Data Protection Policy
1. Data protection at a glance
General
The following provides you with simple overview of what happens to your personal data when you visit our website. “Personal data” is any data that could be used to personally identify you. For more detailed information on data protection, please refer to our comprehensive Data Protection Policy, which you will find further down this page.
Data collection on our website
Who is responsible for collecting and processing data on this website?
Data collected on this website is processed by the website’s operator, whose contact details can be found in the “Information Required by Law” section of this Data Protection Policy.
How do we collect your personal data?
First, we collect personal data that you share with us. This may, for instance, be information you enter into our contact form.
Second, our IT systems automatically collect personal data every time you visit our website. These data primarily comprise technical information (e.g. your browser type and version, your operating system and the time you accessed our website). These data are recorded automatically whenever you access our website.
Why do we collect your personal data?
Some of the data we collect helps us to ensure the stability and operational consistency of our website. Other data help us to analyse visitors’ use our website.
What rights do you have regarding the personal data we collect?
You as the data subject have the right to request information free of charge and at any time about the personal data concerning you that we store, along with details of the data’s origin, recipients and the purpose of the data processing and, insofar as applicable, a right to correct, erase or restrict the processing of these data. In order to request this information, or to ask any other questions regarding your personal data, please contact us at any time at the address provided in the “Information Required by Law” section of this Data Protection Policy. You also have the right to lodge a complaint with the competent supervising agency.
You can contact us at any time for further questions regarding data protection.
Analytics and Third-Party Tools
When you visit our website, your use of our website may be statistically analysed. This happens primarily using cookies and analytics. The analysis of your use of our website is usually anonymous, which means that we will not be able to identify you from these data.
For detailed information about the analytical tools we use and about your rights to object, please refer to our comprehensive Data Protection Policy below.
2. Hosting and Content Delivery Networks (CDN)
External Hosting
This website is hosted by an external service provider (host). Personal data collected on this website are stored on the host’s servers. These data may include, but are not limited to, IP addresses, contact requests, metadata and communications, contract information, contact information, names, web page access data, and other data generated through this web site.
We use a host for the purpose of preparing and fulfilling contracts with our potential and existing customers in accordance with Article 6.1.b of the European Union’s General Data Protection Regulation (GDPR) and in the interest of the secure, reliable and efficient provision of our online services by a professional provider (Article 6.1.f of the GDPR).Our host will only process your personal data to the extent necessary to fulfil its performance obligations and to follow our instructions with respect to such data.
We use the following external host:
Klickpark Solution GmbH
Bahnhofstraße 27
68526 Ladenburg
Contract Data Processing
In order to guarantee that your personal data is processed in accordance with all relevant data protection regulations, we have concluded a contract data processing agreement with our host.
3. General information and mandatory information
Data Protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this Data Protection Policy.
Whenever you use this website, a variety of personal data will be collected. “Personal data” refers to any data that could be used to identify you personally. This Data Protection Policy explains what data we collect and what we use it for. It also explains how and why we collect personal data.
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
Data Controller
The entity responsible for processing your personal data on this website (referred to as the “data controller” in the GDPR) is:
AVENTOS Management GmbH / AVENTOS Capital Markets GmbH & Co. KG
Lützowplatz 7
10785 Berlin
Telephone: +49 30 221841650
E-Mail: info@aventos.group
The data controller is the natural person or legal entity that makes decisions, either alone or together with other parties, as to the purposes and means for the processing of personal data (e.g. names, email addresses, etc.).
Data Retention
Unless our Data Protection Policy indicates that your personal data will be stored for a specific period, we will retain your personal data until the purpose for data processing no longer applies. If you assert a legitimate request to have your personal data erased, or you withdraw your consent to data processing, your data will be deleted unless we have other legal obligations that require us to store your personal data (e.g. retention periods under tax or commercial law); in the latter case, we will delete your personal data as soon as these obligations cease to apply.
Data transfers to the United States
Our website features tools provided and operated by companies based in the United States. Where these tools are active, your personal data may be transferred to the respective company’s servers in the United States. In relation to EU data protection law, the United States is not classed as a safe third country. Companies based in the United States are obligated to disclose personal data to security authorities without you as the data subject having any legal recourse against such disclosures. Therefore, we cannot guarantee that your personal data will not be processed, evaluated or permanently stored by U.S. authorities (e.g. secret services) on servers in the United States. We have no influence over such data processing activities.
Your right to revoke your consent to data processing
Many data processing operations are only possible and permissible with your express consent. You can revoke your consent at any time. If you wish to revoke your consent, please send us an informal instruction to inform us accordingly. Your revocation of consent shall apply to all future processing; the legality of the data processing prior to your revocation of consent shall remain unaffected.
