Data Protection Policy
Information on the collection of personal data
(1) The following provides information about the collection of personal data during your use of this website. Personal data is any information that can be specifically attributed to you, e.g. your name, address, email addresses, user behaviour, and IP address.
(2) The controller, as per art. 4, para. 7 of the EU General Data Protection Regulation (GDPR), is:
Tel. +49 (0) 2351 5674 0
Fax +49 (0) 2351 5674 410
You can contact our data protection officer at:
Herr Markus Knuth
Höveler Weg 2
Tel: + 49 (0) 2353 9096 31
Fax: + 49 (0) 2353 9096 49
(3) If we make use of commissioned service providers for individual functions of our offers or if we wish to use your data for commercial purposes, we will inform you of the respective processes as described in detail below. In so doing, we will also cite the set criteria for the storage period.
General information about data processing
(1) As a matter of principle, we collect and utilise users' personal data only to the extent required to ensure the functioning of our website and of our contents and services. The collection and utilisation of our users' personal data normally occurs after users have given their consent. An exception applies to cases in which prior consent can not be obtained for practical reasons and where the processing of the data is legally permitted.
(2) If we have obtained consent for the processing of personal data from the data subject, art. 6, para. 1, point a of the GDPR acts as the legal basis. When the processing of personal data is required in order to fulfil a contract, to which the data subject is party, art. 6, para. 1, point b of the GDPR acts as the legal basis. This also applies to processing that is required in order to perform pre-contractual measures. If the processing of personal data is required in order to fulfil a legal obligation to which our company is subject, art. 6, para. 1, point c of the GDPR acts as the legal basis. In the event that vital interests of the data subject or of another natural person make processing personal data necessary, art. 6, para. 1, point d of the GDPR acts as the legal basis. If processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interests, art. 6, para. 1, point f of the GDPR acts as the legal basis for processing.
(3) The personal data of the data subject are deleted or locked once the purpose of their storage no longer applies. Furthermore, data can be stored if provision has been made by the European or national legislator in ordinances, acts or other regulations in EU law to which the controller is subject. The data are also locked or deleted if a storage period prescribed by the stated standards expires, unless it is necessary to continue to store the data in order to conclude or fulfil a contract.
(4) Furthermore, we may also disclose your personal data to third parties when we offer participation in campaigns, contests, contract conclusions, or similar services together with partners. You will receive further information on this when you provide your personal data or at the bottom of the description of the service being offered. If our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you of the consequences of this in the description of the service being offered.
(1) You have the following rights in relation to us regarding your personal data:
a) Right of access
You have the right to request confirmation as to whether relevant data will be processed, and to information on this data as well as further details and copies of the data in accordance with art. 15 of the GDPR.
b) Right to rectification
In accordance with art. 16 of the GDPR, you have the right to request the completion of the data or the rectification of the incorrect data concerning you.
c) Right to erasure or right to restriction of processing
In accordance with art. 17 of the GDPR, you have the right to request that personal data be deleted immediately, or alternatively the right to request the restriction of processing of the data in accordance with art. 18 of the GDPR.
d) Right to data portability
You have the right to receive the data concerning you, which you have provided to us, in accordance with art. 20 of the GDPR, and to request their transmission to other controllers.
(2) You also have the right to submit a complaint to the relevant data protection supervisory authority concerning our processing of your personal data. In our case, this is the North Rhine-Westphalia state official for data privacy and information security (ldi): https://www.ldi.nrw.de/
Objection to or revocation of the processing of your data
(1) If you have consented to the processing of your data, you can revoke this at any time in accordance with art. 7, para. 3 of the GDPR. Once communicated to us, such a revocation affects the admissibility of the processing of your personal data.
(2) If we base the processing of your personal data on the balancing of interests, you may object to the processing. This is the case if processing in particular is not necessary for the fulfilment of a contract with you, which we will note in the subsequent description of each function. When such objection is raised, we ask that you explain the reasons why we should not process your personal data in the manner we have done. If your objection is justified, we will examine the situation and either cease or adjust the data processing or explain to you our compelling and legitimate reasons as to why we will continue to perform the processing as such.
(3) Of course, you may object at any time to the processing of your personal data for advertising and data analysis purposes. You may inform us of your objection to such uses via the following contact details: DIAL GmbH, Bahnhofsallee 18, 58507 Lüdenscheid, dialog(at)dial.de.
