This Cookie Policy was last updated on 11. October 2024 and applies to citizens and legal permanent residents of the European Economic Area and Switzerland.
1. Introduction
Our website, https://gfaw.eu/en/ (hereinafter: "the website") uses cookies and other related technologies (for convenience all technologies are referred to as "cookies"). Cookies are also placed by third parties we have engaged. In the document below we inform you about the use of cookies on our website.
2. What are cookies?
A cookie is a small simple file that is sent along with pages of this website and stored by your browser on the hard drive of your computer or another device. The information stored therein may be returned to our servers or to the servers of the relevant third parties during a subsequent visit.
3. What are scripts?
A script is a piece of program code that is used to make our website function properly and interactively. This code is executed on our server or on your device.
4. What is a web beacon?
A web beacon (or a pixel tag) is a small, invisible piece of text or image on a website that is used to monitor traffic on a website. In order to do this, various data about you is stored using web beacons.
5. Cookies
5.1 Technical or functional cookies
Some cookies ensure that certain parts of the website work properly and that your user preferences remain known. By placing functional cookies, we make it easier for you to visit our website. This way, you do not need to repeatedly enter the same information when visiting our website and, for example, the items remain in your shopping cart until you have paid. We may place these cookies without your consent.
5.2 Marketing/Tracking cookies
Marketing/Tracking cookies are cookies or any other form of local storage, used to create user profiles to display advertising or to track the user on this website or across several websites for similar marketing purposes.
6. Placed cookies
7. Consent
When you visit our website for the first time, we will show you a pop-up with an explanation about cookies. As soon as you click on "Einstellungen speichern", you consent to us using the categories of cookies and plug-ins you selected in the pop-up, as described in this Cookie Policy. You can disable the use of cookies via your browser, but please note that our website may no longer work properly.
7.1 Manage your consent settings
8. Enabling/disabling and deleting cookies
You can use your internet browser to automatically or manually delete cookies. You can also specify that certain cookies may not be placed. Another option is to change the settings of your internet browser so that you receive a message each time a cookie is placed. For more information about these options, please refer to the instructions in the Help section of your browser.
Please note that our website may not work properly if all cookies are disabled. If you do delete the cookies in your browser, they will be placed again after your consent when you visit our website again.
9. Your rights with respect to personal data
You have the following rights with respect to your personal data:
- You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
- Right of access: You have the right to access your personal data that is known to us.
- Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
- If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
- Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
- Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.
To exercise these rights, please contact us. Please refer to the contact details at the bottom of this Cookie Policy. If you have a complaint about how we handle your data, we would like to hear from you, but you also have the right to submit a complaint to the supervisory authority (the Data Protection Authority).
10. Contact details
For questions and/or comments about our Cookie Policy and this statement, please contact us by using the following contact details:
GfaW Gesellschaft für angewandte Wirtschaftsethik mbH
Am Hopfenberge 1, 37124 Rosdorf
Germany
Website: https://gfaw.eu/en/
Email: info@gfaw.eu
Phone number: +49 (0)551 30674834
This Cookie Policy was synchronized with cookiedatabase.org on 11. October 2024.
- Scope of application
The protection of personal data is very important to us. With the following information on data protection, we want to explain to you which personal data we process for which purposes while you are using our website. The following information applies to all content of the above-mentioned website (hereinafter “offer” / “website”). The legal basis for data protection can be found in the EU General Data Protection Regulation (hereinafter referred to as GDPR) and the national implementing regulations applicable in the EU, in Germany in the Federal Data Protection Act (BDSG).
- Definitions
Personal data “Personal data” means any information relating to an identified or identifiable natural person. Processing “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means.
- Types of personal data
Access data Access data is data about every access to the server on which our website is located. The access data includes the IP address of the access device, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, amount of data transferred in each case, website from which the request originates, browser, operating system and its interface, language and version of the browser software. Cookies In addition to the aforementioned data, cookies are stored on your access device when you use our website. Cookies are small text files that are stored assigned to the browser you are using and through which certain information flows to the place that sets the cookie (in this case by us or by third-party providers). Communication data If you contact us via our website or register for our newsletter, we process the personal data that you provide to us (e.g. first and last name, e-mail address).
