Data Protection
We take the protection of your personal data very seriously. We want you to know when we collect data, what data we collect, and how we use it. As our internet pages evolve and new technologies are implemented, changes to this privacy policy may become necessary. Therefore, we recommend that you review this privacy policy from time to time.
This privacy policy informs you about the type, scope, and purpose of the processing of personal data (hereinafter referred to as “data”) within our online offering and its associated websites, functions, and content, as well as external online presences, such as our social media profiles (hereinafter collectively referred to as “online offering”).
With regard to the terms used, such as “processing” or “controller,” we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).
Controller
Noble BC GmbH
Andreas Kroll (Managing Director)
Lars Kruse (Managing Director)
Gneisenaustraße 83, 10961 Berlin
Phone: 030 2089 8486 0
Fax: 030 2089 8486 1
Email: info@noble-bc.de
Types of processed data
Categories of data subjects
Visitors and users of the online offering (hereinafter also referred to collectively as “users”).
Purpose of processing
Terms used
“Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie), or one or more characteristics specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
“Processing” means any operation or set of operations which is performed on personal data, whether or not by automated means. The term is broad and includes virtually any handling of data.
“Controller” means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Data collection and processing
You can visit our site without providing any personal information. We only store access data that has no personal reference, such as the name of your internet service provider, the page from which you visit us, or the name of the requested file. This data is evaluated solely to improve our offering and does not allow any conclusion to be drawn about your person.
Among the personal data of users processed within this online offering, i.e., the interested parties and visitors to our online offering, are inventory data (first and last name, postal code, email address, telephone, IP address) as well as content data (information provided in the questionnaire).
We process personal data of users only in compliance with the relevant data protection regulations. This means that user data is only processed if there is legal permission to do so. This includes, in particular, if data processing is necessary for the provision of our contractual services (e.g., processing inquiries) and online services, or is required by law, if users have given their consent, as well as based on our legitimate interests (e.g., interest in the analysis, optimization, and economic operation and security of our online offering within the meaning of Article 6(1)(f) of the GDPR, especially in measuring reach and collecting access data and using services from third-party providers).
We would like to point out that the legal basis for obtaining consent is Article 6(1)(a) and Article 7 of the GDPR, the legal basis for processing for the performance of our services and the implementation of contractual measures is Article 6(1)(b) of the GDPR, the legal basis for processing to fulfill our legal obligations is Article 6(1)(c) of the GDPR, and the legal basis for processing to protect our legitimate interests is Article 6(1)(f) of the GDPR.
Relevant legal bases
In accordance with Article 13 of the GDPR, we inform you of the legal bases of our data processing. Unless the legal basis is mentioned in the privacy policy, the following applies:
The legal basis for obtaining consent is Article 6(1)(a) and Article 7 of the GDPR, the legal basis for processing for the performance of our services and the implementation of contractual measures and responding to inquiries is Article 6(1)(b) of the GDPR, the legal basis for processing to fulfill our legal obligations is Article 6(1)(c) of the GDPR, and the legal basis for processing to protect our legitimate interests is Article 6(1)(f) of the GDPR. Where processing of personal data is necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) of the GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Security measures
We ask you to regularly inform yourself about the content of our privacy policy. We will adapt the privacy policy as soon as changes in the data processing we carry out make this necessary. We will inform you as soon as the changes require your cooperation (e.g., consent) or other individual notification.
We take organizational, contractual, and technical security measures in accordance with the state of the art to ensure that the provisions of data protection laws are complied with and to protect the data processed by us against accidental or intentional manipulation, loss, destruction, or against access by unauthorized persons.
Cooperation with processors and third parties
Data is only disclosed to third parties within the framework of legal requirements.
We will only disclose users’ data to third parties if they have given their consent pursuant to Article 6(1)(a) of the GDPR or if disclosure is necessary for the performance of a contract pursuant to Article 6(1)(b) of the GDPR, as required for legal purposes or on the basis of our legitimate interests (e.g., when using agents, web hosts, etc.).
If we disclose, transfer, or grant access to data to other individuals or companies (processors or third parties) within the framework of our processing, this will only be done on the basis of a legal permission (e.g., if a transfer of the data to third parties, such as
We process inventory data (e.g., names and addresses, as well as contact information of users) and content data (information provided in questionnaires) for the purpose of fulfilling our contractual obligations and providing services according to Art. 6(1)(b) GDPR.
As part of using our online services, we store the IP address and the timestamp of each user action. The storage is based on our legitimate interests as well as the users’ interest in protection against misuse and unauthorized use. We only disclose this data to third parties if there is a legal obligation according to Art. 6(1)(c) GDPR or based on legitimate interests according to Art. 6(1)(f) GDPR for the economic and efficient operation of our business.
Transfers to Third Countries
If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or this happens as part of using third-party services or disclosing/transmitting data to third parties, it will only be done if it is necessary to fulfill our (pre)contractual obligations, based on your consent, a legal obligation, or our legitimate interests. Subject to legal or contractual permissions, we will only process data in a third country if the special requirements of Art. 44 ff. GDPR are met. This means, for example, processing based on special guarantees, such as the officially recognized determination of a data protection level corresponding to the EU (e.g., for the USA through the “Privacy Shield”) or adherence to officially recognized special contractual obligations (so-called “Standard Contractual Clauses”).
