Privacy policy

Data protection information (Version: GDPR [DSGVO] 2.0 from 26.10.2020)

Hohenstein Laboratories GmbH & Co. KG and Hohenstein Innovations gGmbH are jointly responsible for this website within the meaning of Art. 26 GDPR.

We attach great importance to the security of your data and compliance with data protection regulations. The processing of personal data is subject to the provisions of the currently applicable European and national laws. With the following data protection information, we would like to show you how we handle your personal data and how you can contact us:

Hohenstein Laboratories GmbH & Co. KG
Register court AG Stuttgart HRA 724658
Personally liable partner:
Hohenstein Verwaltungs GmbH (Register Court AG Stuttgart HRB 752904)
Authorized to represent:
Dr. Stefan Droste, Dr. Timo Hammer

Hohenstein Innovations gGmbH
Register court AG Stuttgart HRB 738836
Authorized to represent:
Dr. Timo Hammer

Address and contact of all responsible persons:

Schlosssteige 1
74357 Bönnigheim
GERMANY
Phone: +49 7143 271-0
Fax: +49 7143 271-51

E-mail: datenschutz@hohenstein.de   

Our data protection officer:
Sven Lenz – Datenschutzkanzlei Lenz GmbH & Co. KG
Bahnhofstraße 50
87435 Kempten
GERMANY

If you have any questions about data protection or other data protection-related concerns, please feel free to send an e-mail to the following e-mail address: datenschutz@hohenstein.de. 

For better comprehensibility, we refrain from differentiating between the genders. In the interest of equal treatment, the corresponding terms apply to all genders. The meaning of the terms used, such as "personal data" or "processing", can be found in Article 4 of the GDPR.

Personal data processed within the framework of this website include the following:

• Inventory data (e.g. name and addresses of customers)
• Contract data (e.g. services used, payment information)
• Usage data (e.g. pages visited on our website) and
• Content data (e.g. entries in our contact forms, application forms or registration for our newsletter)

We ensure that we process your data only in connection with the processing of your inquiries and for internal purposes as well as to provide services requested by you or to make content available. 

Basics of data processing

We process your personal data only in compliance with the relevant data protection regulations. Legal bases are:

• Provision of our contractual services
• Processing is a legal requirement
• Existence of your electronic consent (e.g. registration for the newsletter)
• Enforcement of our legitimate interests

We are happy to show you where the above legal bases are regulated:

• Processing for the fulfillment of our services and implementation of contractual measures:
  Art. 6 para. 1 lit. b) GDPR
• Processing for the fulfillment of our legal obligations:
  Art. 6 para. 1 lit. c) GDPR
• Consent:
  Art. 6 para. 1 lit. a) and Art. 7 GDPR
• Processing for the protection of our legitimate interests:
  Art. 6 para. 1 lit. f) GDPR

We would like to point out that a data transfer may take place when using our website.

Third countries are countries in which the GDPR is not directly applicable law. This basically includes all countries outside the EU or the European Economic Area.

In certain cases, we also transfer data to third countries or to international organizations. If a third country transfer takes place, we ensure that appropriate safeguards are in place so that you can enforce your rights and remedies even then.

We adhere to the principles of data economy and data minimization. This means that we store your data only as long as necessary to fulfill the aforementioned purposes or as specified by the various storage periods provided by law. If the respective purpose ceases to apply, or after expiry of the corresponding periods, your data will be routinely blocked or deleted in accordance with the statutory provisions.

If you contact us via the website, you agree to electronic communication. Personal data is processed when you contact us electronically. The information you provide will be stored exclusively for the purpose of processing the request and for possible follow-up questions.

We would like to give you the legal basis for this:

• Processing for the fulfillment of our services and implementation of contractual measures:
  Art. 6 para. 1 lit. b) GDPR

We would like to point out that e-mails can be read or changed on the transmission path without authorization or being noticed. Furthermore, we draw your attention to the fact that we use software to filter unwanted e-mails (spam filter). The spam filter can reject e-mails if they have been falsely identified as spam by certain characteristics.

a) Right to information

You have the right to obtain information about your stored data free of charge. Upon request, we will inform you in writing which of your personal data we have stored. This also includes the origin and recipients of your data as well as the purpose of the data processing.

b) Right to rectification

You have the right to have your data stored by us corrected if it is incorrect. In doing so, you can demand a restriction of processing, e.g. if you dispute the accuracy of your personal data.

c) Right to block

Furthermore, you can have your data blocked. To ensure that a blocking of your data can be taken into account at any time, this data must be kept in a blocking file for control purposes.

d) Right to deletion

You may request the deletion of your personal data, unless there is a legal obligation to retain it. If such an obligation exists, we will block your data upon request. If the relevant legal requirements exist, we will also delete your personal data without your request.

e) Right to data portability

You are entitled to request that we provide the personal data transmitted to us in a format that allows it to be transferred to another entity.

f) Right to complain to a supervisory authority

You have the option of submitting a complaint to one of the data protection supervisory authorities.

The State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg
Postal address: Postfach 10 29 32, 70025 Stuttgart, GERMANY
Home address: Lautenschlagerstraße 20, 70173 Stuttgart, GERMANY

Phone: +49 711 615541-0
Fax: +49 711 615541-15
E-mail: poststelle@lfdi.bwl.de
Web: https://www.baden-wuerttemberg.datenschutz.de

Note: A complaint can also be made to any data protection supervisory authority within the EU.

g) Right of objection

You have the possibility at any time, for reasons arising from your particular situation, to object to the processing of your data pursuant to Art. 6 (1) (e) and (f); this also applies to profiling based on these provisions.

Hohenstein will then no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If personal data are processed for the purpose of direct marketing, you have the right to object at any time to processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing. In the event of such an objection, we will no longer process your personal data for the purposes of direct advertising. For this purpose, it is sufficient to send us an appropriate e-mail.

h) Right of revocation

You have the possibility at any time to revoke your consent to the processing of your data with effect for the future without giving reasons. You will not suffer any disadvantages as a result of the revocation. For this purpose, it is sufficient to send us an appropriate e-mail.

However, such a revocation does not affect the lawfulness of the processing carried out up to the time of the revocation on the legal basis of Art. 6 (1) a) GDPR.

To exercise your data subject rights, send us an email to the following address: datenschutz@hohenstein.de.

We take contractual, technical and organizational security measures in accordance with the state of the art to ensure compliance with data protection laws and thus to protect the processed data against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.

