Privacy Policy (14.10.2024)

Controller in accordance with Art. 4 VII GDPR is:
Konica Minolta Business Solutions Europe GmbH
Europaallee 17, 30855 Langenhagen
Tel.: +49 (0) 511-74040
Email: info@konicaminolta.eu

See Imprint

Dr. Frederike Rehker
Konica Minolta Business Solutions Europe GmbH
Europaallee 17, 30855 Langenhagen
Tel.: +49 (0)511 7404-0
Email: dataprotection@konicaminolta.eu

2.1 Right of access (Art. 15 GDPR): You have the right to be informed at any time of the categories of personal data processed, the purposes of processing, any recipients or categories of recipients of your personal data and the planned storage period.

2.2 Right of rectification (Art. 16 GDPR): You have the right to request the rectification or completion of personal data concerning you that is incorrect or incomplete.

2.3 Right to erasure (“right to be forgotten”) (Art. 17 GDPR): You have the right to request the immediate erasure of your personal data. In particular, we are obliged as the controller to delete your data in the following cases:

• Your personal data is no longer needed for the purposes for which it was collected.
• A processing of your personal data took place solely based on your consent, which you have now withdrawn, and there is no other legal basis that legitimizes a processing of your personal data.
• You have objected to a processing which is based on the legitimate or public interest, and we cannot prove that there are legitimate grounds for processing.
• Your personal data has been processed unlawfully.
• The erasure of your personal data is necessary to comply with a legal obligation to which we are subject.
• Your personal data has been collected in connection with information society services offered in accordance with Art. 8 I GDPR.

Please be aware that the right to erasure is subject to a limitation in the following cases, so that a deletion is excluded:

• Your personal data is used to exercise the right to freedom of expression and information.
• Your personal data serves to fulfil a legal obligation to which we are subject.
• Your personal data is used to carry out a task that is in the public interest or in the exercise of official authority that has been assigned to us.
• Your personal data serves the public interest in the field of public health.
• Your personal data are necessary for archiving purposes in the public interest, for scientific or historical research or for statistical purposes.
• Your personal data serves us to establish, exercise or defend legal claims.

2.4 Right of restriction of processing (Art. 18 GDPR): You also have the right to request that the processing of your personal data be restricted; in such a case, your personal data will be excluded from any processing. This right applies if:

• You contest the accuracy of your personal data, and we have to verify the accuracy of your personal data.
• The processing of your personal data is unlawful and instead of erasing your personal data, you request a restriction of processing.
• We no longer need your personal data for the fulfilment of the specific purposes, but you still need this personal data to establish, exercise or defend legal claims.
• You object to the processing of your personal data and it has not yet been determined whether your or our legitimate reasons override this.

2.5 Right of data portability (Art. 20 GDPR): You have the right to receive the personal data concerning you that you have provided to us as a controller in a structured, common and machine-readable format and to transfer it to another controller. Furthermore, you also have the right to request that your personal data be transferred from us to another controller, insofar as this is technically feasible.

The requirements for the applicability of data portability are:

• Your personal data is automatically processed based on your consent or a contract.
• Your personal data does not serve to fulfil a legal obligation to which we are subject.
• Your personal data will not be used to perform a task that is in the public interest.
• Your personal data do not serve for the performance of a task which is performed in the exercise of an official authority delegated to us.
• The exercise of your right shall not interfere with the rights and freedoms of others.

2.6 Right to object (Art. 21 GDPR): You have the right at any time to object to the processing of your personal data on grounds arising from your particular situation. This also applies to profiling. The requirement for this is that the processing is based on a legitimate interest on our part (Art. 6 I 1 lit. f GDPR) or the public interest (Art. 6 I 1 lit. e GDPR).

Furthermore, you may also at any time object to the processing of your personal data for the purposes of direct marketing or profiling linked to such direct marketing.

