Privacy Policy
You can generally use our website without providing personal data. In individual cases, however, the collection and processing of your personal data may be necessary to use certain functions of our website. In addition, we collect and process personal data to optimize our website and services, in accordance with data protection regulations.
We take the protection of your personal data very seriously and would like to inform you about your rights, as well as the nature and scope of the respective data collection.
1) Controller and contact person for data protection inquiries
Controller in accordance with the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG):
Kolchis GmbH
Altmark 10b, 01067 Dresden
Mr. Sebastian Krause
Phone: 0173 885 76 82
Email: contact@ecotherm.solutions
2) Definitions
Personal Data
Personal data refers to any information relating to an identified or identifiable natural person (hereinafter referred to as the "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more specific characteristics expressing the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
Data Subject
A data subject is an individual whose personal data is processed by the controller.
Processing
Processing is any operation or set of operations performed on personal data, whether or not by automated means, such as collecting, recording, organizing, structuring, storing, adapting, altering, retrieving, consulting, using, disclosing by transmission, disseminating, or otherwise making available, aligning, or combining, restricting, erasing, or destroying.
Profiling
Profiling is any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements of that natural person.
Pseudonymization
Pseudonymization is the processing of personal data in a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
Controller
Controller is the person who decides on the purposes and means of processing personal data and carries out such processing.
Processor
Processor is another natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.
Recipient
Recipient is a natural or legal person, public authority, agency, or another body to whom personal data is disclosed.
Consent
Consent of the data subject is any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Personal Data Breach
Personal data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.
Biometric Data
Biometric data is personal data obtained by specific technical means relating to the physical, physiological, or behavioral characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or dactyloscopic data.
Health Data
Health data is personal data related to the physical or mental health of a natural person, including the provision of health services, from which information about their health status emerges.
Supervisory Authority
The supervisory authority is an independent state authority established by a member state in accordance with Article 51 GDPR, responsible for monitoring compliance with data protection laws and regulations.
3) Information about the Processing of Personal Data
We process your personal data through various technical means and possibly with the involvement of additional service providers. We would like to inform you about the specific details of the processing in the following points.
Visit to our Website
(1) When you visit our website, i.e., if you do not register or otherwise provide information, we only collect the personal data that your browser transmits to our server. When you want to view our website, we collect the following data, which is technically necessary for us to display our website to you and ensure stability and security (legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR, § 15 Telemedia Act (TMG)):
- IP address and service provider
- Date and time of the request
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request originates
- Browser including language and software version
- Operating system and its interface
(2) The data listed in paragraph (1) is also automatically stored in the log files of our server. The log data is stored separately from other data and can only be accessed by the host. The storage period for log data is 7 days. The legal basis for the processing of your data when visiting our website is Art. 6 para. 1 sentence 1 lit. f GDPR, § 15 Telemedia Act (TMG).
Use of Cookies
In addition to the data mentioned above, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using, and through which certain information flows to the entity that sets the cookie (in this case, us). Cookies cannot execute programs or transmit viruses to your computer. They serve to make the overall Internet offering more user-friendly and effective.
This website uses the following types of cookies, whose scope and functionality are explained below: Transient Cookies, Persistent Cookies
Transient cookies are automatically deleted when you close the browser. This includes session cookies, which store a session ID that can be used to assign various requests from your browser to the shared session. This allows your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close the browser.
Persistent cookies are automatically deleted after a specified duration, which may vary depending on the cookie. You can delete cookies at any time in the security settings of your browser.
You can configure your browser settings according to your preferences and also reject the acceptance of third-party cookies or all cookies. However, we would like to point out that you may not be able to use all functions of this website in that case. The legal basis for the use of cookies is Art. 6 para. 1 sentence 1 lit. f GDPR.
By clicking "Accept All" in the cookie banner, you also consent under Art. 49 para. 1 sentence 1 lit a GDPR that your data will be processed in the United States. The European Court of Justice considers the USA to have an insufficient level of data protection according to EU standards. There is a particular risk that your data may be processed by US authorities for control and surveillance purposes, possibly without legal recourse. If you click "Functional Cookies Only," the described transmission does not take place.