The security measures include in particular the encrypted transmission of data between your browser and our server. For this purpose, a 256-bit SSL (AES 256) encryption technology is used.

In doing so, your personal data will be protected within the scope of the following points (excerpt):

a) Maintaining the confidentiality of your personal data.

In order to maintain the confidentiality of your data stored with us, we have taken various measures to control access, entry and access control.

b) Safeguarding the integrity of your personal data

In order to maintain the integrity of your data stored with us, we have taken various measures to control disclosure and input.

c) Maintaining the availability of your personal data

In order to maintain the availability of your data stored with us, we have taken various measures for order and availability control.

The security measures in place are continuously improved in line with technological developments. Despite these precautions, due to the insecure nature of the Internet, we cannot guarantee the security of your data transmission to our website. Due to this, any data transmission by you is at your own risk.

Personal information may only be provided to us by persons who have not yet reached the age of 16 with the express consent of their legal guardians. This data will be processed in accordance with this data protection notice.

The provider of the pages automatically collects and stores information in so-called server log files (access or error logs), which your browser automatically transmits to us. These are:

• IP address
• Timestamp
• URL
• Status code
• File size
• Referrer URL
• Browser type and version

The data is automatically deleted after 4 weeks. This data is not merged with other data sources.

The basis for the data processing is our legitimate interest according to Art. 6 para. 1 lit. f) GDPR.

We offer applicants on our website the opportunity to apply online using a corresponding form. Inclusion in the application process requires that applicants provide us with all the personal data required for a sound and informed assessment and selection via the form.

The required information includes general personal information (name, address, telephone or electronic contact details) and performance-specific evidence of the qualifications required for a position. Health-related information may also be required, which must be given special consideration under employment and social law in the interest of the applicant's social protection.

When you submit the form, your data will be transmitted to us in encrypted form in accordance with the state of the art and processed exclusively for the purpose of processing your application.

The legal basis for the processing is Art. 6 Para. 1 lit. b) GDPR in conjunction with Section 26 Para. 1 German Federal Data Protection Act (BDSG), in the sense of which going through the application process is considered to be the initiation of an employment contract. Insofar as special categories of personal data within the meaning of Art. 9 (1) GRPR (e.g. health data such as information on severely disabled status) are requested from applicants as part of the application process, the processing is carried out in accordance with Art. 9 (2) (b) GDPR so that we can exercise the rights arising from labor law and social security and social protection law and fulfill our obligations.

Building on this or alternatively, the processing of the special categories of data may also be based on Art. 9 (1) (h) GDPR if it is carried out for the purposes of preventive health care or occupational medicine, for the assessment of the applicant's ability to work, for medical diagnostics, care or treatment in the health or social sector, or for the management of systems and services in the health or social sector.

If the applicant is not selected in the course of the evaluation described above, or if an applicant withdraws his or her application prematurely, the data provided by the applicant will be deleted at the latest after six months following notification. This period is measured on the basis of our legitimate interest in answering any follow-up questions about the application and, if necessary, to be able to meet our obligations to provide evidence under the regulations on equal treatment of applicants.

In the event of a successful application, the data provided will be further processed on the basis of Art. 6 (1) (b) GDPR in conjunction with Section 26 (1) BDSG for the purposes of implementing the employment relationship.

If you subscribe to our e-mail newsletter, we will regularly send you information about our offers. Personal data will be collected for this purpose. The only mandatory data for sending the newsletter is your e-mail address. The provision of further data is voluntary and will be used to address you personally. This data will be used by us for our own advertising purposes in the form of the e-mail newsletter, provided that you have expressly consented to this.

We use a double opt-in procedure for sending the newsletter. This means that we will only send you an e-mail newsletter if you have expressly confirmed that you consent to the sending of the newsletter. We will then send you a confirmation e-mail asking you to confirm that you wish to receive the newsletter in the future by clicking on the corresponding link.

By activating the confirmation link, you give us your consent for the use of your personal data in accordance with Art. 6 Para. 1 lit. a) GDPR. When you register for the newsletter, we store your IP address entered by the Internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date.

In addition, we are obliged to provide proof that our subscribers actually wanted to receive the newsletter. For this purpose, we collect and store the IP address and the time of subscription and unsubscription.
You can unsubscribe from the newsletter at any time using the link provided for this purpose in the newsletter or by sending a corresponding message to us, e-mail: marketing@hohenstein.de. After unsubscribing, your e-mail address will be immediately deleted from our newsletter distribution list and included in a blocking file to ensure revocation.

Categories of affected persons:

Newsletter subscribers

Data categories:

Master data (e.g. name, address), contact data (e.g. email address, phone number), meta and communication data (e.g. device information, IP address).

Purposes of processing:

Marketing, customer retention and new customer acquisition, analysis and evaluation of the success of campaigns.

Legal basis:

Consent (Art. 6 para. 1 lit. a) GDPR)

We use various services provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as "Google"), as described below.

All described processing activities are carried out exclusively based on your explicit consent according to Article 6(1)(a) GDPR in conjunction with § 25 TDDG. You may withdraw your consent at any time with effect for the future. To exercise your right to withdraw, please disable this service via the "cookie consent tool" provided on the website

We have entered into a data processing agreement with the service provider, which ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider has adhered to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection based on an adequacy decision of the European Commission.

To ensure compliance with the European data protection level when transferring data from the EU or the EEA to the USA and for any further processing, Google relies on the European Commission's Standard Contractual Clauses (SCCs), which we have contractually agreed with Google, in addition to the adequacy decision.

The use of Google Analytics 4 involves the use of "cookies" by default. Cookies are text files stored on your device that allow an analysis of your website usage. Information collected by cookies about your use of the website (including the IP address of your device, shortened by the last digits, see details below) is typically transferred to a Google server and stored and processed there. This also involves transmitting information to the servers of Google LLC, based in the USA, where the data may be further processed for their own purposes.

When using Google Analytics 4, the IP address transmitted by your device during website use is automatically shortened by the last digits and only collected and processed in this form. On our behalf, Google uses this and other information to evaluate your use of the website, to compile reports on your website activities and usage behavior, and to provide us with other services related to website usage and internet usage. Data collected through the use of Google Analytics 4 will be kept for two months and then deleted.

Google Analytics 4 also makes it possible to generate demographic statistics using the "demographic features" function, which is based on an analysis of interest-based advertising and information provided by third parties. This helps in identifying and differentiating user groups for targeted marketing purposes. However, the data collected through "demographic features" cannot be assigned to any specific person, including yourself. This data is stored for 14 months and then deleted.

