Privacy policy

Introduction and General Information
Thank you for your interest in our website. Below you will find information on how we handle your data that is collected through your use of our website. Your data is processed in accordance with the statutory data protection regulations.

Below we provide you with more detailed information about the processing of your personal data and your data subject rights:
I. Name and address of the controller within the meaning of the GDPR
II. Contact details of the data protection officer
III. General information on data processing
IV. Server log files in the context of providing the website
V. Use of “own” cookies
VI. Website analysis tools
VII. Newsletter
VIII. Contact form and email contacts
IX. ChatBot
X. CWS customer portal
XI. Integration of YouTube videos
XII. Integration of Google Maps
XIII. Integration of Google Fonts
XIV. Online presences in social media
XV. Data security
XVI. Data subject rights
XVII. Legal obligations
XVIII. Automated decision-making
XIX. Reservation of the right to make changes

I. Name and address of the controller within the meaning of the GDPR

The controller within the meaning of the General Data Protection Regulation (hereinafter “GDPR”) and other national data protection laws of the member states as well as other data protection provisions is:

CWS International GmbH
Franz-Haniel-Platz 1b
D-47119 Duisburg
Telephone number: +49 6103 309-0
Email: info@cws.com
Website: https://www.cws.com

II. Contact details of the data protection officer

You can contact the controller’s data protection officer as follows:

CWS International GmbH
Data Protection Officer
Franz-Haniel-Platz 1b
D-47119 Duisburg
Germany
Telephone number: +49 6103 309-0
Email: datenschutzbeauftragter@cws.com

III. General information on data processing

1. Definitions

Our privacy policy is intended to be simple and understandable for everyone. As a rule, the official terms of the GDPR are used in this privacy policy. The official definitions are explained in Art. 4 GDPR.

2. Scope of the processing of personal data

As a matter of principle, we only process our users’ personal data insofar as this is necessary to provide a functional website as well as our content and services. The processing of our users’ personal data regularly only takes place after the user has given consent. An exception applies in cases where prior consent cannot be obtained for actual reasons and the processing of the data is permitted by statutory provisions.

3. Legal basis for the processing of personal data

a) Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis.

b) In the processing of personal data that is necessary for the performance of a contract to which the data subject is party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for carrying out pre-contractual measures.

c) Insofar as processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.

d) In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 para. 1 lit. d GDPR serves as the legal basis.

e) If processing is necessary for the purposes of the legitimate interests pursued by our company or a third party, and if the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.

4. Data deletion and storage period

The personal data of the data subject will be routinely deleted or blocked as soon as the purpose of storage no longer applies. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject (e.g. under commercial law and tax law).

After expiry of the respective period, the corresponding data will be routinely deleted. Insofar as data is required for contract performance or contract initiation, or we have a legitimate interest in continued storage, the data will be deleted when it is no longer required for these purposes or you have exercised your right of withdrawal or objection.

5. Access to and storage of information in terminal equipment

By using our website, information may be accessed (e.g. IP address) or information may be stored (e.g. cookies) in your terminal equipment. This access or storage may be connected with further processing of personal data within the meaning of the GDPR.

In cases where such access to information or such storage of information is absolutely necessary for the technically error-free provision of our services, this takes place on the basis of Section 25 para. 1 sentence 1, para. 2 no. 2 TDDDG.

In cases where such a process serves other purposes (e.g. the needs-based design of our website), this takes place on the basis of Section 25 para. 1 TDDDG only with your consent pursuant to Art. 6 para. 1 lit. a GDPR. Consent may be withdrawn at any time with effect for the future. The provisions of the GDPR and the German Federal Data Protection Act (BDSG) apply to the processing of your personal data.

Further information on the processing of your personal data and the relevant legal bases in this context can be found in the following sections on the specific processing activities on our website.

6. Web hosting

We host our website with iquer. The provider is iquer.net GmbH & Co KG, Klingenderstr. 5, 33100 Paderborn (hereinafter “iquer”).

Details can be found in iquer’s privacy policy: https://www.iquer.net/datenschutz/.

The use of iquer is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the most reliable possible presentation of our website. Insofar as corresponding consent has been requested, processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent may be withdrawn at any time.

We have concluded an order processing agreement with the provider in accordance with the requirements of Art. 28 GDPR, in which we oblige it to protect our customers’ data and not to pass it on to third parties.