Your right to object to specific types of data processing; your right to object to direct marketing purposes (Article 21 of the GDPR)
AS A DATA SUBJECT, YOU HAVE THE RIGHT TO OBJECT, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA CONCERNING WHICH IS BASED ON POINTS (E) OR (F) OF ARTICLE 6.1 OF THE GDPR, INCLUDING PROFILING BASED ON THOSE PROVISIONS. THE LEGAL BASIS FOR THE PROCESSING OF YOUR PERSONAL DATA IN EACH SPECIFIC CASE IS SET FORTH IN THIS DATA PROTECTION POLICY. IF YOU EXERCISE YOUR RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA, THE DATA CONTROLLER SHALL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS THE DATA CONTROLLER DEMONSTRATES COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTEREST, RIGHTS AND FREEDOMS, OR FOR THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS (RIGHT TO OBJECT PURSUANT TO ARTICLE 21.1. OF THE GDPR). WHERE YOUR PERSONAL DATA ARE PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING, WHICH INCLUDES PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU EXERCISE YOUR RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA, THE DATA CONTROLLER SHALL NO LONGER PROCESS YOUR PERSONAL DATA FOR DIRECT MARKETING PURPOSES (RIGHT TO OBJECT PURSUANT TO ARTICLE 21.2. OF THE GPDR).
Right to Lodge a Complaint with a Supervisory Authority
If you believe that your rights under the GDPR have been infringed, you have the right to lodge a complaint with a competent supervisory authority, in particular in the Member State of your habitual residence or work or in the place where the alleged violation occurred. Exercising your right to lodge a complaint with a competent supervisory authority shall in no way prejudice any other administrative or court proceedings available to you as legal recourse.
Right to Data Portability
You have the right to receive the personal data concerning you, which you have provided to us with your consent, or which has been processed automatically in fulfilment of a contract, in a structured, commonly used and machine-readable format. You also have the right to have your personal data transmitted directly from us to another data controller, insofar as this is technically feasible.
SSL and/or TLS encryption
For security reasons and to protect the transmission of confidential data, including purchase orders and/or inquiries that you send to this website’s operator, this website uses SSL and/or TLS encryption. You can tell when a connection is encrypted because the website address displayed by your browser will change from “http://” to “https://” and a lock symbol will appear next to the website address in your browser’s address window.
When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Your rights to information, rectification and erasure
Within the framework of the applicable legal provisions, you as the data subject have the right to request information free of charge and at any time about the personal data concerning you that we store, along with details of the data’s origin, recipients and the purpose of the data processing and, insofar as applicable, a right to correct or erase these data. In order to request this information, or to ask any other questions regarding your personal data, please contact us at any time at the address provided in our website’s Legal Notice.
Your right to restrictions on the processing of personal data
You have the right to demand restrictions on the processing of your personal data. In order to do so, please contact us at any time at the address provided in our website’s Legal Notice. The have right to obtain restriction of processing where one of the following applies:
If you contest the accuracy of the personal data we store, we will require a period to verify the accuracy of the personal data. During the period it takes us to verify the personal data, you have the right to demand that we restrict the processing of your personal data.
If the processing was/is unlawful and you oppose the erasure of the personal data, you may request that we restrict the processing of your personal data instead.
If we no longer need the personal data for the purposes of the processing, but you require the data for the establishment, exercise or defence of legal claims, you may request that we restrict the processing of your personal data rather than erasing them.
If you have exercised your right to object pursuant to Article 21.1 of the GDPR, a decision will have to be made as to whether your legitimate interests outweigh our legitimate interests. Until a competent authority has decided whose interests prevail, you have the right to request that we restrict the processing of your personal data.
If you have requested that we restrict the processing of your personal data, these data – with the exception of their storage – may only be processed subject to your consent or for the establishment, exercise or defence of legal claims or to protect the rights of other natural persons or legal entities or for important public interest reasons cited by the European Union or a member state of the EU.
4. Data collection on this website
Cookies
Our website uses cookies. Cookies are small text files that are stored on your device and saved by your browser. Cookies do not damage your device in any way and are either stored temporarily for the duration of your visit to our website (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted once you end your visit and close your browser window. Permanent cookies are stored on your device until you actively delete them or they are automatically erased by your browser.
In some cases, third-party cookies may be stored on your device during your visit to our site (third-party cookies). These cookies enable you/us to take advantage of certain services provided by third parties (e.g. cookies for the processing of payment services).
Cookies perform a wide variety of functions. Many cookies are essential to the technical functionality of the services offered on our website (e.g. to allow you to use the shopping basket or to watch videos). Other cookies may be used to statistically analyse usage behaviour on our website or to display promotional messages.
