Privacy Policy
of Daubert Cromwell
for the website https://daubertcromwell.com

  1. General Information

This privacy policy informs you how we process your personal data when you contact us and when you visit our website https://daubertcromwell.com and any of its pages. Personal data is any information that identifies a natural person or makes that person identifiable. This can mean a name but also an IP address. The term “processing” includes the collection, storage and other use of personal data.

We care about your privacy. Therefore we take extreme care to keep your data confidential and to process it in compliance with legal requirements, including without limitation the EU General Data Protection Regulation (GDPR) that takes effect on May 25, 2018, and in accordance with this privacy policy.

  1. Data Controller

Daubert Cromwell GmbH
– represented by General Manager Martin Simpson –

Hasenbergsteige 14
71078 Stuttgart
Germany

Tel.: +49 (0)89 4522036-0
Fax.: +49 (0)89-4522036-15

Data Protection Officer
Our data protection officer can be reached at the address above or by email at Datenschutzbeauftragter@daubertcromwell.eu.

  1. Purpose and legal basis for data processing

When you contact us or visit our website, your data is being processed at various points, in some instances personal data is collected automatically (e.g. when you open our website), other times you actively provide your data to establish contact with us (e.g. by completing a contact form or providing a business card). What follows is a description of the various data categories and the purpose and legal basis for processing that data. Further down in this privacy policy you will find information regarding your rights as a data subject (right to information, rectification, erasure, restriction of processing, objection to processing, data portability and complaint to a regulatory authority).  Your Rights

In general, when you visit our website:

When you visit our website, the provider automatically collects, stores and transmits to us so-called Server Log Files. They contain the following information: your IP address, the browser type and version, operating system used, referrer URL (the page from which you accessed our site), host name of the accessing computer, date and time of server request, amount of data transferred and the requesting provider (access details).

The purpose of the above mentioned processing of data is to ensure optimal usability of our website, uninterrupted operation of the site and to improve management of the website.

The legal basis for processing the data as described above is Article 6(1)(1)(f) of the GDPR. Based on our assessment of interests, the grounds for data processing are our overriding legitimate interests in an accurate and timely presentation of our offerings. We do not merge that data with other data sources.

On principle, your access data is stored only in anonymized form.

In terms of processing of data, a provider with whom we have a data processing agreement provides services to us for hosting and displaying our website. This is to safeguard our previously assessed overriding legitimate interests in the accurate and timely presentation of our offerings. All data collected during the use of our website is processed on the servers of the provider. This service provider is based in a country outside of the European Union which has not received an adequacy decision by the European Union. Therefore the service agreement is based on standard contract clauses issued by the European Commission.

Our website uses so-called cookies. Cookies are small text files which your browser stores on your computer. They do not contain malware, viruses or Trojans. Cookies enhance the ease-of-use and functionality of the websites users visit. They may contain information about the screen resolution, or to the extent it is permitted by law, recognize the user at the next visit of the website. This means for example that preferences do not have to be set every time the website is accessed.

As a visitor of our website you can monitor and control the use of cookies by customizing the respective cookie settings in your preferred browser. You can either allow or block cookies by default or for specific sites or be notified each time you access a site so you can decide on a case by case basis whether to allow or block cookies before they are stored on your system. If you block cookies, certain features of the website might not work at all or might only have limited functionality. The use of cookies is based on Article 6(1)(f) of the GDPR. Our legitimate interest as the website operator lies in the optimized and uninterrupted provision of services to our users.

Our website also uses cookies of third-party providers (e.g. Google Analytics). Further down in this privacy policy, you will find more detailed information regarding this service. Analytics and Advertising Tools

When you contact us:

When you contact us through our contact form or by email, e.g. to request information or place an order, when you apply for a job with us, when you exchange business cards with one of our employees, when you send us an email, from which personal data can be inferred, or when you transfer personal data to us through other means, we store the personal data we obtain from you in order to process your request, to fulfill contractual obligations, to complete pre-contractual measures, to exchange information with you, to complete a job application process or to mail you interesting offers and information regarding our products.

