Privacy policy.
General information
The protection is your personal data is very important to us. In order to ensure that all data processing procedures on our website and in our offers are transparent and comprehensible for you as a visitor and visitor to our website, we inform you in this privacy policy about the type, scope and purpose of the processing of your personal data on our website. The terms used are to be read in the sense of Art. 4 of the EU General Data Protection Regulation (hereinafter “GDPR”).
You can save or print the privacy policy by selecting either the “print” or “save page as” commands in your browser.
Actuality and amendment of this privacy policy
This privacy policy is currently valid and the last update was April 2021. Due to the further development of our website and offers or due to changed legal or regulatory requirements, it may become necessary to change this privacy policy. You can access and print out the current data privacy policy at any time from our website at www.eastsidefab.de/en/datenschutz.
Responsibility
Responsible for processing personal data on this website:
East Side Fab e.V.
Eschberger Weg 40
Gewerbepark Eschberger Weg | Halle 11
66121 Saarbrücken
Germany
Telephone: +49 681 8449170
E-mail: info@eastsidefab.de
Data protection enquiries
All requests concerning the processing of your personal data or the exercise of your rights mentioned below should be sent by e-mail, fax or post to the following address
East Side Fab e.V.
Eschberger Weg 40
Gewerbepark Eschberger Weg | Halle 11
66121 Saarbrücken
Germany
Telephone: +49 681 8449170
E-mail: info@eastsidefab.de
General information on procsesing personal data
Types of processed data
On our website, we collect and process inventory data (e.g. names, addresses), contact data (e.g. e-mail addresses, telephone numbers, fax numbers, postal address), usage data (e.g. websites visited, links clicked, interest in content, access times, access locations), content data (e.g. comments, text entries, photos, videos) and meta and communication data (e.g. device information, browser information, IP addresses).
Categories of data subjects
The data subjects affected by the processing of personal data are all visitors and visitors to our website.
Purpose of processing
We collect and process the personal data of visitors to our website in order to communicate with you and keep you informed (e.g.,contact and other enquiries, newsletters) and, if necessary, to perform statistics, reach measurement and analysis (e.g., with marketing and analysis tools) so that we can better design and optimize content and functions, to technically manage and optimise the website, and to close security gaps.
Legal grounds for processing personal data
We only process personal data if we are entitled to do so based on legal grounds. In the following, we will name these legal bases individually. Otherwise, we are always entitled to process personal data if the data subject has consented (see Art. 6(1) sentence 1(a), Art. 7 GDPR) or if we are obliged to fulfil contractual or pre-contractual obligations (see Art. 6(1) sentence 1(b) GDPR), if we have to fulfil legal obligations (see Art. 6(1) sentence 1(c) GDPR) or if we are safeguarding our legitimate interests (see Art. 6(1) sentence 1(f) GDPR).
Recipients of personal data
We sometimes transfer personal data to processors or other third parties (e.g. hosting agencies etc.) with whom we work. For this, we are entitled to process personal data if the data subject has consented (see Art. 6(1) sentence 1(a), Art. 7 GDPR) or if we are fulfilling contractual or pre-contractual obligations (see Art. 6(1) sentence 1(b) GDPR), if we have to fulfil a legal obligation (see Art. 6(1) sentence 1(c) GDPR) or if we are safeguarding our legitimate interests (see Art. 6(1) sentence 1(f) GDPR). We conclude a so-called order processing agreement with processors in accordance with Art. 28 GDPR or agree on the validity of the standard contractual clauses issued by the European Commission in accordance with Art. 46(2) (c) GDPR, according to which they also undertake to comply with data protection.
Integration of services and third-party content
On the basis of our legitimate interests, i.e. interest in the analysis, optimisation and economic operation of our website in accordance with Art. 6(1) sentence 1(f) GDPR, we use content or service offers from third party providers within our website in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”).