Rights of the Data Subjects
You have the right to obtain confirmation as to whether or not personal data concerning you is being processed and to access such data in accordance with Art. 15 GDPR. You also have the right under Art. 16 GDPR to request the completion of incomplete personal data or the rectification of inaccurate personal data concerning you.
Under Art. 17 GDPR, you have the right to demand the erasure of personal data concerning you without undue delay, or alternatively, you may have the right to restrict the processing of your data under Art. 18 GDPR.
You have the right under Art. 20 GDPR to receive the personal data concerning you that you have provided to us, and you have the right to transmit this data to other controllers.
Furthermore, according to Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority.
Right to Withdraw Consent
You have the right to withdraw consent granted under Art. 7(3) GDPR with future effect.
Right to Object
You have the right to object at any time to the future processing of personal data concerning you in accordance with Art. 21 GDPR. This objection can be made, in particular, against processing for direct marketing purposes.
For any questions regarding the collection, processing, or use of your personal data, for information, correction, blocking or deletion of data, and for the revocation of granted consents, please contact the email address provided in the legal notice.
Cookies, Reach Measurement, and Right to Object to Direct Marketing
“Cookies” are small files that are stored on users’ computers. Different information can be stored within cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after their visit within an online offering. Temporary cookies, or “session cookies” or “transient cookies,” are cookies that are deleted after a user leaves an online offering and closes their browser. Such a cookie may, for example, store the contents of a shopping cart in an online shop or a login status. “Permanent” or “persistent” cookies are cookies that remain stored even after the browser is closed. For example, the login status can be saved if users visit the site after several days. Such cookies can also store the interests of users, which are used for measuring reach or marketing purposes. “Third-party cookies” are cookies that are offered by providers other than the controller operating the online offering (if only the controller’s cookies are used, they are referred to as “first-party cookies”).
We can use temporary and permanent cookies and provide information about this in our privacy policy.
If users do not want cookies stored on their computer, they are asked to disable the corresponding option in their browser’s system settings. Stored cookies can be deleted in the browser’s system settings. Disabling cookies may limit the functionality of this online offering.
A general objection to the use of cookies used for online marketing purposes can be made for a large number of services, especially in the case of tracking, via the US website http://optout.networkadvertising.org/ or the EU website http://www.youronlinechoices.com/uk/your-ad-choices/. Additionally, the storage of cookies can be achieved by disabling them in the browser settings. Please note that if you do so, you may not be able to use all the functions of this online offering.
Deletion of Data
The data processed by us will be deleted or restricted in accordance with Articles 17 and 18 GDPR. Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and there are no legal retention obligations. If the data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons.
According to legal requirements in Germany, the storage occurs in particular for 6 years according to § 257(1) HGB (commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting records, etc.) and for 10 years according to § 147(1) AO (books, records, management reports, accounting records, commercial and business letters, documents relevant for taxation, etc.).
According to legal requirements in Austria, the storage takes place in particular for 7 years according to § 132(1) BAO (accounting documents, receipts/invoices, accounts, receipts, business papers, statement of income and expenses, etc.), for 22 years in connection with real estate, and for 10 years for documents related to electronically provided services, telecommunications, radio, and television services that are provided to non-entrepreneurs in EU member states and for which the Mini-One-Stop-Shop (MOSS) is used.
This text appears to be a privacy policy or data protection statement that outlines how a company or organization processes personal data collected from its customers, website visitors, and users. The document covers various aspects of data processing, including data collection, legal basis for processing, data retention, data disclosure to third parties, and the use of third-party services.
The main sections of this privacy policy include:
Administration, Financial Accounting, Office Organization, Contact Management: This section explains that the organization processes data for administrative tasks, financial accounting, office organization, and legal obligations. The legal basis for this processing is Article 6(1)(c) and Article 6(1)(f) of the GDPR. The data subjects affected include customers, prospects, business partners, and website visitors.
Contact: This section describes how user information submitted through contact forms, emails, phone calls, or social media is processed for handling contact inquiries and communications. The legal basis for this processing is Article 6(1)(b) of the GDPR.
Google Analytics: This section explains the use of Google Analytics for analyzing and optimizing the website’s online offering. It also mentions the use of IP anonymization and provides a link to opt-out of tracking using a browser plugin.
Google Marketing Services and Remarketing: This section covers the use of Google Marketing Services and Remarketing to display targeted ads to users based on their interests and online behavior. It provides opt-out links for personalized advertising by Google.
Online Presence on Social Media: This section informs users about the organization’s presence on social media platforms and how data is processed when users interact with the organization’s pages.
Inclusion of Third-Party Services and Content: This section explains that third-party content and services may be used on the website, and how the data collected by these services is handled.
Google Maps and Google Fonts: This section informs users about the integration of Google Maps and Google Fonts on the website and provides links to Google’s privacy policy and opt-out options.
