OSTHUS GROUP Data Privacy
Data protection on our website
In the following we will inform you about the type, scope and purpose of the collection and use of personal data on our website. The content is based on the EU Data Protection Regulation (DS-GVO), as the data protection provisions of the German Telemedia Act (TMG) will no longer apply from 25 May 2018.
We at OSTHUS GROUP pay great attention to the protection of your personal data. We therefore treat your data with confidence and respect the privacy of our visitors and customers.
If you wish to use our services, e.g. use the contact form, it may be necessary to provide personal data. In this case we assure you that we only process this information for the purpose for which it was given to us.
All employees will be bound to confidentiality and compliance with the provisions of the Federal Data Protection Act and, with effect from 26 May 2018, the European Data Protection Regulations (DSGVO).
Our employees regularly take part in IT security and data protection training courses to further raise their awareness.
Exclusion of warranty
The contents of the OSTHUS GROUP website have been carefully checked and are based on the current status. However, we reserve the right to process and update the data and information posted at any time and without prior notice.
Despite constant revision of the website, no liability or guarantee can be assumed for the up-to-dateness, correctness and completeness of the information provided. The documents and graphics provided on the website may contain inaccuracies and typographical errors. OSTHUS GROUP therefore reserves the right to correct and update documents and graphics at any time and without prior notice.
Links to other websites
The OSTHUS GROUP website contains links to other websites. We have no influence on whether the operators of other websites comply with data protection regulations.
As a provider, OSTHUS GROUP is responsible for its own content in accordance with general laws. Links to contents provided by other providers are to be distinguished from these own contents. OSTHUS GROUP accepts no responsibility for external content that is provided for use via links and that is specially marked and does not adopt its content as its own. For illegal, erroneous or incomplete contents as well as for damages arising from the use or non-use of the information, only the provider of the website to which reference is made is liable.
Unless mandatory legal regulations or other express agreements to the contrary exist, OSTHUS GROUP accepts no liability for any direct, indirect damage, consequential damage or other damage resulting from the use of this or a linked website.
When you visit our website, the following data is collected and used for the purpose of delivering websites:
- IP address (The collection of the IP address is necessary so that the web server can send you the desired data.)
- The port through which you request the data (this information is automatically sent by your browser. Via this port you will get the desired website.
- The requested data (Which file do you request? In which subdirectory is it located?)
- The referring website (some browsers also send the URL of the previously used website each time they are called up.)
- Name of the browser you are using to surf the Internet (this information is automatically sent by your browser. We may use this information to improve the visual presentation of the content. Your browser may also send other information, e.g. about installed programs)
- The status of the request (Here we can see whether the desired website exists and could be successfully delivered to you.)#
- Date and time (We can make a temporal assignment and use this to locate technical problems, for example.
- Miscellaneous: For the sake of completeness, your browser may send additional data to our web server (browser name, screen resolution, etc.). Naturally, we have no influence on this.
The data described above is only stored in the web server’s memory for fractions of a second. This process is technically absolutely necessary to make a website available, therefore we have a „legitimate interest“ within the meaning of Article 6 (1f) DS-GMO. The web server is located at a European provider.
Due to the nature of the Internet, this data is inevitably processed on a large number of servers until your request arrives on our web server; therefore, collection and use is also possible in „third countries“ (e.g. the USA). Our company has no influence on this process.
The above data is additionally stored in the form of log files for a limited time in order to analyze possible technical problems (or hacker attacks). We keep these log files for 4 weeks and only view these information if there are problems or attacks. These log files are important in order to prove the criminal behavior to the prosecution authorities; in this respect, we have a „legitimate interest“ in the sense of Article 6 (1f) DS-GMO.
Cookies are small text files that are stored on your hard drive by your browser. This is useful for various purposes to adapt a website to the users. OSTHUS GROUP only uses its own cookies with a short runtime (so-called „session cookies“).
These cookies are not critical under data protection law and are used to navigate on our own website. The legal basis is our „legitimate interest“ within the meaning of Article 6 (1f) DS-GMO. These cookies are deleted as soon as you close your browser. In detail, these are:
Both cookies are used to correctly deliver the content of the website to you via the content management system.
You can send us a message quickly and conveniently using the contact form.
The relevant data collection is justified by our „legitimate interest“ within the meaning of Article 6 (1f) DS-GMO, because a smooth contact is beneficial to our business purposes. If a contractual relationship should arise from the contact form, the (pre-) contractual fulfilment of tasks within the meaning of Article 6 (1b) DS-GMO would also have to be mentioned as a legal basis.