Should you object to the processing of your personal data based on a legitimate interest, we will check in each individual case whether we can show grounds worthy of protection that override your interests and rights and freedoms. In the event that there are no reasons worthy of protection on our part or your interests as well as rights and freedoms override our own, your personal data will no longer be processed. An exception is made if your personal data is still used for the establishment, exercise or defence of legal claims.

If you object to the processing of your personal data for the purposes of direct marketing or profiling, insofar as this is linked to such direct marketing, your personal data will no longer be processed for these purposes.

2.7 Right to lodge a complaint with the supervisory authority (Art. 77 GDPR): You also have the right to lodge a complaint with a supervisory authority at any time, in particular with a supervisory authority in the Member State of your residence, place of work or place of suspected infringement, if you consider that the processing of personal data concerning you is in breach of the data protection regulations.

The address of the supervisory authority responsible for our company is:

Der Landesbeauftragte für den Datenschutz Niedersachsen
Prinzenstraße 5
30159 Hannover
Telefon 0511-120 4500
Fax 0511-120 4599
poststelle@lfd.niedersachsen.de

2.8 Right of withdrawal (Art. 7 GDPR): If you have given us consent to process your personal data, you can withdraw this consent at any time by sending an email to our Data Protection Officer (DPO) at dataprotection@konicaminolta.eu without giving reasons and in an informal manner. Withdrawal of consent does not affect the lawfulness of the processing that has taken place based on the consent up to the point of withdrawal.

4.1. Legal bases for the processing of personal data

Consent

If we obtain your consent for the processing of your personal data, the processing will be carried out on the legal basis of Art. 6 (1) lit. (a) GDPR. The following example serves to clarify this legal basis: You receive advertising from us by electronic mail and/or telephone and have given your prior consent.

Contract or pre-contractual measure
If the processing of your personal data is necessary for the fulfilment of a contract with you or for the implementation of pre-contractual measures taken in response to your request, the legal basis on which the processing of your personal data is based is Art. 6 (1) lit. (b) GDPR.

Legal obligation
In cases where the processing of your personal data is necessary to comply with a legal obligation to which we are subject, this processing is based on Art. 6 (1) lit. (c) GDPR.

Vital interest
Should the processing of your personal data be necessary to protect your vital interests or those of another person, this processing is carried out in accordance with Art. 6 (1) lit. (d) GDPR.

Public interest
In cases where we process your personal data to perform a task which is in the public interest or in the exercise of official authority delegated to us, Art. 6 (1) lit. (e) GDPR constitutes the legal basis.

Legitimate interest
If the processing of personal data is necessary to safeguard a legitimate interest of our company or a third party and at the same time the interests, basic rights and fundamental freedoms of the data subject, which require the protection of personal data, do not override our legitimate interest, Art. 6 I 1 lit. f GDPR serves as the legal basis for the processing.

4.2. Legal bases for the processing of special categories of personal data
If, in extraordinary cases, we need to process special categories of personal data, such as

• data on racial or ethnic origin (e.g. skin color or special languages),
• data on political opinions (e.g. party memberships),
• data on religious or philosophical beliefs (e.g. membership of a sect),
• data on trade union membership,
• genetic data,
• biometric data (e.g. fingerprints or photographs),
• health data (e.g. identification numbers for disabilities),
• or data concerning the sex life or sexual orientation

by you, this processing is based on one of the following legal bases, which are de-fined in Article 9 GDPR

Explicit consent
If you have given us your explicit consent for the processing of the above categories of personal data, this constitutes the legal basis for the processing in accordance with Art. 9 (2) lit. (a) GDPR

Performing duties under social security/protection and
employment law
If the processing of special categories of personal data relating to you is necessary to comply with a legal obligation arising from social security/protection or employment law, the legal basis for this processing is Art. 9 (2) lit. (b) GDPR.

Protection of vital interests
If the processing of special categories of personal data relating to you should be necessary to protect your vital interests or those of another person, such processing is carried out pursuant to Art. 9 2 lit. (c) GDPR.