- Purposes of the processing
Access data Our hosting providers process the access data on our behalf and on our instructions for the operation, accessibility, maintenance and optimization of our website as well as for security reasons for fraud and abuse control. The legal basis for the processing is Art. 6 para. 1 sentence 1 f GDPR. For information on the processing of the IP address by third-party providers, see section 6. Cookies serve to make our website more user-friendly and thus to improve the user experience. On the other hand, they are used to collect statistical data on website usage and to be able to analyze it for the purpose of improving our offers. Cookies are not used to execute programs or load viruses onto your computer. With regard to the use of cookies by third-party providers, please refer to section 6. The legal basis for the use of cookies is Art. 6 para. 1 sentence 1 f GDPR. Users can influence the use of cookies. Most browsers have an option to restrict or completely prevent the storage of cookies. However, it should be noted that the use and, in particular, the user-friendliness of our website will be restricted without cookies. Communication data If you communicate personal data to us via our website, the purpose of the data processing depends on your request. We will use your personal data to process your request (legal basis is Art. 6 para. 1 sentence 1 f GDPR). For information on sending newsletters, see section 7.
- Categories of recipients of personal data
Hosting providers The data mentioned in section 3 is processed by our hosting providers on our behalf and on our instructions for the operation, accessibility, maintenance and optimization of our website as well as for security reasons for fraud and abuse control. If you communicate with us by email, your emails and the personal data provided therein will be stored on our behalf on the servers of our hosting providers (legal basis is Art. 6 para. 1 sentence 1 a, f GDPR). IT service provider Our IT service providers receive access to the data mentioned in section 3 on our behalf and on our instructions, insofar as this is necessary for technical reasons and for website optimization, system maintenance and maintenance (legal basis is Art. 6 para. 1 sentence 1 f GDPR). Integration of third-party services and content With regard to the integration of third-party services and content on our website and the related data transfers, see section 6. Other recipients Data will only be passed on to other third parties in the following cases:
- if necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data (legal basis is Art. 6 para. 1 sentence 1 f GDPR);
- we are legally obliged to disclose data in connection with official inquiries, court orders or legal proceedings.
- Integration of third-party services and content
We integrate services of other companies within the website in order to make our offer more attractive for you and to continuously optimize it (legal basis is Art. 6 para. 1 sentence 1 a, f GDPR). Google Analytics This website uses Google Analytics, a web analytics service provided by Google Inc (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will first be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de. This website uses Google Analytics with the extension “anonymizeIp()”. This means that IP addresses are further processed in abbreviated form, so that they cannot be linked to a specific person. If the data collected about you is personally identifiable, it is immediately excluded and the personal data is deleted immediately. We use Google Analytics to analyze and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. The legal basis for the use of Google Analytics is Art. 6 para. 1 sentence 1 f GDPR. For the exceptional cases in which personal data is transferred to the USA, data is transferred on the basis of standard contracts; information on this can be found at https://policies.google.com/privacy/frameworks?hl=de. Information from the third-party provider: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. User conditions: http://www.google.com/analytics/terms/de.html, Wordfence Security Plugin This website is secured with the “Wordfence Security” service, which is operated by Defiant Inc, 800 5th Ave, Suite 4100, Seattle, WA 98104, USA. It is used on the basis of legitimate interest within the meaning of the GDPR. The website uses Wordfence Security to protect against malicious code and to defend against attacks by criminals. The plugin is configured so that no cookies are set on the user’s computer. For the purpose of protection against so-called brute force attacks (numerous automated login attempts from the same identity) or unauthorized access to the web server or the database, the IP addresses (exclusively) from which such attempts are made are stored locally on our web server. This enables repeated attempts to attack from the same IP to be warded off more effectively. Stored IP addresses are automatically deleted after 30 days. The data is only stored locally; no data is sent to external service providers, in particular the aforementioned Defiant Inc. Wordfence Security secures this website and thus also protects visitors to the website from viruses and malware. This constitutes a legitimate interest within the meaning of the GDPR. The Live Traffic View option (real-time live traffic) of the plug-in is reduced to