Required fields are marked accordingly. What data we collect is evident from the respective contact form.

The lawful basis for data processing is Article 6(1)(b) and (f) of the GDPR. Any processing or sharing of data beyond initial data collection arising from your contact with us only occurs following your consent in accordance with Article 6(1)(a) of the GDPR. You can withdraw your initial consent at any time with effect on processing of data in the future by sending an email request to the data protection officer at the address provided above. This does not affect the lawfulness of the data processed up to that point in time.

Erasure of stored data happens either automatically as soon as the purpose for processing has ended and there is no further reason for retaining said data, or when you withdraw your consent for storing your data or request that we erase it, for example by writing an email to the data protection officer at the address listed above, or when erasure is not prohibited by any regulations to the contrary, e.g. statutory record retention provisions to comply with commercial or tax-based requirements.

Additional note regarding “Authorized User Registration”

To use additional features, you have the option to register on our website as a distributor. By selecting this option, you will be prompted to enter your user data and a password to set up a user account. The personal data collected during the course of registration helps us to set up login and usage of our website according to your registration and to facilitate orders, receipt of information and contact with us.

Any processing of personal data collected during the registration process occurs based on your consent in accordance with Article 6(1)(a) of the GDPR. Any consent is valid until withdrawn. You can withdraw your initial consent for future processing of your data at any time by sending an email request to the data protection officer at the address provided above. This does not affect the lawfulness of the data processed up to that point in time.

When you give your consent to receiving our newsletter and current offers:

When you register for our newsletters and receipt of current offers, we store the personal data submitted by you and use it to regularly send you information regarding our products, service offerings, projects, and publications as well as product portfolio information by email or postal mail. The legal basis for this is your consent in accordance with Article 6(1)(a) of the GDPR. We need the data we collect in the course of your registration to email you information that we believe to be of interest to you as our existing customer or prospect.

Right to Withdraw Consent

You can opt out of our newsletter and current offerings at any time with effect for the future. The legal basis is Article 7(3) of the GDPR. Please find the relevant note and unsubscribe link at the end of our email. Or simply send us an email with “Unsubscribe from Newsletter” in the subject line, addressed to the data protection officer at the address listed above.

Any consent is valid until withdrawn. After receiving your withdrawal of consent, we erase your personal data, provided you did not expressly consent to any further use of your data or there is other legal reason for storing your data (e.g. fulfillment of an agreement or legitimate interest other than sending our newsletter).

Opt-ins to our newsletter and current offerings will be logged as evidence in compliance with legal requirements. This includes the time of consent, the IP address used to opt-in, the personal data submitted by you and the contents of the privacy policy we brought to your attention.

We engage the services of a provider to process data to send out our newsletter. To that end, we share your email address with said service provider. We have a data processing agreement in place with the provider. The provider is based in a country outside the European Union and an adequate level of data protection is guaranteed by its participation in the EU-U.S. Privacy Shield.

  1. Social Media Plugins

The following processing of data in connection with social media plugins is based on our previously assessed overriding legitimate interests in an optimal presentation of our offerings in accordance with Article 6(1)(f) of the GDPR.

Facebook

Our website uses functionalities of the social network Facebook. The provider of those functionalities is Facebook Inc., 1 Hacker Way, Menlo Park, California 94024, USA. (“Facebook”). Those functionalities access Facebook servers located in the United States of America. Thus Facebook receives information that our website was accessed from your IP address. If you have a Facebook account and you are logged into your account when you click the Facebook button on our website, Facebook can match your visit on our website to your account.

Please note that we as the provider of this website have no knowledge whether and what kind of information Facebook collects and uses. You can read the relevant information in the data privacy policy of the provider at the following link: https://de-de.facebook.com/policy.php. By participating in the EU-U.S. Privacy Shield, Facebook ensures an adequate level of data protection.

Twitter

Our website uses functionalities of the microblogging service Twitter. The provider of this functionality is Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. (“Twitter”). Those functionalities access Twitter servers located in the United States of America. Thus Twitter receives information that our website was accessed from your IP address. If you have a Twitter account and you are logged into your account when you click the Twitter button on our website, Twitter can match your visit on our website to your account.