Manifestly public data
Insofar as special categories of personal data of yours are processed, which have previously been made public by yourself, the processing of these data is based on Art. 9 (2) lit. (e) GDPR.

Establishment / Exercise / Defence of legal claims
Insofar as the processing of the special categories of personal data relating to you serves us to establish, exercise or defend legal claims, Art. 9 (2) lit. (f) GDPR constitutes the legal basis for the processing.

Substantial public interest
In the case of the processing of special categories of personal data concerning you to safeguard a substantial public interest arising from EU or national law, the processing is based on Art. 9 (2) lit. (g) GDPR.

Assessment of the person’s work capacity or other medical purposes such as health care
If the processing of special categories of personal data relating to you arises from a law of the EU or a Member State or a contract concluded with a member of a health profession and is carried out for the purposes of preventive health care, occupational medicine, assessment of an employee’s work capacity, medical diagnosis, care or treatment in the health or social field or the management of systems and services in the health or social field, this processing is based on Art. 9 (2) lit. (h) GDPR.

Public interest in the area of public health
If the processing of special categories of personal data of yours should be necessary for public health reasons, including protection against cross-border health threats such as pandemics, this processing is carried out on the legal basis of Art. 9 2 lit. (i) GDPR.

Archival purposes, scientific / historical research purposes, statistical purposes
Should the processing of special categories of personal data relating to you arise from a right of the EU or a member state, which stipulates processing for archiving, scientific or historical research or statistical purposes in the public interest, this processing is based on Art. 9 (2) lit. (j) GDPR.

Recipient of your data
We do not sell or rent user data in principle. A transfer to third parties beyond the scope described in this privacy policy will only take place if this is necessary for the processing of the respective requested service. For this purpose, we work together with service providers in the areas of marketing, sales, IT, logistics and human resources, among others. We select these service providers extremely carefully. In other cases, we transfer data to requesting governmental authorities. However, this only takes place if there is a legal obligation to do so, for example if a court order exists.

Locations of the processing of your personal data
In principle, we process your data in Germany and in other European countries (EU/EEA). If your data is processed in countries outside the European Union or the European Economic Area (i.e. in so-called third countries), this will only take place if you have expressly consented to it, if it is stipulated by law or if it is necessary for our service provision to you. If, in these exceptional cases, we process data in third countries, this will be done by ensuring that certain measures are taken (i.e. on the basis of an adequacy decision by the EU Commission or by presenting suitable guarantees in accordance with Art. 44 GDPR).

7.1. General information regarding the topic “cookies
We use cookies on our website. Cookies are small text files that are stored on your hard drive in accordance with the browser you are using and through which certain information flows to the website that sets the cookie. Many of the cookies we use are deleted after the browser session ends (so-called session cookies). Other cookies remain on your end device and enable us to recognize your browser on your next visit (persistent cookies).

Cookies are used on our website for various purposes. For a better overview, each cookie has been assigned to one of the following categories:

Technically necessary:
Cookies that belong to this category are required to ensure the core functionality of this website. Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot properly without these cookies. Legal basis: Art. 6 (1)(b) to (f) GDPR

Preferences
Preference cookies enable a website to remember information that changes the was the website behaves or looks, like your preferred language or the region that you are in. Legal basis Art 6 1 a GDPR

Statistics
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously. Art. 6 1 lit. a GDPR

Marketing
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third-party advertisers. Legal Basis Art (6) (1) lit (a) GDPR

In the settings of the browser you use, you have the option of rejecting the acceptance of cookies, or for example, to limit this rejection to cookies from other parties, so-called third-party cookies. However, the browser settings you have made may mean that you may not be able to use all the functions of our website to their full extent.

Further information on the administration of cookies for common browsers:

• Internet Explorer
• Google Chrome
• Firefox

8.1 The following describes in more detail the processing activities for which Konica Minolta Business Solutions Europe GmbH is responsible.

