CEWE respects your privacy. All the data we collect are used to make improvements to our products and services. CEWE places a lot of value on data protection and data security for customers and users. This means that we are highly invested in protecting your personal data throughout all of our business processes.
We, CEWE Stiftung & Co. KGaA, Meerweg 30-32, D-26133 Oldenburg, take the protection of your personal data very seriously in our role as data controller in the sense of the General Data Protection Regulation, and we comply with the legal provisions concerning data protection.
In accordance with Art. 13 EU General Data Protection Regulation (EU GDPR) this privacy policy explains, which types of data are collected when you visit our website and how these data are used. The policy does not apply, however, to websites of other companies that contain a link to our website or that our website contains links to.
1. Collecting and processing of personal data from CEWE community services
When you visit our web pages, our web servers will temporarily save access data by default. These consist of your access IP address, the upload software used for placing the order (ActiveX, Flash, Java), the session ID for identifying your connection session and the date and time of your visit. The legal basis for such temporary data storage is Art. 6 Para. 1 lit. f) EU GDPR. These data are deleted after the end of the session as per the legal stipulations. Any further storage of personal data will only take place in the event that you provide us with said data voluntarily in order to participate in or register for CEWE community services, such as the forum, customer examples or webinars.
The specific entry and contact forms that you fill in provide you with information about the purpose of the data collection. You can delete your registration data in your customer account or through our customer service at any time.
2. Transferring data over the Internet
Sensitive data, such as login information, passwords, address data, information on your modes of payment or account data are always transferred using encrypted connections (HTTPS / SSL) and stored on secure servers.
3. Contacting us
You can choose from a number of ways to contact us. If you contact us, we will use the data that you voluntarily provide in this context. We will do so only to contact you and to handle your query appropriately.
Your usual basic rate will apply when you contact us by phone.
4. Using and sharing personal data and purpose specification
Any processing and sharing of your personal data will take place based on the following legal bases: Art. 6 Para. 1 lit. a) EU GDPR for any processing that requires consent, Art. 6 Para. 1 lit. b) EU GDPR for contractual performance, Art. 6 Para. 1 lit. c) EU GDPR for consent management for complying with legal obligations, and Art. 6 Para. 1 lit. f) EU GDPR for further processing due to legitimate interests.
We use the data that you disclose to us to fulfil and process your order pursuant to Art. 6 Para. 1 lit. b) EU GDPR. Your data are used in accordance with the relevant valid legal regulations on data protection and only for the specific purpose for which the data were collected, as well as to protect our own justified business interests pursuant to Art. 6 Para. 1 lit. f) EU GDPR, in particular technical administration of the web sites. We will not use these data for product-related surveys or marketing purposes unless we have received prior consent from you according to Art. 6 Para. 1 lit. a) EU GDPR. You may revoke any consent you have granted at any time and with future effect.
5. Sharing data with third parties
Personal data are transferred to government offices only to the extent absolutely required by legal provisions. We will only disclose your data to private third parties subject to your explicit consent, when legal obligations apply or if this is necessary to assert our rights, in particular for asserting any claims that arise due to the contractual relationship. Beyond these rules, we will only disclose your data to third parties if this is necessary in the context of using the website and of handling a contract (including beyond the website), i.e. for processing your orders.
We obligate our employees to maintain confidentiality and to adhere to the authoritative data protection regulations.
6. Using cookies
In order to be able to offer certain functions to visitors to our websites and to make these attractive, we use so-called cookies on a number of our pages.
Cookies are small text files that are stored on your end device. Some of the cookies used by us are deleted once the browser session is terminated (i.e. when you close your browser). These are called "session cookies". Other cookies called "persistent cookies" remain on your end device and enable us and our partner companies to recognise your browser the next time you visit our pages. Further information and individual cookies settings can be found here.
When accessing the pages, users are informed about the use of cookies for analysis purposes and their consent is sought for processing the personal data used in this context. In order to fulfil our legal obligation, we use the consent management solution by Usercentrics that will save your consent based on Art. 6 Para. 1 lit. c) EU GDPR to comply with the documentation obligations according to Art. 7 Para. 1 EU GDPR.
You can configure your browser so that you are notified when cookies are set and decide in each case whether you would like to accept them, or you can generally disable the use of cookies. Functionality may be limited if you do not accept such session cookies.