Further legal information on Google Analytics 4, including a copy of the Standard Contractual Clauses, can be found at: https://policies.google.com/privacy?hl=en&gl=en and https://policies.google.com/technologies/partner-sites 

This service is primarily used to distinguish whether an input is made by a natural person or improperly through automated or machine-based processing. The service involves sending your IP address and any other data required by Google for reCAPTCHA to Google.

Further information on Google reCAPTCHA and Google's privacy policy can be found at: https://www.google.com/intl/en/policies/privacy

Google Maps is a web service for displaying interactive maps to visually present geographic information. Using this service allows us to show you our location and assist with route planning.

When accessing a page on our website that contains a Google Maps map, information about your use of our website (e.g., your IP address) is transmitted to and stored by Google on servers, including those in the USA. This occurs regardless of whether you have a Google account or are logged in. If you are logged into Google, your data will be directly associated with your account. If you do not want this, you must log out before activating the button.

Google stores your data (even for users who are not logged in) as usage profiles and evaluates them.

We use the YouTube embedding function to display and play videos provided by “YouTube.”

According to YouTube, cookies are set to collect video statistics, improve user-friendliness, and prevent abusive behavior. If you are logged into Google, your data will be directly associated with your account when you click on a video. If you do not want your data to be associated with your YouTube profile, you must log out before activating the button.

Google stores your data (even for non-logged-in users) as usage profiles and evaluates them. You have the right to object to the creation of such user profiles, and you must exercise this right directly with YouTube.

Regardless of whether videos are played, a connection to the Google network is established each time this website is accessed, which may trigger additional data processing operations without our control. Further information on YouTube's data privacy policy can be found at: https://www.google.de/intl/en/policies/privacy.

Plugins from the video portal Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA, are integrated into our website.

When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to Vimeo's servers. The plugin content is transmitted by Vimeo directly to your browser and embedded into the page. Vimeo thus receives information that your browser has accessed the corresponding page on our website, even if you do not have a Vimeo account or are not logged in. We have set Vimeo to privacy-friendly settings so that no personal data is transmitted.

We have obtained your consent for the above-mentioned data processing in accordance with Article 6(1)(a) GDPR in conjunction with § 25 TDDG. You can withdraw your consent at any time with future effect by disabling this service via the "cookie consent tool" provided on the website.

There may be data transfers to a third country (in this case, the USA) or an international organization. Since July 2023, there has been an adequacy decision from the European Commission (Data Privacy Framework), designating the USA as a third country with a level of data protection comparable to that in the EU. This adequacy decision can now serve as a basis for data transfers to certified organizations in the USA.

If you are logged into Vimeo, Vimeo can directly associate your visit to our website with your Vimeo account. If you interact with the plugins (e.g., by pressing the play button on a video), this information is also transmitted directly to a Vimeo server and stored there. If you do not want Vimeo to directly associate the data collected through our website with your Vimeo account, you must log out of Vimeo before visiting our website.

For information on the purpose and scope of data collection, further processing, and use by Vimeo, as well as your rights and settings to protect your privacy, please see Vimeo's privacy policy at: https://vimeo.com/privacy.

We reserve the right to adapt our data protection information at short notice so that it always complies with the current legal requirements or in order to implement changes to our services. This may, for example, concern the introduction of new services. The new data protection information will then apply to your next visit.

In the following, we inform you about the handling of your personal data. Here, personal data is any data by which you can be personally identified. Please check carefully which personal data you share with us via the social medium LinkedIn. We expressly point out that LinkedIn stores the data of its users (e.g. personal information, IP address, etc.) and may also use this data for business purposes. You can find more detailed information on LinkedIn's data processing in LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy.

We have no influence on the data collection and further processing by LinkedIn. Furthermore, it is not apparent to us to what extent, where and for how long the data is stored, to what extent LinkedIn complies with existing deletion obligations, what evaluations and links are made with the data and to whom the data is passed on. If you would like to avoid LinkedIn processing personal data that you have transmitted to us, please contact us by other means. You can find our full contact details in our imprint on LinkedIn.

The person responsible for data processing within the meaning of the General Data Protection Regulation (GDPR) is, insofar as we exclusively process the data transmitted to us by you via LinkedIn ourselves:

Hohenstein Laboratories GmbH & Co. KG
Hohenstein Innovations gGmbH

Address and contact of all responsible persons:

Schlosssteige 1
74357 Bönnigheim
GERMANY
Phone: +49 7143 271-0
Fax: +49 7143 271-51

E-mail: datenschutz@hohenstein.de    

Insofar as the data you provide to us via LinkedIn is also or exclusively processed by LinkedIn, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland is also the data controller within the meaning of the General Data Protection Regulation (GDPR), provided you are a resident of a country of the European Union, Iceland, Liechtenstein, Norway or Switzerland. If you are resident in another country, LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA is also the data controller within the meaning of the GDPR in addition to us. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

Contact Data Protection Officer Hohenstein:

Sven Lenz, E-mail: datenschutz@hohenstein.de    

Contact Data Protection Officer LinkedIn Ireland Unlimited Company:

LinkedIn Ireland Unlimited Company or the LinkedIn Corporation can be contacted via the contact form available under the following link: https://www.linkedin.com/help/linkedin/ask/TSO-DPO

We collect personal data ourselves when you contact us via the contact form or messenger, for example. You can see which data we collect when you contact us via the contact form from the relevant contact form. This data is stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration. The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 Para. 1 lit. f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b) GDPR. Your data will be deleted once we have completed processing your enquiry, provided there are no legal obligations to retain data. We assume that processing is complete when the circumstances indicate that the matter in question has been conclusively clarified.

The LinkedIn Insight tag enables the collection of data about visits to our website, including URL, referrer URL, IP address, device and browser properties (user agent) and timestamp. IP addresses are shortened or hashed across devices. Visitors' direct identifiers are removed within seven days to pseudonymise the data. This remaining pseudonymised data is then deleted within 180 days.

LinkedIn does not share any personal data with Hohenstein, but only provides reports and notifications (in which you are not identified) about website audience and ad performance. LinkedIn also provides retargeting for website visitors so that the website owner can use this data to display targeted ads outside of their website without identifying the visitor. LinkedIn also uses the data to improve the relevance of ads and reach its members across devices. LinkedIn members can control the use of their personal data for advertising purposes in their account settings. 

