Privacy Policy

Privacy policy

We, Elsner Elektronik GmbH, are pleased about your interest in our internet presence and would like to make your stay on our homepage as pleasant as possible. The protection of your privacy is very important to us. Below we therefore inform you about the handling of your personal data and the corresponding rights.

1. Nature and scope of data processing

You can visit our website without providing any personal information. We only store your personal data in our contact form. In addition, we collect the transmitted IP address when you call up our website. The IP address can be a personal data, because under certain circumstances it is possible to find out the identity of the owner of the internet access used. The IP address is evaluated by us in the event of attacks on our Internet infrastructure or other misuse of our website. We have a legitimate interest in this within the meaning of Art. 6 (1) f) GDPR. This results from the need to ward off an attack on the Internet infrastructure, to determine the origin of the attack and to initiate criminal and civil proceedings against the person responsible, as well as to effectively prevent further attacks and to operate the Internet presence without disruptions. If it can be ruled out that such an attack has occurred, the IP address will be deleted. This happens after seven days.

2. Data processing for handling your enquiries

We offer you the opportunity to contact us by e-mail or via the forms provided on our website. We only collect the personal data that you voluntarily provide when contacting us. In the event that you use one of the stored contact forms, this data includes

  • your first and last name, 
  • your e-mail address,
  • your telephone number,
  • subject and the content of the message sent to us. 

We use this data exclusively for processing and answering your enquiry, i.e. in particular for contacting you. When you contact us via the contact form on our homepage, we always obtain your consent that we may use the data you have provided to answer your enquiry and forward it to the relevant contact person. This means that your data is processed on the basis of your express consent in accordance with Art. 6 (1a) GDPR. If the purpose of contacting you is to fulfil or prepare a contract, the legal basis is Art. 6 (1b) GDPR, unless special categories of personal data are involved. Your data will be deleted, taking into account any existing statutory retention periods, as soon as your enquiry has been completely dealt with.

3. SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. 
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties. 

4. Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • browser type and browser version
  • operating system used
  • referrer URL
  • host name of the accessing computer
  • time of the server request
  • IP address

This data is not merged with other data sources. 
The basis for the data processing is Art. 6 para. 1 lit. f GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. 

5. Cookies

Like almost every modern web presence, we use cookies to make the website more comfortable to use. A cookie is a usually short info text that stores technical information about your visit to our website in your browser so that certain functions can be made available (such as a language setting or a shopping cart). You can switch off the use of cookies in your browser. This may result in limited functionality.

6. Local Google Fonts

On our website, we use Google Fonts from Google Inc. Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for the European region. We have integrated the Google Fonts locally, i.e. on our web server - not on Google's servers. This means that there is no connection to Google servers and therefore no data transfer or storage.

What are Google Fonts? - Google Fonts used to be called Google Web Fonts. This is an interactive directory of over 800 fonts that Google provides free of charge. With Google Fonts, you could use fonts without uploading them to your own server. However, in order to prevent any transfer of information to Google servers in this regard, we have downloaded the fonts to our server. In this way, we act in accordance with data protection and do not send any data to Google Fonts.

7. Social-Media

Facebook

On this website, the controller has integrated components of the enterprise Facebook. Facebook is a social network.

A social network is a social meeting place operated on the Internet, an online community that generally enables users to communicate with each other and interact in virtual space. A social network can serve as a platform for the exchange of opinions and experiences or enable the Internet community to provide personal or company-related information. Among other things, Facebook allows users of the social network to create private profiles, upload photos and network via friend requests.

The operating company of Facebook is Facebook, Inc, 1 Hacker Way, Menlo Park, CA 94025, USA. If a data subject lives outside the USA or Canada, the controller for the processing of personal data is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

With each call-up to one of the individual pages of this Internet site, which is operated by the controller and on which a Facebook component (Facebook plug-in) was integrated, the Internet browser on the information technology system of the data subject is automatically prompted to download a display of the corresponding Facebook component from Facebook through the Facebook component. A complete overview of all Facebook plug-ins can be accessed at https://developers.facebook.com/docs/plugins. During the course of this technical procedure, Facebook is made aware of what specific sub-page of our website was visited by the data subject.

If the data subject is logged in to Facebook at the same time, Facebook recognizes which specific subpage of our website the data subject is visiting each time the data subject accesses our website and for the entire duration of the respective stay on our website. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the data subject. If the data subject clicks on one of the Facebook buttons integrated on our website, for example the "Like" button, or if the data subject makes a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.

Facebook always receives information via the Facebook component that the data subject has visited our website if the data subject is logged in to Facebook at the same time as accessing our website; this takes place regardless of whether the data subject clicks on the Facebook component or not. If the data subject does not want this information to be transmitted to Facebook, they can prevent the transmission by logging out of their Facebook account before accessing our website.