IV. Server log files in the context of providing the website

When you access our website, it is technically necessary that data is transmitted to our web server via your internet browser. The following data is recorded during an ongoing connection for communication between your internet browser and our web server:

Date and time of the request
Name of the requested file
Page from which the file was requested
Access status
Web browser used and operating system used
(Complete) IP address of the requesting computer
Amount of data transferred

We collect the listed data in order to ensure a smooth connection setup of the website and a technically error-free provision of our services. The processing of this data is absolutely necessary in order to provide you with the website. The log files serve to evaluate system security and stability as well as for administrative purposes. The legal basis for the processing of the data is our legitimate interest in the protection and functionality of our website pursuant to Art. 6 para. 1 lit. f GDPR.

For reasons of technical security, in particular to defend against attempted attacks on our web server, this data is stored by us for a short time. After no later than 7 days, the data is anonymized by shortening the IP address at domain level so that it is no longer possible to establish a reference to the individual user.

This data is not stored together with other personal data of the user.

V. Use of “own” cookies

1. Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. If a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is accessed again.

We use the following types of cookies, the scope and function of which are explained below:

Technically necessary cookies
Technically unnecessary cookies (analysis cookies)

a) Technically necessary cookies

We use these cookies to make our website more user-friendly. Some elements of our website require that the accessing browser can be identified even after a page change.

The following data is stored and transmitted in these cookies:

Display of the cookie notice text (cookie_consent, cookie_notification_reload_count)
Support of JavaScript (has_js)
Caching, e.g. of product feature lists (Drupal.session_cache.sid)
Stored products in the watch list (Drupal.visitor.result, product_overview_href)

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized again after a page change.

These cookies are required for the following applications:
Adoption of language settings
Shopping cart
Remembering search terms
Recognition of users

The processing of data through the use of strictly necessary cookies takes place on the basis of a legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the technically error-free provision of our services. For details on the processing purposes and legitimate interests, please refer to the explanations on the specific data processing operations.

b) Technically unnecessary cookies (analysis cookies)

In addition, we use cookies on our website that enable an analysis of your surfing behavior.

In this way, the following data can be transmitted:

Entered search terms
Frequency of page views
Use of website functions

The use of analysis cookies takes place for the purpose of improving the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus continuously optimize our offering.

Google Analytics (_ga, _gid, _gat)

The data collected in this way from users is pseudonymized by technical precautions. It is therefore no longer possible to assign the data to the accessing user. The data is not stored together with other personal data of the users.

When accessing our website, users are informed by an info banner about the use of cookies for analysis purposes and referred to this privacy information. In this context, there is also a notice on how the storage of cookies can be prevented in the browser settings.

The processing of personal data through the use of other cookies takes place on the basis of consent pursuant to Art. 6 para. 1 lit. a GDPR. Consent may be withdrawn at any time with effect for the future. Insofar as such cookies are used for analysis and optimization purposes, we will separately inform you about this in this privacy policy and obtain consent pursuant to Art. 6 para. 1 lit. a GDPR.

2. Purpose of data processing

a) For technically necessary cookies

b) For technically unnecessary cookies

3. Browser settings

Cookies are stored on your computer and transmitted from it to our site. Therefore, as a user, you also have full control over the use of cookies. Insofar as the cookies used are so-called transient cookies, they are deleted after logging out or closing the browser. Persistent cookies are automatically deleted from your computer after a predefined duration, which may differ depending on the cookie. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been stored can also be deleted at any time. Deletion can also take place automatically, as described.

You can set your browser so that you:

are informed about the setting of cookies,
allow cookies only in individual cases,
exclude the acceptance of cookies for certain cases or in general,
activate the automatic deletion of cookies when closing the browser.

The cookie settings can be managed under the following links for the respective browsers:

Google Chrome
Mozilla Firefox
Edge (Microsoft)
Safari
Opera

You can also manage cookies from many companies and functions used for advertising individually. To do so, use the corresponding user tools available at https://www.aboutads.info/choices/ or http://www.youronlinechoices.com/uk/your-ad-choices.

Most browsers also offer a so-called “Do-Not-Track function.” If this function is activated, the respective browser tells advertising networks, websites and applications that you do not wish to be “tracked” for the purpose of behavioral advertising and the like.

Depending on the provider of your browser, you can obtain information and instructions on how to edit this function under the following links:

Google Chrome
Mozilla Firefox
Edge (Microsoft)
Safari
Opera

In addition, you can prevent the loading of so-called scripts by default. “NoScript” allows JavaScripts, Java and other plug-ins to be executed only for trusted domains of your choice. Information and instructions on how to edit this function can be obtained from your browser provider (e.g. for Mozilla Firefox at: https://addons.mozilla.org/de/firefox/addon/noscript/).

