Privacy Notice

Data Controller

EU-REP.Global GmbH
Hopfenstraße 1d
24114 Kiel
Germany

With this Privacy Notice (the “Notice”), EU-REP Global GmbH (“we”, “us”) want to inform you about the processing of your personal data. We will only use the personal data gathered via this website as set out in this Notice. Below you will find information on how we use your personal data, for which purposes your personal data is used, with whom it is shared and what control and information rights you may have.

1. Definitions

Our Privacy Notice should be simple and understandable for everyone. In this Privacy Notice , the official definitions of the General Data Protection Regulation (GDPR) are generally used. The official definitions are explained in Art. 4 GDPR.

2. Processing Purposes for Visitors of our Website and Individuals interested in our Services

a) Ensuring the security and stability of the website

For this processing purpose, we collect the following categories of data:

IP address;
type of device, device name, your device-ID;
date, time and content of your request;
your browser version and screen resolution;
information about your operating system, including your language settings.

Such website logs are used solely for the purpose of ensuring the security of our website and will be stored for no longer than 14 days. The processing is based on our legitimate interests to protect the integrity and availability of our website (Art. 6 para. 1(f) GDPR).

b) Responding to your requests

If you are using a contact form provided on this website or contact us through other means, we may collect and process the following personal data:

name;
email address;
telephone number;
country
content of your request.

We use your personal data to the extent necessary for the initiation of a contract upon your request, to answer your custom inquiry and to provide you with all related information. The processing is based on our legitimate interest to establish a business relation with your employer or to handle an Art. 15 et seqq. GDPR data subject’s request submitted through our contact form or through other means (Article 6 para. 1(f) GDPR).

3. External Hosting

This website is hosted externally. Personal data collected on this website are stored on the servers of the host. These may include, but are not limited to, IP addresses, contact requests, metadata and communications, contract information, contact information, names, web page access, and other data generated through a web site.

The external hosting serves the purpose of fulfilling the contract with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of secure, fast, and efficient provision of our online services by a professional provider (Art. 6(1)(f) GDPR).

Our host(s) will only process your data to the extent necessary to fulfil its performance obligations and to follow our instructions with respect to such data.

We are using the following host(s):

Netzhirsch GmbH
Knickrehm 14
23611 Bad Schwartau

4. Cookies

Our websites and pages use what the industry refers to as “cookies.” Cookies are small data packages that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain archived on your device until you actively delete them, or they are automatically eradicated by your web browser.

Cookies can be issued by us (first-party cookies) or by third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services of third-party companies into websites (e.g., cookies for handling payment services).

Cookies have a variety of functions. Many cookies are technically essential since certain website functions would not work in the absence of these cookies (e.g., the shopping cart function or the display of videos). Other cookies may be used to analyse user behaviour or for promotional purposes.

Cookies, which are required for the performance of electronic communication transactions, for the provision of certain functions you want to use (e.g., for the shopping cart function) or those that are necessary for the optimization (required cookies) of the website (e.g., cookies that provide measurable insights into the web audience), shall be stored on the basis of Art. 6(1)(f) GDPR, unless a different legal basis is cited. The operator of the website has a legitimate interest in the storage of required cookies to ensure the technically error-free and optimized provision of the operator’s services. If your consent to the storage of the cookies and similar recognition technologies has been requested, the processing occurs exclusively on the basis of the consent obtained (Art. 6(1)(a) GDPR and § 25 (1) TTDSG); this consent may be revoked at any time.

You have the option to set up your browser in such a manner that you will be notified any time cookies are placed and to permit the acceptance of cookies only in specific cases. You may also exclude the acceptance of cookies in certain cases or in general or activate the delete-function for the automatic eradication of cookies when the browser closes. If cookies are deactivated, the functions of this website may be limited.

5. Contact form and contact by e-mail

If you send us inquiries via contact form or e-mail, your data from the inquiry form or your e-mail, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. The specification of an e-mail address as well asthe specification of your name and your country is required to contact us. The specification of the telephone number is voluntary. The legal basis for the processing of the data is our legitimate interest in responding to your request pursuant to Art. 6 para. 1(f) GDPR and, if applicable, Art. 6 para. 1(b) GDPR, if your request is aimed at concluding a contract. Your data will be deleted after final processing of your request, provided that there are no legal obligations to retain data.

6. Calendly

You can book an appointment with us on via our website. We use the “Calendly” tool for booking appointments. The provider is Calendly LLC, 271 17th St NW, 10th Floor, Atlanta, Georgia 30363, USA (hereinafter “Calendly”).

To book an appointment, enter the requested data (name, surname, email address, country and your message to us) and the desired date in the screen provided. The data entered will be used for planning and executing our appointment.

