Data Privacy

Data Protection Statement

Thank you for visiting the website of CPM GmbH and for your interest in our company and our products. The privacy of your data is important to us and we want you to feel at ease when viewing our website. Protecting your privacy in the processing of your personal data is an important concern to which we pay special attention in our business processes. We process personal data collected during visits to our website in accordance with the data protection rules of the country in which the controller or processor is based. The CPM GmbH website may contain links to websites of other providers not covered by this Data Protection Statement.

1.   Name and contact details of the controller or processor and of the company’s Data Protection Officer

This privacy policy applies to data processing by:

Controller pursuant to Article 4(7) of the EU General Data Protection Regulation (GDPR):

CPM GmbH, Gesellschaft für Projektmanagement, Mercedesstraße 3/1, 71063 Sindelfingen, Germany

The company’s data protection officer, Stefan Henschel, can be contacted at the above address or by email to datenschutz@cpm-sifi.de

2.   Collection and storage of personal data and nature and purpose of its use

a)    When you visit our website

When you visit our website, the browser used on your device automatically sends information to our website’s server. This information is temporarily stored in a log file. The following information is collected without your intervention and stored until automatically deleted:

  • IP address of the requesting computer;
  • Date and time of access;
  • Name and URL of the retrieved file;
  • Referrer URL;
  • Browser used and in some cases your computer’s operating system;
  • The name of your access provider.

We process the above data for the following purposes:

  • Ensuring unimpeded communication with the website;
  • Ensuring convenient use of our website;
  • Analysis of system security and stability;
  • Other administrative purposes.

The legal basis for the data processing is Article 6(1)(f) of the GDPR. Our legitimate interest follows from the above-listed purposes of data collection. In no circumstances do we use the collected data for the purpose of inferring your identity. We additionally use cookies and analysis services when you visit our website. For further information about these, please see under headings 4 and 5 of this privacy policy.

b)    When you use our contact form

For questions of any kind, we provide a form on the website for you to contact us. You need to provide a valid email address, forename and surname so that we know who the request is from and in order to respond. Further details can be provided voluntarily. The data is transmitted in encrypted form (see under heading 8). The legal basis for the data processing for the purpose of entering into contact with you is Article 6(1)(a) of the GDPR on the basis of your freely given consent. The personal data we collect for use of the contact form is automatically deleted once your request has been dealt with.

3.   Disclosure of data

We do not transfer your personal data to any third party other than for the purposes listed in the following. We only disclose your personal information to third parties if:

  • If you have given your express consent to it in accordance with Article 6(1)(a) of the GDPR;
  • Disclosure is necessary in accordance with Article 6(1)(f) of the GDPR for the establishment, exercise and defence of legal claims and there is no reason to assume that you have an overriding compelling interest in the non-disclosure of your data;
  • The disclosure is necessary in accordance with Article 6(1)(c) of the GDPR for compliance with a legal obligation;
  • It is lawful and is necessary in accordance with Article 6(1)(b) of the GDPR for the performance of a contract to which you are party.

4.   Cookies

We use cookies on our website. These are small files that your browser creates automatically and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not harm your device and do not contain viruses, Trojans or other malware. A cookie stores information that results in connection with the specific device used. However, this does not mean that we gain direct knowledge of your identity. Cookies are used to improve the website experience for you.

For example, we use session cookies to recognise that you have already visited individual pages on our website. These cookies are automatically deleted when you leave our website.

In addition, to improve usability, we also use temporary cookies that are stored on your device for various periods of time. If you return to our site to use our services again, these cookies make it possible to see that you have visited before and any inputs and settings you have made so you do not have to repeat them. We also use cookies to keep statistics on the use of our website and analyse them to improve our content (see heading 5).

The data processed by way of cookies is needed for the purposes stated in order to safeguard our legitimate interests and those of third parties in accordance with Article 6(1)(f) of the GDPR. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or so that you are always asked before a cookie is created. Please note that disabling cookies completely may mean that you cannot use all features of our website.