The data policy published by Facebook, which is available at https://de-de.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0, provides information about the collection, processing and use of personal data by Facebook. It also explains what settings options Facebook offers to protect the privacy of the data subject. In addition, various applications are available that make it possible to suppress the transmission of data to Facebook, such as the Facebook blocker from the provider Mozilla, which can be obtained at https://addons.mozilla.org/de/firefox/addon/fb_ad_block/. Such applications can be used by the data subject to suppress data transmission to Facebook.

Instagram

We use the technical platform and services of Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA for the information service offered.
We would like to point out that you use this Instagram page and its functions at your own risk. This applies in particular to the use of interactive functions (e.g. commenting or rating).
When you visit our Instagram page, Instagram collects, among other things, your IP address and other information that is stored on your PC in the form of cookies. This information is used to provide us, as the operator of the Instagram pages, with statistical information about the use of the Instagram page.
The data collected about you in this context is processed by Instagram Inc. and may be transferred to countries outside the European Union. What information Instagram receives and how it is used is described by Instagram in general terms in its privacy policy. There you will also find information on how to contact Instagram and on the settings options for advertisements. The privacy policy is available at the following link: https://help.instagram.com/519522125107875

How Instagram uses the data from visits to Instagram pages for its own purposes, to what extent activities on the Instagram page are assigned to individual users, how long Instagram stores this data and whether data from a visit to the Instagram page is passed on to third parties is not conclusively and clearly stated by Instagram and is not known to us.
When you access an Instagram page, the IP address assigned to your end device is transmitted to Instagram. According to Instagram, this IP address is anonymized (for "German" IP addresses) and deleted after 90 days. Instagram also stores information about the end devices of its users (for example, as part of the "login notification" function); Instagram may thus be able to assign IP addresses to individual users.
If you are currently logged in to Instagram as a user, a cookie with your Instagram ID is stored on your device. This enables Instagram to track that you have visited this page and how you have used it. This also applies to all other Instagram pages. Instagram buttons integrated into websites enable Instagram to record your visits to these websites and assign them to your Instagram profile. This data can be used to offer content or advertising tailored to you.

If you want to avoid this, you should log out of Instagram or deactivate the "stay logged in" function, delete the cookies on your device and close and restart your browser. In this way, Instagram information that can be used to directly identify you will be deleted. This allows you to use our Instagram page without revealing your Instagram ID. If you access interactive functions on the page (like, comment, message and others), an Instagram login screen will appear. After logging in, you will once again be recognizable to Instagram as a specific user.
Information on how you can manage or delete existing information about you can be found in the following Instagram help section.
As the provider of the information service, we do not collect or process any other data from your use of our service. You can find the current version of this privacy policy under "Data policy" on the respective Instagram page.

Youtube

Our website uses plugins from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.
When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited.
If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
The use of YouTube is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Further information on the handling of user data can be found in YouTube's privacy policy at: https://www.google.de/intl/de/policies/privacy.

LinkedIn

Our website also uses the "share function" of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. If you click on the LinkedIn "Share button" (plug-in), you will be redirected to your user account in a separate browser window - provided you are logged into your LinkedIn user account - and can share the electronic publication stored on our website by adding a comment. The plug-in establishes a direct connection between your browser and the LinkedIn server. LinkedIn receives the information that you have visited our website with your IP address. In addition, LinkedIn is then able to assign your visit to our website to you and your user account. We would like to point out that we have no knowledge of the content of the transmitted (personal) data or its use by LinkedIn. Further information on this can be found in LinkedIn's privacy policy at: https://www.linkedin.com/legal/privacy-policy.

8. Use of third-party tools: HubSpot

On this website, we use the service HubSpot for various purposes. HubSpot is a software company from the USA with a branch in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, telephone: +353 1 5187500.

Hubspot is an integrated software solution that we use to cover various aspects of our online marketing. These include:

Email Marketing, Social Media Publishing & Reporting, Reporting, Contact Management (e.g. user segmentation & CRM), Landing Pages and Contact Forms.

Our sign-up service allows visitors to our website to learn more about our business, download content and provide their contact information and other demographic information. This information, as well as our website content, is stored on servers operated by our software partner HubSpot. It may be used by us to contact visitors to our website and to determine which of our company's services are of interest to them. All information we collect is subject to this privacy policy. We use all information collected solely to optimise our marketing efforts.

More information from HubSpot regarding EU data protection regulations: https://legal.hubspot.com/privacy-policy

As part of optimising our marketing efforts, Hubspot may collect and process the following data:

  • Geographical position
  • Browser type
  • Navigation information
  • Referral URL
  • Performance data
  • Information on how often the application is used
  • Mobile apps data
  • Login information for the HubSpot subscription service
  • Files viewed on site
  • Domain names
  • Pages viewed
  • Aggregated usage
  • Operating system version
  • Internet service provider
  • IP address
  • Device identifier
  • Duration of visit
  • Where the application was downloaded from
  • Operating system
  • Events that occur within the application
  • Access times
  • Clickstream data
  • Device model and version

The legal basis of the processing is your consent pursuant to Art. 6 (1) lit. a GDPR. If you do not want Hubspot to collect and process the aforementioned data, you can refuse your consent or revoke it at any time with effect for the future.