Use of the Contact Form
When you contact us through the contact form on our website, the data you enter (your email address and regularly your name, phone number, and other information you provide) at the time of submission will be stored by us to process your request.
Alternatively, you can also contact us via the email address provided on our website, which can be found in the imprint.
You can object to the processing of your personal data at any time by sending an email to contact@ecotherm.solutions or by declaring your objection to the processing of your personal data to the person listed in Section 1. If you contact us directly by email, you can object to the processing of your personal data at any time using the same methods.
We delete the data generated in this context after storage is no longer necessary or restrict processing if legal retention obligations exist. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR.
If your contact aims to conclude a contract, an additional legal basis for the processing of your personal data is Art. 6 para. 1 lit. b GDPR.
4) Google Analytics
Our website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). This tracking measure implemented by Kolchis GmbH is carried out based on Art. 6 para. 1 sentence 1 lit. f) GDPR.
The legitimate interests of Kolchis GmbH, as per the aforementioned regulations, serve the purpose of enabling user-friendly design and continuous optimization of our website. Additionally, by using Google Analytics, we can statistically analyze the usage of our website and optimize our offerings.
Google Analytics uses so-called "cookies," which are text files stored on your computer that allow an analysis of your use of the website. The information generated by the cookie about your use of this website (including your IP address) is transmitted to a Google server in the USA and stored there. Google will use this information to evaluate your use of the website, compile reports on website activities for website operators, and provide further services related to the use of our website and the Internet. Google may also transfer this information to third parties if required by law or if third parties process this data on behalf of Google.
You can prevent the installation of cookies by adjusting your browser settings accordingly. However, please note that in this case, you may not be able to fully utilize all functions of our website.
By using our website, you consent to the processing of data about you by Google in the manner and for the purpose described above.
You can object to the collection and use of your IP address by Google Analytics at any time with future effect. For more information, please visit: tools.google.com/dlpage/gaoptout.
We would like to point out that Google Analytics on this website has been extended with the code "gat._anonymizeIp();" to ensure anonymized collection of IP addresses.
For further information on data use by Google Inc., please visit: https://support.google.com/analytics/answer/6004245?hl=en
Integration of Google reCAPTCHA
To protect the contact form on our website, we use the Google reCAPTCHA service. This is a query to determine whether the input into the contact form is made by a human or through abusive, automated, machine processing. The legal basis for the use of Google reCAPTCHA is Art. 6 para. 1 sentence 1 lit. f GDPR.
Upon visiting the website, the previously described reCAPTCHA is retrieved from a Google server. Additionally, the data mentioned in Section 3, "Use of Cookies" and "Visit to our Website" of this statement is transmitted. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged into Google, your data will be directly associated with your account. If you do not wish to be associated with your profile on Google, you must log out of your Google account before visiting our website. Google stores your data as user profiles and uses them for advertising, market research, and/or customized design of its website. Such evaluation is done, in particular (even for users not logged in), for the provision of targeted advertising. You have the right to object to the creation of these user profiles, and to exercise this right, you must contact Google.
Provider Information: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For more information on the purpose and scope of data collection and processing by the plugin provider, refer to the provider's privacy policy. There, you will also find additional information about your rights and privacy settings: https://www.google.com/intl/en/policies/privacy. Google processes your personal data in the United States and is subject to the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.
Integration of Google Web Fonts
On this website, we use Google Web Fonts for improved visual presentation. These are fonts that are retrieved from a Google server when our website is accessed and stored in the cache of your browser for the display of our website. For more information, visit https://fonts.google.com/about#. The legal basis for the use of Google Web Fonts is Art. 6 para. 1 sentence 1 lit. f GDPR.
