Privacy policy

Data protection information for visitors to the website

We, the operators of the websites https://www.cds-service.com/en/ (specifically the companies mentioned under 1.) would like to explain to you below which data we process from you and how. If you have any questions regarding data protection, please contact our data protection officer at or using the contact details mentioned in 1).

Thank you for visiting our website and for your interest in our company. In the following, we would like to inform you which data is collected when you visit our website and use the web lounge and how it is used.

 

1) Publisher of the website and data controller

The data controller within the meaning of the EU GDPR, other data protection laws in force in the EU member states and other provisions of a data protection nature is:

                            

CDS Service GmbH
Edisonstraße 19
32791 Lage, Germany
Phone: +49 (0) 52 32 / 95 54 525
Mail:
Registered office: Lage
Register court: Lemgo
Register number: HR B 4125
VAT no.: DE160863502

Director: Paul Koch

 

CDS IT-Systeme GmbH
Edisonstraße 19
32791 Lage, Germany
Phone: +49 (0) 52 32 / 95 54 525
Mail:
Registered office: Lage
Register court: Lemgo
Register number: HR B 4619
VAT no.: DE205616380

Director: Sven Bent

 

CDS Business Services GmbH
Edisonstraße 19
32791 Lage, Germany
Phone: +49 (0) 52 32 / 95 54 525
Mail:
Registered office: Lage
Register court: Lemgo
Register number: HR B 7519
VAT no.: DE277772364

Directors: Sven Bent, Frank Fischer, Paul Koch

 

The data protection officer of CDS Service GmbH, CDS IT-Systeme GmbH and CDS Business Services GmbH can be contacted as follows:

Thomas Werning
Certified Data Protection Auditor / Data Protection Officer Foundation ISO/IEC 27001
Dieselstraße 12
32791 Lage, Germany 

Phone: +49 5232 / 98 04 700
Mail:

 

2) Purpose, legal basis, categories of recipients, duration of data processing

Purpose: Presentation of the company, provision of services and/or sale of products and communication via the Internet.

The purpose of the data processing on this website is to provide information about the products and services of our companies, combined with the possibility for users to contact the specific contact persons within the company.

In all other respects, we process personal data in accordance with the following legal bases:

  • Art. 6 para. 1 lit. a GDPR for the processing of personal data with the consent of the data subject.
  • Art. 6 para. 1 lit. b GDPR for the necessary processing of personal data for the fulfilment of a contract with the data subject and for the implementation of corresponding pre-contractual measures.
  • Art. 6 para. 1 lit. c GDPR for the necessary processing of personal data in order to fulfil a legal obligation to which we are subject according to possibly applicable EU law or according to the possibly applicable law of a country in which the GDPR is fully or partially applicable.
  • Art. 6 para. 1 lit. f GDPR for the necessary processing of personal data to protect the legitimate interests of us or of third parties, provided that the fundamental freedoms and rights and interests of the data subject do not prevail. Justified interests are in particular our business interests in being able to provide our website, information security, the enforcement of our own legal claims and compliance with further legal provisions.

To this end, we use for the provision of our services service companies that are separately bound to secrecy and data protection. The data will only be passed on to the authorities where overriding statutory regulations exist. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally.

 

a) When you visit the website

When you visit our website https://www.cds-service.com/en/, a connection is established with your browser. The following information is temporarily stored in system files and automatically collected:

  • IP address of your device
  • Date and time of access
  • Name and URL of accessed files
  • Website from which access is made or from which you were directed to our site (referrer URL)
  • The browser used and, if applicable, the operating system of your device as well as the name of your provider

The mentioned data will be processed by us for the following purposes:

  • Ensuring a smooth connection to our website
  • Ensuring system security and stability
  • Easy use of our website

The resulting connection data is automatically deleted, usually for a maximum of seven days. If the website is misused, log data, the further storage of which is necessary for evidence purposes, will be kept until the incident has been clarified.

 

b) When using our contact form

If you have any questions, we offer you the opportunity to contact us using the form provided on the website. Your name and a valid e-mail address are required so that we know who sent the request and can respond to it. Further information can be provided voluntarily in the free text field.

The data will be processed for the purpose of contacting you in accordance with art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your voluntary consent.

The personal data collected by us for the use of the contact form will be automatically deleted after your request has been processed.

 

c) With registration / use of our CDS Weblounge / newsletter receipt

On our website https://weblounge.cds-service.com/register you voluntarily have the opportunity to register for our closed web lounge. The personal data you enter there is used for activation, creation of a customer account and registration for our respective newsletter. After submitting the registration form (5 steps), you will receive an automated verification e-mail in which you can complete your registration process by clicking on the link in the e-mail (double opt-in procedure). After completion of this verification procedure, activation by CDS can take place. If you are not activated by CDS, your personal registration data will be blocked and not processed further.

Data processing for the purpose of registration for our web lounge is carried out in accordance with art. 6 para. 1 sent. 1 lit. a and b GDPR on the basis of your voluntary consent, or this is necessary for the fulfilment of a contract with you or for the implementation of a pre-contractual measure.