8.1.0 Processing activity – Visiting our website
When you visit our website purely for informational purposes (i.e., without registering or providing personal data), we only collect the personal data that your browser transmits to our server. This data is technically necessary to display the website properly and to ensure its security and stability. The legal basis for this data processing is Art. 6 I lit. f GDPR, as our legitimate interest is in providing a secure and optimized website experience.

The data is deleted once the session ends unless it is needed for detecting or tracing abuse, in which case it may be retained for up to 30 days

The following personal data may be processed and stored in log files during your visit:

• IP address of the device used to access the website
• Date, time, and duration of the request
• Country of origin of the request
• Content of the request (e.g., specific pages or files viewed)
• Access status/HTTP status code (e.g., “200 OK”)
• Referring URL (the website that referred you to our site)
• Browser type and installed add-ons (e.g., Flash Player)
• Operating system and interface
• Browser language and version
• Amount of data transferred
• Time zone difference to GMT

We can only offer certain services on our website if you voluntarily provide personal data (such as contact information). If you contact us via email or a contact form, the personal data you provide (e.g., your email address or name) will be used solely for the purpose of handling your inquiry.

The legal basis for processing this data is Art. 6 I lit. f GDPR, with our legitimate interest being the fulfillment of your request. Your personal data will be retained for three years following the final response to your inquiry, after which it will be deleted.

8.1.1 Processing activity – Web analytics – Google Analytics 4
We use Google Analytics 4 (GA4), a web analytics service provided by Google Ireland Limited, to collect website visitor data and compile reports to improve the use of our website. The reports help us better understand user behavior and optimize our services.

Event-Based Data Collection:
GA4 collects data based on events and parameters. The following information may be recorded for each event:

• Language
• Page position
• Referrer URL
• Page title
• Screen resolution

Other interactions captured by optimized analyses include:

• Clicks
• File downloads
• Form interactions
• Page visits
• Scrolling behavior
• Video interactions
• Searches performed on the website

Additionally, IP addresses are processed for geo-localization, which are then automatically anonymized according to Google’s standards.

Location and Device Data:
In addition to the above, location and device information can be collected, such as:

• City and latitude/longitude
• Browser version
• Operating system
• Device brand and model
• Screen resolution
• Version of browser software

Cross-Device Tracking:
GA4 can aggregate visitor data across devices if a user is logged into their Google account and has enabled personalized advertising. This is achieved through Google Signals, which associates user data across multiple devices. If you have not given consent for such tracking, GA4 will only use aggregated data and fill in missing information with machine learning techniques.

Data Retention:
User-level data in GA4 is automatically deleted after 14 months.

Third-Country Transfer:
Your data may be transferred to Google servers in the USA, which constitutes a third-country transfer. As the USA does not provide an adequate level of data protection under GDPR, there is a potential risk to the enforceability of your rights and potential access by U.S. authorities.

The legal basis for this data processing is your consent under Art. 6 I 1 lit. a GDPR. Data transfers to the USA are based on Art. 49 I lit. a GDPR, and you may withdraw your consent at any time.

For more information, visit the Google Analytics Terms of Service

8.1.2 Processing activity – gstatic.com

We use gstatic.com, a domain owned by Google, to deliver static content such as fonts, libraries, and other resources that are essential for rendering and optimizing our website. This may include resources like Google Fonts and other data necessary for website functionality.

When you access content from gstatic.com, your browser may transmit information such as your IP address and other technical data (e.g., request headers) to Google’s servers. This is necessary to deliver the requested resources efficiently. In some cases, this data may be transferred to Google servers located in the United States, which constitutes a third-country data transfer.

Due to the localization of Google servers in the USA, it is important to note that this transfer may occur to a country that is neither in the European Union nor in the European Economic Area. As the USA is not classified as a safe third country by the European Commission, there is no adequate level of data protection guaranteed. This may result in limited enforceability of your data protection rights and potential access by U.S. authorities.

The legal basis for processing your data via gstatic.com is our legitimate interest in optimizing our website’s performance and reducing load times, in accordance with Art. 6 (1) lit. f GDPR.