This always assumes that the third-party providers of this content are aware of the IP address of the visitor, as without the IP address they would not be able to send the content to their browser. The IP address is thereby required to display this content. We endeavour to only use content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the visitor’s device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online service, as well as being linked to such information from other sources.
Processing in third countries
If data is transmitted by us to a third country, such as because we have commissioned a service provider, we are entitled to process personal data if the data subject has consented (see Art. 6(1) sentence 1(a), Art. 7 GDPR) or if we are fulfilling contractual or pre-contractual obligations (see Art. 6(1) sentence 1(b) GDPR), if we have to fulfil a legal obligation (see Art. 6(1) sentence 1(c) GDPR) or if we are safeguarding our legitimate interests (see Art. 6(1) sentence 1(f) GDPR). A third country is any country outside the European Union (EU) or the European Economic Area (EEA). When transferring data to third countries, we ensure compliance with Art. 44 et seq. GDPR, to existing guarantees or findings by the EU on an adequate level of data protection in the third country, as well as to the conclusion of any necessary agreements, e.g. standard contractual clauses.
Encrypted transfer of your data
All personal data that you enter on our website and send to us are transmitted encrypted on our website according to the state of the art. Furthermore, we secure our website and associated IT systems through technical and organisational measures against loss, destruction, access, modification or distribution of your personal data by unauthorised persons.
Hosting
This website is hosted on the servers of HostPress GmbH, Bahnhofstraße 34, 66571 Eppelborn. The hosting services we use are for the provision of the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating this website. The legal basis for the use of hosting services is the protection of our legitimate interests in the analysis, optimisation and the economic and secure operation of our website (see Art. 6(1) sentence 1(f) GDPR).
In doing so, our hosting provider processes personal data. The data is stored for as long as there is a purpose for it. Thereafter, the data will be deleted unless this conflicts with statutory retention obligations.
Collection of access data and webserver logfiles
On the basis of our legitimate interests in the analysis, optimisation and economic operation of our website, we collect the following data pursuant to Art. 6(1) sentence 1(f) GDPR on every access to our website (so-called web server log files):
- IP address of the visitor
- Name of called website
- File, date and time of call
- Transferred data volume (Body Bytes Sent)
- Successful call report
- Browser type including version
- Htaccess visitors
- Domain name of requesting Internet service provider
- Called URL / sub-page
- Protocol (e.g. http 2.0)
- Status
- Referrer URL (previously visited website)
- User agent
- Operating system of the visitor
The data is used for statistical evaluations for the purpose of the operation, security and optimisation of the website. The data is retained for security reasons (e.g. for the clarification of cases of fraud/abuse) within the framework of legal regulations. If longer retention is required for evidential purposes, the data will not be deleted until the matter has been finally resolved.
Deletion / blocking of personal data
We only store your personal data for as long as is necessary to achieve the purposes stated here. In addition, we only store your data if this is required by statutory retention obligations (e.g. 6 years in accordance with § 257(1) HGB and 10 years in accordance with § 147(1) AO for commercial and business letters, invoices, offers, etc.). After the respective purpose has ceased to exist or these periods have expired, the data is blocked or deleted in accordance with the statutory provisions pursuant to Art. 17, 18 GDPR.
Your rights as a data subject
You have the right to receive information and a copy of your personal data stored by us free of charge at any time (see Art. 15 GDPR).
You have the right to correct or complete any incorrect data stored about you (see Art. 16 GDPR).
You also have the right to restrict the processing of your data (see Art. 18 GDPR) and the right to have your data deleted (see Art. 17 GDPR). Deletion of your data is not possible insofar as we are obliged to continue to store the data for the purpose of processing the contract or due to other statutory retention obligations. Instead of deleting your data, we will block it.
You also have the right to request that your data stored with us be transferred to another company or transferred by us (see Art. 20 GDPR).
You also have the right to object to the future processing of your data (see Art. 21 GDPR).
You also have the right to revoke any consent you have given for future processing (see Art. 7(3) GDPR).