Furthermore, if you decide to fill in your telephone, we will collect and process these data as well within the frame of planning and executing our appointment. Please note that the above mentioned data ae not necessary for booking an appointment, and will only be processed if you decide to provide us with that information in the contact form.

The appointment data is stored for us on the servers of Calendly, whose privacy policy can be viewed here: https://calendly.com/privacy.

The data you have entered will remain with us until you ask us to delete it, revoke your consent for storage or the purpose for which the data was stored ceases to apply. Mandatory legal provisions, in particular retention periods, remain unaffected.

The legal basis for data processing is Art. 6 para. 1(b) GDPR; more specifically processing takes place within the frame of our precontractual negotiations.

The data transfer to the USA is based on the standard contractual clauses of the European Commission. Details can be found here: https://calendly.com/dpa.

Data processing

We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

8. Matomo

This website uses the open source web analytics service Matomo.

With the help of Matomo, we are able to collect and analyse data about the use of our website by website visitors. This allows us to find out, among other things, when which page views were made and from which region they came. We also collect various log files (e.g. IP address, browsers and operating systems used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.).

The use of this analysis tool is based on Art. 6 para. 1 (f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimize both its website and its advertising.

a) IP anonymization

We use IP anonymization for the analysis with Matomo. In this case, your IP address is shortened before analysis so that it can no longer be clearly assigned to you.

b) Cookieless analysis

We have configured Matomo so that it does not store cookies in your browser.

c) Hosting

We host Matomo exclusively on our own servers, so that all analysis data remains with us and is not passed on.

9. Plugins and Tools

a) Google Fonts

This website uses so-called Google Fonts provided by Google to ensure the uniform use of fonts on this site. These Google fonts are locally installed so that a connection to Google’s servers will not be established in conjunction with this application.

For more information on Google Fonts, please follow this link: https://developers.google.com/fonts/faq and consult Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.

b) Font Awesome

This site uses Font Awesome for consistent font rendering. Font Awesome is installed locally. There is no connection to Fonticons, Inc. servers.

For more information about Font Awesome, please see the Font Awesome privacy policy at: https://fontawesome.com/privacy.

10. Data Processing for Customers, Vendors and Data Subjects

a) Personal data we process

If your employer enters into a service contract with us, we may collect the following information from you:

name;
email address;
telephone number;
job title;
password;
communications and copies of documents which include personal information, such as signatures on contracts.

b) Provision of services

We use your personal data to the extent necessary for the fulfilment of our contract with your employer, such as through individual consulting services, the provision of access to an online information database and the provision of updates on data privacy laws via email. The processing is based on the performance of our contract as well as for our pre-contractual communication (Art. 6 para. 1(b) GDPR) our legitimate interest to deliver our services to your employer in line with the contractual arrangements (Art. 6 para. 1(f) GDPR), and our obligation to comply with statutory requirements, such as those described in Art. 39 GDPR (Art. 6 para. 1(c) GDPR). More specifically, within the context of our services, we process data:

For the performance of a contract (Art. 6 para. 1(b) GDPR).

We use your personal data for the performance of the contract as well as for pre-contractual communication.

For compliance with a legal obligation to which we are subject to (Art. 6 para. 1(c) GDPR);

As a company, we are subject to various legal obligations. The processing of personal data may be necessary to fulfil these obligations:

Prevention/ investigation against criminal acts
Retention and storage obligations (e.g., Sect. 257 German Commercial Code (HGB); Sect. 147 German Tax Code (AO))
Obligations to process customer data (e.g. under tax law)
Occasional comparison of first and last names of business contacts with the lists of the EU anti-terror regulations due to the provision ban according to the EU anti-terror regulation

Based on a legitimate interest (Art. 6 para. 1(f) GDPR).

In certain cases, we process your personal data in exercising a legitimate interest of ours:

Direct advertising for similar services within the scope of our business relationship

11. Data transfer and recipients

For some of the aforementioned purposes, we may disclose your personal data to other parties. More specifically, we may disclose our data to:

Electronic signature tool providers
Software providers (including software as a service solutions, e.g., Microsoft365)
Legal advisors
Banks and Insurances
Communication service providers, e.g. mail relay and fax providers, providers of video conferencing tools
Contact form providers

Within the scope of fulfilling our contractual and legal obligations with a customer or a vendor, we may also commission third party service providers (data processors) in compliance with applicable law to carry out certain data processing on our behalf, such as services to support us with tax declarations and documentation, or with the delivery of email and invoices.

In the event that we undergo reorganization or are sold to a third party, any personal data we hold about you may be transferred to that reorganized entity or third party in compliance with applicable law. We may also disclose your personal data if legally entitled or required to do so (for example if required by law or by a court order).