Please note that the functionality of our website may be restricted if cookies are deactivated.

4. Change cookie settings

You can revoke or change your cookie settings at any time. To do so, access the cookie settings again via our integrated fingerprint icon. You can find this at any time at the bottom of the website.

VI. Website analysis tools

The following analysis tools are used on our website:

1. Google Ads

We use “Google Ads” on our website, a service of Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as “Google”). We use Google Ads for marketing and optimization purposes, in particular to display ads that are relevant and interesting to you.

Insofar as you have given us your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, we can use Google Ads to draw attention to our attractive offers on external websites by means of advertising materials. This allows us to determine how successful individual advertising measures are.

These advertising materials are delivered by Google via so-called “ad servers.” For this purpose, we use so-called ad server cookies, by means of which certain parameters for measuring success, such as display of the ads or clicks by users, can be measured.

If you reach our website via a Google ad, Google Ads will store a cookie on your PC. These cookies generally lose their validity after 30 days. They are not intended to identify you personally. The following information is generally stored as analysis values for this cookie: unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions), opt-out information (marking that the user no longer wishes to be addressed). These cookies enable Google to recognize your web browser. If a user visits certain pages of an Ads customer’s website and the cookie stored on their computer has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. A different cookie is assigned to each Ads customer. Cookies therefore cannot be tracked via the websites of Ads customers. We ourselves do not collect and process any personal data in the aforementioned advertising measures. We only receive statistical evaluations from Google. On the basis of these evaluations, we can recognize which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising materials; in particular, we cannot identify users on the basis of this information.

Due to the marketing tools used, your browser automatically establishes a direct connection with Google’s server. We have no influence on the scope and further use of the data collected by Google through the use of Google Ads. To our knowledge, Google receives the information that you have accessed the relevant part of our website or clicked on one of our ads. If you have a user account with Google and are registered, Google can assign the visit to your user account. Even if you are not registered with Google or have not logged in, it is possible that Google will obtain and store your IP address.

Since personal data may be transferred by Google to affiliated companies and sub-processors in countries outside the EU and the EEA, further protective mechanisms are required to ensure the level of data protection under the GDPR. For the USA, there is an adequacy decision by the European Commission pursuant to Art. 45 para. 1 GDPR with regard to companies certified under the EU-U.S. Data Privacy Framework. Google LLC is certified under the EU-U.S. Data Privacy Framework and therefore commits to complying with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search

For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the European Commission, we have also agreed standard data protection clauses with the provider pursuant to Art. 46 para. 2 lit. c GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.

Further information on data use by Google, setting and objection options, as well as on privacy can be found on the following Google websites:

Privacy policy: https://policies.google.com/privacy?hl=de&gl=de
Google website statistics: https://services.google.com/sitestats/de.html

You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in your web browser settings. Please note that in this case you may not be able to use all functions of our website to their full extent. Preventing the storage of cookies is also possible by setting your web browser so that cookies from the domain “www.googleadservices.com” are blocked (https://www.google.de/settings/ads). Please note that this setting will be deleted if you delete your cookies. In addition, you can deactivate interest-based ads via the link http://optout.aboutads.info. Please note that this setting will also be deleted if you delete your cookies.

2. Google Analytics

We use Google Analytics, a web analysis service of Google Inc. The European headquarters is Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. The terms of use are available at https://www.google.de/analytics/terms/de.html, the privacy overview is available at https://www.google.com/analytics/learn/privacy.html?hl=de and the privacy policy is available at https://policies.google.com/privacy?hl=de.

a) Description and scope of data processing

We use Google Analytics to analyze the use of our website. Google Analytics uses cookies stored on your computer which enable an analysis of your use of the website. The information generated by the cookie about your use of this website is generally transmitted to a server of Google Inc. in the USA and stored there.

This concerns the following information:

Origin (country and city)
Language
Operating system
Device (PC, tablet PC or smartphone)
Browser and add-ons used
Click areas (heatmap)
Session duration
Bounce rate

If IP anonymization is activated on this website, however, your IP address will first be shortened by Google Inc. within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. IP addresses are processed further in shortened form, so that personal reference can be excluded. Insofar as the data collected about you is personally identifiable, this is therefore excluded immediately and the personal data is thus deleted without delay.

On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage.

The IP address transmitted by your browser within the framework of Google Analytics will not be merged with other data of Google Inc.