security-relevant listings. You can find more information on the collection and use of data by Wordfence Security in the provider’s privacy policy: https://www.wordfence.com/privacy-policy/, https://www.wordfence.com/help/general-data-protection-regulation/. Information on data protection:YouTube We have integrated YouTube videos into our online offering, which are stored on http://www.YouTube.com and can be played directly from our website. These are all integrated in “extended data protection mode”, i.e. no data about you as a user is transferred to YouTube if you do not play the videos. Only when you play the videos will the following data be transmitted. We have no influence on this data transfer. When you visit the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the IP address of the accessing device and information about the video are transmitted. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your YouTube profile, you must log out before activating the button. YouTube stores your data as user profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right. The legal basis is Art. 6 para. 1 sentence 1 f GDPR. By using YouTube, we can improve our offer and make it more interesting for you as a user. The legal basis for the use of YouTube is Art. 6 para. 1 sentence 1 f GDPR. Further information on the purpose and scope of data collection and its processing by YouTube can be found in the privacy policy. There you will also find further information on your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA, the data transfer is based on standard contracts, information on this can be found at https://policies.google.com/privacy/frameworks?hl=de. Newsletter service We use the SendinBlue service of the service provider SendinBlue SAS – Politique de confidentialité, 55, rue d’Amsterdam 75008 Paris, France, to send our newsletter. Your personal data (e-mail address, IP address) is transferred to a server of the company based in the EU for the purpose of sending. The legal basis for the use of the service is Art. 6 para. 1 f GDPR. Our legitimate interest arises from the fact that we need the service for the purpose of direct advertising and optimizing our offers. Further information on this can be found in section 7. Links to social networks On our website you will find links to the social networks Facebook, Instagram, YouTube, Xing, LinkedIn. You can recognize these by the respective social network logo at the bottom of our page. If you follow the links, you will reach our company presence in the respective networks. Clicking on the respective logo establishes a connection to the servers of the relevant network. In this process, the following information may be transmitted to the relevant network, which may also include transmission to the USA: – Information about our page visit (domain address, date, time) – IP address – for mobile devices, the device ID – information about the browser and operating system used. If you are logged in to the social network, the social network can assign the aforementioned information to your existing account there and, if necessary, show you targeted advertising and use it to create usage and analysis data or show you targeted advertising. We recommend that you log out regularly after using a social network, as this allows you to avoid being assigned to your profile. Further information on the purpose and scope of data collection and its processing by the social networks can be found in the privacy policies of these providers. There you will also find further information on your rights in this regard and setting options to protect your privacy.
- Newsletter
Newsletter If you agree, we will inform you at regular intervals about news on our certification standards and services. You can register for our newsletter via our website. If you would like to receive information, we need a valid e-mail address from you. The so-called double opt-in procedure is used to register for our newsletter. This means that after you have registered, an e-mail will be sent to the e-mail address you have provided asking you to confirm that you wish to receive the newsletter. When you register for the newsletter, your e-mail address, the IP address used and the time of registration and confirmation are stored. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data. The legal basis for this is Art. 6 para. 1 sentence 1 f GDPR. The legal basis for sending the newsletter is Art. 6 para. 1 sentence 1 f a GDPR. You can withdraw your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in every newsletter e-mail, by e-mail or by post. We would like to point out that a revocation does not change the legality of the processing carried out until the revocation (no retroactive effect of the revocation). By registering for the newsletter, you may give us the following consent, which we are reproducing here for your information only: “I confirm that I have reached the age of 16 and agree that GfaW Gesellschaft für angewandte Wirtschaftsethik mbH, Am Hopfenberge 1, 37124 Rosdorf, Germany , may process my personal data for the purpose of sending me the newsletter. my specified e-mail address to inform me at regular intervals about news relating to their certification standards and services. I can revoke my consent at any time with effect for the future by unsubscribing from the newsletter, sending an e-mail to info@gfaw.eu or by post.
