This data protection declaration applies to the website you have just visited as well as to all other websites of our company and to our social media presences and other platforms.
I. Responsible body
The responsible body for the collection, processing and use of your personal data via this internet platform is
CO.NET consumer cooperative eG
Nindorfer Deichfeld 9 at 21706 Drochtersen
Fon: +49 (0) 4143 999 501
Fax: +49 (0) 4143 999 503
Legal form: registered cooperative
seat of the cooperative: Tostedt
Register court: Tostedt District Court No. 100021
VAT identification number: DE 225108058
Board of Directors
Thomas Limberg and Johan Zwart
Chairman of the Supervisory Board
Responsible for the content according to § 55 Abs. 2 RStV
DEGP German – European Cooperative and Auditing Association e.V.
Information according to § 36 Consumer Dispute Settlement Act:
We point out that we do not participate in a dispute settlement procedure before a consumer dispute settlement body.
The person responsible for the processing of personal data is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data. The responsible body is also a service provider within the meaning of the Telemedia Act (TMG).
You can reach the data protection officer Mr. Erich Zimmermann by email at email@example.com
Postal address of the data protection officer:
Erich Zimmermann c / o ZiDa-Datenschutz GmbH, Waldhofer Str. 102,
Website of the data protection officer: www.zida-datenschutz.de
We take the protection of the privacy of visitors to this website and other company websites very seriously. We collect, process and use personal data only in accordance with the statutory provisions and in accordance with this data protection declaration.
Please read this data protection declaration carefully. You will be informed about the scope, type and purpose of the collection, use and processing of personal data from persons who use this website.
Personal data are all data with which you can be personally identified. These details include, for example, your name or your contact details, such as telephone number, address and email address.
With the exception of the IP address, we only collect personal data if you provide this data voluntarily, for example when registering on our website or when using our contact form. This personal data is used to identify you as a user via your email address and to contact you via this.
II. What data do we collect on our website?
1. Access data and log files
If you only use our website for informational purposes, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called „server log files“). If you visit our website call, we collect the following data, which is technically necessary for us to display the website to you:
- IP address (if possible, this is stored anonymously)
- Domain name of the website from which you came
- Name of the files accessed
- Amount of data sent in bytes
- Date and time of a request
- Name of your Internet service provider
- and, if applicable, the operating system and browser version of your device
Processing takes place in accordance with Art. 6 Paragraph 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. We process this data, but we do not store it permanently. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.
The data are evaluated for statistical purposes only. We do not create personal user profiles.
Cookies are used on our website to enable you to use certain functions and to make visiting our website as practical and secure as possible.
Unless these are technically necessary cookies (which are kept purely local and are not analyzed further), you will be asked for your consent whether you agree to the cookies being set.
3. Hosting the website
As part of processing on our behalf, a third-party provider based in a country of the European Union provides us with the hosting and presentation of the website and provides infrastructure services, computing capacity, storage space and database services, maintenance services and security services. In doing so, we or our hosting provider process all data that arise in connection with the use of our website. These are inventory data, content data, contract data, usage data, meta and communication data from customers, interested parties and visitors to our online offer.
The processing takes place on the basis of our legitimate interest in an efficient and secure provision of this online offer (Art. 6 Para. 1 lit. f GDPR in conjunction with Art. 28 GDPR).
4. What data do we collect and use when you contact us?
We process inventory data (e.g. names, addresses and contact details) that you give us as part of your contact you have communicated with us (e.g. by contact form, by e-mail or by phone) to fulfill contractual obligations or to answer your inquiries in accordance with Art. 6 Para. 1 lit.b GDPR. Which data is collected can be seen from the respective input forms. Information that is absolutely necessary to process your request is marked as mandatory. For inquiries via our website, we save the IP address and the time of the respective user action. This is done on the basis of our legitimate interests, as well as the interests of users in protecting against misuse and unauthorized use of your data. You can object to this at any time (right of withdrawal). We do not pass this data on to third parties, unless this is necessary to pursue our claims or if there is a legal obligation to do so in accordance with Art. 6 Para. 1 lit. c GDPR.
We delete the data that arises in this context after the storage is no longer required, or we restrict the processing if there are statutory retention requirements. We review the necessity of data storage every two years.
III. How long do we keep your data?
The data processed by us will be processed, deleted or their processing restricted by us in accordance with Art. 17 and Art. 18 GDPR. We only save your personal data that arise when using our website as long as this is necessary for the purposes mentioned above. However, if the deletion is contrary to statutory retention requirements, the processing of the data will only be restricted, i.e. they will be blocked for further use and cannot be processed for other purposes.
The following documentation and retention obligations are particularly relevant: 6 years in accordance with Section 57 (1) of the German Commercial Code (for trading books, inventories, opening balances, annual financial statements, commercial letters, accounting documents, etc.), 10 years in accordance with Section 147 (1) AO ( Books, records, accounting documents, commercial and business letters, documents relevant for taxation, etc.). In addition, it may happen that personal data is kept for the time in which claims can be asserted against us (statutory limitation period of three or up to thirty years).
IV. What do we process your data for (purpose of processing) and on what legal basis?
We process the data generated by visiting our website or using the contact options offered in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). There are different legal bases for this, depending on the matter for which you are contacting us via the website. The specific legal basis for data processing depends on the context in which and for what purpose we receive your data. As a rule, the legal basis for data processing results from the following options:
Art. 6 I lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. A given consent can be revoked at any time.