Deletion of data
The data processed by us will be deleted or have its processing restricted in accordance with art. 17 and 18 of the GDPR. Unless expressly stated in this data protection policy, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any legal storage obligations. If the data are not deleted because they are necessary for other legally permissible purposes, their processing is restricted. This means that the data is locked and not processed for any other purposes. This applies, for example, to data that must be kept for commercial or tax reasons. According to legal requirements in Germany, the records shall be kept in particular for 6 years in accordance with section 257, para. 1 of the German Commercial Code (HGB) (trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with section 147, para. 1 of the German Tax Code (AO) (books, records, progress reports, accounting documents, commercial and business letters, for documents relevant to taxation, etc.).
Transfer of data to third countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done in order to utilise third-party services, disclose or transfer data to third parties, then this will only happen in order to fulfil our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only if the special requirements of art. 44 ff. of the GDPR apply. This means, for example, that processing is carried out on the basis of special guarantees, such as the officially recognised establishment of a data protection level in compliance with the EU (e.g. by the "Privacy Shield" for the USA) or compliance with officially recognised special contractual obligations ("standard contractual clauses").
Data collection on our website
(1) If you are using the website solely for informational purposes, i.e. if you have not registered or otherwise conveyed information to us, we will only collect personal data transmitted by your browser to our server. If you would like to view our website, we will collect the following data, which is a technical requirement for us into be able to display our website and to ensure stability and security (the legal basis for this is art. 6, para. 1, sentence 1, point f of the GDPR):
a) IP address,
b) Date and time of request,
c) Content of the request (specific page),
d) Access status/HTTP status code,
e) Volume of data transmitted,
f) Website issuing the request,
h) Operating system and its interface,
i) Language and version of browser software.
(2) The data are also stored in the logfiles of our system. These data are not stored together with other personal data of the user. The legal basis for the temporary storage of the data and logfiles is art. 6, para. 1, point f of the GDPR. The data are stored in logfiles in order to ensure that the website functions properly. In addition, the data helps us to optimise the website and to ensure the security of our information technology systems. An analysis of the data for marketing purposes does not take place in this context. The anonymous data of the server log files are stored separately from all personal data provided by the data subject.
(3) The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. If data has been collected for the provision of the website, this occurs when the respective session ends. The collection of data for the provision of the website and the storage of data in logfiles is absolutely necessary for the operation of the internet site. As a result, the user may not object.
To protect the transmission of confidential content that you send to us (e.g. orders, inquiries), this website uses what is known as SSL or TLS encryption. These can be recognised by the lock symbol in your browser address bar. The address bar also changes from "http://" to "https://". This means that third parties are not able to read this data.
(2) Temporary cookies, or "session cookies" or "transient cookies", refer to cookies that are deleted once the user leaves an online service and closes their browser. In such a cookie, the contents of a shopping cart in an online shop or a login status are stored, for example. "Permanent" or "persistent" cookies refer to those that remain stored even after the browser has been closed. In doing so, the login status can be stored, for example, if users visit the website after several days.
(3) It is possible at any time to prevent the website's storage of cookies by adjusting the relevant settings of your Internet browser and thus permanently deactivating the storage of cookies. Furthermore, you may delete cookies which have already been stored via an Internet browser or another software program at any time. This can also be done automatically. This is possible in all standard Internet browsers. If you deactivate cookies, the functionality of this website may be limited.
Use of our contact form
There is a contact form on our website, which you can use to make contact with us electronically. If a user makes use of this option, then the data entered in the input mask are transmitted to us and stored. These data are:
Title, first name, last name, company, email.
The following data are also stored when the message is sent:
The IP address of the user, date und time of the registration.
As part of this process, your consent is obtained for the processing of data and reference is made to this data protection policy. Alternatively it is possible to contact us via the email address provided. In this case, we store the user's personal data transmitted with the email. The data are not forwarded to any third parties in this context. The data are used exclusively to process the conversation. The legal basis for the processing of data when consent is given by the user is art. 6, para. 1, point a of the GDPR. The legal basis for the processing of data which are transmitted when sending an email is art. 6, para. 1, point f of the GDPR. If the aim of the email contact is to conclude a contract, then the additional legal basis for processing is art. 6, para. 1, point b of the GDPR. Processing the personal data from the input mask only assists us in handling the communication. If contact is made via email, this also includes the required justified interest in the processing of the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems. The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those that have been transmitted via email, this is the case when the respective conversation with the user has ended. The conversation has ended when it can be seen from the circumstances that the issue being discussed has been conclusively resolved. The additional personal data collected during the sending process will be deleted at the latest after a period of seven days. The user has the option to revoke their consent to the processing of the personal data at any time. If the user contacts us via email, then they can object at any time to their personal data being stored. In this instance, the conversation can not be continued. All personal data that have been stored during the communication are deleted in this case.
