after your application has been unsuccessful, you wish us to include you in a subsequent selection procedure, we will store your application documents on the basis of consent, Article 6 (1) (a), Article 7 GDPR, Section 26 (2) BDSG. In this case, we will obtain your consent separately. Your application documents will then be kept until the next selection procedure and, as described in the case of the initial application, will be destroyed six months after receipt of the rejection, unless longer storage is necessary for the defence of legal claims.

C. Statistics, Web-Analytics, Advertising based on Tracking and Retargeting – Use of Cookies

In some cases, we or our partners use cookies or process your data in such a way that your consent is required. Cookies are small text files that can be stored on your device when you visit our website.  Tracking is possible using various technologies like the pixel technology or log file analysis. Consent is given via the so-called cookie banner, which must be actively clicked. Our cookie policy explains how you can disable individual functions to which you have consented. There you will find information on when cookies expire, how to delete cookies and how to withdraw your consent.

Unless otherwise stated, the processing described in this section is based on your consent. Learn more about how to withdraw your consent in our cookie policy. Our cookie policy is linked in the footer of our website.

1. Web-Analytics, Statistics

To determine which content from our website is most interesting for you we continuously measure the number of visitors and the most viewed content. Therefore, we process your personal data

  • to record the number of visitors of our websites,
  • to record the respective visiting times of our website visitors and
  • to record the sequence of visits to different websites and product sites to optimise our website.

a. Google Analytics
This website uses Google Analytics of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Holding Company: Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to analyse the usage of our web services. The collected data is used to optimise our website and our advertising effort.

Google Analytics is a web-analysing-service provided by Google. Google processed this data on our behalf and is contractually bound to implicate measures to ensure the integrity and confidentiality of the data.

Upon visiting our website, the following data is processed:

  • IP-address (in a shortened form. User cannot be directly identified)
  • Approximate location (country and city)
  • Technical information like browser, internet provider, device and screen resolution
  • User behaviour (accessed pages, clicks and scroll-behaviour)
  • Orders including the revenue of the ordered products
  • Origin of your visit (from which website or which advertisement our site was reached)
  • Session length and if the site was left without any interaction
  • Adding to favourites
  • Sharing of content (social media)

The legal basis is your consent. Upon the first visit to our website, we ask for your consent. Consent may be withdrawn at any time. This can be done by using the consent manager or by deleting the cookies in your browser. Another possibility is the browser addon provided by google, which deactivates Google Analytics. You can download it here: https://tools.google.com/dlpage/gaoptout?hl=dehttps://tools.google.com/dlpage/gaoptout?hl=de

Insofar as Google Ireland Limited transfers personal data to the US parent company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, Google guarantees by means of standard contractual clauses to maintain the EU level of data protection.

Google Analytics sets cookies in your browser for the duration of two years from your last visit. These cookies contain a randomly generated User-ID, with which you can be recognised upon your next visit. The recorded data is stored in combination with the randomly generated User-ID, which makes an analysis of pseudonymised user profiles possible. This data will be automatically deleted after 14 months. Other data is stored in aggregated form indefinitely.

b. Google Tag Manager
Together with Google Analytics we use the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Holding Company: Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The Tag Manager allows us to place and administrate small code elements called “tags” via an interface. The tool itself does not process any personal data itself. Google Tag Manager enables the activation of tags, which allows other services to collect data, but does not access the data itself.

Further information about the Google Tag Manager can be found here: https://www.google.com/intl/de/tagmanager/faq.html

c. Matomo
We use the open source software tool Matomo (formerly PIWIK) on our website to analyse the surfing behaviour of our users. Matomo does not collect session data without your consent. If sub-pages of our website are called up, the following data is stored:

  • the IP address of the user, shortened by the last two bytes (anonymised)
  • the sub-page called up and the time of the call-up
  • the page from which the user accessed our website (referrer)
  • which browser with which plug-ins, which operating system and which screen resolution are used
  • the time spent on the website
  • the pages visited from the sub-page accessed

The data collected with Matomo is stored on our own servers. It is not passed on to third parties.

Matomo uses cookies. These text files are stored on your computer and enable the use of the website to be analysed. For this purpose, the information on usage obtained by the cookie is transferred to our server and stored so that usage behaviour can be evaluated. We have no technical means of identifying you as a registered user. You remain anonymous as a user.