7. Collecting anonymous user data
Adobe Systems Inc. and Google Inc. (Google Remarketing web analysis technology) use web analysis technologies to collect and save data on this website for marketing and optimisation purposes pursuant to Art. 6 Para. 1 lit. a) and Art. 6 Para. 1 lit. f) EU GDPR. These data are used to create usage profiles that are given pseudonyms. These usage profiles make it possible to analyse visitor behaviour and are evaluated in order to improve our products and services and fine-tune them to customer needs. The pseudonymised user profiles are not matched to personal data about the carrier of the pseudonym without express permission of the person in question. This permission has to be granted separately. For further information about the individual marketing and analysis cookies, please click “Service & Help” -> “Cookie Settings” in the footer.
For more information about conditions of use and data protection, refer to:
Google Inc.: https://www.google.com/intl/de/policies/privacy/partners/
Adobe Systems Inc.: https://www.adobe.com/de/privacy/policy.html
8. Security measures
CEWE takes extensive technical and operational security precautions in order to protect your personal data that we manage against misuse, accidental or intentional manipulation and access by unauthorised parties. Our security measures are continually being upgraded to keep up with technological development.
9. Data subject rights
The EU General Data Protection Regulation grants you specific rights with respect to the processing of your personal information:
1. Right of access (Art. 15 EU GDPR):
You have the right to request confirmation of whether your personal information is being processed. If this is the case, you have a right to receive information about this personal information and the information specifically listed in Art. 15 EU GDPR.
2. Right to rectification (Art. 16 EU GDPR):
You have the right to have your personal information corrected immediately and, if necessary, to have any incomplete personal information added.
3. Right to erasure (Art. 17 EU GDPR):
You also have the right to request that your personal information be deleted immediately if one of the reasons listed individually in Art. 17 EU GDPR applies (e.g. if the information is no longer required for the pursued purposes).
4. Notification obligation (Art. 19 EU GDPR):
If you have exercised your right of rectification, erasure or restriction of processing towards the data controller, they are obliged to notify all recipients with whom they have shared the personal data in question about this rectification or erasure of data or the restriction of processing, unless this is verifiably impossible or would cause a disproportionate effort.
You have the right to be informed about such recipients by the data controller.
5. Right to restriction of processing (Art. 18 EU GDPR):
You have the right to restrict processing, provided that one of the requirements listed in Art. 18 EU GDPR is met (e.g. if you have filed an objection), for the duration of any review.
6. Right to data portability (Art. 20 EU GDPR):
In specific cases, which are listed individually in Art. 20 EU GDPR, you have the right to receive your personal information in a structured, conventional and machine-readable format and to request that these data be transmitted to a third party.
7. Right to revoke consent (Art. 7 Para. 3 EU GDPR):
You have the right to revoke your consent at any time. We will then not continue the data processing activities which we performed based on your consent. Such revocation shall not affect the legality of the processing of the data that has already taken place.
8. Right to lodge a complaint with a supervisory authority (Art. 77 EU GDPR):
In accordance with Art. 77 EU GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal information violates the data protection regulations. Specifically, the right of complaint can be asserted through a supervisory authority in the member state where you reside, your place of work or the location of the alleged violation.
9. Right to object (Art. 21 EU GDPR):
According to Art. 21 Para. 2 EU GDPR, you have the right to object to processing of your personal data that is taking place pursuant to Art. 6 Para. 1 lit e) or Art. 6 Para. 1 lit. f) EU GDPR at any time, based on reasons that arise due to your particular situation.
The data controller will then cease to process personal data concerning you, unless they can prove that there are reasons that necessitate protection of the processing that take priority over your interests, rights and freedoms, or the processing aids in enforcing, exercising or defending legal claims.
If the personal data concerning you is processed for direct marketing purposes, you have the right to object to processing of your personal data for the purpose of this type of advertising at any time. This rule shall also apply for profiling, provided that it is connected to such direct marketing activities.
10. Data protection officer
If you have questions about data protection at CEWE, feel free to use the following details to get in touch with us:
CEWE Stiftung & Co. KGaA
Datenschutz
Meerweg 30-32
26133 Oldenburg
Tel.: +49 (0)441 404299
(datenschutz@cewe.de)
Ms Elwira Wall
CEWE Stiftung & Co. KGaA
D-26133 Oldenburg, June 2022