Registration options on our website / online services
(1) You can register on our website in several ways. You can book seminars and/or webinars and/or events and/or make use of support services and/or request and download material such as white papers about our products and services. To do this, it is necessary for the conclusion of the contract that you provide the personal data we require to process your order or your booking. Furthermore, you can give us feedback on customer satisfaction on our website. The mandatory information fields required for processing are specially marked. Other details are voluntary. We may also use the data you have provided to process your order or your booking. The legal basis for the processing of data when you give your consent is art. 6, Sect. 1, lit. a of the GDPR. To this end, we can pass on your payment data to our principal bank. The legal basis for this is art. 6, Sect. 1, sentence 1, lit. b of the GDPR. If the registration serves to fulfil a contract whose contracting party is the user or serves to implement pre-contractual measures, then an additional legal basis for the processing of data is art. 6, Sect. 1, lit. b of the GDPR.
(2) We use the so-called double-opt-in method for registering for support services, meaning your registration is not complete until you have confirmed your registration by clicking on the link contained within a confirmation email sent to you for this purpose.
(3) If you use our portal, we will store the data required to fulfil the contract and also details on the method of payment until you permanently delete your access data. Furthermore, we will store the voluntary data you have provided for the duration of your website use, unless you delete these beforehand. You can manage and change all information in the secure customer area. The legal basis is art. 6, Sect. 1, sentence 1, lit. f of the GDPR. In addition, we delete your data as soon as it is no longer necessary for its intended purpose and the deletion does not conflict with any statutory retention requirements.
Data protection information for webinars with GoToWebinar
(1) To conduct webinars, we use the GoToWebinar software solution. The GoToWebinar software solution is provided by LogMeIn Inc., 333 Summer Street, Boston, MA 02210, USA. The LogMeIn data privacy statement can be found here. LogMeIn processes your personal data in the USA, but has submitted to the EU-US Privacy Shield framework (https://www.privacyshield.gov/participant?id=a2zt0000000013fAAA), thus providing a guarantee that they will comply with European data protection laws.
(2) In order to take part in a webinar, you must register with LogMeIn. This requires you to submit the following personal data: name, surname, email. To conduct a webinar related to an order, LogMeIn transmits your registration/customer data to us. The legal bases for the processing of your data are Art. 6 Par. 1 s. 1 item a)
a) GDPR and Art. 6 Par. 1 s. 1 item b) GDPR.
(3) To conduct the webinar, an encrypted connection is established between you and the organizer of the webinar. Webinars are regularly recorded and played back when the webinar is accessed later. During and after the webinar, statistical data is transmitted to us. If you take part in a webinar and/or ask or answer a question during the webinar, we receive, in addition to your registration data, information about the participation duration, your interest in the webinar, and the question and/or answer for further customer support or to expand the user experience.
Use of our forum DIALux board
(1) You can read our forum without prior registration. If you would like to actively participate in the forum, you must register by entering your email address and a password and username of your choice. There is no obligation to provide a real name and pseudonyms may be used. We use the double opt-in method for registration, i.e. your registration is not complete until you have confirmed your registration via a confirmation email sent to you for this purpose by clicking on the link contained therein. If we do not receive your confirmation within 14 days, your registration will be automatically deleted from our database.
(2) If you register a forum account, we will store all information you post in the forum, i.e. public posts, bulletin board entries, friendships, private messages, etc., until you log out, in order to operate the forum. The legal basis is art. 6, para. 1, sentence 1, point f of the GDPR.
(3) If you delete your account, your public statements, especially posts to the forum, remain visible to all readers, but your account is no longer accessible and is marked with "unknown user" in the forum. All other data will be deleted. If you would like your public contributions to be deleted as well, please contact the controller using the contact details above.