For more details on Google’s privacy practices, please refer to the Google Privacy Policy: Google Privacy Policy.

Legal basis: Legitimate interest pursuant to Art. 6 (1) lit. f GDPR

8.1.3 Processing activity – Google Fonts

On our website, we use fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. These fonts are grouped together under the name Google Fonts.

The integration of Google Fonts requires the use of cascading style sheets (CSS) and font files. These style sheets and files contain the necessary information about how the font is displayed (such as font size and style). For your privacy, the font and style files are stored on our web server, so no connection to Google’s servers is established when loading our website. This ensures that no data is transferred to Google when using Google Fonts on our site.

Legal basis: Consent pursuant to Art. 6 (1) lit. a GDPR

8.1.4 Processing activity – Google Tag Manager

We use Google Tag Manager, a tag management system provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irelan, to manage tracking codes and analytics tools on our website. Google Tag Manager does not process personal data directly but enables the integration of other tracking services, such as Google Analytics and Google Ads, which may process personal data.

If any personal data is processed, it is through integrated services (e.g., IP addresses, website activity). In some cases, your data may be transferred to the United States, and your consent under Art. 49 I lit. a GDPR is required for these transfers, as the USA does not provide an adequate level of data protection as determined by the European Commission.

For more information, please refer to the Google Tag Manager Use Policy: Google Tag Manager Privacy.

Legal basis: Consent pursuant to Art. 6 (1) lit. a GDPR

8.1.5 Processing activity – Spam avoidance / Google reCAPTCHA

We integrate the Google reCAPTCHA service on our website. This service is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: Google). Google reCAPTCHA is used to differentiate between manual input by a natural person and abusive and automated input by programs / bots in form fields in order to avoid spam or similar. As part of providing the functionality of the service and in particular the verification process of Google reCAPTCHA, your IP address and possibly other hardware and software information required by Google, such as the version of the browser used, are transmitted to Google.

Due to the localization of Google, the transfer of your personal data to Google may constitute a third country transfer. A third country transfer is a transfer of personal data to a destination in a country that is neither in the European Union nor in the European Economic Area. In such a country, insofar as the EU Commission has not classified this country as a safe third country in accordance with Art. 45 of the GDPR, there is no adequate level of data protection, and the protection of your data is not guaranteed. This leads to a lack of enforceability of your data subject rights and possibly to disproportionate access to your personal data by state authorities.

The legal basis for the processing of your personal data in the context of the use of Google reCAPTCHA represents our legitimate interest in accordance with Art. 6 (1) lit. (f) GDPR. Our legitimate interest is to ensure the security and therefore the functionality of our website, especially by preventing spam and abuse.

Your personal data will not be stored by us as the controller.

Further information regarding the processing by Google can be found in the privacy policy of Google.

8.1.6 Processing activity – Google Maps

There is the possibility for visitors to our website http://smartfactory.konicaminolta.eu/ to opt-in for Google Maps, content from video platforms and social media platforms is blocked by default. If cookies from external media are accepted, access to this content no longer requires manual consent.

Name Google Maps

Provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Purpose Used to unblock Google Maps Content
Privacy Policy https://policies.google.com/privacy
Host .google.com
Cookie name NID
Cookie Expiry 6 months

Google maps is a product of Google LLC. Due to Google’s localization, the transfer of your personal data to Google may involve a third country transfer, i.e. a transfer of personal data to a destination that is neither in the European Union nor in the European Economic Area, in this case especially to the USA. Data transfer to Google servers in the USA is based on your consent under Art. 49 I lit. a GDPR, given that the USA may not provide an adequate level of data protection

The processing of your personal data outside the EU/EEA will be based on your consent according to Art. 49 I lit. a GDPR. In the USA no guarantees for an adequate data protection level are in place. As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. Rights of data subjects might, in the worst case, not be able to be exercised. Information on your right of withdrawal can be found under section 2.8 “Right of withdrawal (Art. 7 GDPR)” in this privacy policy.