5.   Analysis tools

a)    Tracking tools:

We use the tracking tools listed in the following on the basis of Article 6(1)(f) of the GDPR. Our use of these tracking tools serves the purposes of needs-based design and ongoing improvement of our website. We also use the tracking tools to keep statistics on the use of our website and analyse them for the purpose of improving our content. These are to be considered as legitimate interests within the meaning of the aforementioned provision. Please see the tracking tools for the respective purposes of processing and categories of data.

b)    Adobe Typekit

This website uses Adobe Typekit web fonts. Typekit is a service provided by Adobe. The service provides fonts that are displayed in a user’s web browser after communicating with an Adobe server (in the USA). In this connection, Adobe stores, at minimum, the IP address of the browser on the website user’s device. For further information, please see the Typekit privacy policy, which is available here: https://www.adobe.com/privacy/policies/typekit.html
Â

c)     Google Maps

This site incorporates the Google Maps service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. This enables you to get directions to our offices. For this purpose, data is transmitted to the provider, Google LLC. In particular, this includes your IP addresses and the location data you provide. The data is only transferred with your consent, however, which you give by selecting the Start button. Data transmitted to Google LLC in this connection may be processed in the USA.

Google LLC’s privacy policy is available here: https://policies.google.com/privacy

6.   Your rights as a data subject

Your rights are as follows:

  • Right of access: You have the right (under Article 15 of the GDPR) to obtain access to the personal data concerning you that we process. In particular, you have the right to obtain information on the purposes of the processing, the category of personal data, the categories of recipients to whom the personal data has been or will be disclosed, the envisaged storage period, the existence of a right to rectification, erasure and restriction of processing and of a right to object, the source of your data if it is not collected from you, and the existence of any automated decision-making, including profiling, and meaningful information on the details of any such automated decision-making;
  • Right to rectification: You have the right (under Article 16 of the GDPR) to obtain rectification or completion of personal data stored with us;
  • Right to erasure: You have the right (under Article 17 of the GDPR) to obtain erasure of the personal data concerning you that is stored with us to the extent that the processing is not necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
  • Right to restriction of processing: You have the right (under Article 18 of the GDPR) to obtain restriction of the processing of your personal data to the extent that you contest the accuracy of the data, the processing is unlawful but you oppose its erasure and we no longer need the data, but you require it for the establishment, exercise or defence of legal claims or you have objected to the processing pursuant to Article 21 of the GDPR;
  • Right to data portability: You have the right (under Article 20 of the GDPR) to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format or to have the data transmitted to another controller;
  • Right to withdraw your consent: You have the right (under Article 7(3) of the GDPR) to withdraw the consent that you have given. This has the effect that we are then no longer allowed to continue the data processing based on that consent.
  • Right to lodge a complaint: You have the right (under Article 77 of the GDPR) to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority for your place of habitual residence or place of work or for our registered office.

7.   Right to object

To the extent that your personal data is processed on the basis of legitimate interests in accordance with Article 6(1)(f) of the GDPR, you have the right, under Article 21 of the GDPR, to object, on grounds relating to your particular situation, at any time to the processing of your personal data. In the case of direct marketing, you have a general right to object that we abide by without reference to any particular situation.

If you wish to exercise your right to withdraw consent or your right to object, it is sufficient to send an email to: datenschutz@cpm-sifi.de

8.   Data security

When you visit our website, we use the widespread secure socket layer (SSL) protocol in conjunction with the highest level of encryption supported by your browser. This is generally 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit SSL v3 encryption instead. You can tell if a specific page of our website is transferred in encrypted form by the closed key or padlock icon in your browser address bar. In all other respects, we use suitable technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or total loss, destruction or unauthorised access by third parties. Our security measures are continually improved in line with technological developments.

9.   Validity of and modifications to this Data Protection Statement

This Data Protection Statement is valid as of the present time and was last revised in May 2018. As a result of enhancements to our website and the services provided on it, or as a result of legal or official requirements, it may become necessary for this Data Protection Statement to be revised.

You can view and print out the most recent Data Protection Statement at any time on our website at http://cpm-sifi.de/