Data privacy of applications
If you send us an application via our website, we will use this data exclusively for the purpose of handling the application procedure. Processing can also be done electronically if you send us the corresponding application documents electronically, for example via email or via the web form on our website. If we conclude a contract of employment with you on the basis of this application, the transmitted data will be stored for the purpose of processing the employment contract in compliance with the legal regulations. However, if we do not conclude a contract of employment with you, then the application documents will be automatically deleted six months after notification of the rejection decision, unless you have given your consent for your application data to be stored by us for future job vacancies.
(1) With your consent, you can subscribe to our newsletter in which we will keep you informed of our current interesting offers. The goods and services advertised will be set out in the declaration of consent. The input mask used for this purpose determines which personal data are transmitted to the controller for processing when the newsletter is ordered.
(2) For legal reasons, we use the double opt-in method for subscribing to our newsletter. This means that once you have registered, we will send an email to the email address you have provided to us, asking you to confirm that you wish to receive the newsletter. If you fail to confirm your registration within three months, your information will be locked and will be automatically deleted after one month. Furthermore, we will store the IP addresses you have used and the time at which you registered/confirmed your registration in each case. The purpose of this procedure is to give us a record of your registration and to allow us to resolve any potential misuse of your personal data.
(3) The only mandatory information we require in order for the newsletter to be sent to you is your email address. Any provision of further, separately marked data is voluntary and these will be used to address you personally. Once we receive your confirmation, we will store your email address for the purpose of sending the newsletter to you. The legal basis is art. 6, para. 1, sentence 1, point a of the GDPR.
(4) You may revoke your consent to receiving the newsletter at any time and unsubscribe from the newsletter. To do so, you can click on the link provided in each Newsletter email, send an email to email@example.com or you may declare your revocation by sending a message to the contact details provided in the website information.
(5) Please note that we analyse your user behaviour when we send out the newsletter. Using the data obtained in this way, we compile a user profile so that we can provide you with a newsletter tailored to your interests. This represents a legitimate interest as per art. 6, para. 1, sentence 1 of the GDPR. We record the time at which you read our newsletter and the links you click on in it and, from this, derive your personal interests. For this analysis, the emails we send out contain "tracking pixels". You can object to this tracking at any time by clicking on the separate link provided in each email or by notifying us via another contact channel. The information will be stored for as long as you are subscribed to the newsletter. When you unsubscribe, we will store the data purely for statistical purposes and in an anonymous form.
Use of Google Analytics
(1) This website uses Google Analytics, a web analysis service of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA ("Google"). Web analysis refers to the collection, compilation and analysis of data on the behaviour of visitors to websites. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. Due to the activation of IP anonymisation on these websites, Google will however truncate your IP address within Member States of the European Union or in other Contracting States to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. For these exceptional cases where personal data is transferred to the USA, Google is certified under the Privacy Shield Agreement, and thus guarantees that it will observe European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). The legal basis for the use of Google Analytics is art. 6, para. 1, sentence 1, point f of the GDPR.
On behalf of the operator of this website, Google will use this information to analyse your use of the website, to compile reports on website activities and to provide the website operator with other services relating to website use and Internet use. We use Google Analytics to enable us to analyse and improve the use of our website. Using the statistics generated in this way allows us to regularly improve our offer and to make it more interesting for you as the user.
(2) Google will not associate the IP address transmitted by your browser in the context of Google Analytics with any other data held by Google.
(4) This website uses Google Analytics with the extension "_anonymizepIp()". As a result, IP addresses are processed in a shortened form and direct references to persons can be ruled out.
(5) More information regarding Google's terms of service and data protection regulations can be found at www.google.com/analytics/terms/de.html or https://www.google.de/intl/de/policies/privacy. Google Analytics is explained in more detail under this link https://www.google.com/intl/de_de/analytics/
Use of Matomo (formerly Piwik)
(1) This website uses the web analysis service Matomo to analyse and regularly improve the use of our website. Using the statistics generated in this way allows us to improve our service and to make it more interesting for you, the user. The legal basis for the use of Piwik is art. 6, para. 1, sentence 1, point f of the GDPR.
(3) This website uses Piwik with the extension "AnonymizeIP". As a result, IP addresses are processed in a shortened form and direct references to persons can be ruled out. Piwik will not associate the IP address transmitted by your browser with any other data we have gathered.