Technical cookies, i.e. cookies that are essential to electronic communication processes, functional cookies, i.e. cookies that are essential for the provision of specific website functions you request (e.g. the shopping basket function) and analytical cookies, i.e. cookies that are essential for the optimisation of our website by providing quantifiable insights into our website’s audience, are stored on the basis of Article 6.1.f of the GDPR, unless a different legal basis is cited. We, as the website operator, have a legitimate interest in the storage of cookies in order to guarantee the stability and operational consistency of our website and services. Other cookies (e.g. cookies that analyse your surfing behaviour) are only used with your consent in accordance with Article 6.1.a of the GDPR. You may withdraw your consent at any time.
You can configure your browser to notify you whenever cookies are created and stored, to allow cookies only from specific websites, to decline cookies from specific websites or all websites, and to automatically delete cookies when you close your browser window. If you do decide to disable cookies, however, you may not be able to enjoy the full functionality of this website.
Insofar as we do use third-party or analytical cookies, you will be separately notified in conjunction with this Data Protection Policy and, where applicable, your consent will be requested.
Server Log Files
The provider of this website automatically collects and stores information in so-called “server log files”, which your browser automatically sends to our website’s server. The information in these server log files comprises:
Your browser type and version
Your device’s operating system
Referrer URL, i.e. the website you visited prior to accessing our website
The hostname of the device you use to access our website
The date and time of the server request
Your IP address
At no point are these data merged with any other data.
These data are collected and processed on the basis of Article 6.1.f of the GDPR. The operator of the website has a legitimate interest in guaranteeing the stability and functionality of our website and services and it is for this reason that server log files are created.
Contact Form
Whenever you contact us via our website’s integrated contact form, we will store the personal data you enter in the contact form in order to process your enquiry and any follow-up questions. We will not transmit these data to third parties without your express consent.
The data you enter in the contact form are processed on the basis of the consent you granted by using the contact form (Article 6.1.a of the GDPR), insofar as your request is related to the performance of a contract or in order to take steps at your request prior to entering into a contract. In all other cases, processing is based on our legitimate interest in adequately processing the requests we receive from visitors to our website (Article 6.1.a of the GDPR) or on your consent (Article 6.1.a of the GDPR), where this has been requested.
We will store the data you enter in the contact form until you either ask us to erase the data or withdraw your consent to the storage of your data or until the purpose for which the information is being stored ceases to exist (e.g. your inquiry has been processed). Statutory provisions – in particular mandatory data retention periods – remain unaffected.
Contact by Email, Telephone or Fax
If you contact us by email, telephone or fax, we will store and process your inquiry, including all related personal data (name, request, etc.) for the purpose of processing your inquiry. We will not pass these data on to third parties without your consent.
If your inquiry is related to the performance of a contract or in order to take steps at your request prior to entering into a contract, your data are processed on the basis of Article 6.1.b of the GDPR. In all other cases, processing is based on our legitimate interest in adequately responding to requests (Article 6.1.f of the GDPR) or on your consent (Article 6.1.a of the GDPR), where this has been requested.
We will store the data you provide by email, telephone or fax until you either ask us to erase the data or withdraw your consent to the storage of your data or until the purpose for which the information is being stored ceases to exist (e.g. your inquiry has been processed). Statutory provisions – in particular mandatory data retention periods – remain unaffected.
5. Analysis tools and marketing
Google Tag Manager
Our website uses Google Tag Manager, a service provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is a tool that allows us to embed tracking and/or statistical tools and other technologies on our website. Google Tag Manager does not create user profiles or store cookies and does not perform any independent analyses. It serves to manage and deliver third-party services. However, Google Tag Manager does collect your IP address, which may also be transferred to Google Ireland Limited’s parent company in the United States.
The legal basis for our website’s deployment of Google Tag Manager is based on Article 6.1.f of the GDPR. As this website’s operator, we have a legitimate interest in quickly and easily adding Google and third-party tags to our website. Insofar as we have asked for your consent, your data are processed exclusively on the basis of Article 6.1.a of the GDPR and you may withdraw your consent at any time.
Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics allows us to compile statistics about the way visitors use our website. The data provided by Google Analytics include statistics on page views, duration of visits, users’ operating systems used and geographic locations. These data may be assigned by Google to a profile that is associated with the respective user or their end device.
Google Analytics uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies and/or device fingerprinting). The data collected by Google about the use of this website are usually transferred to and stored on a Google server in the United States.
Our use of this analysis tool is based on Article 6.1.f of the GDPR. As this website’s operator, we have a legitimate interest in analysing visitors’ use of this website in order to optimise the online services we provide and refine our online marketing campaigns. Insofar as we have asked for your consent (e.g. your consent to the creation and storage of cookies), your data are processed exclusively on the basis of Article 6.1.a of the GDPR and you may withdraw your consent at any time.