The personal data collected by us for the use of the web lounge will be blocked after termination of the business relationship or after deletion of your customer account and deleted after the expiry of tax and commercial retention periods.

 

By registering voluntarily, you also subscribe to our respective newsletter. Consent is obtained during the registration process for the processing of your data and reference is made to this data protection declaration. The legal basis for data processing is art. 6 para. 1 lit. a of the General Data Protection Regulation (GDPR), which allows us to process the data if you have consented to the processing.

Subscription to the newsletter (your consent) can be revoked at any time in the future. To revoke your consent, each newsletter contains a link to unsubscribe from the newsletter. Optionally, you can also unsubscribe directly via our website. A request to unsubscribe from the newsletter can naturally also be sent directly to the person responsible for data processing. This is mentioned under point 1 of this data protection declaration.

 

Our website uses cookies. Cookies are encrypted text strings that store a website on the user's computer/mobile device. Cookies make it possible to adapt this website to your needs. Cookies are also used to measure the use of various pages on this website. The two types of cookies are referred to as "session cookies" and "persistent cookies". Session cookies are temporary and are automatically deleted as soon as you leave the website. Persistent cookies remain on your computer's hard drive until you delete them. Cookies are not used to collect data about your visits to other sites. Cookies do not damage or impair the functioning of your computer, programs or files.

 

Our Weblounge uses the following external scripts: Html5shiv and respond.js

Both scripts are used for display purposes in older browsers

HTML5 shiv enables the use of HTML5 editing elements in traditional Internet Explorer and offers easy HTML5 styling for Internet Explorer 6-9, Safari 4.x (and iPhone 3.x) and Firefox 3.x.

Respond.js is a polyfill for minimum/maximum width CSS3 media queries (for IE 6-8 and more). The purpose of this script is to provide a script to enable responsive web designs in browsers that do not support CSS3 media queries.

 

Your personal data will not be transmitted to third parties for purposes other than those listed below.

We will only pass on your personal data to third parties if:

  • you have given your express consent pursuant to art. 6 para. 1 sent. 1 lit. a GDPR,
  • the disclosure pursuant to art. 6 para. 1 sent. 1 f GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
  • in the event that a legal obligation exists for the transfer pursuant to art. 6 para. 1 sent. 1 lit. c GDPR, and
  • this is legally permissible and is necessary for the processing of contractual relationships with you in accordance with art. 6 para. 1 sent. 1 lit. b GDPR.

Crisp

Furthermore, a chat is installed on our site, within the CDS web lounge, which is provided by the company Crisp IM SARL (SIREN: 833085806 Address: 2 Boulevard de Launay, 44100 Nantes, France). When you start the chat, the following data is transmitted:

  • E-mail address (only if you have made it available to us and thus granted permission)
  • Telephone number (only if you have provided it to us and thus granted your permission)
  • Your message to us
  • Activity status (online / offline)
  • Day, time, time zone
  • IP Address
  • Device type, operating system and browser
  • Geographic location, city, country (based on the IP address)
  • Preferred language
  • Accessed websites
  • Information about profession (position, employer, business address)
  • Information that is available in comparison with public information from Avatar, Twitter / Facebook

Crisp is used to facilitate communication with you and to provide assistance with the use of the web lounge. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR.

For more information on how to handle user data, see Crisp's privacy policy at: https://crisp.chat/en/privacy/

If you want to prevent the data from being passed on, please do not use the chat.

 

Use of Matomo Tracking

Purpose of processing

The web analytics service Matomo (Piwik) is used on this website. No cookies are used for this purpose. If you do not agree to the storage and analysis of this data from your visit, you can object to its storage and use at any time by clicking on the following link. In this case, a so-called opt-out cookie will be stored in your browser, which means that Matomo will not collect any session data. Please note that if you delete your cookies completely, the opt-out cookie will also be deleted and you may have to reactivate it.

The legal basis is Art. 6 para. 1 (f) DSGVO. Our legitimate interest results from the fact that we make adjustments for optimisation and marketing purposes as well as for security based on the statistical analysis of user behaviour.

Objection

 

3) Your right to information, correction, deletion, objection and data transferability

You can exercise your right to information, correction and deletion of data at any time. Simply contact us using the ways described above. If you wish to delete your data, but we are still legally obliged to store it, access to your data will be restricted (blocked). The same applies in the event of an objection. You can exercise your right to data transferability if transfer is technically possible for both the recipient and us.

 

4) Right of appeal

You can file a complaint with a data protection supervisory authority at any time – for example, to the North Rhine-Westphalia State Commissioner for Data Protection and Freedom of Information responsible for us, https://www.ldi.nrw.de/

5) Data security/encryption

Our website uses "Hypertext Transfer Protocol Secure" (https). The connection between your browser and our server is encrypted.

We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

 

6) Up-to-dateness and amendment of this data protection declaration

We reserve the right to adapt the contents of this data protection declaration at any time. This usually occurs during further development or adaptation of the used services. You can view the current data protection declaration on our website. Date of this declaration: 26.05.2021