(4) For information on third-party privacy, visit https://matomo.org/privacy/
Use of mouseflow
Our website uses Mouseflow, a web analysis tool from Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark, to record randomly selected individual visits (only with anonymised IP address). This produces a log of mouse movements, mouse clicks and keyboard interactions, with the intention of rendering random individual visits to the website as Session Replays, as well as evaluating them in the form of heatmaps to derive potential improvements to the website. The cookie created by Mouseflow is deleted after a period of 90 days. The data recorded by Mouseflow are not personalised, are not transmitted to third parties and are stored for a period of 3 months. The storage and processing of the recorded data takes place within the EU. If you would not like your data to be recorded by Mouseflow, you can opt out of this on all websites that use Mouseflow under the following link: https://mouseflow.de/opt-out/
Integration of YouTube videos
(1) We have integrated YouTube videos into our online offer, which are stored at (http://www.YouTube.com) and can be played directly from our website. YouTube is an internet video portal that allows video publishers to upload video clips free of charge and allows other users to view, rate and comment on video clips free of charge. The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. On our website, we use the content or service offers of YouTube on the basis of our legitimate interests (that is, interests in analysis, optimisation and economical operation of our online services as per art. 6, para. 1, point f of the GDPR) in order to include their content and services.
(2) By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. This happens regardless of whether YouTube provides a user account that you are logged in to, or no such user account exists. If you are logged into Google, your data will be allocated directly to your account. If you do not want any allocation to your YouTube profile, you must log out prior to activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or for the design of its website according to demand. Such an analysis is conducted in particular (even for users who are not logged in) in order to display advertisements in line with user preferences and to inform other users of the social network about your activities on our website. You are entitled to raise an objection against the creation of such user profiles, but you must contact YouTube directly in order to exercise that right.
(3) For further information on the purpose and scope of data collection and data processing by YouTube, please refer to their data protection policy. Here you will also find further information on your rights and setting selection possibilities for the protection of your privacy: (https://www.google.de/intl/de/policies/privacy). Google also processes your personal data in the USA and has committed to adhere to the provisions of the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework) which consequently guarantees compliance with European data protection law.
Integration of Google Maps
(1) We use Google Maps services on our website. This allows us to show you interactive maps directly on the website and allows for convenient use the map function. On our website, we use the content or service offers of Google Maps on the basis of our legitimate interests (that is, interests in analysis, optimisation and economical operation of our online offer as per art. 6, para. 1, point f of the GDPR) in order to include their content and services.
(2) By visiting our website, Google receives the information that you have accessed the corresponding subpage of our website. This happens regardless of whether Google provides a user account that you are logged in to, or no such user account exists. If you are logged into Google, your data will be allocated directly to your account. If you do not want any allocation to your Google profile, you must log out prior to activating the button. Google stores your data as usage profiles and uses them for purposes of advertising, market research and/or for the design of its website according to requirements. Such an analysis is conducted in particular (even for users who are not logged in) in order to display advertisements in line with user preferences and to inform other users of the social network about your activities on our website. You are entitled to raise an objection against the creation of such user profiles, but you must contact Google directly in order to exercise that right.
(3) For further information on the purpose and scope of data collection and data processing by the plug-in provider, please refer to the provider's data protection policy. Here you will also find further information on your respective rights and setting selection possibilities for the protection of your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has committed to adhere to the provisions of the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Encrypted payment transactions
If you are obliged to provide us with your payment data due to the conclusion of a contract that results in a payment obligation on your part, the data required to do this is used exclusively for payment processing. This applies to all standard methods of payment (credit cards, direct debit). We use an encrypted SSL or TLS connection for payment transactions. These can be recognised by the lock symbol in your browser address bar. The address bar also changes from "http://" to "https://". This means that third parties are not able to read this data.
Payment service provider ConCardis
Payments on our website are handled by the payment service provider ConCardis. If you decide to pay by credit card with the payment service provider ConCardis, the payment is handled by the payment service provider ConCardis GmbH, Helfmann-Park 7, 65760 Eschborn, who we provide with the information you have disclosed as part of the order process in addition to the information on your order pursuant to art. 6, para. 1, point b of the GDPR. Your data will only be passed on for the purpose of processing payments with the payment service provider ConCardis and only to the extent necessary. You can find more information on the data protection of ConCardis in ConCardis' data protection policy: https://www.concardis.com/datenschutz.