If the processing of personal data is necessary to fulfill a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of other services or consideration the processing is based on Art. 6 I lit. b GDPR. The same applies to processing operations that are required to carry out pre-contractual measures, for example in cases of inquiries about our products or services.
If we are subject to a legal obligation that requires the processing of personal data, for example to fulfill tax obligations, the processing is based on Art. 6 I lit. c GDPR.
Ultimately, processing operations could be based on Art. 6 I lit. f GDPR. Processing operations that are not covered by any of the aforementioned legal bases if the processing is based on this legal basis
is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the person concerned do not prevail.
V. Passing on your personal data to third parties?
IP addresses are automatically transferred to the server on which the website is operated when you visit a website. These IP addresses are always passed on to third parties when a third party component (a script, an image, a font, another digital resource) is integrated on the website. Which components are integrated on this website is listed in this data protection declaration. The recipients of your IP address or categories of recipients can also be derived from this. Otherwise, your personal data will only be used to fulfill the contract. We observe the principles of purpose limitation and data minimization.
Your personal data will not be transmitted to third parties for purposes other than those listed below. We only pass on your personal data to third parties if:
- you have given your express consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR,
- the disclosure in accordance with Art. 6 Para. 1 S. 1 lit. DSGVO is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
- in the event that the disclosure pursuant to Art. 6 Para. 1 S. 1 lit. c GDPR there is a legal obligation, as well as
- this is legally permissible and required according to Art. 6 Para. 1 S. 1 lit.b DSGVO for the processing of contractual relationships with you .
VI. Do I have an obligation to provide data?
As part of our business relationship, you only need to provide the personal data that is necessary for the establishment, implementation and termination of a business relationship or that we are legally obliged to collect. Without this data, we will usually have to reject the conclusion of the contract or the execution of the order or we will no longer be able to carry out an existing contract and may have to terminate it.
VII. What data protection rights do I have?
You have the right:
- to request information about your personal data processed by me in accordance with Art. 15 GDPR. In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a Right to lodge a complaint, request the origin of your data, if it was not collected from me, as well as the existence of automated decision-making including profiling and, if necessary, meaningful information on their details;
- in accordance with Art. 16 GDPR, immediate correction of incorrect data or to request the completion of your personal data stored by me;
- to request the deletion of your personal data stored by me in accordance with Art. 17 GDPR, unless the processing to exercise the right to freedom of expression and information is required a legal obligation for reasons of public interest or to assert, exercise or defend legal claims;
- to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR, insofar as the accuracy of the data is disputed by you , the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
- in accordance with Art. 7 Para . 3 GDPR your one-time l to revoke consent given to me at any time. As a result, we are no longer allowed to continue the data processing based on this consent in the future and according to Art. 77 GDPR, without prejudice to any other administrative or judicial remedy, you have the right to contact to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or work or the place of the place of the alleged infringement if the person concerned is of the opinion that the processing of the personal data concerning them is contrary to the General Data Protection Regulation of the EU (GDPR ) violates.
Right of objection
If your personal data are processed on the basis of legitimate interests in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that this is the case There are reasons that arise from your particular situation or the objection is directed against direct mail. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation. If you would like to make use of your right of revocation or objection, it is sufficient to send an email to the email address given in the imprint of our website.
A given consent can be revoked at any time. This also applies to the revocation of declarations of consent that were given to us before the General Data Protection Regulation came into effect, i.e. before May 25, 2018.
Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected.
VIII. What should you watch out for with links to other websites?
IX. What do we do for data security?
We use the TLS (Transport Layer Security) method in conjunction with the highest level of encryption supported by your browser. You can tell whether a single page of our website is transmitted in encrypted form by the closed key or lock symbol in the status bar of your browser.
We secure our website and other IT systems through suitable technical and organizational measures against loss, destruction, unauthorized access, unauthorized changes or unauthorized dissemination of your data. Complete protection against all dangers is practically not possible in every case despite all due care.
We reserve the right to change this data protection declaration if the legal situation or this online offer or the type of data collection changes. However, this only applies to
Declarations on data processing. If the consent of the user is necessary or components of the data protection declaration contain a regulation of the contractual relationship with users, the data protection declaration will only be changed with the consent of the user.
Please inform yourself about this data protection declaration if necessary, especially if you provide personal data.
We have integrated YouTube videos on our website,
which are stored on the servers of the provider YouTube and can be played from our website via an embedding. The videos are embedded with the option for advanced data protection settings activated. When you play these videos, YouTube cookies and DoubleClick cookies are stored on your computer and data may be transferred to Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland („Google“), as the YouTube operator.
When playing videos stored on YouTube, at least the following data is currently transmitted to Google as the YouTube operator and operator of the DoubleClick network: IP address and cookie, the specific address of the page accessed by us, System date and time of access, identification of your browser.
This data is transferred regardless of whether you have a Google user account that you are logged in to, or whether you do not have a user account. If you are logged in in this way, this data may be assigned directly to your account by Google. If you do not wish to be assigned to your profile, you must log out before activating the play button for the video.
YouTube or Google save these data as usage profiles and may use them for advertising, market research and / or needs-based design of their websites. Such an evaluation is carried out in particular (also for users who are not registered) to provide needs-based advertising and to inform other users about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google as the operator of YouTube to exercise this.
For more information on the purpose & amp; You can find the scope of data collection and processing by Google on this information page.
Please note that American secret services could possibly gain access to personal data due to the Cloud Act, which when this tool is integrated inevitably will be exchanged with Google, whose headquarters are in the USA, due to the Internet protocol.