Data transfer to the United States is based on standard contractual clauses for the transfer of personal data from the European Community to third countries. More details are available here:
https://privacy.google.com/businesses/controllerterms/mccs/.
IP Anonymisation
This website uses IP anonymisation. As a result, your IP address will first be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before it is transmitted to the United States. Only in exceptional cases will the complete IP address be transferred to a Google server in the United States and anonymised there. On behalf of the operator of this website, Google uses this information to evaluate your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator. At no point is your IP address transmitted by your browser associated with other data stored by Google.
Browser Plugi-n
You can prevent Google from collecting and processing your data by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en. For more information on how Google Analytics processes your personal data, please refer to Google’s Data Privacy and Security Policy: https://support.google.com/analytics/answer/6004245?hl=en.
Contract Data Processing
We have concluded a contract data processing agreement with Google and fully implement the German data protection authorities’ stringent requirements when using Google Analytics.
Demographic Features of Google Analytics
This website uses the “demographic features” function provided by Google Analytics. This allows reports to be compiled containing statements about the age, gender and interests of visitors to this website. These data are obtained from interest-based advertising provided by Google together with visitor data from third-party providers. None of these data can be assigned to a particular person. You can disable this function at any time via the advertising settings in your Google account. You can also prevent Google Analytics from collecting any of your personal data, as set out in the “right to object to the processing of your personal data” section.
Data Retention
User-level and event-level data stored by Google Analytics and associated with cookies, user IDs and/or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) are anonymised or deleted after a period of 14 months. For more details please click the following link: https://support.google.com/analytics/answer/7667196?hl=en.
Consent Mode
If you choose to deny consent to the use of cookies and the analysis of your website behaviour, instead of storing cookies, Google Consent Mode will only send pings to Google. This process operates without the use of cookies and does not include any personal information. The pings include a timestamp, user agent (web only), and the referral URL. This data assists us in accurately modelling conversions and filling in any gaps in data collection. For more information on this topic, please visit: https://support.google.com/analytics/answer/9976101?hl=en
Google Ads
This website uses Google Ads. Google Ads is an online promotional program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display advertisements in the Google search engine or on third-party websites when users enter certain search terms on the Google search engine (keyword targeting). Furthermore, targeted advertisements can be displayed on the basis of user data available to Google, including location and interest data (audience targeting). As the website operator, we are able to evaluate these data quantitatively by analysing, for example, which search terms have resulted in our advertisements being displayed and how many ads have generated clicks.
Our use of Google Ads is based on Article 6.1.f of the GDPR. As a website operator, we have a legitimate interest in optimising our web offerings and the advertising of our products and services.
Data transfer to the United States is based on standard contractual clauses for the transfer of personal data from the European Community to third countries. More details are available here:
https://privacy.google.com/businesses/controllerterms/mccs/.
6. Plug-ins und Tools
Google Maps
This website uses Google Maps, a service provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. In order to use the features of Google Maps, we need to store your IP address. As a rule, these data are transferred and stored on a Google server in the United States. The operator of this website has no influence over the transfer of these data.
We use Google Maps to display maps and location data and generally enhance the appearance and usability of our online offerings. This constitutes a legitimate interest as defined in Article 6.1.f of the GDPR. Insofar as we have asked for your consent, your data are processed exclusively on the basis of Article 6.1.a of the GDPR and you may withdraw your consent at any time.
Data transfer to the United States is based on standard contractual clauses for the transfer of personal data from the European Community to third countries. More details are available here:
https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
For more information on how Google processes your personal data, please refer to Google’s Privacy Policy: https://policies.google.com/privacy?hl=en.
Google reCAPTCHA
Our website uses Google reCAPTCHA (herinafter “reCAPTCHA”), a service provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
The reCAPTCHA feature allows us to analyse whether data entered on our website (e.g. via the contact form) have been provided by a person or automated software (“bots”). reCAPTCHA analyses the behaviour of website visitor using various characteristics. This analysis begins automatically as soon as a visitor accesses our website. reCAPTCHA evaluates a range of data (e.g. the visitor’s IP address, the length of time they stay on our site and their mouse movements). The data generated by this analysis are transferred to Google.
This reCAPTCHA analysis is entirely automated and does not involve the website visitor in any way and visitors to this website are not specifically informed that such an analysis is taking place.
The data generated by reCAPTCHA are stored and analysed on the basis of Article 6.1.f of the GDPR. As the website operator, we have a legitimate interest in protecting the contents of our website against automated spying and spam. Insofar as we have asked for your consent, your data are processed exclusively on the basis of Article 6.1.a of the GDPR and you may withdraw your consent at any time.
For more information on Google reCAPTCHA, please refer to Google’s Privacy Policy and Terms of Service: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en.