Google +1: This section explains the use of the Google +1 button and how information is shared and used by Google.
Overall, this privacy policy is comprehensive and covers various aspects of data processing, ensuring transparency and compliance with data protection regulations like the General Data Protection Regulation (GDPR). Please note that privacy policies should always be customized to the specific practices and requirements of each organization and jurisdiction. If you need to use this privacy policy, make sure to review and adjust it to suit your organization’s circumstances and local laws.
Use of the collected information: In addition to the purposes mentioned above, the information provided by you will be used in accordance with the applicable Google Privacy Policy. Google may publish aggregated statistics on user +1 activities or share them with users and partners, such as publishers, advertisers, or affiliated websites.
Facebook Social Plugins:
We use social plugins (“plugins”) from the social network facebook.com, operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), based on our legitimate interests (i.e., interest in analyzing, optimizing, and economically operating our online offering within the meaning of Art. 6 para. 1 lit. f. DSGVO). The plugins can display interaction elements or content (e.g., videos, graphics, or text posts) and are recognizable by one of the Facebook logos (white “f” on a blue tile, the terms “Like,” “Like,” or a “thumbs up” sign) or are marked with the addition “Facebook Social Plugin.” The list and appearance of the Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins/.
Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
When a user accesses a function of this online offering that contains such a plugin, their device establishes a direct connection to Facebook’s servers. The content of the plugin is transmitted directly from Facebook to the user’s device and integrated into the online offering. This allows user profiles to be created from the processed data. We have no influence on the extent of the data that Facebook collects with the help of this plugin and therefore inform users according to our knowledge.
By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online offering. If the user is logged into Facebook, Facebook can assign the visit to their Facebook account. When users interact with the plugins, for example, by clicking the Like button or leaving a comment, the corresponding information is transmitted directly from their device to Facebook and stored there. Even if a user is not a member of Facebook, there is still a possibility that Facebook will find out and store their IP address. According to Facebook, only an anonymized IP address is stored in Germany.
For the purpose and scope of data collection and further processing and use of data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, please refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy/.
If a user is a Facebook member and does not want Facebook to collect data about them via this online offering and link it to their stored Facebook member data, they must log out of Facebook before using our online offering and delete their cookies. Further settings and objections to the use of data for advertising purposes can be made within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US-American site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. The settings are platform-independent, i.e., they are adopted for all devices, such as desktop computers or mobile devices.
Facebook, Custom Audiences, and Facebook Marketing Services:
Within our online offering, we use the “Facebook Pixel” of the social network Facebook, which is provided by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), based on our legitimate interests in analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 para. 1 lit. f. DSGVO.
Facebook transmits European data based on the EU standard contractual clauses. Further information on the transmission of European data can be found in Facebook’s privacy policy or the following link: https://de-de.facebook.com/legal/EU_data_transfer_addenDum
With the help of the Facebook pixel, Facebook can determine the visitors to our online offering as a target group for the display of advertisements (so-called “Facebook Ads”). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offering or who have certain characteristics (e.g., interests in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interests of the users and are not perceived as annoying. With the help of the Facebook pixel, we can also track the effectiveness of Facebook ads for statistical and market research purposes, as we can see whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion”).
The Facebook pixel is directly integrated by Facebook when you call up our web pages and can save a so-called cookie, i.e., a small file, on your device. If you subsequently log in to Facebook or visit Facebook while logged in, the visit to our online offering will be noted in your profile. The data collected about you is anonymous to us and therefore does not provide us with any conclusions about the identity of the users. However, Facebook stores and processes the data, so that a connection to the respective user profile is possible and Facebook can use the data for its own market research and advertising purposes. If we should transmit data to Facebook for matching purposes, this data is encrypted locally in the browser and then sent to Facebook via a secure https connection. This is done solely with the purpose of establishing a match with the equally encrypted data by Facebook.
The processing of data by Facebook is carried out within the framework of Facebook’s data usage policy. Accordingly, general information on the display of Facebook ads can be found in Facebook’s data usage policy: https://www.facebook.com/policy.php. For specific information and details about the Facebook pixel and how it works, please refer to Facebook’s Help section: https://www.facebook.com/business/help/651294705016616.
You can object to the collection of data by the Facebook pixel and the use of your data for displaying Facebook ads. To set which types of ads are displayed to you within Facebook, you can visit the page set up by Facebook and follow the instructions on usage-based advertising settings: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, i.e., they are applied to all devices, such as desktop computers or mobile devices.
Currently, we do not use the Facebook pixel on this website. If we start using this technology, the following option will be available to you:
“To prevent the collection of your data by means of the Facebook pixel on our website, please click the following link: Facebook Opt-Out (if no pop-up appears after clicking the link, the Facebook Custom Audience is currently not active)”
Note: When you click the link, an “opt-out” cookie is stored on your device. If you delete the cookies in this browser, you will need to click the link again. The opt-out only applies within the browser you are using and only within our web domain where the link was clicked.
You can also object to the use of cookies for reach measurement and advertising purposes by visiting the deactivation page of the Network Advertising Initiative (https://optout.networkadvertising.org/) and additionally the US website