Please note that we as the provider of this website have no knowledge whether and what kind of information Twitter collects and uses. You can read the relevant information in the data privacy policy of the provider at the following link: https://twitter.com/privacy. You can customize the data privacy settings of your Twitter account at the following link: https://twitter.com/account/settings.

LinkedIn

Our website uses functionalities of the professional social network LinkedIn. The provider of the functionality is the LinkedIn Corporation, 1000 W. Maude Ave., Sunnyvale, California 94085, USA. (“LinkedIn”). Those functionalities access LinkedIn servers located in the United States of America. Thus LinkedIn receives information that our website was accessed from your IP address. If you have a LinkedIn account and you are logged into your account when you click the LinkedIn button on our website, LinkedIn can match your visit on our website to your account.

Please note that we as the provider of this website have no knowledge whether and what kind of information LinkedIn collects and uses. You can read the relevant information in the data privacy policy of the provider. Please follow the link: https://www.linkedin.com/legal/privacy-policy. By participating in the EU-U.S. Privacy Shield, LinkedIn ensures an adequate level of data protection.

  1. Analysis and Advertisement Tools

The following processing of data in connection with analysis and advertisement tools – provided we do not refer to separate legal grounds – is based on our previously assessed overriding legitimate interests in sound analysis of user behavior during visits to our website in order to optimize our website and our respective advertisements. The legal basis for this type of processing is Article 6(1)(f) of the GDPR.

Google Analytics

Our website uses functionalities of the web analytics tool Google Analytics. The provider is Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. (“Google”). Those functionalities access Google servers located in the United States of America. By participating in the EU-U.S. Privacy Shield, Google ensures an adequate level of data protection. To effectively implement the rigorous European requirements for data privacy, we have entered into a data processing agreement with Google.

Google Analytics uses cookies, i.e. small text files which your browser stores on your computer. Cookies enhance the ease-of-use and functionality of the websites users visit. When processed with Google Analytics, IP addresses are anonymized. Which means that as a rule they are shortened before and in certain extraordinary circumstances immediately after transmission outside of the EU or the EEA. This anonymized data helps to analyze the use of this website and to provide additional services through this website. The data is not merged with other data held by Google.

As a visitor to our website you can monitor and control the use of cookies by customizing the respective cookie settings in your preferred browser. You can either allow or block cookies by default or for specific sites or be notified each time you access a site so you can decide on a case by case basis whether to allow or block cookies before they are stored on your system. If you block cookies, certain features of the website might not work at all or might only have limited functionality.

In addition, you can block the storage of cookies used by Google and the processing of personal data by Google Analytics by installing a special browser add-on from Google which you can download from: https://tools.google.com/dlpage/gaoptout?hl=de .

In addition to your browser settings, you have the option to object to the use of cookies for online marketing purposes by the participating providers. You can do so on the following pages:
http://www.aboutads.info/choices/
http://www.youronlinechoices.com/

You will find detailed information on the functionality of Google Analytics in the security and data privacy policies of the provider at the following link: https://support.google.com/analytics/answer/6004245?hl=de.

On this website, Google Analytics uses the feature “demographic characteristics”. The report helps to infer age, gender or interests of the website users from visit data to third-party providers or from interest-based targeted Google display ads. However, the identity of an individual user cannot be inferred from that data. You can also deactivate this feature just like the other features of Google Analytics as described above.

Google AdSense

Our website uses functionalities of the service Google AdSense to place ads on the website. The provider is Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. (“Google”). Those functionalities access Google servers located in the United States of America. By participating in the EU-U.S. Privacy Shield, Google ensures an adequate level of data protection. To effectively implement the rigorous European requirements for data privacy, we have entered into a data processing agreement with Google.

Google AdSense uses cookies, i.e. small text files which your browser stores on your computer. In addition, Google AdSense uses so-called Web Beacons. Those are small transparent graphic images that are placed on the website to monitor website traffic. The data collected in connection with the use of this website and the ads displayed on it as well as the respective IP address are transmitted to Google servers located in the U.S. and may be shared by Google with contracting parties. However, the IP address is not merged with other data held by Google.