The personal data will be kept for as long as it is necessary to fulfil the purpose of the processing. The data will be deleted as soon as they are no longer required to achieve the purpose.

Within the scope of processing via HubSpot, data may be transferred to the USA. The security of the transfer is ensured via so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a level of security that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to ensure an adequate level of security, your consent pursuant to Art. 49 (1) a of the GDPR may serve as the legal basis for the transfer to third countries.

9. Newsletter 

We offer newsletters to keep you informed about current developments. 

We use the software of the provider HubSpot to send our newsletter and manage addresses. We use the so-called double opt-in procedure to register for a newsletter. This means that after you have entered your e-mail address, we will send you a confirmation e-mail to the e-mail address you have provided, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm this, your registration will be automatically deleted after a maximum of six months. If you confirm receipt of the newsletter, we will store your e-mail address until you unsubscribe from the newsletter. The sole purpose of this storage is to be able to send you the newsletter. Furthermore, we store your IP addresses and the time at which the first e-mail is sent when you register and confirm your subscription in order to prevent misuse of your personal data.
The only mandatory information for sending the newsletter is your e-mail address. You can revoke your consent to receive the newsletter at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

10. Processing of personal data from online applications 

We process your application documents sent to us, including the files you provide us with, exclusively for the purpose of carrying out an application procedure (Art. 6 (1) lit. b DS-GVO). We will contact you during the application process to inform you about the progress of your application or to invite you to an interview. After completion of the application process, your data will be deleted after six months at the latest, unless you have consented to us keeping your data and informing you about suitable job offers in the future. (Art. 6 (1) lit. a DS-GVO).

11. Your rights

You have the following rights with regard to the processing operations described above. In principle, you can make use of these free of charge. However, we reserve the right to charge an appropriate fee for manifestly unfounded requests or requests that are repeated frequently, taking into account the administrative costs incurred.

11.1. Revocation of consent given

You may revoke any consent you have given us for the processing of your personal data with effect for the future. However, this does not affect the lawfulness of the processing of your data carried out on the basis of your consent up to the time of revocation.

11.2 Confirmation and information

You may request confirmation as to whether your personal data is being processed. If this is the case, you have a right to information about the individual information mentioned in Art. 15 GDPR. 

11.3 Correction and deletion

You may request the correction of inaccurate and the completion of incomplete personal data (Art. 16 GDPR) as well as the deletion of your personal data under the conditions of Art. 17 GDPR.

11.4. Restriction of processing

You may restrict the processing of your personal data under the conditions of Art. 18 GDPR.

11.5. Objection

You may object to the processing of your personal data at any time for reasons arising from your particular situation if it is based on the legal basis of Art. 6(1)(e) or (f) GDPR. Your personal data will no longer be processed by us after the objection. This does not apply if we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims. 

11.6. Surrender of data and data portability

You may receive your personal data that you have provided in a structured, common and machine-readable format. Insofar as this is technically feasible, you have the right to have this data transferred to another responsible party at your instruction. The right to data transfer only exists insofar as the processing is based on consent pursuant to Art. 6 (1a) GDPR or on a contract pursuant to Art. 6 (1b) GDPR and the processing is carried out by means of automated procedures. This right is excluded if the rights and freedoms of other persons (in particular personal data of third parties, business or trade secrets existing on our part, copyrights) would be impaired thereby.

12. Obligation to provide data

There is no legal or contractual obligation for you to provide your personal data. If you wish to make use of our services, the provision of your personal data is mandatory if this is necessary for the provision of the respective service.

13. Updating of this data protection notice

Due to new legal requirements or new offers on our homepage, it may become necessary to update this data protection notice. We will inform you about this at this point.

Version: 15 Nov 2023

Name and address of the controller

The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is:
Elsner Elektronik GmbH
Sohlengrund 16
75395 Ostelsheim
Germany

Name and contact details of the data protection officer

External data protection officer:
Ms. Swetlana Winter – CompanyCheck Deutschland GmbH
Schillerstr. 47/49
22767 Hamburg
Telephone: 0 40 / 54 09 03 15 0
datenschutz@companycheck-deutschland.de
www.companycheck-deutschland.de/leistungen/datenschutz.html

External Data Protection Officer CompanyCheck Deutschland GmbH

Deputy external data protection officer:Ingo Passoth – CompanyCheck Deutschland GmbH
Schillerstr. 47/49
22767 Hamburg
Telephon: 0 40 / 54 09 03 15 0
datenschutz@companycheck-deutschland.de
www.companycheck-deutschland.de/leistungen/datenschutz.html

External Data Protection Officer CompanyCheck Deutschland GmbH