The input of your data into the contact form is SSL-encrypted and is therefore confidential. The data of the contact form will be forwarded confidentially to the e-mail server within the OSTHUS GROUP network. In this respect, confidentiality is guaranteed.
After the e-mail with the contact form data has been sent, no more data remains on the web server.
Integration of Google Maps
We offer you a convenient way to plan your journey to our company. For this we link to Google Maps. As soon as you access this site, your IP address is sent to Google. This is a US company, so data is sent outside Europe (Google participates in the EU-US PrivacyShield). If you enter your own data on this map (e.g. your own place of residence), this data will also be transmitted.
Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google will use this information on our behalf to evaluate the use of our online services by users, to compile reports on activities within this online service and to provide us with other services related to the use of this online service and the Internet. Pseudonymous user profiles can be created from the processed data.
We use Google Analytics only with activated IP anonymization. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.
Further information on the use of data by Google, setting and objection options can be found in Google’s data protection declaration (https://policies.google.com/technologies/ads) and in the settings for the display of advertising by Google (https://adssettings.google.com/authenticated).
The personal data of the users will be deleted or anonymized after 14 months.
Disclosure of data to third parties
In the following cases, it may be necessary to pass on your data in compliance with strict contractual and legal requirements:
- To external service providers for data processing: If service providers come into contact with personal data of our customers, this takes place within the scope of a so-called order processing. OSTHUS GROUP remains responsible for the protection of your data even in this case. The service provider works exclusively in accordance with our instructions, which we ensure through strict contractual regulations, technical and organisational measures and supplementary controls.
- Due to legal obligation: In certain cases we are legally obliged to transmit data to a requesting state authority. We will not pass on any further data to third parties unless you have given your express consent.
Rights of the parties concerned
You have the right to be informed about your personal data processed by us, its origin and recipient as well as the purpose of storage and also to have your data deleted and passed on to third parties.
You can revoke your consent to the use of your personal data at any time. We would like to point out that we also in this case remain entitled to process the personal data if this is necessary for the purposes of fulfilling a contract concluded with you. The same applies if you have given your consent to the processing of your data to third parties and we process your data as agreed on behalf of this third party, as well as if the processing is required by law or is required by a court or an authority.
Of course, you have numerous personal rights which we would like to fulfill:
- Information: We fulfill our obligation to provide information in this data protection declaration.
- Correction: You may request a correction of incorrect data.
- Deletion: You can request the deletion of your data if the numerous exceptions to the DS GMO do not apply.
- Limitation of processing: You may request that your data no longer be actively used (e.g. if you doubt the accuracy of the data).
- The right to object to our „legitimate interests: If in your individual case there are overriding interests that outweigh our operational interests, you can object to the processing. In many cases this can be done via an „opt-out“.
- Data transferability: If you actively provide data and the legal basis of the processing is (a) your consent or (b) our contractual relationship, you may request that we provide this data to you in electronic form.
If you wish to make use of your rights as a data subject, please contact our data protection officer by e-mail or post using the contact details given in the imprint.
Contacting us about data protection
You are welcome to contact us for data protection questions.
Do you have general questions or concerns about data protection? Then send us an e-mail to info [äät] osthus.com. Your e-mail will be forwarded to special employees in our company. (Please replace the“[äät]“ with „@“.) This way we can support you quickly and unbureaucratically. Alternatively, you can also contact us using the contact details shown in the imprint.
Your right of complaint in data protection matters
If you believe that OSTHUS GROUP does not process your personal data in accordance with the requirements described herein or with the data protection laws applicable in the EEA, you have the right of appeal to the responsible data protection supervisory authority pursuant to Article 77 DS-GMO.
You can file a complaint at any time with the data protection authority of the state of NRW or the EEA member state in which you are domiciled. The contact details of the Data Protection Authority of the State of North Rhine-Westphalia are as follows: LDI NRW, Cavalleriestr. 2-4, 40213 Düsseldorf, GERMANY, Tel. 0049-211-38424-0, www.ldi.nrw.de
German law applies exclusively to the use of the website.
Contents, design and structure are the property of OSTHUS GROUP GmbH and protected by copyright. Duplication or use of texts, parts of texts, pictures or logos requires the prior consent of OSTHUS GROUP GmbH.