This information is used for the technical development of our products. This is done on the basis of your voluntarily given consent pursuant to Article 6 (1) (a), Article 7 GDPR. For more information on Matomo’s terms of use and data protection regulations, please visit: https://matomo.org/privacy/.

2. Advertising based on Tracking and Retargeting

We would like to show you – also on the websites of our advertising partners – only advertising that really interests you. Therefore, we use the technologies of so-called tracking and retargeting on our website for advertising that is tailored to your interests. Cookies are usually used for this purpose, but other technologies such as so-called “fingerprinting” are also used in some cases. The cookies temporarily stored for this purpose enable our retargeting partners to recognise visitors to our website under a pseudonym and to display only products that are likely to interest you. Fingerprinting recognizes your device based on your computer hardware, software, add-ons and browser settings.

Unless otherwise stated, the processing described in this section is based on your consent. Learn more about how to withdraw your consent in our cookie policy. There you will find information on when cookies expire and how to delete cookies.

Open consent manager

In detail, we use the data collected for statistical and advertising purposes

  • for targeted advertising, also via advertising networks in cooperation with partners,
  • to measure the success and billing of advertising measures between advertising partners and us,
  • to keep track of what ads you have already seen to prevent you from seeing the same one again and
  • to assess which parts of our website need to be optimised.

Unless otherwise stated, we use the following services as processors and contractually oblige them to process data only on our behalf.

a. Mautic
We use the open source marketing tool Mautic on our website, which is hosted on our server. We do not pass on data to third parties or processors. Mautic uses so-called cookies as well as tracking pixels. If individual pages of our website are called up, the following data is stored, in each case recording the time and approximate location (based on your IP address):

  • Your shortened IP address
  • Browser type/version, language setting, browser window resolution Screen resolution
  • The operating system used
  • Referrer URL (the website from which you came to our website)
  • Activity on our website including number of page views, length of stay and click paths
  • The frequency of visits to the website
  • Downloads of files made available on our website
  • Email openings and clicks on links from email advertising campaigns

Processing this data enables us to analyse how our website is used. The purpose of this is to better target and/or individualise our marketing activities (website design, email marketing, tracking pixels) to your interests. In addition, the tool helps us to better evaluate the success of individual marketing measures and to automate marketing measures based on the interests of our users.

The legal basis for the processing of user data is your consent, which can be revoked at any time, in accordance with Article 6 (1) (a), Article 7 GDPR. To revoke your consent, please use the settings banner at the end of this privacy policy. The data will be deleted as soon as it is no longer required for our recording purposes.

Your IP address in the user profile and in the associated database will be anonymised.

b. LinkedIn-Insights Tag
We use the LinkedIn Insights Tag, a service provided by LinkedIn Corporation, as a tool to analyse your behaviour on our website in order to provide you with interest-based and behavioural marketing. This includes measuring conversion to increase the effectiveness of our marketing activities. This is a service provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, https://www.linkedin.com. For more information, please visit https://www.linkedin.com/legal/privacy-policy.

The Insight Tag will collect and transmit the following information about you to LinkedIn: URL; referrer URL, IP address, device and browser data and a timestamp. In exceptional cases, profile data may be processed together with the above categories of data. This is the case if you are a member of LinkedIn. In this context, we would like to draw your attention to the settings options within your LinkedIn profile.

LinkedIn will provide us with an analysis of the use of our website in aggregated form so that we are able to improve our website and the content for our users. In addition, this data will be used to target ads on the LinkedIn platform.

We are joint controllers with LinkedIn Corp. for the collection and transfer of data to LinkedIn; however, any processing of data after transfer is the sole responsibility of LinkedIn.  The Insight Tag only collects and transfers data with your explicit consent in the cookie banner that is displayed to you when you access our website.

LinkedIn will encrypt your data, IP addresses will be truncated, and direct identifiers will be removed within seven days to make the data pseudonymous. The remaining pseudonymised data will then be deleted within 90 days.

The legal basis for this procedure is your consent, Article 6 (1) (a), Article 7 GDPR. You can find more information at https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

10/2022