We have concluded an order processing agreement with the service provider in which we oblige it to protect our customers’ data and not to pass it on to third parties.

The Google Analytics terms of use and information on privacy can be accessed via the following links:

The data is deleted as soon as it is no longer required for the purpose for which it was collected. Data deletion on user and event level linked to cookies, user identifiers (e.g. user ID) and advertising IDs (e.g. DoubleClick cookies, Android advertising ID, IDFA [Apple identifier for advertisers]) takes place no later than 14 months after collection.

You can prevent the storage of cookies by means of a corresponding setting of your browser software; however, we point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link:
http://tools.google.com/dlpage/gaoptout?hl=de.

You can prevent Google Analytics from collecting your data by clicking the following link. An opt-out cookie will be set which prevents the collection of your data during future visits to this website: Disable Google Analytics. More information on handling user data at Google Analytics can be found in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

3. Google Photos

This website uses “Google Photos,” a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”). Google Photos enables us to integrate and display image galleries on our website. The images are loaded by means of a server request, usually to a Google server in the USA. In this way, the server is informed which page of our website you have visited. Google also stores the IP address of the browser of the visitor’s end device.

We use Google Photos for optimization purposes, in particular to improve the use of our website for you and to make its design more user-friendly. Processing takes place pursuant to Art. 6 para. 1 lit. a GDPR on the basis of your consent. This consent can be withdrawn at any time with effect for the future.

Further information on privacy can be found in Google’s privacy policy: http://www.google.de/intl/de/policies/privacy

4. Google Tag Manager

This website uses Google Tag Manager from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). This service allows website tags to be managed via an interface. Google Tag Manager only implements tags. This means: no cookies are used and only the user’s IP address is transmitted to Google in order to establish the connection. Google Tag Manager triggers other tags which may in turn collect data. However, Google Tag Manager does not access this data. If deactivation has been made at domain or cookie level, it remains in effect for all tracking tags, insofar as these are implemented with Google Tag Manager.

We use Google Tag Manager on the basis of your consent pursuant to Art. 6 para. 1 lit. a GDPR.

5. LinkedIn Analytics / LinkedIn Insight

We use the conversion tracking technology and the retargeting function of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, on our website. This enables us to display personalized advertisements on LinkedIn to visitors to our website. For this purpose, a cookie, the LinkedIn Insight Tag, with a validity of 120 days is set in your browser, which enables LinkedIn to recognize you if you visit this website and are logged into your LinkedIn account at the same time. LinkedIn uses this data to create anonymous reports on the performance of advertisements and information on website interaction. The information generated by the cookie is generally transferred to a server in the USA and stored there.

The legal basis for the processing is your consent pursuant to Art. 6 para. 1 lit. a GDPR.

Since personal data is transferred to the USA, further protective mechanisms are required to ensure the level of data protection under the GDPR. To ensure this, we have agreed standard data protection clauses with the provider pursuant to Art. 46 para. 2 lit. c GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases in which this cannot be ensured even by this contractual extension, we endeavor to obtain further regulations and assurances from the recipient in the USA.

You can deactivate LinkedIn Insight conversion tracking and interest-based personalized advertising by opting out at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. Further information on privacy at LinkedIn can be found at https://www.linkedin.com/legal/privacy-policy.

6. Meta Pixel

We use “Meta Pixel” on our website, a service of Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter referred to as “Meta/Facebook”).

Insofar as you have given us your consent in accordance with Art. 6 para. 1 lit. a GDPR, we use Meta Pixel for marketing and optimization purposes, in particular to display advertisements on Facebook that are relevant and interesting to you, thereby improving our offering, making it more interesting for you as a user, and avoiding annoying advertisements.

Meta Pixel enables Meta to display our advertisements on Facebook, so-called “Facebook Ads,” only to those Facebook users who were visitors to our website, in particular those who have shown interest in our online offering. In this case, Meta Pixel also enables verification of whether a user was redirected to our website after clicking on our Facebook Ads. Meta Pixel uses, among other things, cookies, i.e. small text files that are stored locally in the cache of your web browser on your device. If you are logged into Facebook with your user account, the visit to our online offering will be noted in your user account. The data collected about you is anonymous for us, and therefore does not provide us with any conclusions about the identity of the users. However, this data can be linked by Facebook to your user account there. If you have a user account with Facebook and are registered, Facebook can assign the visit to your user account.

