1. General information on the processing of personal data
(1) Protecting your personal data (“Data”) is particularly important to us. Therefore, we hereby wish to inform you in detail which Data are processed when you use our websites and services (“Data Processing Activities”).
(2) In accordance with Art. 4 Nr. 7 of the General Data Protection Regulation (“GDPR”), the controller is
Marie Bernard / bleu de prusse / 40 rue La Tour d’Auvergne – 44200 NANTES – France
Tel. +33 7 55 64 05 74 / E-Mail: hello@bleudeprusse.eu
(hereinafter: “We”). More detailed information can be found in our Legal notices.
2. Data Processing Activities when visiting our websites
(1) If you use our websites for informational purposes only, i. e. if you do not contact us or otherwise provide us with information, we only collect the personal Data that your browser transmits to our server. If you wish to view our websites, we collect the following Data, which are technically necessary in order for us to display our websites to you and to guarantee stability and security:
- IP-address,
- Date and time of the request,
- Time zone difference to Greenwich Mean Time (GMT),
- Content of the request (specific site/page),
- Access status/HTTP-status code,
- Respective data amount transferred,
- Website that the request is coming from,
- Browser,
- Server Log Files,
- Operating system and its interface,
- Language and version of the browser software.
(2) The legal basis is Art. 6 Para. 1 Sent. 1 lit. f. GDPR and the Data are saved only for the duration of your visit.
3. Data Processing Activities via the use of cookies and tracking tools
(1) In addition to the aforementioned Data, cookies are saved to your device when you use our websites. Cookies are small text files which are saved on your hard drive in association to the browser you are using and via which information is sent to us. Cookies cannot be used to launch programs or to transfer viruses to your device. They serve to make your internet experience more user-friendly and effective. The legal basis is Art. 6 Para. 1 Sent. 1 lit. f GDPR.
(2) You can configure your browser settings to meet your preferences, for instance by refusing to accept cookies. We do point out that you may not be able to use all of the functions and features of our websites.
3.1 Google Analytics
(1) We use Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics also uses cookies. The information generated by the cookie regarding your use of our websites is usually transmitted to and stored on a Google server in the USA.
(2) If IP-anonymization is activated, Google shortens your IP-address within member states of the European Union and other parties to the Agreement on the European Economic Area. Only in exceptional cases the full IP-address is transmitted to a Google server in the USA and shortened there. IP-anonymization is activated on our web service. Upon our request, Google shall use this information to analyse the use of our websites, to compile activity reports and to provide us with other services related to the use of our websites and the internet.
(3) According to Google, the IP-address that your browser passes on to Google Analytics is not combined with any other Google data. You can prevent that cookies are saved by changing the appropriate settings in your browser software. Moreover, you can prevent Google from capturing and subsequently processing the Data generated by the cookie and which refer to your usage (including your IP-address) by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
3.2 Facebook
(1) The pages of our website which contain Facebook social plug-ins establish a direct connection with the Facebook servers via the user’s browser which are operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook”). Facebook will then be provided with the information that the user has accessed the page of the service which contains the social plug-in. If the user is logged into Facebook at that time, the visit to our pages as well as all of the user’s internet activities in connection with the social plug-ins (e.g. clicking the „Like“ button, creating a comment etc.) can be attributed to the user’s Facebook profile and be stored on Facebook. Even if the User does not have a Facebook profile, it cannot be excluded that Facebook may store the user’s IP address. With regard to the purpose and extent of the data collection and the processing and use of such data by Facebook, we hereby make reference to the Facebook Privacy Policy: http://www.facebook.com/policy.php. There, you will also find an overview of the setting options in the personal Facebook profile in order to protect privacy, as well as the rights associated with this.
(2) In order to prevent Facebook from collecting the above data, the user can log out of Facebook prior to visiting the websites. In order to prevent the general access by Facebook to user data, the User can exclude Facebook social plug-ins by an add-on for the browser.
3.3 Twitter
Our website uses plugins of the social network Twitter from the Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA (hereinafter “Twitter”). The Twitter plugins are indicated by the Twitter logo or the “Share button”. When the user uses the website, the plugin creates a direct connection between the user’s browser and the Twitter server. This informs Twitter that the user has visited the website using a certain IP address. When the user clicks on the Twitter “Share button” while logged in to a Twitter account, the user can link content from the website to the Twitter profile. In this way, Twitter allocates the user’s visit to the website to a user account. As the owner of the website we are not informed about the content of the data transferred or its use by Twitter. See the Twitter Privacy Policy for details of data collection (purpose, extent, further processing, use) as well as the user’s rights and setting options. The user can find these details under: https://twitter.com/en/privacy.
3.4 LinkedIn
Our website uses plugins of the social network LinkedIn from the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter “LinkedIn”). The LinkedIn plugins are indicated by the LinkedIn logo or the “Recommend button”. When the user uses the website, the plugin creates a direct connection between the user’s browser and the LinkedIn server. This informs LinkedIn that the user has visited the website using a certain IP address. When the user clicks on the LinkedIn “Recommend button” while logged in to a LinkedIn account, the User can link content from the Service to the LinkedIn profile. In this way, LinkedIn allocates the user’s visit to the website to a user account. As the owner of the website we are not informed about the content of the data transferred or its use by LinkedIn. See the LinkedIn Privacy Policy for details of data collection (purpose, extent, further processing, use) as well as the user’s rights and setting options. The User can find these details under: http://www.linkedin.com/legal/privacy-policy.