The legal basis for the processing of your personal data for the above-mentioned purposes is your consent pursuant to Art. 6 (1) lit. (a) GDPR.

8.1.7 Processing activity – Social networks on our websites

On our website, we offer you the possibility to share or recommend individual content with your contacts or your network on social platforms or simply to access our page in the corresponding social network (Facebook, Instagram, Twitter, Xing or LinkedIn). For the above-mentioned purposes, the common buttons of the respective social networks are available. By simply visiting our website, no personal data is initially transmitted to the providers of the social networks. Only when you yourself become active and click on one of the corresponding buttons of the social networks to share or recommend content, data such as your IP address, the date and time of the click and the address of the website on which you are currently located will be transmitted, if applicable. If you are simultaneously logged in to the corresponding social network at the time you click on a social network button on our website, the social network will automatically assign your page view to your profile. Even if you use the button of the social network in order to recommend content from this website, the social network can still associate this information with your profile. If you do not want the social network to associate your visit to our website with your profile, please log out of the social network before clicking on the button of the respective social network.

Furthermore, please note that your data will also be transferred to the respective social network provider if you do not have an account on the social network or are simply not logged in and still click on one of the corresponding buttons of the social networks on our website. In this case, your data can be used by the social networks to create usage profiles and subsequently for the purposes of advertising, market research or the demand-oriented design of the own website. You can object to this type of processing in accordance with Art. 21 GDPR. To exercise this right, however, you need to contact the respective provider of the social network.

You will find information on the individual objection possibilities of the individual providers of the social networks under point “8.1.8.2 – Possibilities of objection in social networks” in this privacy policy.

You should also take into account that due to the localization of Facebook, Instagram, LinkedIn, Twitter or Xing, when your personal data is transferred to the provider of the respective social network, a transfer to a third country, i.e. a transfer of personal data to a destination that is neither in the European Union nor in the European Economic Area, such as the USA, may occur.

Furthermore, we would like to point out that we ourselves do not collect any personal data that is transferred to the respective social network by clicking on one of the corresponding buttons.

By clicking on the respective button of a social network on our website, you give your consent in accordance with Art. 6 (1) lit. (a) GDPR for your browser to establish a connection to the servers of the corresponding social network and for the aforementioned data to be transmitted. On the other hand, by clicking on the respective button you are also giving your consent in accordance with Art. 49 I lit. a GDPR. This consent represents the appropriate safeguard for a potential transfer of your personal data to a third country. Information on your right of withdrawal can be found under point 2.8 “Right of withdrawal (Art. 7 GDPR)” in this privacy policy.

8.1.8 Online presence in Social Networks

Within social networks, we, as the provider of the website, use the offers of online platforms to inform active users about information offers and services from Smart Factory and, if interested, to communicate directly via the platforms. The social media channels thus complement our own website presence and offer interested parties who prefer this type of information an alternative means of communication. We are currently represented in the following networks with our own online profiles:

• Facebook: https://www.facebook.com/KonicaMinoltaEU/
• Instagram: https://www.instagram.com/konicaminoltaeu
• LinkedIn: https://de.linkedin.com/company/konica-minolta-business-solutions-europe-gmbh
• LinkedIn: https://www.linkedin.com/company/cobot-automate/
• Twitter: https://twitter.com/KonicaMinoltaEU

As soon as you access the respective profiles on the corresponding social network in your network, the terms and conditions and data processing guidelines of the respective providers apply.

We have no influence on the data collection and its further use by the social networks. Thus, we only know that your data will be processed for market research and advertising purposes and that usage profiles will be created from your usage behavior and the resulting interests. Furthermore, advertising can also be placed to this effect on the basis of supposed interests. For this purpose, cookies are usually stored on your end device.

We therefore expressly draw your attention to the fact that the personal data of users (e.g. the IP address) is stored by the providers of the networks in accordance with their data usage guidelines and used for business purposes.