To exercise the aforementioned rights, please contact the contact person for data protection enquiries named above.
In addition, you can lodge a complaint with the responsible data protection supervisory authority (see Art. 77 GDPR):
Independent Data Protection Centre Saarland
Fritz-Dobisch-Straße 12, 66111 Saarbrücken
Tel.: 0681 947810
Fax: 0681 / 94781 29
E-mail: poststelle@datenschutz.saarland.de
Use of cookies
Furthermore, cookies are stored on your computer when you use our website. Cookies are small text files that enable specific, device-related information to be stored on the visitor’s access device (PC, smartphone). They are used to make websites more user-friendly (e.g. storage of login data), to collect statistical data on website use and for analysis in order to improve the website. Cookies cannot run programs or transfer viruses to your computer.
This website uses transient (temporary) persistent (permanent) cookies.
Transient cookies are automatically deleted when you close the browser or logout. These particularly include session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognised when you return to our website.
Persistent cookies are automatically deleted after a set period of time, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
Both types of cookies can come from us (then “first-party cookies”) or from third parties (“third-party cookies”).
Necessary cookies are required due to our legitimate interest in the operation and presentation of our website in accordance with Art. 6(1) sentence 1(f) GDPR. The visitor can consent to the data processing of non-essential cookies, for example for analysis or marketing purposes, via the cookie banner, so that the data processing takes place on the basis of Art. 6 para. 1 sentence 1 lit. a DSGVO. An overview of the cookies used can be found in the cookie banner.
Deactivation of cookies
You can generally object to the use of cookies that serve reach measurement and advertising purposes via the deactivation page of the network advertising initiative (http://optout.networkadvertising.org/) and also the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).
You can prevent the storage of all or only certain cookies by setting your browser accordingly in the security settings. Cookies that have already been saved can be deleted in the browser. In these cases, however, the use of the website may be restricted. These options apply to all the cookies mentioned below that we use on this website.
Google Ads and Conversion Tracking
This website uses Google Ads, a service provided by Google Ireland, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). The legal basis for the data processing is the consent obtained by means of the cookie banner (see Art. 6(1) sentence 1(a) GDPR). A possible data transfer to the USA is based on the standard data protection clauses used by Google within the meaning of Art. 46(2) (c) GDPR.
Google Ads is an online advertising program that we use to place ads in search engines. We also use Conversion Tracking within the scope of this program. Google Conversion Tracking is a Google analysis service. When you click on an ad placed by Google, a cookie for conversion tracking is placed on your computer. These cookies lose their validity after 30 days, do not contain any personal data and are therefore not used to personally identify individuals.
If you visit certain web pages on our website and the cookie has not yet expired, Google and we can recognise that you have clicked on our ad and have been redirected to our website. Each Google Ads customer receives a different cookie. Therefore, there is no possibility that cookies can be tracked through Ads clients’ websites.
The information obtained using the conversion cookie is processed to create conversion statistics for Ads customers. This tells us the total number of visitors who clicked on our ad and were redirected to a page tagged with a conversion tracking tag. However, we do not receive any information that could personally identify visitors.
Details on Conversion-Tracking by Google can be found at https://support.google.com/google-ads/answer/1722022.
More information on Google’s data protection policy is available at: https://policies.google.com/technologies/ads, https://policies.google.com/privacy or https://adssettings.google.com/.
You can view Google’s privacy policy at: https://policies.google.com/privacy?hl=de.
Contact/contact form
When you contact us by e-mail, fax, telephone or post or by using our contact form, the data you provide (e.g. e-mail address, name, telephone number, address) will be processed by us in order to answer your enquiries or send you information material. We are authorised to do so in accordance with Art. 6(1) sentence 1(b) GDPR. Visitor data may also be stored in a customer relationship management system (“CRM system”) or comparable databases.
We delete all data after storage is no longer required or restrict processing if there are legal retention obligations.