Tracking We would like to point out that we evaluate your user behavior on our website and in the newsletter when sending the newsletter. For this evaluation, the emails sent contain tracking pixels that are linked to your email address and IP address for the evaluation. The data is collected exclusively in pseudonymized form, i.e. the data on user behaviour is not linked to your other personal data, and direct personal identification is excluded. We use the data obtained in this way to create a user profile in order to tailor the newsletter to your individual interests. In doing so, we record when you read our newsletter, which links you click on in it and deduce your personal interests from this. We link this data to the actions you take on our website. You can object to this tracking at any time by clicking on the separate link provided in every e-mail or by informing us via another contact channel. The information is stored for as long as you are subscribed to the newsletter. After you unsubscribe, we store the data purely statistically and anonymously. The legal basis for the use of the tracking pixel is Art. 6 para. 1 sentence 1 f GDPR. We use this to optimize our offers and make them more interesting for you.
- Data provision
You are not obliged to provide personal data when you visit our website, but the IP address of your computer is recorded automatically when you visit. With regard to the use of cookies, please refer to sections 4 and 6.
- Duration of processing
Access data Access data is stored continuously for the operation of our website and for security reasons (e.g. to investigate misuse or fraud). Cookies and IP addresses Our own cookies are stored for a maximum of 90 days. If cookies are set by third-party providers and IP addresses are processed, we have no influence on the duration of the processing. In section 6 you will find the links to the data protection declarations of the third-party providers. There you can find out about the duration of processing. Newsletter If you unsubscribe from our newsletter, we will no longer send you newsletters and you will be entered in a so-called blocking list. However, we will continue to store your first name, surname and e-mail address in order to be able to prove that you have registered for our newsletter. Notification data We store the other data you provide for as long as we need it to process your request, provided that this data is not subject to longer retention periods under tax and commercial law (these are between 6-10 years). In any case, the data will be stored until the end of the statutory limitation periods for claims for damages.
- Right of objection
You have the right to object at any time to the personal data processed on the basis of Art. 6 para. 1 sentence 1 f GDPR, provided that there are reasons for the objection arising from your particular situation. However, your personal data will continue to be processed if there are compelling legitimate grounds for continuing to process the data that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims. If we process your personal data for the purpose of direct marketing, you have the right to object to the processing of your personal data for the purpose of such marketing at any time without giving reasons (Art. 21 GDPR).
- Further rights of data subjects
If you have given your consent, you have the right to withdraw it. We will then cease the data processing that was based on your consent. We would like to point out that a revocation does not change the legality of the processing granted until the revocation (no retroactive effect of the revocation). Under the GDPR, you have the right to request information free of charge about the personal data we hold about you. As part of the information, we will explain the data processing to you and provide you with an overview of the data stored about you (Art. 15 GDPR). Furthermore, in accordance with the GDPR, you have the right to rectification if stored data is incorrect or no longer up to date (Art. 16 GDPR), and you can also request the erasure of your data. If deletion is not possible in exceptional cases due to legal regulations, the data will be blocked so that it may only be processed for this legal purpose (Art. 17 GDPR). You also have the right to restrict your data, in particular if you believe that the data we have stored is incorrect (Art. 18 GDPR). You also have the right to transfer your personal data (Art. 20 GDPR). You also have the right to lodge a complaint with the data protection supervisory authority responsible for us in justified cases (Art. 77 GDPR). You can assert your rights under the GDPR by email or in writing. You can find our contact details below:
- Contact details
Responsible body: GfaW Gesellschaft für angewandte Wirtschaftsethik mbH, Am Hopfenberge 1, 37124 Rosdorf, represented by: Sophie von Lilienfeld-Toal, phone: +49 (0)551 30674834, e-mail: info@gfaw.eu Data protection supervisory authority: The State Commissioner for Data Protection of Lower Saxony Barbara Thiel, Prinzenstraße 5, 30159 Hanover, phone: +49 (0511) 120 45 00, fax: +49 (0511) 120 45 99, e-mail: poststelle@lfd.niedersachsen.de
- Changes to the privacy policy
We reserve the right to change this privacy policy, e.g. if the legal or official requirements or the content of our website change.