If you are logged in to your account on platforms such as LinkedIn, Facebook, Instagram, or Twitter, these platforms may associate data with your profile. In some cases, your data may be transferred to servers located outside the European Union or the European Economic Area, such as in the USA. For these transfers, your consent under Art. 49 I lit. a GDPR is required, as these countries may not have an adequate level of data protection as determined by the EU Commission.

We would also like to point out that your data may be processed outside the European Union or the European Economic Area. We process the data of users in Smart Factory presences on the corresponding social networks only insofar as they contact and communicate with us via comments or direct messages. You can assert your rights as a data subject both against us (see also point 2 “What are my rights as a data subject?”) and against the provider of the social network. You can find information on the processing of your personal data by the individual social network providers as well as the options for objecting to this under point “8.1.8.2 – Possibilities of objection in social networks” of this Privacy Policy.

The processing of users’ personal data is based on our legitimate interests in effective information of users and communication with users in accordance with Art. 6 (1) lit. (f) GDPR. If you are asked by the respective providers to give your consent to data processing (i.e. declare your consent, e.g. by ticking a check box or confirming a button), the legal basis for processing is Art. 6 (1) lit. a GDPR, i.e. your consent.

8.1.9 Possibilities of objections in social networks

For a detailed presentation of the respective processing and the possibilities of objection (opt-out), we refer to the following linked information of the providers.

Information on the individual providers of the social networks:

• Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
  • Privacy Policy:
    https://www.facebook.com/about/privacy/
    https://www.facebook.com/legal/terms/
    information_about_page_insights_data, https://www.facebook.com/legal/terms/page_controller_addendum, https://help.instagram.com/519522125107875
  • Opt-Out: https://www.facebook.com/ads/preferences/
• Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA
  • Privacy Policy: https://twitter.com/de/privacy
  • Opt-Out: https://twitter.com/personalization
• LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland)
  • Privacy Policy: https://www.linkedin.com/legal/privacy-policy
  • Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

In addition, European marketing providers offer a new possibility of objection under the following link: http://www.youronlinechoices.com/. This is an initiative to educate about online advertising. In the preference management section http://www.youronlinechoices.com/de/praferenzmanagement/ you will find an overview of

8.1.10 Processing activity – YouTube

We have integrated YouTube videos on our website, which are stored at www.youtube.com but can be played directly from our site. YouTube is a platform provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: Google). We have activated enhanced privacy mode for embedding YouTube videos on our website. This ensures that no information about you is sent to YouTube unless you play the videos.

When you play a YouTube video, the following data may be transferred to YouTube:

• Your visit to the specific subpage of our website where the video is embedded.
• Additional data, which we are not aware of, may also be transferred to YouTube.

If you are logged into YouTube, this data is directly associated with your YouTube account. YouTube stores your data as usage profiles and may use it for purposes such as advertising, market research, and the personalized design of its services. This evaluation is done even if you are not logged into YouTube. You have the right to object to the creation of these usage profiles under Art. 21 GDPR, which you must assert directly with YouTube.

Third-Country Data Transfer:
Due to the localization of Google, your personal data may be transferred to Google servers in the USA. The USA is considered a third country under GDPR, and the European Commission has not classified it as a country with an adequate level of data protection. This may result in a lack of enforceability of your data subject rights and potential access by U.S. state authorities.

The legal basis for the processing of your personal data in connection with the use of YouTube is your consent under Art. 6 I 1 lit. a GDPR. The potential transfer of your personal data to a third country (USA) is also based on your explicit consent under Art. 49 I lit. a GDPR. You may withdraw your consent at any time by adjusting your privacy settings or referring to Section 2.8 “Right of Withdrawal” in this privacy policy.

For more information on data protection by YouTube, please refer to Google’s Privacy Policy: Google Privacy Policy.

8.1.11 Processing activity – Consent Management Platform / Usercentrics

On our website, we use the Usercentrics Consent Management Platform, a tool based on JavaScript. This platform helps us provide visitors with an overview of the necessary software solutions that require prior consent and enables them to choose whether or not to allow the use of these solutions. Additionally, the platform gives visitors the option to withdraw their consent at any time without needing to provide a reason. This tool also allows us to meet GDPR requirements by ensuring we can prove that consent has been given or not, as required.