Newsletter
We offer a newsletter on our website in which we regularly provide information about our offers and services. We collect and process personal data for sending the newsletter, which is used exclusively for this purpose. By subscribing to our newsletter, you agree to the data processing.
Subscribers may also be informed by e-mail of circumstances relevant to the service or registration (e.g. changes to the newsletter service or technical reasons).
To register for the newsletter, simply enter your e-mail address (mandatory field). Optionally, you can also enter your name to receive a personalised newsletter.
In order to verify that a registration has actually been made by the owner of the registered e-mail address, we use the “double opt-in” procedure. For this purpose, you will receive a confirmation e-mail from us after sending your e-mail address, in which you must confirm your registration for the newsletter by clicking on a link. Only after this confirmation are you saved in the newsletter distribution list. As proof for us, we log the registration for the newsletter, the sending of the confirmation e-mail and the receipt of the requested confirmation. The time of registration and confirmation and your IP address are stored. Likewise, changes to your data stored with the shipping service provider are logged.
Further data is not collected. All data collected is processed exclusively for the purpose of sending the newsletter.
The data is stored for the period of the subscription to our newsletter and deleted after unsubscribing from the newsletter, unless legal retention obligations require longer storage. In addition, we may retain the data for a maximum of three years after unsubscribing from the newsletter for the purpose of proving that consent has been given. Prior deletion is possible upon request, provided that you also confirm the existence of a former consent at the same time. These processes are also logged.
The legal basis for sending the newsletter is your consent in accordance with Art. 6(1) sentence 1(a), Art. 7 GDPR in conjunction with § 107(2) TKG or on the basis of the legal permission in accordance with § 107(2) (3) TKG. The legal basis for logging the above-mentioned data is the protection of our legitimate interests in the analysis, optimisation and economic operation of our website in accordance with Art. 6(1) sentence 1(f) GDPR.
For sending the newsletter, we use Sendinblue, a service of Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, on the basis of our legitimate interest pursuant to Art. 6(1) sentence 1(f) GDPR. The Sendinblue privacy policy can be found at https://de.sendinblue.com/legal/privacypolicy/.
Cancellation of newsletter registration
You can revoke your consent to the storage of your personal data and to the use for the newsletter dispatch at any time for the future. There is a corresponding unsubscribe link in every newsletter. You can also unsubscribe directly on this website at any time or inform us of your wish to do so using the contact option above.
Collaborates member area
You can register on our website to gain access to the “Collaborates” platform. The legal basis for the personal data collected in this process is the fulfilment of pre-contractual or contractual measures in accordance with Art. 6(1) sentence 1(b) GDPR. The data is stored for the purpose of contract processing and for warranty and guarantee claims. In addition, the data will be stored for a longer period of time, if necessary, for the purpose of complying with other legal provisions. The legal basis for this is the fulfilment of legal obligations pursuant to Art. 6(1) sentence 1(c) GDPR.
You can delete your account at any time. You are responsible for backing up the data contained there before deleting the account.
After deletion of the account, we are nevertheless authorised to continue to store contractual documents for the fulfilment of legal obligations pursuant to Art. 6(1) sentence 1(c) GDPR. The data is then blocked.
Open Space
On our website it is possible to make enquiries about renting premises in presence or virtually. The legal basis for the personal data collected in this process is the fulfilment of pre-contractual or contractual measures in accordance with Art. 6(1) sentence 1(b) GDPR. The data is stored for the purpose of contract processing and for warranty and guarantee claims. In addition, the data will be stored for a longer period of time, if necessary, for the purpose of complying with other legal provisions. The legal basis for this is the fulfilment of legal obligations pursuant to Art. 6(1) sentence 1(c) GDPR.
Events
On our website, interested parties can register for events using a form. The legal basis for the personal data collected in this process is the fulfilment of pre-contractual or contractual measures in accordance with Art. 6(1) sentence 1(b) GDPR. The data is stored for the purpose of contract processing and for warranty and guarantee claims. In addition, the data will be stored for a longer period of time, if necessary, for the purpose of complying with other legal provisions. The legal basis for this is the fulfilment of legal obligations pursuant to Art. 6(1) sentence 1(c) GDPR.