You can deactivate the Google AdSense functionalities described here by following the steps mentioned above in the section about Google Analytics.

Google Analytics Remarketing

Our website uses functionalities of the service Google Analytics Remarketing to place ads on the website. The provider is Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. (“Google”). Those functionalities access Google servers located in the United States of America. By participating in the EU-U.S. Privacy Shield, Google ensures an adequate level of data protection. To effectively implement the rigorous European requirements for data privacy, we have entered into a data processing agreement with Google.

The purpose of this functionality is to link the data collected by the services Google Analytics, Google AdWords and Google DoubleClick for device-independent display of interest-based and personalized advertising to the relevant target audiences. Provided you have given Google your consent for this feature, Google links your use and surf behavior from your various devices to your google account. In addition, Google temporarily links internal user IDs with data from this feature to create target groups for advertisements across devices. You can deactivate the device-independent display of personalized ads in your Google account at the following link: https://www.google.com/settings/ads/onweb/.

The legal basis for linking the data collected in your Google account is your consent which can be withdrawn at any time with effect in the future in accordance with Article 6(1)(a) of the GDPR. If you did not give Google your consent or you do not have a Google account or are not logged in, Google will place the so-called remarketing cookie which enables interest-based advertisements through a pseudonymized cookie identifier and based on the websites you visited. The legal basis for this measure is Article 6(1)(f) of the GDPR. As the website owner, our legitimate interest in anonymized analysis of the user behavior of our visitors is the optimization of related advertisements.

You can find detailed information in Google’s data privacy policy at https://policies.google.com/technologies/ads.

Google AdWords

Our website uses functionalities of the service Google AdWords for conversion tracking. The provider is Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. (“Google”). Those functionalities access Google servers located in the United States of America. By participating in the EU-U.S. Privacy Shield, Google ensures an adequate level of data protection. To effectively implement the rigorous European requirements for data privacy, we have entered into a data processing agreement with Google.

When a user clicks on an ad displayed by Google, the browser will place a cookie on the computer. This small text file is deleted automatically after a specific time period set by Google. Within this time period, the cookie helps Google and the website owner to track how many users clicked on an advertisement and were subsequently redirected to the respective page. Users cannot be personally identified or tracked by those cookies.

You can deactivate the Google AdWords conversion tracking functionality described above by following the steps mentioned above regarding opting out of cookies in the section about Google Analytics. You can find detailed information about this functionality in Google’s data privacy policy at the following address: https://www.google.de/policies/privacy/.

  1. Other Plugins

The following processing of data in connection with other plugins is based on our previously assessed overriding legitimate interests in the optimal presentation of our offerings in accordance with Article 6(1)(f) of the GDPR.

Google Web Fonts

Our website uses Google Web Fonts. The provider is Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). By participating in the EU-U.S. Privacy Shield, Google ensures an adequate level of data protection. To effectively implement the rigorous European requirements for data privacy, we have entered into a data processing agreement with Google.

The purpose is to give our website a uniform appearance. To achieve this, the respective fonts are loaded from Google servers into the cache of your web browser. Thus Google receives information that our website was accessed from your IP address. If the use of Google Web Fonts is blocked, your computer will load standard fonts instead. This can change the appearance of the website. You can access Google’s latest privacy policy here: https://policies.google.com/privacy. You can find additional information about Google Web Fonts at the following address: https://developers.google.com/fonts/faq.

7. Your Rights

When it comes to processing of your personal data, you have extensive rights. Please find an overview below: For any questions about exercising your rights you can contact the above-listed address of the data controller at any time.

Request for Information

In accordance with Article 15 of the GDPR, you can request information from us about whether we process any of your personal data. Without limitation, you can request information about the purpose of processing, the categories of personal data, the categories of recipients to whom your data has been or will be disclosed, the specific duration of storage, the existence of the right to request rectification, erasure, restriction of or objection to processing, the existence of the right to lodge a complaint, the origin of the data, provided it was not collected by us, as well as about the existence of automated decision making including profiling and, at least in those cases, meaningful information about the logic involved.