Since personal data may be transferred by Meta to affiliated companies and sub-processors in countries outside the EU and the EEA, further protective mechanisms are required to ensure the level of data protection under the GDPR. For the USA, there is an adequacy decision by the European Commission pursuant to Art. 45 para. 1 GDPR with regard to companies certified under the EU-U.S. Data Privacy Framework. Meta Platforms, Inc. is certified under the EU-U.S. Data Privacy Framework and therefore commits to complying with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search.

Further information from the third-party provider on privacy can be found on the following Facebook website: https://www.facebook.com/about/privacy. Information on Meta Pixel can be found on the following Facebook website: https://www.facebook.com/business/help/651294705016616.

You can make the relevant settings regarding which types of advertisements are displayed to you within Facebook on the following Facebook website: https://www.facebook.com/settings?tab=ads.

Please note that this setting will be deleted if you delete your cookies. In addition, you can deactivate cookies used for reach measurement and advertising purposes on the following websites:
http://optout.networkadvertising.org/
http://www.aboutads.info/choices
http://www.youronlinechoices.com/uk/your-ad-choices/

Please note that this setting will also be deleted if you delete your cookies.

7. Microsoft Advertising (Bing Ads and Bing Conversion)

Our website uses Bing Ads from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”) for marketing and analysis purposes.

The service enables us to track activities on our site when you reach our website via a Bing advertisement. This happens by setting a cookie (small text file) on your device when you click on a Microsoft Bing Ads advertisement, provided you have given your consent in accordance with Art. 6 para. 1 lit. a GDPR. In addition, a UET tag is integrated on our websites. This is code through which, in conjunction with the cookie, pseudonymized data about website usage is stored if you have given your consent. In combination with the cookie, the tag pseudonymously records data in order to track which actions you perform on our websites after clicking on an advertisement in Microsoft Ads. Among other things, the time spent on the website, which areas of the website were accessed, and which advertisement brought you to the website are collected. Microsoft and we thus learn in particular the total number of users who clicked on an advertisement and reached a previously defined target page. Microsoft processes and uses the cookies in order to create usage profiles using pseudonyms, analyze user behavior and display advertisements. In addition, Microsoft may track your usage behavior across several of your electronic devices through so-called cross-device tracking.

This data is stored by Microsoft for 180 days.

Since personal data is transferred to Microsoft Corporation based in the USA, further protective mechanisms are required to ensure the level of data protection under the GDPR. For the USA, there is an adequacy decision by the European Commission pursuant to Art. 45 para. 1 GDPR with regard to companies certified under the EU-U.S. Data Privacy Framework. Microsoft Corporation is certified under the EU-U.S. Data Privacy Framework and therefore commits to complying with appropriate data protection standards, which can be viewed at the following link: Participant Search (dataprivacyframework.gov).

Further information on privacy at Microsoft can be found on the following page: https://privacy.microsoft.com/de-de/privacystatement

8. Vimeo

Videos from “Vimeo” are embedded on this website. “Vimeo” is operated by Vimeo.com Inc., 330 West 34th Street, 5th Floor, New York, New York 10001, USA.

Insofar as you have given us your consent for this, processing takes place for the optimal marketing of our offering pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR.

For “Vimeo” videos embedded on our website, the tracking tool Google Analytics is automatically integrated. We have no influence on the settings of the tracking and the analysis results collected through it and cannot view them either. In addition, web beacons are set for website visitors through the embedding of “Vimeo videos.”

To prevent the setting of Google Analytics tracking cookies, you can prevent the storage of cookies by making a corresponding setting in your browser software; however, we point out that in this case you may not be able to use all functions of this website to their full extent.

You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de

For the purpose and scope of data collection and the further processing and use of the data by the providers as well as your related rights and setting options for protecting your privacy, please refer to Vimeo’s privacy notices: https://vimeo.com/privacy

9. Etracker (CWS customer portal)

We use etracker, a web analysis service of etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany. The general terms and conditions are available at https://www.etracker.com/agb, and the agreement on order processing of personal data at https://www.etracker.com/av-vertrag.

a) Description and scope of data processing

We use etracker to analyze the use of the customer portal. Etracker uses cookies stored on your computer which enable an analysis of the use of the customer portal by you. The information generated by the cookie about your use of the customer portal is generally transmitted to a server of Etracker GmbH in Hamburg and stored there.

This concerns the following information:

Origin (country)
Language
Operating system
Device (PC, tablet PC or smartphone)
Browser
Click areas (heatmap)
Session duration

More information on etracker cookies can be found at https://www.etracker.com/support/etracker-cookies-2/. The customer portal only uses the following cookies: BT_ctst, BT_pdc, BT_sdc, _et_coid, noWS_mjV509.