Online events and video conference tools
It is possible to participate in meetings or events with us online using video conferencing tools (e.g. via video or audio conference) (online events). For this purpose, we will send you a link that you can use to access the virtual event room.
The following data are processed within the framework of online events:
- Profile data: Username, password*, e-mail address, profile picture*, phone number
- Dial-in data: Time, date of entering/leaving the online event, duration of the online event, IP address, device/hardware information
- Content data*: Posts and reactions in chats, uploaded documents, votes, contents of your screen when using the “Share screen” function
- Usage, diagnostic and telemetry data: Information on participation in surveys on the quality of the online event, information in the event of support for problem handling
The above data will be used to conduct the online event. Without the processing of this data, participation in online events is not possible. The legal basis for the processing of profile, dial-in and content data is Art. 6(1) sentence 1(b) GDPR (contract performance or implementation of pre-contractual measures). The data marked with * is not processed automatically, but only in the event that you voluntarily use the respective function.
Video or audio recordings are only made if all participants in an online event have given their consent in accordance with Art. 6(1) sentence 1(a) GDPR.
For the implementation of online events, we use service providers who provide the technical environment in which the online event takes place. We have concluded an order processing contract with these service providers in accordance with Art. 28(3) GDPR. If the service providers transfer personal data to a third country, the adequacy of the level of protection is guaranteed by concluding so-called standard data protection clauses pursuant to Art. 46(2) (c) GDPR.
The technical service providers also collect usage, diagnostic and telemetry data to ensure and improve the quality and security of the online event. The legal basis for the processing of this data is Art. 6(1) sentence 1(f) GDPR is the legitimate interest in providing an error-free and secure online event.
The data provided above will be stored for as long as it is required for the implementation of the online event and the related services.
Should technical service providers further process the personal data collected for their own purposes, the service providers act as their own data controllers. The privacy policies of the technical service providers are authoritative in this respect.
In detail, we use the following service providers, whose privacy policies can be found under the following links:
- Microsoft Teams, a service of Microsoft Ireland Operations Ltd., South County Business Park, One Microsoft Place, Carmanhall and Leopardstown, Dublin, D18 P521, Ireland;
Data privacy: https://docs.microsoft.com/de-de/microsoftteams/teams-privacy
- Zoom, a service of Zoom Video Communications, Inc., 55 Almaden Blvd 6th Floor, San Jose, CA 95113, United States of America;
Data protection: https://zoom.us/de-de/privacy.html?_ga=2.130711887.1525281649.1628696597-1724247855.1628696597
- Cisco Webex, ein Dienst der Cisco Systems, Inc., 70 West Tasman Dr. San Jose, CA 95134, United States of America;
Data protection: https://www.cisco.com/c/de_de/about/legal/privacy-full.html
Google Fonts
This website uses script libraries and font libraries with fonts from the provider Google Ireland, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, (“Google Fonts”, https://www.google.com/webfonts/), to present the website content with appealing graphics. The legal basis for data processing within the scope of this application is the protection of our legitimate interests in the analysis, optimisation and the economic and secure operation of our website (see Art. 6(1) sentence 1(f) GDPR).
Within the scope of this application, the browser of the visitor who visits our website makes an automatic call to the Google server, which is usually located in the USA. The data transfer is based on the standard contractual clauses used by Google within the meaning of Art. 46(2) (c) GDPR.
The Google Fonts are then transferred to the browser’s memory (cache) in order to be able to use them for the display. If the browser does not support Google Fonts or access, the text on our website will be displayed in a standard font.
Furthermore, the following additional data is collected and stored when the Google server is called up: Name of the browser used, version of the browser, website from which the request was initiated, operating system of the visitor, screen resolution of the visitor, IP address of the visitor, language settings of the browser or operating system used by the visitor.