Rectification

In accordance with Article 16 of the GDPR, you can request immediate rectification of inaccurate or completion of missing personal data we hold about you.

Erasure

In accordance with Article 17 of the GDPR, you can request immediate erasure of the personal data we hold about you. We are obligated to erase said data if the personal data is no longer needed for the purposes for which it was initially processed, if there is no legal basis for processing, if you have objected to processing and there are no legitimate interests for processing, if the personal data has been processed unlawfully or if erasure is required to comply with legal obligations.

Restriction

In accordance with Article 18 of the GDPR, you shall request restriction of processing of your personal data if you have contested the accuracy of the data, processing was unlawful but you opposed erasure and we do no longer need the data, but you need it to establish, exercise or defend legal claims, or you have entered an objection to processing in accordance with Article 21 of the GDPR.

Data Portability

In accordance with Article 20 of the GDPR, you have the right to request receipt of your personal data you provided to us and that was automatically processed by us based on your consent or to fulfill our contractual obligations, in a structured, commonly used and machine-readable format and to request transmission to another controller.

Withdrawal of Consent

In accordance with Article 7(3) of the GDPR, you can withdraw the consent you originally gave us at any time. Following withdrawal, we are prohibited from future processing of your data which you had originally consented to.

Objection

In accordance with Article 21 of the GDPR, you have the right to object at any time on grounds relating to your particular situation to processing of your personal data which is based on 6(1)(e) or (f), including profiling based on those provisions. After your objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims. If an objection relates to processing of personal data for direct marketing purposes, the data will no longer be processed for those purposes.

 

Right to file a complaint with a supervisory authority

In accordance with Article 77 of the GDPR, every data subject has the right to file a complaint with a supervisory authority, if the data subject believes that the processing of his/her personal data violates any legal provisions. The competent authority is the authority at your place of residence or at the place of the alleged infringement.

 

  1. Data Security

For security reasons, our website uses the encryption protocol TLS, previously also known as SSL for data transfer. A secure (encrypted) connection has a closed padlock in the address bar of the browser and is prefixed by https://daubertcromwell.com/. Encryption protects transmitted data from unauthorized view by third parties.

We apply proper technological and organizational security measures to protect your data from accidental or willful manipulation, partial or full loss, destruction or access by unauthorized third parties. Our security measures are continuously updated to reflect the latest technological advancements. Nevertheless, we want you to be aware that, despite diligent security measures, the transmission of data online can be compromised by security vulnerabilities, and that it is virtually impossible to fully safeguard personal data from unauthorized access by a third party.

  1. Transfer of Data

Your personal data will only be transferred by us if you have given us your consent, if required to process your request, to fulfill a contract or to fulfill pre-contractual measures, or due to our overriding legitimate interests based on our previous assessment of interests (e.g. to use a data processor) or if we are required to do so by law. The legal basis for data processing is Article 6(1)(a)(b)(c) and (f) of the GDPR. Provided you have given your consent and if responding to your request requires it, e.g. because you submitted an inquiry with an international aspect, we will transmit your personal data to our representatives abroad. Those representatives with whom we have entered into a data processing agreement may be based in a country outside the European Union which has not received an adequacy decision by the European Union. In that case, collaboration is based on standard contract clauses issued by the European Commission.

  1. Third-Party Websites

Our website may contain links to and from third-party websites. When you follow a link to one of those websites, please be aware that we do not assume responsibility or warranty for external content or data privacy terms. Please take notice of the data privacy policy of the respective website before transmitting personal data.

  1. Status and Amendment of this Privacy Policy

This privacy policy is currently in effect and is as amended in May 2018. Due to enhancements to our website and offerings displayed on the website, or due to amendments to legal or regulatory requirements, it may become necessary to update this privacy policy with effect in the future. The privacy policy as amended can be accessed and printed at any time by going to https://daubertcromwell.com/privacy. Please visit the website regularly and inform yourself about the most up-to-date privacy policy.