The legal basis is your consent, which you give us via the cookie consent banner, Art. 6 para.1 lit. a) GDPR.

To deactivate the Insight tag on our website ("Opt-out") you can also click here.

The applicable data protection law grants you comprehensive data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, which we inform you about below:

• Right to information pursuant to Art. 15 GDPR
• Right to rectification pursuant to Art. 16 GDPR
• Right to erasure pursuant to Art. 17 GDPR
• Right to restriction of processing pursuant to Art. 18 GDPR
• Right to information pursuant to Art. 19 GDPR 
• Right to data portability pursuant to Art. 20 GDPR
• Right to withdraw consent granted pursuant to Art. 7 para. 3 GDPR
• Right to lodge a complaint pursuant to Art. 77 of the GDPR

If we process your personal data within the framework of a balancing of interests on the basis of our overriding legitimate interest, you have the right to object to this processing with effect for the future at any time for reasons arising from your particular situation. If you exercise your right to object, we will stop processing the data concerned. However, we reserve the right to continue processing if we can demonstrate compelling legitimate grounds for the processing, which override your interests, fundamental rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. You can exercise your right of objection as described above under "Right of objection in general". If you exercise your right to object, we will stop processing the data concerned for direct marketing purposes.

The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and - if relevant - additionally by the respective statutory retention period (e.g. retention periods under commercial and tax law). When processing personal data on the basis of explicit consent pursuant to Art. 6 para. 1 lit. a) GDPR, this data is stored until the data subject revokes his/her consent. If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 para. 1 lit. b) GDPR, this data will be routinely deleted after expiry of the retention periods, insofar as it is no longer required for the fulfilment of a contract or the initiation of a contract and/or there is no further justified interest on our part in continuing to store it.

When processing personal data on the basis of Art. 6 para. 1 lit. f) GDPR, such data shall be stored until the data subject exercises his/her right to object pursuant to Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. When processing personal data for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f) GDPR, such data shall be stored until the data subject exercises his or her right to object pursuant to Art. 21 para. 2 GDPR. Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

In the following, we inform you about the handling of your personal data. Personal data is any data that can be used to identify you personally. Please check carefully what personal data you share with us via Twitter. We expressly point out that Twitter stores the data of its users (e.g. personal information, IP address, etc.) and may also use this data for business purposes. You can find more information on Twitter's data processing in Twitter's privacy policy at https://twitter.com/en/privacy.

We have no influence on the data collection and further processing by Twitter. Furthermore, it is not apparent to us to what extent, where and for how long the data is stored, to what extent Twitter complies with existing deletion obligations, what evaluations and links are made with the data and to whom the data is passed on. If you would like to avoid Twitter processing personal data that you have transmitted to us, please contact us by other means. You can find our full contact details in our imprint on Twitter.

The person responsible for data processing within the meaning of the General Data Protection Regulation (GDPR) is, insofar as we ourselves exclusively process the data you have transmitted to us via Twitter:

Hohenstein Laboratories GmbH & Co. KG
Hohenstein Innovations gGmbH

Address and contact of all responsible persons:

Schlosssteige 1
74357 Bönnigheim
GERMANY
Phone: +49 7143 271-0
Fax: +49 7143 271-51

E-mail: datenschutz@hohenstein.de

Insofar as the data you provide to us via Twitter is also or exclusively processed by Twitter, Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland, is also the data controller within the meaning of the General Data Protection Regulation (GDPR) in addition to us.

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

Contact Data Protection Officer Hohenstein:

Sven Lenz, E-mail: datenschutz@hohenstein.de    

Contact Twitter Data Protection Officer:

You can contact Twitter's data protection officer via the online contact form provided by Twitter: https://twitter.ethicspointvp.com/custom/twitter/forms/data/form_data.asp?lang=en

We ourselves collect personal data when you contact us, for example, via the comment function or Messenger. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f) GDPR.

If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b) GDPR. Your data will be deleted once we have completed processing your enquiry, provided there are no legal obligations to retain data. We assume that processing is complete when the circumstances indicate that the matter in question has been conclusively clarified.

The applicable data protection law grants you comprehensive data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, which we inform you about below:

• Right to information pursuant to Art. 15 GDPR
• Right to rectification pursuant to Art. 16 GDPR
• Right to erasure pursuant to Art. 17 GDPR
• Right to restriction of processing pursuant to Art. 18 GDPR
• Right to information pursuant to Art. 19 GDPR
• Right to data portability pursuant to Art. 20 GDPR
• Right to withdraw consent granted pursuant to Art. 7 para. 3 GDPR
• Right to lodge a complaint pursuant to Art. 77 of the GDPR

If we process your personal data within the framework of a balancing of interests on the basis of our overriding legitimate interest, you have the right to object to this processing with effect for the future at any time for reasons arising from your particular situation. If you exercise your right to object, we will stop processing the data concerned. However, we reserve the right to continue processing if we can demonstrate compelling legitimate grounds for the processing, which override your interests, fundamental rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. You can exercise your right of objection as described above under "Right of objection in general". If you exercise your right to object, we will stop processing the data concerned for direct marketing purposes.

The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and - if relevant - additionally by the respective statutory retention period (e.g. retention periods under commercial and tax law). When processing personal data on the basis of explicit consent pursuant to Art. 6 para. 1 lit. a) GDPR, this data is stored until the data subject revokes his/her consent. If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 para. 1 lit. b) GDPR, this data will be routinely deleted after expiry of the retention periods, insofar as it is no longer required for the fulfilment of a contract or the initiation of a contract and/or there is no further justified interest on our part in continuing to store it.

When processing personal data on the basis of Art. 6 para. 1 lit. f) GDPR, such data shall be stored until the data subject exercises his/her right to object pursuant to Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. When processing personal data for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f) GDPR, such data shall be stored until the data subject exercises his or her right to object pursuant to Art. 21 para. 2 GDPR. Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

In the following, we inform you about the handling of your personal data. Personal data is any data that can be used to identify you personally. Please check carefully what personal data you share with us via YouTube. We expressly point out that YouTube stores the data of its users (e.g. personal information, IP address, etc.) and may also use this data for business purposes. We have no influence on the data collection and further processing by YouTube. Furthermore, it is not apparent to us to what extent, where and for how long the data is stored, to what extent YouTube complies with existing deletion obligations, what evaluations and links are made with the data and to whom the data is passed on. If you would like to avoid YouTube processing personal data that you have transmitted to us, please contact us by other means.