This data, which is transmitted to Google in connection with the page view, is sent to resource-specific domains such as fonts.googleapis.com or fonts.gstatic.com. Cookies are not stored on your devices. The data stored by Google will not be associated with data that may be collected or used in connection with the parallel use of other Google services such as Gmail.
You can set your browser so that the fonts are not loaded from Google servers (e.g. by installing add-ons such as NoScript (www.noscript.net) or Ghostery for the Firefox browser (https://addons.mozilla.org/de/firefox/addon/ghostery/).
Otherwise, you can also set your advertising settings regarding Google applications here: https://adssettings.google.com/authenticated.
More about the Google Fonts library can be found here: https://fonts.google.com/about or https://developers.google.com/fonts/faq#Privacy.
The privacy policy of the library operator Google can be found here: http://www.google.com/intl/de-DE/privacy/ or https://policies.google.com/privacy/update?hl=de
Google Analytics
This website uses Google Analytics, a web analysis service provided by Google Ireland, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). The legal basis for the data processing is the consent obtained by means of the cookie banner (see Art. 6(1) sentence 1(a) GDPR). A possible data transfer to the USA is based on the standard data protection clauses used by Google within the meaning of Art. 46(2) (c) GDPR.
We only use Google Analytics with IP anonymisation activated, i.e. IP addresses are only processed in abbreviated form in order to exclude direct personal references. For this purpose, your IP address will be shortened by Google within the member states of the EU or the EEA. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there.
Google Analytics stores cookies on your computer to collect and analyse data about your use of our website. This data will be transferred to a Google server in the USA and saved there.
Google processes the collected data on our behalf in order to evaluate your use of our website, to compile reports on your activities on our website and to provide us with other services related to the use of the website and the internet. Subsequently, the stored data of the visitors is saved or anonymised.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
Furthermore, you can object to the collection of the data generated by the cookie and related to your use of the website (incl. your IP address) by Google as well as to the processing of this data by Google for the future by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
Alternatively (or when using the website via a mobile browser), you can prevent the processing of your data by Google Analytics by clicking on the following link (Google Analytics deaktivieren). By clicking on the link, an opt-out cookie is placed on your computer. If you delete cookies on your device, you must click the link again.
More information on Google’s data protection policy is available at: https://policies.google.com/technologies/ads, https://policies.google.com/privacy or https://adssettings.google.com/.
You can view Google’s privacy policy at: https://policies.google.com/privacy?hl=de.
Social Media
We maintain online presences within social networks and platforms on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6(1) sentence 1(f) GDPR) in order to be able to communicate with the customers, interested parties and visitors active there and to inform them about our services there. The links may refer to our online presences or represent interaction elements or content (e.g. videos, graphics or text contributions) and can be recognised by the corresponding logos. When calling up the respective networks and platforms, the terms and conditions and data processing policies of their respective operators apply. We therefore have no influence on the scope of the data collected by the social network and therefore inform visitors according to our level of knowledge.
Only when a visitor calls up a function of this online offer and is redirected to the website of the social network, does his or her device establish a direct connection with the servers of the social network. In doing so, usage profiles of the visitors can be created from the processed data. If the visitor is logged in to a social network, the network can assign the visit to his or her account. If a visitor is not a member of the social network, there is still the possibility that it will find out and store his or her IP address.
The purpose and scope of the data collection and the further processing and use of the data by the social network as well as the related rights and setting options for protecting the privacy of the visitors can be found in the data protection information below.
We maintain online presence on the following social media channels:
- Facebook, operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, https://www.facebook.com/about/privacy/
- Instagram, operated by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, http://instagram.com/about/legal/privacy/
- LinkedIn, operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, https://www.linkedin.com/legal/privacy-policy
- Twitter, operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, https://twitter.com/de/privacy
- YouTube, operated by Google Ireland, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, https://www.google.de/intl/de/policies/privacy/