12. Security

We have reasonable state of the art technical and organizational measures in place to protect your personal data which is under our control against loss, misuse and alteration. Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use reasonable efforts to prevent it. You should bear in mind that submission of information over the internet is never entirely secure. We cannot guarantee the security of information you submit via our website whilst it is in transit over the internet and any such submission is at your own risk.

13. Data retention

We strive to keep our processing activities with respect to your personal data as limited as possible. In the absence of specific retention periods set out in this Notice , your personal data will be retained only for as long as we need it to fulfil the purpose for which we have collected it. Business- and tax-related communications may be subject to statutory retention periods of six to ten years.

In case of a customer or vendor relationship, we store your personal data as long as it is required to fulfil our legal and contractual obligations, including:

Fulfilment of e.g. commercial and tax retention obligations. These include, among others, retention periods from the German Commercial Code (HGB) or the German Tax Code (AO). The retention periods are up to 10 years.
Preservation of evidence within the framework of the statutory limitation provisions. According to the statutes of limitation of the German Civil Code (BGB), these statutes of limitation can be up to 30 years in some cases; the regular statute of limitations is three years.

14. Your Rights

Under the legislation applicable to you, you may be entitled to exercise some or all of the following rights:

require (i) information whether your personal data is retained and (ii) access to and/or duplicates of your personal data retained, including the purposes of the processing, the categories of personal data concerned, and the data recipients as well as potential retention periods;
request rectification, removal or restriction of your personal data, e.g. because (i) it is incomplete or inaccurate, (ii) it is no longer needed for the purposes for which it was collected, or (iii) the consent on which the processing was based has been withdrawn;
refuse to provide and – without impact to data processing activities that have taken place before such withdrawal – withdraw your consent to processing of your personal data at any time;
not to be subject to any automated decision making, including profiling (automatic decisions based on data processing by automatic means, for the purpose of assessing several personal aspects) which produce legal effects on you or affects you with similar significance;
require (i) to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and (ii) to transmit those data to another controller without hindrance from our side; where technically feasible you shall have the right to have the personal data transmitted directly from us to another controller;
take legal actions in relation to any potential breach of your rights regarding the processing of your Personal data, as well as to lodge complaints before the competent data protection regulators;
object at any time:
- if we use your personal data for the purpose of direct marketing; or
- on grounds relating to your particular situation that your personal data shall be subject to a processing.

15. Automated decision making

Automated decision making or profiling according to Art. 22 GDPR does not take place.

16. Contacting us

Please submit any questions, concerns or comments you have about this Notice or any requests concerning your personal data by email to us. You can contact us via service@eu-rep.global . The Information you provide when contacting us (name, address, telephone number) will be processed to handle your request and will be erased when your request was completed. Alternatively, we will restrict the processing of the respective Information in accordance with statutory retention requirements.

For any inquiry that might emerge from the way we process your personal data, you may contact the competent Data Protection Authorities.

17. Amendments to this Notice

We reserve the right to change this Notice from time to time by updating our website respectively. Please visit the website regularly and check our respectively current Notice.

This Notice was last updated on November 16, 2023.

Write email

Group	external media
Name	Calendly
Technical name	_cf_bm,__cfruid,OptanonConsent
Provider	Calendly LLC
Expire in days	365
Privacy policy	https://calendly.com/privacy
Use	To arrange appointments via the provider Calendly.
Allowed
Group	essential
Name	Contao CSRF Token
Technical name	csrf_contao_csrf_token
Provider	Contao
Expire in days	0
Privacy policy
Use	Serves to protect the website from being falsified by cross-site requests. The cookie is deleted again after the browser is closed.
Allowed
Name	Contao HTTPS CSRF Token
Technical name	csrf_https_contao_csrf_token
Provider	Contao
Expire in days	0
Privacy policy
Use	Used to protect the encrypted website (HTTPS) from being falsified by cross-site requests. The cookie is deleted again after the browser is closed.
Allowed
Name	PHP SESSION ID
Technical name	PHPSESSID
Provider	Contao
Expire in days	0
Privacy policy
Use	Cookie from PHP (programming language), PHP data identifier. Contains only a reference to the current session. No information is stored in the user's browser and this cookie can only be used by the current website. This cookie is mainly used in forms to increase user-friendliness. Data entered in forms is stored for a short time, for example, if the user makes an input error and receives an error message. Otherwise, all data would have to be entered again.
Allowed
Name	FE USER AUTH
Technical name	FE_USER_AUTH
Provider	Contao
Expire in days	0
Privacy policy
Use	Saves a visitor's information as soon as they log in to the frontend.
Allowed