The person responsible for data processing within the meaning of the General Data Protection Regulation (GDPR) is, insofar as we exclusively process the data you send us via YouTube ourselves:

Hohenstein Laboratories GmbH & Co. KG
Hohenstein Innovations gGmbH

Address and contact of all responsible persons:

Schlosssteige 1
74357 Bönnigheim
GERMANY
Phone: +49 7143 271-0
Fax: +49 7143 271-51

E-mail: datenschutz@hohenstein.de

Insofar as the data you provide to us via YouTube is also or exclusively processed by YouTube, Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, is also the data controller within the meaning of the General Data Protection Regulation (GDPR) in addition to us. For more information on the data processing of Google Ireland Limited, please refer to the privacy policy of Google Ireland Limited at https://policies.google.com/privacy?hl=en&gl=en. This privacy policy applies to all services offered by Google Ireland Limited and its affiliated companies - including YouTube. In the course of using YouTube, personal data may also be transmitted to the servers of Google LLC. in the USA.

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

Contact Data Protection Officer Hohenstein:

Sven Lenz, E-mail: datenschutz@hohenstein.de

We ourselves collect personal data when you contact us, e.g. by e-mail or comment function. You can see which data we collect when you contact us from the relevant contact form. This data is stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration. The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f) GDPR. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b) GDPR. Your data will be deleted once we have completed processing your enquiry, provided there are no legal obligations to retain data. We assume that processing is complete when the circumstances indicate that the matter in question has been conclusively clarified.

The applicable data protection law grants you comprehensive data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, which we inform you about below:

• Right to information pursuant to Art. 15 GDPR
• Right to rectification pursuant to Art. 16 GDPR
• Right to erasure pursuant to Art. 17 GDPR
• Right to restriction of processing pursuant to Art. 18 GDPR
• Right to information pursuant to Art. 19 GDPR
• Right to data portability pursuant to Art. 20 GDPR
• Right to withdraw consent granted pursuant to Art. 7 para. 3 GDPR
• Right to lodge a complaint pursuant to Art. 77 of the GDPR

If we process your personal data within the framework of a balancing of interests on the basis of our overriding legitimate interest, you have the right to object to this processing with effect for the future at any time for reasons arising from your particular situation. If you exercise your right to object, we will stop processing the data concerned. However, we reserve the right to continue processing if we can demonstrate compelling legitimate grounds for the processing, which override your interests, fundamental rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. You can exercise your right of objection as described above under "Right of objection in general". If you exercise your right to object, we will stop processing the data concerned for direct marketing purposes.

The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and - if relevant - additionally by the respective statutory retention period (e.g. retention periods under commercial and tax law). When processing personal data on the basis of explicit consent pursuant to Art. 6 para. 1 lit. a) GDPR, this data is stored until the data subject revokes his/her consent. If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 para. 1 lit. b) GDPR, this data will be routinely deleted after expiry of the retention periods, insofar as it is no longer required for the fulfilment of a contract or the initiation of a contract and/or there is no further justified interest on our part in continuing to store it.

When processing personal data on the basis of Art. 6 para. 1 lit. f) GDPR, such data shall be stored until the data subject exercises his/her right to object pursuant to Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. When processing personal data for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f) GDPR, such data shall be stored until the data subject exercises his or her right to object pursuant to Art. 21 para. 2 GDPR. Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

In the following, we inform you about the handling of your personal data. Personal data is any data that can be used to identify you personally. Please check carefully what personal data you share with us via Facebook. As long as you are logged into your Facebook account and visit our Facebook profile, Facebook can assign this to your Facebook profile. We expressly point out that Facebook stores the data of its users (e.g. personal information, IP address, etc.) and may also use this data for business purposes. For more information on Facebook's data processing, please refer to Facebook's privacy policy at https://www.facebook.com/policy.php.

We have no influence on the data collection and further processing by Facebook. Furthermore, it is not apparent to us to what extent, where and for how long the data is stored by Facebook, to what extent Facebook complies with existing deletion obligations, what evaluations and links are made with the data by Facebook and to whom the data is passed on by Facebook. If you would like to avoid Facebook processing personal data that you have transmitted to us, please contact us by other means.

The person responsible for data processing within the meaning of the General Data Protection Regulation (GDPR), insofar as we exclusively process the data you have sent to us via Facebook ourselves, is:

Hohenstein Laboratories GmbH & Co. KG
Hohenstein Innovations gGmbH

Address and contact of all responsible persons:

Schlosssteige 1
74357 Bönnigheim
GERMANY
Phone: +49 7143 271-0
Fax: +49 7143 271-51

E-mail: datenschutz@hohenstein.de

Insofar as the data you provide to us via Facebook is also or exclusively processed by Facebook (Insights data), Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, is also the data controller within the meaning of the General Data Protection Regulation (GDPR) in addition to us. In this respect, data processing is carried out on the basis of an agreement between jointly responsible parties pursuant to Art. 26 GDPR, which you can view here: https://www.facebook.com/legal/terms/page_controller_addendum. 

Furthermore, for the use of certain Facebook products, such as the so-called "Facebook Business Tools", and for data processing carried out as a result thereof, a supplementary agreement between us and Facebook Ireland Ltd. as joint controller pursuant to Art. 26 GDPR applies, which can be viewed here: https://www.facebook.com/legal/controller_addendum.

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

Contact Data Protection Officer Hohenstein:

Sven Lenz, E-mail: datenschutz@hohenstein.de

The Facebook data protection officer 
can be contacted via the online contact form provided by Facebook at https://www.facebook.com/help/contact/540977946302970.

We ourselves collect personal data when you contact us, e.g. via messenger or comments. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f) GDPR. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b) GDPR. Your data will be deleted once we have completed processing your enquiry, provided there are no legal obligations to retain data. We assume that processing is complete if it can be inferred from the circumstances that the matter in question has been conclusively clarified.

The applicable data protection law grants you comprehensive data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, which we inform you about below:

• Right to information pursuant to Art. 15 GDPR
• Right to rectification pursuant to Art. 16 GDPR
• Right to erasure pursuant to Art. 17 GDPR
• Right to restriction of processing pursuant to Art. 18 GDPR
• Right to information pursuant to Art. 19 GDPR
• Right to data portability pursuant to Art. 20 GDPR
• Right to withdraw consent granted pursuant to Art. 7 para. 3 GDPR
• Right to lodge a complaint pursuant to Art. 77 of the GDPR

If we process your personal data within the framework of a balancing of interests on the basis of our overriding legitimate interest, you have the right to object to this processing with effect for the future at any time for reasons arising from your particular situation. If you exercise your right to object, we will stop processing the data concerned. However, we reserve the right to continue processing if we can demonstrate compelling legitimate grounds for the processing, which override your interests, fundamental rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.