3.5 Medium
Our website uses plugins of A Medium Corporation, 799 Market Street, 5th Floor, San Francisco, CA 94103, USA (hereinafter “Medium”). As the owner of the website we are not informed about the content of the data transferred or its use by Medium. See the Medium Privacy Policy for details of data collection (purpose, extent, further processing, use) as well as the user’s rights and setting options. The User can find these details under: https://medium.com/policy/medium-privacy-policy-f03bf92035c9.
4. Data Processing Activities when you contact us
When you contact us, we process the Data you provide (f. ex. e-mail address, name and/or telephone number) in order to respond to your questions or to process your requests. The consent you give in the course of contacting us provides the legal basis for such data processing activities (Art. 6 Para. 1 lit. b GDPR).
5. Data Processing Activities during the performance of contract
(1) If we are in a contractual relationship with you, we process your master, contact and payment data as well as your communication and contract data in order to fulfil, process and invoice the contractual services. For the aforementioned purpose, your Data may be transferred to service providers who support us with our business and who we have of course selected with the utmost care and diligence. Such service providers include, in particular, providers of technical services who support us in rendering our services.
(2) The existing contractual relationship constitutes the legal basis (Art. 6 Para. 1 Sent. 1 lit. b. GDPR).
6. Other Data Processing Activities
(1) Should you have given your consent to receive our promotions (newsletters, SMS, E-mail, by post, etc.), we shall use your personal data to inform you of our offers via the respective means of communication. Should you have agreed to being approached in a promotional manner by third parties, we surrender the necessary data to these third parties in order to enable them to inform you of their offers. You can retract your approval of being approached in a promotional manner at any time.
(2) We reserve the right to use your data in order to contact you should our services undergo or have undergone important changes or developments.
7. Your rights
(1) You have the following rights in relation to us with regard to the personal data concerning you:
- Right of access (Art. 15 GDPR),
- Right to rectification and erasure (Art. 16 and 17 GDPR),
- Right to restriction of processing (Art. 18 GDPR),
- Right to object processing (Art. 21 GDPR),
- Right to data portability (Art. 20 GDPR).
(2) Furthermore, you have the right to complain to a supervisory authority for data protection about the processing of your Data by us.
(3) We would like to point out that any possible consent you have given pertaining to data protection can be revoked at any time, effective immediately. The same applies when you have given consent to be approached in a promotional manner. To do so, please contact us informally via e-mail at: hello@bleudeprusse.eu. Such revocation can result in our services no longer being available at all, or only with restrictions.
8. Data erasure, storage period
(1) The Data we store shall be deleted as soon as they are no longer needed for the purpose for which they are being stored and the law does not prescribe a statutory duty for the Data to be retained. In the event that user Data are not deleted on grounds that they are still required for other or legally admissible reasons, their processing shall be restricted. This means that the Data shall be blocked and shall not be processed for other purposes. This applies, for instance, for user Data that have to be kept for reasons pertaining to trade or tax law.
(2) In accordance with the pertinent legal provisions, such data shall be stored for six (6) years pursuant to Section 257 Para. 1 German Commercial Code (commercial books, inventories, opening balance sheets, annual financial statements, trade letters, accounting records, etc.) and ten (10) years pursuant to Section 147 Para. 1 of the German Fiscal Code (accounts, records, situation reports, accounting records, trade or business letters, documents relevant for taxation, etc.).
9. Transmission of Data to third parties and third-party providers
(1) Data are only transmitted to third parties in a manner that is in compliance with the applicable statutory provisions. We only transmit user Data to third parties if, for example, doing so is necessary for contractual purposes pursuant to Article 6 Para. 1 lit. b. GDPR or on the basis of legitimate interests in economic and effective business operation within the meaning of Art. 6 Para. 1 lit. f. GDPR.
(2) In the event that we employ subcontractors in order to provide our services, we shall take appropriate legal precautions and corresponding technical and organisational measures in order to ensure that your personal Data are protected in accordance with the applicable statutory provisions.
(3) In case contents, tools or other means of third parties (hereinafter jointly referred to as “Third Party Providers”) are used in the framework of this privacy statement and the stated registered offices of those Third Party Providers are situated in a third country, it should be assumed that Data are transferred to the countries in which the Third Party Providers have their registered offices. Third countries are to be understood as such countries in which the GDPR does not constitute directly applicable law, i. e. in general countries outside of the EU or the European Economic Area. Data are only transferred to third countries if an adequate level of data protection is ensured, the user has given explicit consent or the law provides another form permission for such a transfer.
10. Final provisions
(1) We employ technical and organizational security measures to protect the Data we have gathered, especially against accidental or deliberate manipulation, loss, destruction or attack by unauthorized persons. Our security measures are subject to continuous improvement in line with technological advances and development.
(2) Given the constant technical advances in our services, we shall update our privacy policy from time to time. Where the changes to our privacy policy do not affect the use of the user Data that we already have, the updated privacy policy shall take effect as of the date of its publication on our website. Changes to our privacy policy that affect our use of Data that have already been collected and stored are only permissible if they are reasonable and can be reasonably expected of you. In such cases, you will be informed in due time via E-mail, on our websites or via other means. You have the right to object to the new privacy policy within (4) weeks of being notified of its coming-into-force. Should you object to the new policy, we reserve the right to terminate the contractual relationship and to delete your Data. You are assumed to agree with the new policy should you not state otherwise within the given time frame. When notifying you of the new privacy policy, we shall inform you of your right to object and of the relevance of the objection deadline.
INNOVATION MEANS.