Upon visiting the website, Google receives information that you have accessed it. Additionally, the data mentioned in Section 3, "Use of Cookies" and "Visit to our Website" of this statement is transmitted. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged into Google, your data will be directly associated with your account. If you do not wish to be associated with your profile on Google, you must log out of your Google account before visiting our website. Google stores your data as user profiles and uses them for advertising, market research, and/or customized design of its website. Such evaluation is done, in particular (even for users not logged in), for the provision of targeted advertising. You have the right to object to the creation of these user profiles, and to exercise this right, you must contact Google.
Provider Information: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For more information on the purpose and scope of data collection and processing by the plugin provider, refer to the provider's privacy policy. There, you will also find additional information about your rights and privacy settings: https://www.google.com/intl/en/policies/privacy. Google processes your personal data in the United States and is subject to the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.
5) Online Presence in Social Media
Kolchis GmbH maintains online presences within social networks and platforms to communicate with active business partners, interested parties, and users and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions, as well as the data processing policies of their respective operators, apply. Unless otherwise stated in our privacy policy, we process user data if they communicate with us within social networks and platforms, such as posting on our online presences and sending messages.
6) Social Media Plugins
We use social media plugins of the social networks Facebook and Instagram on our website based on Art. 6 para. 1 sentence 1 lit. f) GDPR to make our company more widely known and for the purposes of analysis, optimization, and the economic operation of our online offering. The underlying legal purpose is considered a legitimate interest within the meaning of the GDPR. The responsibility for the data protection-compliant operation lies with their respective providers. We integrate these plugins using the so-called 2-click method to provide the best possible protection for visitors to our website.
a) Facebook Social Plugins
Our website uses social media plugins from the social network facebook.com, operated by Facebook Ireland Ltd., 4 Grand Central Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). The plugins can display interaction elements or content (e.g., videos, graphics, or text posts) and can be recognized by one of the Facebook logos (white "f" on a blue tile, the terms "Like," "Like," or a thumbs-up sign) or are marked with the addition "Facebook Social Plugin." The list and appearance of Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/. Facebook is certified under the Privacy Shield agreement, providing a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
When you access a function of this online offering that contains such a plugin, your device establishes a direct connection to Facebook's servers. The content of the plugin is transmitted directly to your device by Facebook and integrated into the online offering. User profiles can be created from the processed data. We have no influence on the scope of data that Facebook collects using this plugin and inform you based on our knowledge. By integrating the plugins, Facebook receives the information that you have accessed the corresponding page of the online offering. If you are logged in to Facebook, Facebook can assign the visit to your Facebook account. If you interact with the plugins, such as pressing the Like button or leaving a comment, the corresponding information is transmitted directly from your device to Facebook and stored there. If you are not a member of Facebook, there is still the possibility that Facebook will obtain and store your IP address. According to Facebook, only anonymized IP addresses are stored in Germany.
For the purpose and scope of data collection and further processing and use of the data by Facebook, as well as your rights and settings options for protecting your privacy, please refer to Facebook's privacy policy: https://www.facebook.com/about/privacy/.
If you are a Facebook member and do not want Facebook to collect data about you through this online offering and link it to your Facebook member data, you must log out of Facebook before using our online offering and delete its cookies. Additional settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or through the US page http://www.aboutads.info/choices/ or the EU page http://www.youronlinechoices.com/. The settings are platform-independent, i.e., they are applied to all devices such as desktop computers or mobile devices.
b) Instagram
Within our online offering, functions and content of the Instagram service offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, may be used. This may include content such as images, videos, or texts and buttons with which users can express their liking and subscribe to the authors of the content or our posts.
If you are a member of the Instagram platform, Instagram can assign the call of the aforementioned content and functions to your local profiles. Instagram's privacy policy: http://instagram.com/about/legal/privacy/.
For more information on data processing and your rights, please refer to the privacy policies of the providers:
- Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; Privacy Policy: https://www.facebook.com/about/privacy/; Agreement on joint responsibility: https://www.facebook.com/legal/terms/page_controller_addendum; Opt-Out: http://www.youronlinechoices.com. Additionally, within the settings in your personal Facebook profile, there is an option to object to certain data processing.
- Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; Privacy Policy and Opt-Out: http://instagram.com/about/legal/privacy/.
- Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Privacy Policy: https://policies.google.com/privacy; Opt-Out: https://adssettings.google.com/authenticated.
- LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Privacy Policy: https://www.linkedin.com/legal/privacy-policy; Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
7) LinkedIn Insights and Conversion Tracking
Furthermore, we use the so-called Conversion Tracking with LinkedIn Insights Tag, a tool from LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland, on our website. For this purpose, the LinkedIn Insight Tag is integrated into our pages, and a cookie is set on your device by LinkedIn. LinkedIn is thus informed that you have visited our web pages, including your IP address. Timestamps and events such as page views are also stored. This allows us to statistically evaluate the use of our website to continuously optimize it. We can learn, for example, through which LinkedIn ad or interaction on LinkedIn you came to our website. This enables us to better control the display of our advertising.
Further information on Conversion Tracking can be found at https://www.linkedin.com/help/linkedin/answer/67595/linkedin-conversion-trackingubersicht.
Please note that LinkedIn may store and process the data, allowing a connection to the respective user profile, and LinkedIn may use the data for its advertising purposes. For more information, refer to LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy. You can prevent the analysis of your usage behavior by LinkedIn and the display of interest-based recommendations through https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
8) Transfer to Third Countries
In some cases, your data may be transmitted by external service providers to servers outside the EU (so-called third countries). These may include service providers in the areas of hosting, regulatory compliance, debt collection, and marketing, and we carefully select these service providers and contractually obligate them to comply with data protection laws in accordance with legal requirements. If the service providers are located in the USA, it is ensured that the providers have submitted to the EU-US Privacy Shield agreement, ensuring an adequate level of data protection. The following companies receive data in third countries outside the European Union:
- Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; [Privacy Policy](https://www.google.de/intl/de/policies/privacy)
- Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; [Privacy Policy](https://www.facebook.com/policy.php)
- Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA; [Privacy Policy](https://help.instagram.com/155833707900388)
9) Your Rights
You have the following rights regarding the processing of your personal data, which you can assert at any time informally to the contact person listed in section 1:
- Right to Information: Upon request, we provide information about which personal data we have stored about you, for what purpose, for how long, from which source, and on what legal basis, and whether we have disclosed this to third parties.
- Right to Correction: If it turns out that the personal data we have from you is incorrect or incomplete, we will correct or supplement it immediately upon request.
- Right to Deletion (Right to be Forgotten): You have the right to prompt deletion of your personal data if there is no legal obligation to retain it.
- Right to Restriction of Processing: You can request the restriction of the processing of your personal data.
- Right to Object to Processing: You can object to the processing of your personal data at any time, especially if the legal basis for processing is Art. 6 para. 1 sentence 1 lit. f GDPR.
- Right to Data Portability: You have the right to receive the personal data we have from you in a universally readable format.
- Right to Lodge a Complaint with a Supervisory Authority: You also have the right to complain to the responsible data protection supervisory authority about the processing of your personal data by us. The competent authority is the data protection authority of the federal state in which we have our registered office. Further information can be found at [https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html](https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html).
Please note that the exercise of your rights may be subject to certain conditions in individual cases.
Ensuring Data Security and Data Protection
To ensure the protection and security of your personal data, we implement a variety of technical and organizational security measures, the effectiveness of which we regularly review.
10. Protection
Communication with Kolchis GmbH via email is generally encrypted, provided that your server supports encryption.
11. Amendment of this Privacy Policy
This privacy policy is current as of May 2023 and is valid. Due to the further development of our website and offerings or due to changed legal or official requirements, it may become necessary to change this privacy policy.
12. Contact/Controller
This data protection information applies to data processing by Kolchis GmbH. The responsible entity is:
Kolchis GmbH
Sebastian Krause
Altmark 10b
01067 Dresden