The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and - if relevant - additionally by the respective statutory retention period (e.g. retention periods under commercial and tax law). When processing personal data on the basis of explicit consent pursuant to Art. 6 para. 1 lit. a) GDPR, this data is stored until the data subject revokes his/her consent. If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 para. 1 lit. b) GDPR, this data will be routinely deleted after expiry of the retention periods, insofar as it is no longer required for the fulfilment of a contract or the initiation of a contract and/or there is no further justified interest on our part in continuing to store it.

When processing personal data on the basis of Art. 6 para. 1 lit. f) GDPR, such data shall be stored until the data subject exercises his/her right to object pursuant to Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. When processing personal data for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f) GDPR, such data shall be stored until the data subject exercises his or her right to object pursuant to Art. 21 para. 2 GDPR. Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

We use the tool "Microsoft Teams" to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter: "Online Meetings"). "Microsoft Teams" is a service of Microsoft Corporation.

The responsible party for data processing directly related to the conduct of "online meetings" is the respective Hohenstein company (see 1. above) that conducts the Teams meeting with you.

Note: If you access the "Microsoft Teams" website, the provider of "Microsoft Teams" is responsible for data processing. However, accessing the website is only necessary to download the software for the use of "Microsoft Teams".

If you do not want to or cannot use the "Microsoft Teams" app, you can also use "Microsoft Teams" via your browser. The service will then also be provided via the "Microsoft Teams" website.

When using "Microsoft Teams", various types of data are processed. The scope of the data also depends on the data you provide before or during participation in an "online meeting".

The following personal data are subject to processing:

• User details:
  e.g. display name, e-mail address (if applicable), profile picture (optional), preferred language.
• Meeting metadata:
  e.g. date, time, meeting ID, phone numbers, location
• Text, audio and video data:
  You may have the opportunity to use the chat function in an "online meeting". In this respect, the text entries you make are processed in order to display them in the "online meeting". In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device are processed accordingly during the meeting. You can switch off or mute the camera or microphone yourself at any time via the "Microsoft Teams" applications.

We use "Microsoft Teams" to conduct "online meetings". If we want to record "online meetings", we will transparently communicate this to you in advance and - where necessary - ask for consent.

Chat content will be logged when using Microsoft Teams. If it is necessary for the purpose of recording the results of an online meeting, we will record the chat content. However, this will not normally be the case.

Automated decision-making within the meaning of Article 22 of the GDPR is not used.

The legal basis for data processing when conducting "online meetings" is Art. 6 para. 1 lit. b) DSGVO, insofar as the meetings are conducted within the framework of contractual relationships.

If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) DSGVO. In this case, we are interested in the effective implementation of "online meetings".

Personal data processed in connection with participation in "online meetings" will not be passed on to third parties as a matter of principle, unless they are specifically intended to be passed on. Please note that the contents of "online meetings", as well as personal meetings, are often used to communicate information with customers, interested parties or third parties and are therefore intended to be passed on.

Other recipients: The provider of "Microsoft Teams" necessarily receives knowledge of the above-mentioned data, insofar as this is provided for within the framework of our order processing contract with "Microsoft Teams".

Data processing outside the European Union (EU) does not take place as a matter of principle, as we have restricted our storage location to data centres in the European Union. However, we cannot rule out the possibility that data may be routed via internet servers located outside the EU. This can be the case in particular if participants in "Online Meeting" are in a third country.

However, the data is encrypted during transport over the Internet and thus protected against unauthorised access by third parties.

Data Protection Officer:

Our data protection officer
Sven Lenz - Datenschutzkanzlei Lenz GmbH & Co. KG
Bahnhofstrasse 50
87435 Kempten
GERMANY
datenschutz@hohenstein.de

You have the right to obtain information about the personal data concerning you. You can contact us for information at any time. 

In the case of a request for information that is not made in writing, we ask for your understanding that we may require proof from you that you are the person you claim to be. 

Furthermore, you have the right to rectification or deletion or to restriction of processing, insofar as you are entitled to this by law.
Finally, you have the right to object to processing within the scope of the law.

You also have the right to data portability within the framework of data protection law.

You also have the right to complain about the processing of personal data by us to a supervisory authority for data protection.

We generally delete personal data when there is no need for further storage. A requirement may exist in particular if the data is still needed in order to fulfil contractual services, to be able to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of statutory retention obligations, deletion is only considered after the expiry of the respective retention obligation.

We would like to inform you below about the processing of personal data in connection with the use of Cisco Webex Teams & Meetings and Cisco Webex Rooms (hereinafter referred to as Webex). The Webex conference and collaboration solutions are provided by Cisco Systems, Inc. with headquarters in San Jose, CA, USA. Procurement and support are provided by Bechtle IT Neckarsulm. Between Hohenstein Laboratories GmbH & Co. KG and Bechtle IT for commissioned data processing.

Webex is a cloud-based web and video conferencing solution. Webex enables global employees and virtual teams to collaborate in real time from any location, at any time, on any mobile device or video system. Solutions include meetings, events, training and support services. 

We use Webex to conduct telefittings for clients.

The data controller for data processing directly related to the conduct of online meetings is Hohenstein Laboratories GmbH & Co. KG. You can also use Webex if you enter the respective meeting ID and, if applicable, further access data for the meeting directly in the Webex app. 

If you call up the Webex website, the provider of Cisco International Limited is responsible for data processing. However, accessing the website is only necessary for the use of Webex in order to download the software or the web plug-in for the use of Webex.

When using Webex, various types of data are processed. The scope of the data also depends on the data you provide before or during participation in an online meeting.

The following personal data are subject to processing:

• User registration data: activation codes, display name, email address, name, profile picture, password, company name, organisation ID, universal unique identifier.
• Host and usage information: Device name, geolocation, IP address, mobile type, MAC address, time zone, universal unique identifier, domain name, activity logs 
• Meeting metadata: Topic, description, participant IP addresses, device/hardware information, polls. 
• For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings. 
• For dial-in with the telephone: information on incoming and outgoing call number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be stored. 
• Text, audio and video data: You may have the opportunity to use the upload, chat, question or survey functions in an online meeting. In this respect, the text entries you make are processed in order to display them in the online meeting and, if necessary, to log them. 

The legal basis for data processing when conducting online meetings is Art. 6 para. 1 lit. b) GDPR, insofar as the meetings are conducted within the framework of contractual relationships. 

If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) GDPR. Here, our interest is in the effective implementation of online meetings.

Through Webex, online meetings are conducted. Users can connect with Webex in a way that is as personal as a face-to-face meeting. The meeting leader has the ability to record meetings and all users have the ability to upload and save shared files during and outside of meetings. If the meeting host decides not to retain the meeting content, it is removed from the Cisco Webex platform immediately after the meeting is closed. 

The meeting leader has the ability to record meetings and all users have the ability to upload and save shared files during and outside of meetings. The fact of recording is displayed to all users in the Webex app. Consent must be obtained from users in advance. If the meeting host decides not to retain the meeting content, it will be removed from the Cisco Webex platform immediately after the meeting is closed. 

When users attend meetings hosted by users in other companies, the meeting host controls any meeting recordings or files shared during the meeting that are subject to the host's corporate policies on access, use, monitoring, deletion, retention, and privacy Export of Information.  Automated decision-making within the meaning of Article 22 of the GDPR is not used.

Unless specifically intended for disclosure, personal data processed in connection with participation in online meetings will not be disclosed to third parties as a matter of principle. 

Other recipients: The provider of Webex necessarily receives knowledge of the above-mentioned data insofar as this is provided for in the context of our order processing agreement with Bechtle IT Neckarsulm.

Our data protection officer
Sven Lenz - Datenschutzkanzlei Lenz GmbH & Co. KG
Bahnhofstrasse 50
87435 Kempten
GERMANY

datenschutz@hohenstein.de

You have the right to obtain information about the personal data concerning you. You can contact us for information at any time. 

Furthermore, you have a right to rectification or erasure or to restriction of processing, insofar as you are entitled to this by law. 

Finally, you have a right to object to processing within the scope of the law. 

You also have a right to data portability within the framework of data protection law. 

You have the right to complain about the processing of personal data by us to a supervisory authority for data protection.

We generally delete personal data when there is no need for further storage. A requirement may exist in particular if the data is still needed to fulfil contractual services, to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of statutory retention obligations, deletion is only considered after the expiry of the respective retention obligation.

If you are available as a test person for fitting tests, we record name, address, telephone, date of birth and body measurements. We also take photos during fittings. The data on body measurements and photos are used to make recommendations for customers on the optimisation of their collections with regard to clothing sizes and processing qualities. This data is only passed on to third parties in an anonymous form. We need the remaining data for contract processing with you, it is not passed on to third parties.

If we obtain consent from the data subject for processing personal data, Art. 6 para. 1 lit. a) GDPR serves as the legal basis.

When processing personal data that is required for fulfilment of a contract for which the data subject is a contractual party, Art. 6 para. 1 lit. b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the execution of pre-contractual measures.

The personal data for the person in question is deleted or locked as soon as the purpose of storage lapses.

In accordance with the provisions of Art. 15 - 22 GDPR, you have the right to information, correction, deletion of your personal data, as well as a right to data transfer and the restriction of processing. In the cases of Art. 6 (1) e) and f) GDPR, you have the right to object. This also applies to automated individual decisions, including profiling. If you have given your consent to a processing of your personal data, you can revoke this consent at any time with effect for the future. If you believe that the processing of your personal data by Hohenstein is not lawful, you may lodge a complaint with any data protection supervisory authority.

In connection with your registration in the Hohenstein Portal, we process the following personal data from you for the purpose of use and authentication in the Hohenstein Portal: First name, last name, e-mail address and company name.

Your personal data will not be passed on to third parties.

The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is e.g. to apply an authorization concept for portal usage in order to make documents available only to the right addressees.

If we obtain consent from the data subject for the processing actions for personal data, Art. 6 para. 1 lit. a) GDPR is applicable as the legal basis.

Your data is stored for the duration of the customer relationship and then deleted after expiration of any statutory retention requirements.

In accordance with the provisions of Art. 15 - 22 GDPR, you have the right to information, correction, deletion of your personal data, as well as a right to data transfer and the restriction of processing. In the cases of Art. 6 (1) e) and f) GDPR, you have the right to object. This also applies to automated individual decisions, including profiling. If you have given your consent to a processing of your personal data, you can revoke this consent at any time with effect for the future. If you are of the opinion that the processing of your personal data by Hohenstein is not lawful, you may lodge a complaint with any data protection supervisory authority.

In the case of a request for information that is not made in writing, we ask for your understanding that we may then require evidence from you that proves that you are the person you claim to be.

The company premises in Bönnigheim is monitored around the clock with video cameras. The resulting recordings may be considered personal data.

The video surveillance of the company premises is used for safeguarding domiciliary rights and to secure the property of the company and employees.

The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interests are the preservation of the house right and the protection of our property.

The recordings are stored for 10 days. Longer storage only takes place in individual cases if the data is required to preserve evidence due to a specific incident.

In accordance with the provisions of Art. 15 - 22 GDPR, you have the right to information, rectification, erasure of your personal data, as well as the right to data portability and the restriction of processing. In the cases of Art. 6 para. 1 lit. e) and f) GDPR you have the right to object. This also applies to automated individual decision-making, including profiling. If you have given your consent to the processing of your personal data, you can withdraw this consent at any time with effect for the future. If you think that the processing of your personal data by Hohenstein is not lawful, you can complain to any data protection supervisory authority.

If you feel that Hohenstein has processed your personal data in an unlawful manner, you can contact any data protection supervisory authority with your complaints.

We collect and use your information (for example, the name, address, telephone number, e-mail address and payment information) within the framework of the respective contract purpose, specifically for the processing of your registration and for the execution of seminars, webinars, workshops, (virtual) press conferences and other events.

If we receive your e-mail address in connection with your (fee-based) participation in an event, we will also use this for the promotion of our own, similar events by e-mail, provided that you have not objected to its use.

We also use your information for customer analyses and written advertising by post, also on behalf of partner companies from the textile industry. If you register for our online information service & newsletter, we also use your e-mail address for sending the newsletter.

Your consent is obtained for the processing of the data during the dispatch process and this data protection declaration is referenced.

Provided there is the consent of the user, the legal basis for the processing of data after registration for seminars, webinars, events and press conferences is Art. 6 para. 1 lit. a) GDPR. For processing your data in order to fulfil our services and execute contractual measures, legal basis Art. 6 para. 1 lit. b) GDPR is valid, otherwise, for the processing of your data to protect our legitimate interests Art. 6 para. 1 lit. f) GDPR.

