Data protection and privacy

This data protection and privacy statement applies to the website of creative pool distribution GmbH, Höhenweg 14, 86391 Stadtbergen, Germany, at the domain https://x-over.de and to the various subdomains, hereinafter collectively referred to as “our website.”

1. Name and address of data controller

The data controller is creative pool distribution GmbH, Höhenweg 14, 86391 Stadtbergen, service@x-over.de.

2. Personal data

“Personal data” means information relating to an identified or identifiable natural person. This includes, in particular, information that permits this person to be identified, for example the person’s name, phone number, address or e-mail address.

3. Processing of personal data

Processing of personal data takes place when you use our website or interact with our website (for example via the contact form or a login process).

4. Newsletter (not yet available at present)

If you register to receive our e-mail newsletter, we need your e-mail address to send the newsletter to you. Starting when you register, your e-mail address will be used for our advertising purposes until you unsubscribe. You can unsubscribe by clicking a link on our website.

Your data will be stored for the duration of your newsletter subscription and erased after you unsubscribe. The data may be stored for longer in isolated cases where required by law.

The legal basis for the processing of the data after the user registers to receive the newsletter is point (a) of Article 6(1) of the EU General Data Protection Regulation (GDPR) if the user has given consent.

5. Legal basis for the processing of personal data

Collection and use of personal data take place only after the user of our website has given consent. The legal basis is point (a) of Article 6(1) GDPR.

If the processing of personal data is necessary for the performance of a contract to which the data subject is party, point (b) of Article 6(1) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.

If the processing of personal data is necessary for compliance with a legal obligation, point (c) of Article 6(1) GDPR serves as the legal basis.

If the processing is necessary to safeguard a legitimate interest of our company or a third party and the interests or fundamental rights and freedoms of the data subject do not override the aforementioned interest, point (f) of Article 6(1) GDPR serves as the legal basis.

6. Use of cookies

A cookie is a text file that is stored on the hard drive, either temporarily (“session cookie”) or permanently (“persistent cookie”), in order to provide information tailored specifically to the user.

A “session” is a single session that is stored on our server for a short period.

Log files are generated by the server and stored by us. These files contain automatically generated logs of all or specific actions in processes on a computer system.

7. Data within the scope of use of cookies

The cookies, sessions, and log files do not store any security-related data or personal data other than your IP address. These files cannot transmit viruses, spy on data on your computer or send e-mails without your knowledge. Each Web server can only read the cookies that server itself has placed. The following data are automatically collected by our computer system through cookies when you access our website:

·      Anonymized client IP: anonymized customer address

·      Time stamp: Date and time of access

·      Request line: Path of target URL address, not including domain

·      Status code: status codes that are helpful for error analysis

·      Referrer: from which page the visitor has come to our website

·      Size of response bodies: Size of the temporary data downloaded

·      User agent: Type and version of the visitor’s browser and operating system

·      Remote user: only in the case of a login process based on HTTP basic authentication. Otherwise, this field is left blank.

These data are stored separately from the data that you have provided if and when you have set up a customer account with us. These data are not linked together.

8. Preventing the storage of cookies

If you do not want cookies, sessions, and log files to be used, you can restrict or block them in your browser. If you do this, it is possible that individual features of our pages will no longer be usable.

Session cookies are erased immediately when you close your browser.

Third-party providers, including Google, use stored cookies to serve ads on the basis of a user’s prior visits to this website. You can adjust the settings relating to the use of cookies by third parties by visiting these third parties’ websites.

9. Legal basis in the case of storage of cookies

The storage of cookies serves our legitimate interest in advertising our services and analyzing user behavior to improve and further develop our website. The legal basis is point (f) of Article 6(1) GDPR.

10. Use of service providers for processing of personal data; data processing

We utilize the services of service providers to perform services and process your data having to do with our services and products. Our service providers are permitted to use data that we transfer to them only to fulfill their tasks; any other use is not permitted.

All processors who work on our behalf have been selected carefully and are given access to your data only within the scope, and for the necessary period, required in order to perform the services or within the scope to which you have given consent to the processing and use of the data, as the case may be.

11. Links to other websites

Our website contains buttons that link to other websites (Facebook, not yet active: Twitter, XING), known as social media links.

·      A direct connection to Facebook is established if you use this button. We have no influence over the nature or scope of the data that the plugins on this website transfer to the servers of Facebook Inc. (1 Hacker Way, Menlo Park, California 94025, USA).  For information on this, please click here: https://www.facebook.com/privacy/explanation/

·      A direct connection to Twitter is established if you use this button. We have no influence over the nature or scope of the data that the plugins on this website transfer to the servers of Twitter Inc. (795 Folsom St., Suite 600, San Francisco, CA 94107, USA).  For information on this, please click here:

https://twitter.com/privacy?lang=eng

·      A direct connection to XING is established if you use this button. We have no influence over the nature or scope of the data that the plugins on this website transfer to the servers of XING SE (Dammtorstr. 30, 20354 Hamburg, Germany).  For information on this, please click here:

https://privacy.xing.com/en

12. Duration of storage

We store your personal data only as long as is permissible by law or as long as legal obligations of storage exist.

13. Rights of the user

As the user, you can obtain information at any time regarding which personal data concerning you have been stored. If your data are incorrect or outdated, you can request that they be corrected (rectified) provided that your request does not conflict with any legal obligation of storage. You have the right to object to the processing of data without stating any reasons.

Finally, you have the right to have your personal data blocked or erased.

To exercise your rights pursuant to Chapter III GDPR, it is sufficient to send an e-mail to service@x-over.de or a written notice to creative pool distribution GmbH, Höhenweg 14, 86391 Stadtbergen, Germany.

14. Right to lodge a complaint with the supervisory authority

You have the right to lodge a complaint with the competent supervisory authority against the processing of your personal data if you believe your rights under the GDPR have been violated (Article 77 GDPR).