The following data may be processed through the Usercentrics Consent Management Platform:

• Consent data
• Consent ID
• Consent status (Opt-in, Opt-out)
• Consent timestamp
• Language of the consent banner
• Version of the banner template
• Device data (HTTP agent, HTTP referrer)

The purpose of using the Usercentrics platform, along with processing personal data, is to comply with legal obligations under Art. 6 I 1 lit. c GDPR. The platform enables us to meet documentation obligations, as required by Art. 5 II GDPR, and adheres to the court ruling ECLI:EU:C:2019:801 from the European Court of Justice and the German Federal Court of Justice ruling I ZR 7/16. This judgment clarifies that under § 15 III 1 of the German Telemedia Act (TMG) and Directive 2020/58/EC, service providers may only use cookies to create user profiles for advertising or market research purposes if they have obtained the user’s consent.

The deletion of personal data collected through Usercentrics will occur as soon as it is no longer necessary to fulfill its purpose. In cases where consent is withdrawn, the data regarding the withdrawal will be retained for three years to meet accountability obligations under Art. 5 II GDPR and according to § 195 of the German Civil Code (BGB). The statute of limitations begins at the end of the year in which the withdrawal occurred and expires three years later, on December 31 at 00:00.

8.1.12 Processing activity – Gravity forms – Contact form

On our website, we use Gravity Forms, a form plugin for WordPress, to facilitate the collection and processing of form submissions. Gravity Forms may set cookies to ensure proper functionality, such as preventing duplicate submissions, remembering form progress, or retaining input for multi-step forms.

Company information and contact:
Rocketgenius, Inc
1620 Centerville Turnpike, Suite 102
Virginia Beach VA 23464-6500
United States
Owner contact email: kevin@rocketgenius.com

When you submit a form on our website, the data you provide, such as your name, email address, and any other information entered into the form fields, is stored on our own servers. No data is transferred to Gravity Forms’ servers, and all information is securely stored and managed by us.

Cookies and Data Processing:

Gravity Forms may use cookies to enhance your form submission experience. These cookies help:

• Prevent duplicate submissions.
• Retain input during multi-step or multi-page forms.

The form data is only used to fulfill the purpose for which it was submitted (e.g., responding to inquiries or processing requests) and is stored securely on our servers. Data Retention and Deletion:

Form submissions are retained only as long as necessary to fulfill the purpose of the collection. After the purpose is fulfilled, data is either deleted or anonymized, unless required by law to retain it longer. Legal Basis for Processing:

The processing of your personal data through Gravity Forms is based on your consent pursuant to Art. 6 (1) lit. a GDPR. You may withdraw your consent at any time, and we will cease processing your data for this purpose.

For more information on Gravity Forms’ privacy policy, see: Gravity Forms Privacy Policy.

Legal basis: Consent pursuant to Art. 6 (1) lit. a GDPR.

8.1.13 Processing activity – Email Security and Encryption (Hornet Security)

We use Hornet Security Ltd. 55 Baker Street, London, W1U 7EU, United Kingdom, for our email Security and Encryption, more information can be found here: https://www.hornetsecurity.com/en/

Backups for Hornet Security are stored and located in Germany. Hornet security cannot access any email.

The legal basis for the processing of your personal data for the above-mentioned purposes is your consent pursuant to Art. 6 (1) lit. (a) GDPR. Your consent can be withdrawn at any time without giving reasons. The withdrawal of your consent does not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal. For more information about your right of withdrawal, please see section 2.8 “Right of withdrawal (Art. 7 GDPR)” in this privacy policy.

Any personal data that is collected or processed will be kept only for as long as data are required to achieve the purpose for which the information was collected.

https://www.konicaminolta.eu/eu-en/global-personal-data-protection