The data is deleted as soon as it is no longer required for achieving the purpose of its collection.

Partner companies from the textile industry, if applicable.

In accordance with the provisions of Art. 15 - 22 GDPR, you have the right to information, rectification, erasure of your personal data, as well as the right to data portability and the restriction of processing. In the cases of Art. 6 para. 1 lit. e) and f) GDPR you have the right to object. This also applies to automated individual decision-making, including profiling. If you have given your consent to the processing of your personal data, you can withdraw this consent at any time with effect for the future. If you think that the processing of your personal data by Hohenstein is not lawful, you can complain to any data protection supervisory authority.

If you want us to stop processing and using your personal data for advertising purposes or would like to withdraw any consent that you have granted at any time, simply send a brief message by e-mail to datenschutz@hohenstein.de or by letter to Hohenstein, Abt. Datenschutz, Schlosssteige 1, 74357 Bönnigheim, Germany.

You can also exercise your right of objection to the newsletter distribution, for example, by using the Unsubscribe function on our website. You can find a link to this function in the footer of each newsletter. When unsubscribing, your data is deleted immediately and you will no longer receive a newsletter from us.

If you feel that Hohenstein has processed your personal data in an unlawful manner, you can contact any data protection supervisory authority with your complaints.

We take photos and/or videos to provide an illustrative report of our events. These are published in our print media and/or on the website. They are not used for any purpose other than for reporting. Images published on our website can be accessed throughout the world. Their unauthorised use by a third party can therefore not be universally excluded.

Your image will only be used with your express or implicit consent  Art. 6 para. 1 lit. a) GDPR) or if we base the processing on a legitimate interest according to Art. 6 para. 1 lit. f) GDPR. A legitimate interest is, for example, to report vividly on our events.

The images are deleted as soon as they are no longer required for achieving the purpose of their collection.

If you do not want a photo and/or video to be taken of you, please mention this to the photographer before it is taken or move out of the picture. You can also withdraw your consent at any time with effect for the future. In the case of an revocation, we will not use any unpublished photos/videos and remove any published photos/videos from our internet site. In all other media, we will observe your revocation for the future. If a group photo is published, the subsequent revocation by an individual person does not, in general, mean that the image must be removed.

If you object to the use of your image or would like to withdraw any consent that you have granted, simply send a brief message by e-mail to datenschutz@hohenstein.de or by letter to Hohenstein, Abt. Datenschutz, Schlosssteige 1, 74357 Bönnigheim, Germany.

There are no formal requirements for this message and no additional fees will be charged.

In accordance with the provisions of Art. 15 - 22 GDPR, you have the right to information, rectification, erasure of your personal data, as well as the right to data portability and the restriction of processing. In the cases of Art. 6 para. 1 lit. e) and f) GDPR you have the right to object. This also applies to automated individual decision-making, including profiling. If you have given your consent to the processing of your personal data, you can withdraw this consent at any time with effect for the future. If you think that the processing of your personal data by Hohenstein is not lawful, you can complain to any data protection supervisory authority.

If we receive your e-mail address in connection with your (fee-based) participation in a seminar, webinar, event or virtual press conference, we will also use this for the promotion of our own, similar events by e-mail, provided that you have not objected to its use.

We also use your information for customer analyses and written advertising by post, also on behalf of partner companies from the textile industry.

Provided there is the consent of the user, the legal basis for the processing of data is Art. 6, (1), lit. a) GDPR. For processing your data for the protection of our legitimate interests, the legal basis is Art. 6 para. 1 lit. f) GDPR.

The data is deleted as soon as it is no longer required for achieving the purpose of its collection.

In accordance with the provisions of Art. 15 - 22 GDPR, you have the right to information, rectification, erasure of your personal data, as well as the right to data portability and the restriction of processing. In the cases of Art. 6 para. 1 lit. e) and f) GDPR you have the right to object. This also applies to automated individual decision-making, including profiling. If you have given your consent to the processing of your personal data, you can withdraw this consent at any time with effect for the future. If you think that the processing of your personal data by Hohenstein is not lawful, you can complain to any data protection supervisory authority.

You can submit an objection to the processing of your personal data at any time; this also includes your e-mail address (Art. 6 para. 1, Art. 21 para. 1, 4 GDPR).

If you want us to stop processing and using your personal data for advertising purposes or would like to withdraw any consent that you have granted at any time, simply send a brief message by e-mail to datenschutz@hohenstein.de or by letter to Hohenstein, Abt. Datenschutz, Schlosssteige 1, 74357 Bönnigheim, Germany.

Once you have done so, your data will no longer be used for advertising purposes. This will not affect the legality of any use of your data up until the time at which you withdraw your consent or request that your data is not used for advertising purposes.

You can also exercise your right of objection for example, by using the Unsubscribe function on our website. You can find a link to this function in the footer of each newsletter.

If you explicitly request it, you can receive press releases from Hohenstein Institutes about research and development activities, testing, certifications and events in the textile industry, their international sites, the textile certifications of the OEKO-TEX® Association and other news from the textile industry by email. You can select the areas which are of particular interest to you when registering for the press distribution list. We will use the data which you provide while registering to determine whether you are entitled to receive press releases and to address you personally. Which data is collected via the contact form is apparent from the respective contact form. Your data is transmitted securely (SSL encryption).

The information you provide is only used for the purposes of sending the press release and for possible follow-up questions.

Your consent is obtained for the processing of the data during the dispatch process and this data protection declaration is referenced.

Provided there is the consent of the user, the legal basis for the processing of data after subscribing to receive press releases is Art. 6 para. 1 lit. a) GDPR.

The data is deleted as soon as it is no longer required for achieving the purpose of its collection. It is stored for as long as the subscription to press releases is active.

You have the right to information about your personal data processed by us. If your information request is not in writing, please understand that we will then require evidence from you to prove that you are really the person you claim to be.

Moreover, you have the right to correction or deletion or to restrict the processing, if this is due in law. In addition, you have a right to object to the processing within the framework of statutory regulations. The same applies to a right to data transferability.

If you do not wish to receive any more press releases, it is sufficient to send a short message to the Hohenstein Institute (e-mail: press@hohenstein.com).

If you feel that Hohenstein has processed your personal data in an unlawful manner, you can contact any data protection supervisory authority with your complaints.