If IP anonymization is activated on this website, however, your IP address will first be shortened by etracker GmbH within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. IP addresses are processed further in shortened form, so that personal reference can be excluded. Insofar as the data collected about you is personally identifiable, this is therefore excluded immediately and the personal data is thus deleted without delay.

We use etracker analytics in order to analyze the use of our customer portal and to be able to improve it regularly. On the basis of the statistics obtained, we can improve our offering and make it more interesting for you as a user. The legal basis for the use of etracker is Art. 6 para. 1 sentence 1 lit. a GDPR.

On behalf of the operator of the customer portal, etracker GmbH will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage.

The IP address transmitted by your browser within the framework of etracker is not merged with other etracker data or passed on to third parties.

10. Infinity Call Tracking

This website uses Infinity Call Tracking, a service of Infinity Tracking Limited, Seebeck House 1 Seebeck Place, Knowlhill, Milton Keynes, Buckinghamshire, UK, MK5 8FR (“Infinity”), with the help of which every visitor to our website and all interactions with the websites are tracked, so that Infinity Tracking can determine from which marketing source or marketing sources (e.g. social media campaigns, paid advertising) a visitor who contacts us originates.

Infinity provides its own proprietary JavaScript technology, which is used on our website; this script has no access to our network or infrastructure. This script makes it possible to monitor the website activities of our customers and potential customers. It also enables the tracking of calls made by our customers. Consequently, Infinity processes the IP addresses of our customers and the telephone number used for our calls. All processed personal data is uploaded to Infinity’s hub and displayed in full to authorized administrators of both the provider and the customer, and in anonymized form for all other authorized users.

With the help of Infinity’s services, we can review the way in which our customers reach its website, the website activities, and the subsequent phone calls made thereon.

Infinity processes the IP addresses and telephone numbers of customers and potential customers.

All processing described above, in particular the setting of cookies for the storage and reading of information on the terminal device you use for using the website, only takes place if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. Without your consent, Infinity will not be used during your use of the website.

We have concluded a so-called order processing agreement with Infinity Tracking, by which the provider is obliged to protect the data of our website users and not to pass it on to third parties.

Since personal data may be transferred by Infinity to affiliated companies and sub-processors in countries outside the EU and the EEA, further protective mechanisms are required to ensure the level of data protection under the GDPR. For the United Kingdom, there is an adequacy decision by the European Commission pursuant to Art. 45 para. 1 GDPR.

Further legal notices on Infinity Tracking can be found at the following link: https://www.infinity.co/uk/terms-and-conditions.

11. Visual Website Optimizer (VWO)

On our website, we use Visual Website Optimizer, a service of Wingify Software Pvt. Ltd., 404, Gopal Heights, Netaji Subhash Place, Pitam Pura, Delhi 110034, India, and its German branch office in Hamburg (Wingify Software Pvt. Ltd., Heidenkampsweg 58, Hamburg, 20097, Germany (“VWO”)).

With VWO, movements on the web pages on which VWO is used can be traced (so-called heatmaps). For example, it can be seen how far users scroll, which buttons are clicked how often, and how much time users spend on which pages, as well as what they like and what they do not, etc. Furthermore, with the help of VWO it is also possible to obtain feedback directly from website users using a survey tool. In addition, we control VWO tests (so-called A/B tests, split tests and multivariate tests) in order to understand what effects adjustments to the user interface have. We use VWO technology in order to better understand the needs of our users and to optimize the offering and experience on our website.

In this context, we process, among other things, the following data:

buttons clicked by you,
course of mouse movements,
scroll depth,
IP address of your end device,
screen size of the end device,
device type (unique device identifiers) and browser information,
your geographical location (country), and
preferred language for displaying our website.

Via VWO, the use of our website is analyzed completely anonymously; all personal data is automatically hidden and not processed. Areas of the website in which personal data of you or third parties is displayed are automatically masked by VWO and are therefore not traceable at any time. In order to exclude direct personal reference, IP addresses are stored and processed only in anonymized form.

For this purpose, VWO works with cookies and other technologies in order to collect data about user behavior and about their terminal devices. VWO stores this information on our behalf in a pseudonymized user profile.

We would like to point out that no adequate level of protection exists for data transfer to third countries. This could involve various risks for the lawfulness and security of data processing. As the basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfer there, Visual Website Optimizer uses so-called standard contractual clauses (= Art. 46 para. 2 and 3 GDPR). