Privacy Policy

Video surveillance of company premises

We are delighted that you have shown interest in our company. BELLIN Treasury International GmbH takes data protection very seriously. The web pages of BELLIN Treasury International GmbH can generally be used without providing any personal data. However, if a data subject (see definitions of terms below) wants to use certain services on our website, it may be necessary to process personal data. Where it is necessary to process personal data and there is no statutory basis for such processing, we generally obtain consent from the data subject.

Personal data, such as the name, address, email address or telephone number of a data subject, are processed in accordance with the General Data Protection Regulation (GDPR) and the national data protection regulations applicable to BELLIN Treasury International GmbH. This Privacy Policy provides the general public with information on the nature, scope and purpose of the personal data we collect, utilize and process. This Privacy Policy also informs data subjects of their rights.

As the data controller (see definitions of terms below), BELLIN Treasury International GmbH has implemented numerous technical and organizational measures to ensure the personal data processed through this website are protected as fully as possible. However, data transmission over the internet is inherently insecure, so we cannot guarantee the security of data sent over the internet. Data subjects may therefore communicate personal data to us using alternative means, e.g. by telephone.

 

  1. Definitions

    BELLIN Treasury International GmbH’s Privacy Policy is based on the terms used in the General Data Protection Regulation (GDPR) adopted by the European Union. Our Privacy Policy is intended to be easy for the general public, our customers and our business partners to read and understand. We have therefore set out below explanations of the terminology used.

    In this Privacy Policy, the following terms have the following meanings:

    • a)    Personal data

      Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

    • b)     Data subject

      Data subject means any identified or identifiable natural person whose personal data are processed by a controller.

    • c)    Processing

      Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

    • d)    Restriction of processing

      Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.

    • e)    Profiling

      Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

    • f)     Pseudonymization

      Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

    • g)    Controller

      Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by European Union or Member State law, the controller or the specific criteria for its nomination may be provided for by European Union or Member State law.

    • h)    Processor

      Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

    • i)      Recipient

      Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with European Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

    • j)      Third party

      Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

    • k)    Consent

      Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

  2. Name and address of the controller

    The controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member States of the European Union and other data protection provisions is:

    BELLIN Treasury International GmbH

    Tullastr. 19

    77955 Ettenheim

    Germany

    Phone: +49 7822 4460-0

    Email: pr@bellin.com

  3. Name and address of the data protection officer

    The controller’s data protection officer is:

    Sascha Kuhrau

    a.s.k. Datenschutz e.K.

    Schulstrasse 16a

    91245 Simmelsdorf-Hüttenbach

    Germany

    Phone: +49 (0)9155 – 263 99 70

    Email: extdsb@ask-datenschutz.de

    Website: https://www.bdsg-externer-datenschutzbeauftragter.de

    Data subjects can contact our data protection officer directly at any time with any questions or suggestions concerning data protection.

  4. Cookies

    BELLIN Treasury International GmbH’s web pages use cookies. Cookies are text files that are stored on a computer system by a web browser.

    Many websites and servers use cookies. Many cookies contain a unique identifier called a “cookie ID”: a string of characters that websites and servers associate with the specific web browser on which the cookie is stored. This allows websites visited and servers to distinguish the data subject’s browser from other browsers that store different cookies and to recognize each browser by its unique cookie ID.

    BELLIN Treasury International GmbH uses cookies to make our services more user-friendly.

    Cookies enable us to tailor the content of our website to the needs of the user. As previously mentioned, cookies allow us to recognize the user when he or she visits our website. The aim is to make our website easier to use. Cookies are widely used by websites for this purpose. For example, if a user logs in to a website that uses cookies, the website might use a cookie to recognize the browser later on, so that the user does not have to log in again. Another example is shopping on a website: a cookie enables the online store to remember which items the user has added to his or her virtual shopping cart.

    Data subjects may, at any time, use their browser settings to permanently disable cookies from our website. Existing cookies can be deleted at any time via the relevant web browser or by using other software programs. This is possible in all common web browsers. If a data subject disables cookies in his or her browser, he or she might not be able to make full use of all of the features on our website.

    Data collected through the use of cookies necessary for carrying out electronic communication processes or providing certain functions that you require (e.g. shopping cart) are processed on the basis of Art. 6(1)(f) of the GDPR. As the operator of this website, we have a legitimate interest in storing cookies in order to ensure the technically error-free and smooth provision of our services. If other cookies are used (e.g. for analysis functions), these are dealt with separately in this Privacy Policy.

  5. Collection of general data and information

    BELLIN Treasury International GmbH’s web pages collect certain general data and information each time a data subject or an automated system accesses the website. These general data and information are stored in the log files of the server. The following data may be collected: (1) the browser type and version used; (2) the operating system running on the computer accessing the website; (3) the website via which our website was accessed (the “referrer”); (4) the sections of our website which are visited; (5) the date and time of access to the website; (6) an internet protocol address (IP address); (7) the name of the internet service provider of the system accessing the website; and (8) any other similar data and information which would help to protect our information technology systems in the event of an attack.

    Data are stored in log files in order to ensure that the website works properly. The data are also used to optimize the website and to ensure our information technology systems are secure. The data are not analyzed for marketing purposes. The foregoing constitutes a legitimate interest for collecting data and thus the basis for data processing pursuant to Art. 6(1)(f) of the GDPR.

    BELLIN Treasury International GmbH does not use these general data and information to draw any conclusions about the data subject. The information is needed to: (1) deliver the content of our website correctly; (2) optimize the content of our website and advertising for the website; (3) ensure the long-term operability of our information technology systems and website technology; and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyberattack. These anonymous data and information are therefore analyzed statistically, with the aim of increasing data protection and data security at our company and to ensure an optimal level of protection for the personal data we process. The anonymous data in the server log files are stored separately from any personal data provided by a data subject.

  6. Subscription to our newsletter

    The BELLIN Treasury International GmbH website offers users the opportunity to subscribe to our company’s newsletter. The personal data transmitted when the user signs up to receive the newsletter from the controller are the data submitted when the user completes the subscription form.

    BELLIN Treasury International GmbH regularly provides its customers and business partners with information about the company’s products and services by means of a newsletter. The data subject can only receive the company’s newsletter if (1) the data subject has a valid email address and (2) the data subject signs up to receive the newsletter. For legal reasons, a double opt-in procedure is used: a confirmation email is sent to the email address entered when the data subject first signs up to receive the newsletter. This confirmation email is used to verify that the owner of the email address has authorized receipt of the newsletter.

    When a data subject signs up for the newsletter, we also store the IP address assigned by the internet service provider (ISP) to the computer system used by the data subject at the time of signup and the date and time of signup. These data are collected to enable any misuse of the email address of a data subject to be traced, thus acting as a legal safeguard for the controller.

    The personal data collected when a data subject signs up for the newsletter are only used for the purposes of sending our newsletter. Subscribers to the newsletter may also be contacted by email where necessary for the operation of the newsletter service or in relation to registration for the newsletter service, for example in the event of changes to the newsletter service or technical changes. Personal data collected for the purposes of the newsletter service are not passed on to third parties. The data subject may cancel his or her subscription to our newsletter at any time. Consent to the storage of personal data, granted by the data subject for the purposes of sending the newsletter, may be withdrawn at any time by means of a link found in each newsletter. It is also possible to unsubscribe from the newsletter at any time directly on the controller’s website or by communicating this request to unsubscribe to the controller via other means.

    The legal basis for the processing and for sending the newsletter is your consent as a user (Art. 6(1)(a) of the GDPR).

  7. Newsletter tracking

    The BELLIN Treasury International GmbH newsletter contains tracking pixels. A tracking pixel is a miniature graphic embedded in HTML emails which enables log files to be recorded and analyzed and thus a statistical analysis of the success or failure of online marketing campaigns to be carried out. Using the embedded tracking pixel, BELLIN Treasury International GmbH can see if and when an email has been opened by a data subject and which links in the email have been accessed by the data subject.

    Personal data of this nature collected via the tracking pixels contained in the newsletters are stored and analyzed by the controller in order to optimize distribution of the newsletter and to tailor the content of future newsletters to the interests of the data subject. These personal data are not passed on to third parties. Data subjects may at any time withdraw the relevant separate consent given by means of the double-opt-in procedure. Once consent has been withdrawn, these personal data will be deleted by the controller. BELLIN Treasury International GmbH automatically interprets a request to unsubscribe from the newsletter as withdrawal of consent.

    Newsletter tracking is carried out on the basis of Art. 6(1)(f) of the GDPR. As the operator of this website, we have a legitimate interest in analyzing user behavior in order to optimize our website and, if necessary, advertising.

  8. Contacting us via the website

    In accordance with legal requirements, BELLIN Treasury International GmbH’s web pages contain information that enables users to contact our company quickly by electronic means and to communicate with us directly, including a general email address. If a data subject contacts the controller by email or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the controller are stored for the purposes of processing or contacting the data subject. These personal data are not passed on to third parties.

    The data sent to us are processed solely on the basis of your consent (Art. 6(1)(a) of the GDPR), which you grant by submitting the data.

  9. The comments feature on the blog on the website

    BELLIN Treasury International GmbH offers users the opportunity to leave comments on individual blog posts made on a blog on the controller’s website. A blog is a web-based, usually publicly accessible portal, through which one or more people known as “bloggers” or “web bloggers” can post articles or record their thoughts in “blog posts”. Blog posts may usually be commented on by third parties.

    If a data subject leaves a comment on the blog published on this website, the comment made by the data subject, details of the date/time of the comment and the user name (pseudonym) chosen by the data subject are stored and published. The IP address assigned by the internet service provider (ISP) to the data subject is also logged. The IP address is stored for security reasons and in case the data subject’s comment violates the rights of third parties or contains illegal content. These personal data are therefore stored for the controller’s own purposes, so that it can protect itself from liability in the event of an infringement. The personal data collected are not passed on to third parties, unless required by law or for the purposes of the legal defense of the controller.

    The data entered in the comments form are processed solely on the basis of your consent (Art. 6(1)(a) of the GDPR), which you grant by submitting the form.

  10. Subscription to comments on the blog on the website

    Third parties may subscribe to the comments made on the BELLIN Treasury International GmbH blog. In particular, there is the option for a person leaving a comment to subscribe to the comments following his or her comment on a particular blog post.

    If a data subject decides to subscribe to this option, the controller sends an automatic confirmation email to verify that the owner of the specified email address selected this option (double opt-in procedure). The data subject may cancel the subscription to comments at any time.

    The legal basis for the processing and for sending subscription emails is your consent as a user (Art. 6(1)(a) of the GDPR).

  11. Routine erasure and blocking of personal data

    The controller processes and stores the personal data of the data subject only for the period necessary for retention purposes or where provided for by European legislation or other laws or regulations to which the controller is subject.

    If personal data no longer require to be retained or if a retention period prescribed in European legislation or other applicable legislation expires, personal data are routinely blocked or erased in accordance with legal requirements.

  12. Rights of the data subject
    • a) Right of confirmation

      Every data subject has the right under European legislation to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed. If a data subject wishes to exercise this right of confirmation, he or she may, at any time, contact an employee of the controller.

    • b) Right of access

      Every data subject has the right under European legislation to obtain at any time, free of charge, from the controller access to the personal data stored about him or her and a copy of this information. European legislation also grants the data subject the right to access the following information:

      • the purposes of the processing;
      • the categories of personal data concerned;
      • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
      • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
      • the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
      • the existence of the right to lodge a complaint with a supervisory authority;
      • where the personal data are not collected from the data subject, any available information as to their source;
      • the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject.

      The data subject also has a right to obtain information as to whether personal data have been transferred to a third country or to an international organization. Where this is the case, the data subject also has the right to be informed of the appropriate safeguards relating to the transfer.

      If a data subject wishes to exercise this right of access, he or she may, at any time, contact an employee of the controller.

    • c) Right to rectification

      Every data subject has the right under European legislation to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.

      If a data subject wishes to exercise this right to rectification, he or she may, at any time, contact an employee of the controller.

    • d) Right to erasure (right to be forgotten)

      Every data subject has the right under European legislation to obtain from the controller the erasure of personal data concerning him or her without undue delay, and the controller has the obligation to erase personal data without undue delay where one of the following grounds applies, as long as the processing is not necessary:

      • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
      • the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1) of the GDPR, or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing;
      • the data subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of the GDPR;
      • the personal data have been unlawfully processed;
      • the personal data have to be erased for compliance with a legal obligation in European Union or Member State law to which the controller is subject;
      • the personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.

      If any of the grounds mentioned above applies and a data subject wishes to request the erasure of personal data stored by BELLIN Treasury International GmbH, he or she may, at any time, contact an employee of the controller. The BELLIN Treasury International GmbH employee will ensure that the erasure request is complied with without undue delay.

      Where BELLIN Treasury International GmbH has made personal data public and is, as the controller, obliged pursuant to Article 17(1) of the GDPR to erase personal data, BELLIN Treasury International GmbH, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other controllers which are processing the personal data that the data subject has requested erasure by such controllers of any links to, or copy or replication of, those personal data, as long as the processing is not required. The BELLIN Treasury International GmbH employee will arrange the necessary action appropriate to the specific situation.

    • e) Right to restriction of processing

      Every data subject has the right under European legislation to obtain from the controller restriction of processing where one of the following applies:

      • the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
      • the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
      • the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims;
      • the data subject has objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.

      If one of the conditions mentioned above is met and a data subject wishes to request the restriction of the processing of personal data stored by BELLIN Treasury International GmbH, he or she may, at any time, contact an employee of the controller. The employee of BELLIN Treasury International GmbH will arrange for the processing to be restricted.

    • f) Right to data portability

      Every data subject has the right under European legislation to receive the personal data concerning him or her, which have been provided by the data subject to a controller, in a structured, commonly used and machine-readable format. He or she also has the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, as long as the processing is based on consent pursuant to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR or on a contract pursuant to point (b) of Article 6(1) of the GDPR, and the processing is carried out by automated means, as long as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

      Furthermore, in exercising his or her right to data portability pursuant to Article 20(1) of the GDPR, the data subject has the right to have personal data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.

      To exercise the right to data portability, the data subject may, at any time, contact an employee of BELLIN Treasury International GmbH.

    • g) Right to object

      Every data subject has the right under European legislation to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on these provisions.

      In the event of such an objection, BELLIN Treasury International GmbH will no longer process the personal data, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.

      If BELLIN Treasury International GmbH processes personal data for direct marketing purposes, the data subject has the right to object at any time to processing of personal data concerning him or her for such marketing. This applies to profiling to the extent that it is related to such direct marketing. If the data subject objects to BELLIN Treasury International GmbH processing his or her personal data for direct marketing purposes, BELLIN Treasury International GmbH will no longer process the personal data for such purposes.

      The data subject also has the right to object, on grounds relating to his or her particular situation, to processing of personal data concerning him or her by BELLIN Treasury International GmbH for scientific or historical research purposes or statistical purposes pursuant to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

      To exercise the right to object, the data subject may, at any time, contact any employee of BELLIN Treasury International GmbH directly. The data subject is also free in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, to exercise his or her right to object by automated means using technical specifications.

    • h) Automated individual decision-making, including profiling

      Every data subject has the right under European legislation not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her, as long as the decision (1) is not necessary for entering into, or performance of, a contract between the data subject and a data controller, or (2) is not authorized by European Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, or (3) is not based on the data subject’s explicit consent.

      If the decision (1) is necessary for entering into, or performance of, a contract between the data subject and a data controller, or (2) is based on the data subject’s explicit consent, BELLIN Treasury International GmbH will implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and contest the decision.

      If the data subject wishes to exercise the rights concerning automated individual decision-making, he or she may, at any time, contact an employee of the controller.

    • i) Right to withdraw consent to process personal data

      Every data subject has the right under European legislation to withdraw his or her consent to processing of his or her personal data at any time.

      If the data subject wishes to exercise the right to withdraw consent, he or she may, at any time, contact an employee of the controller.

  13. Data protection in relation to job applications and the application process

    The controller collects and processes the personal data of job applicants for the purposes of the job application process. Applicants’ personal data may be processed electronically. This is the case, in particular, if an applicant submits the relevant application documents to the controller electronically, for example by email or via a web form on the website. If the controller enters into an employment contract with an applicant, the submitted data are stored in accordance with legal requirements for the purposes of performing the employment contract. If the controller does not enter into an employment contract with the applicant, the application documents are automatically erased two months after the applicant has been notified that his or her application has been unsuccessful, provided that erasure does not prejudice any other legitimate interests of the controller. In this context, “other legitimate interests” means, for example, a situation where the burden of proof falls on the controller in proceedings under the German General Act on Equal Treatment (AGG).

    The data sent to us are processed solely on the basis of your consent (Art. 6(1)(a) of the GDPR), which you grant by submitting the data.

  14. Data protection provisions relating to the use of Facebook

    The controller has integrated components of Facebook into this website. This is done on the basis of our legitimate interest in analyzing, optimizing and operating our website (pursuant to Art. 6(1)(f) of the GDPR). Facebook is a social network.

    A social network is a place for social meetings on the internet, an online community which usually allows users to communicate with each other and interact in a virtual space. A social network may serve as a platform for the exchange of opinions and experiences or enable the internet community to provide personal or business-related information. Facebook offers social network users various features, including the ability to create private profiles, upload photos and connect with other users via friend requests.

    Facebook is operated by Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. For data subjects who live outside of the United States or Canada, the controller is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

    Every time a data subject accesses one of the pages on the website operated by the controller into which a Facebook component (Facebook plug-in) has been integrated, the web browser on the data subject’s information technology system is automatically prompted by the relevant Facebook component to download from Facebook a representation of the corresponding Facebook component. An overview of all available Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/. As part of this technical process, Facebook receives information indicating which specific sections of our website have been visited by the data subject.

    Whenever a data subject is logged in to Facebook while accessing our website, Facebook detects – for the entire duration of the data subject’s visit to our website – which specific sections of our website are visited by the data subject. This information is collected by the Facebook component and associated with the data subject’s Facebook account. If the data subject clicks on one of the Facebook buttons integrated into our website, e.g. the “Like” button, or if the data subject submits a comment, then Facebook matches this information with the data subject’s personal Facebook user account and stores these personal data.

    Facebook therefore always receives information via the Facebook component indicating that the data subject has visited our website whenever the data subject is logged in to Facebook while accessing our website. This occurs regardless of whether the data subject clicks on the Facebook component or not. Any data subject who so wishes can prevent this information from being transmitted to Facebook in this way by logging out of his or her Facebook account before accessing our website.

    The data privacy policy published by Facebook, which is available at https://facebook.com/about/privacy/, provides information about the collection, processing and utilization of personal data by Facebook. It also explains which setting options Facebook offers to protect the privacy of data subjects. Various applications which prevent data being transmitted to Facebook are also available. These applications may be used by the data subject to prevent data being transmitted to Facebook.

  15. Data protection provisions relating to the use of Google AdSense

    The controller has integrated Google AdSense into this website. Google AdSense is an online service which allows advertisements to be placed on third-party sites. Google AdSense is based on an algorithm that matches the advertisements displayed on a third-party site to the content of the third-party site. Google AdSense allows advertisements to be targeted to internet users based on interests, achieved by generating individual user profiles. The legal basis for the foregoing is our legitimate interest in analyzing, optimizing and operating our website (pursuant to Art. 6(1)(f) of the GDPR).

    The Google AdSense component is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

    The Google AdSense component is used to display advertisements on our website. Google AdSense places a cookie on the data subject’s information technology system. Cookies and how they work are explained above. This cookie enables Google to analyze how our website is used. Every time a data subject accesses one of the pages on the website operated by the controller into which a Google AdSense component has been integrated, the web browser on the data subject’s information technology system is automatically prompted by the relevant Google AdSense component to transmit data to Alphabet Inc. for the purposes of online advertising and paying commission. As part of this technical process, Google receives personal data, such as the data subject’s IP address, which Google uses for various purposes including to track where visitors to the website come from and which items they click on and to calculate commission.

    Data subjects may at any time, as stated above, use their browser settings to permanently disable cookies from our website. Making this change to the settings of the web browser used would also prevent Google from placing a cookie on the data subject’s information technology system. Existing Google cookies can be deleted at any time via the relevant web browser or by using other software programs.

    Google AdSense also uses tracking pixels. A tracking pixel is a miniature graphic embedded in web pages to enable log files to be recorded and analyzed and thus a statistical analysis to be carried out. Using the embedded tracking pixel, Google can see if and when a website has been opened by a data subject and which links have been clicked on by the data subject. One of the uses of tracking pixels is to analyze visitor flow on a website.

    Personal data and information – which include IP address and are necessary for logging and calculation purposes in relation to the displayed advertisements – are transmitted to Google in the United States. These personal data are stored and processed in the United States. Google may share the personal data collected using this technical process with third parties.

    The following link gives further details of Google AdSense: https://www.google.com/intl/en/adsense/start/.

  16. Data protection provisions relating to the use of Google Analytics (with anonymization function)

    The controller has integrated the Google Analytics component (with the anonymization function) into this website. Google Analytics is a web analytics service. Web analytics is the process of collecting, compiling and analyzing data on the behavior of visitors to a website. A web analytics service collects various data including details of the website from which a data subject arrives at the website concerned (the “referrer”), which sections of the website are visited and how often and for how long a section of the website is viewed. Web analytics are mainly used to optimize a website and in order to carry out a cost-benefit analysis of internet advertising.

    The Google Analytics component is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

    For web analytics using Google Analytics, the controller adds “_gat. _anonymizeIp” to the code, which truncates and anonymizes the IP address of the data subject’s internet connection when our web pages are accessed from a Member State of the European Union or another Contracting State to the Agreement on the European Economic Area.

    The Google Analytics component is used to analyze the traffic on our website. Google uses the data and information obtained for various purposes, including to evaluate the use of our website, to compile online reports for us showing the activities on our websites and to provide other services in relation to the use of our website.

    Google Analytics places a cookie on the data subject’s information technology system. Cookies and how they work are explained above. This cookie enables Google to analyze how our website is used. Every time a data subject accesses one of the pages of the website operated by the controller into which a Google Analytics component has been integrated, the web browser on the data subject’s information technology system is automatically prompted by the relevant Google Analytics component to transmit data to Google for the purposes of online analysis. As part of this technical process, Google receives personal data, such as the data subject’s IP address, which Google uses for various purposes, including to track where visitors to the website come from and which items they click on and to calculate commission.

    The cookie is used to store personal information, such as the time and place of access and the frequency of visits to our website by the data subject. Every time our website is visited, these personal data, including the IP address of the internet connection used by the data subject, are transmitted to Google in the United States. These personal data are stored by Google in the United States. Google may share the personal data collected using this technical process with third parties.

    Data subjects may at any time, as stated above, use their browser settings to permanently disable cookies from our website. Making this change to the settings of the web browser used would also prevent Google from placing a cookie on the data subject’s information technology system. Existing Google Analytics cookies can be deleted at any time via the relevant web browser or by using other software programs.

    Data subjects also have the option of objecting to and preventing the collection of data generated by Google Analytics relating to the use of this website and the processing of these data by Google. To exercise this option, the data subject must download and install a browser add-on available at the following link: https://tools.google.com/dlpage/gaoptout. This browser add-on informs Google Analytics via JavaScript that no data or information on visits to web pages may be transmitted to Google Analytics. Installation of the browser add-on is deemed by Google to constitute such an objection on the part of the data subject. If the data subject’s information technology system is subsequently erased, formatted, or reinstalled, then the data subject must reinstall the browser add-ons to disable Google Analytics. If the browser add-on is uninstalled or disabled by the data subject or another person under his or her authority, the browser add-on can be reinstalled or reactivated.

    Further information and Google’s data privacy policy can be found at https://www.google.com/intl/en/policies/privacy/ and http://www.google.com/analytics/terms/us.html. Further details of Google Analytics are available at the following link: https://www.google.com/analytics/.

    Data collected through the use of Google Analytics cookies are processed on the basis of Art. 6(1)(f) of the GDPR. As the operator of this website, we have a legitimate interest in analyzing user behavior in order to optimize our website and, if necessary, advertising.

  17. Data protection provisions relating to the use of Google Ads

    The controller has integrated Google Ads into this website. Google Ads is an online advertising service that allows advertisers to place advertisements in Google’s search engine results and the Google advertising network. Google Ads allows an advertiser to pre-define specific keywords. An advertisement is displayed in Google’s search engine results only when the user searches for a term related to the keyword(s). An automatic algorithm places the advertisements on relevant websites in the Google advertising network using the pre-defined keywords. The legal basis for the foregoing is our legitimate interest in analyzing, optimizing and operating our website (pursuant to Art. 6(1)(f) of the GDPR).

    Google Ads is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

    Google Ads is used to promote our website by displaying interest-based advertising on the websites of third parties and in the search engine results of the Google search engine and to display third-party advertising on our website.

    If a data subject arrives at a website via a Google advertisement, Google places a cookie referred to as a “conversion cookie” on the data subject’s information technology system. Cookies and how they work are explained above. A conversion cookie expires after 30 days and is not used to identify the data subject. Provided it has not expired, the conversion cookie is used to track whether specific sections of the website, e.g. the shopping cart of an online store system, have been accessed. The conversion cookie enables both Google and the controller to track whether a data subject who arrived at the website via a Google Ads advertisement generated revenue, i.e. whether he or she completed or abandoned a purchase.

    The data and information collected using the conversion cookie is used by Google to produce visit statistics for our website. These visit statistics are in turn used by us to determine the total number of users referred to use via Google Ads advertisements i.e. to ascertain the success or failure of each Google Ads advertisement and to optimize our Google Ads advertisements for the future. Neither our company nor other Google Ads advertisers receive information from Google that could identify the data subject.

    The conversion cookie stores personal information, e.g. the web pages visited by the data subject. Every time our web pages are visited, personal data, including the IP address of the internet connection used by the data subject, are therefore transmitted to Google in the United States. These personal data are stored by Google in the United States. Google may share the personal data collected using this technical process with third parties.

    Data subjects may at any time, as stated above, use their browser settings to permanently disable cookies from our website. Making this change to the settings of the web browser used would also prevent Google from placing a conversion cookie on the data subject’s information technology system. Existing Google Ads cookies can be deleted at any time via the relevant web browser or by using other software programs.

    Data subjects also have the option of objecting to interest-based advertising by Google. To exercise this option, the data subject must access the link www.google.com/settings/ads from each of the browsers he or she uses and select the desired settings.

    Further information and Google’s data privacy policy can be found at https://www.google.com/intl/en/policies/privacy/.

  18. Data protection provisions relating to the use of LinkedIn

    The controller has integrated LinkedIn components into this website. LinkedIn is a web-based social network that enables users to connect with existing business contacts and to make new business contacts. LinkedIn has over 400 million registered users in more than 200 countries, making it the largest platform for business contacts and one of the most visited websites in the world.

    LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, United States. For data protection matters outside of the United States, responsibility lies with LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

    Every time a data subject accesses one of the pages of our website into which a LinkedIn component (LinkedIn plug-in) has been integrated, the web browser used by the data subject is automatically prompted by this component to download a corresponding representation of the component from LinkedIn. Further information about LinkedIn plug-ins can be found at https://developer.linkedin.com/plugins. As part of this technical process, LinkedIn receives information indicating which specific sections of our website have been visited by the data subject.

    Whenever a data subject is logged in to LinkedIn while accessing our website, LinkedIn detects – for the entire duration of the data subject’s visit to our website – which specific sections of our website are visited by the data subject. This information is collected by the LinkedIn component and associated with the data subject’s LinkedIn account. If the data subject clicks on one of the LinkedIn buttons integrated into our website, then LinkedIn matches this information with the data subject’s personal LinkedIn user account and stores these personal data.

    LinkedIn therefore always receives information via the LinkedIn component indicating that the data subject has visited our website whenever the data subject is logged in to LinkedIn while accessing our website. This occurs regardless of whether the data subject clicks on the LinkedIn component or not. Any data subject who so wishes can prevent this information from being transmitted to LinkedIn in this way by logging out of his or her LinkedIn account before accessing our website.

    LinkedIn allows users to unsubscribe from email messages, SMS messages and targeted ads and to manage ad settings at https://www.linkedin.com/psettings/guest-controls. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame which may use cookies. Cookies of this type can be disabled at https://www.linkedin.com/legal/cookie-policy. LinkedIn’s data privacy policy is available at https://www.linkedin.com/legal/privacy-policy. LinkedIn’s cookie policy is available at https://www.linkedin.com/legal/cookie-policy.

    The legal basis for the foregoing is our legitimate interest in analyzing, optimizing and operating our website (pursuant to Art. 6(1)(f) of the GDPR).

  19. Data protection provisions relating to the use of Twitter

    The controller has integrated Twitter components into this website. Twitter is a multilingual, publicly accessible microblogging service on which users can publish and share short messages limited to 280 characters, called “tweets.” These short messages can be accessed by everyone, including those not logged in to Twitter. The tweets are also displayed to “followers” i.e. other Twitter users who follow a user’s tweets. Twitter enables users to address a wide audience using hashtags, links or retweets.

    Twitter is operated by Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, United States.

    Every time a data subject accesses one of the pages on the website operated by the controller into which a Twitter component (Twitter button) has been integrated, the web browser on the data subject’s information technology system is automatically prompted by the relevant Twitter component to download from Twitter a representation of the corresponding Twitter component. Further information about the Twitter buttons is available at https://about.twitter.com/resources/buttons. As part of this technical process, Twitter receives information indicating which specific sections of our website have been visited by the data subject. The Twitter component is integrated into our website to enable users to share its contents, to publicize our website and to increase our visitor numbers.

    Whenever a data subject is logged in to Twitter while accessing our website, Twitter detects – for the entire duration of the data subject’s visit to our website – which specific sections of our website are visited by the data subject. This information is collected by the Twitter component and associated with the data subject’s Twitter account. If the data subject clicks on one of the Twitter buttons integrated into our website, then Twitter matches this information with the data subject’s personal Twitter user account and stores these personal data.

    Twitter therefore always receives information via the Twitter component indicating that the data subject has visited our website whenever the data subject is logged in to Twitter while accessing our website. This occurs regardless of whether the data subject clicks on the Twitter component or not. Any data subject who so wishes can prevent this information from being transmitted to LinkedIn in this way by logging out of his or her Twitter account before accessing our website.

    Twitter’s data privacy policy is available at https://twitter.com/privacy?lang=en.

    The legal basis for the foregoing is our legitimate interest in analyzing, optimizing and operating our website (pursuant to Art. 6(1)(f) of the GDPR).

  20. Data protection relating to the use of Xing

    The controller has integrated XING components into this website. XING is a web-based social network that enables users to connect with existing business contacts and to make new business contacts. Individual users can create their own personal profile on XING. Companies can, for example, create company profiles or publish jobs on XING.

    XING is operated by XING SE, Dammtorstrasse 30, 20354 Hamburg, Germany.

    Every time a data subject accesses one of the pages on the website operated by the controller into which a XING component (XING plug-in) has been integrated, the web browser on the data subject’s information technology system is automatically prompted by the relevant XING component to download from XING a representation of the corresponding XING component. Further information about the XING plug-in is available at https://dev.xing.com/plugins. As part of this technical process, XING receives information indicating which specific sections of our website have been visited by the data subject.

    Whenever a data subject is logged in to XING while accessing our website, XING detects – for the entire duration of the data subject’s visit to our website by the data subject – which specific sections of our website are visited by the data subject. This information is collected by the XING component and associated with the data subject’s XING account. If the data subject clicks on the XING buttons integrated into our website, e.g. the “Share” button, then XING matches this information with the data subject’s personal XING user account and stores these personal data.

    XING therefore always receives information via the XING component indicating that the data subject has visited our website whenever the data subject is logged in to XING while accessing our website. This occurs regardless of whether the data subject clicks on the XING component or not. Any data subject who so wishes can prevent this information from being transmitted to XING in this way by logging out of his or her XING account before accessing our website.

    The data privacy policy published by XING, which is available at https://www.xing.com/privacy, provides information on the collection, processing and utilization of personal data by XING. XING has also published data privacy notices for the XING share button at https://www.xing.com/app/share?op=data_protection.

    The legal basis for the foregoing is our legitimate interest in analyzing, optimizing and operating our website (pursuant to Art. 6(1)(f) of the GDPR).

  21. Legitimate interests in processing pursued by the controller or by a third party

    Where the processing of personal data is based on point (f) of Article 6(1) of the GDPR, our legitimate interest is to carry out our business for the benefit of all our employees and shareholders.

  22. Period for which personal data will be stored

    The criterion used to determine how long personal data is stored is the relevant statutory retention period. After this period has expired, the corresponding data is routinely deleted, as long as they are no longer necessary for performing or arranging a contract.

  23. Statutory or contractual requirements to provide personal data; requirement when entering into a contract; obligation of the data subject to provide the personal data; possible consequences of failure to provide such data

    The provision of personal data may in some cases be required by law (e.g. tax regulations) or may result from contractual provisions (e.g. information on the other party in a contract). Sometimes in order to enter into a contract it may be necessary for the data subject to provide us with personal data which must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data when our company signs a contract with him or her. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. In case of doubt, the data subject must contact one of our employees before providing personal data. The employee will confirm to the data subject on a case-by-case basis whether the provision of the personal data is required under law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and the consequences of not providing the personal data.

  24. Existence of automated decision-making

    As a responsible company, we do not use automatic decision-making or profiling.

  25. Validity of and changes to this Privacy Policy

    This version of the Privacy Policy is valid from September 23, 2019.

    It may be necessary to make changes to this Privacy Policy as a result of enhancements to our website or the products and services featured thereon or due to changes to legal or official requirements. The current version of the Privacy Policy can be accessed and printed out at any time on our website at bellin.com/privacy-policy.

    This English version of the Privacy Policy is a translation of the original German version and is intended for information only. In case of discrepancy between the original German version and the translation, the German version shall prevail.

Let’s get in touch!

Interested in learning more about our solutions? That’s great.
Because we’d like to learn more about you. So give us a shout.

By submitting this form, you consent to us using your data to process your request. You can find more detailed information in our privacy policy.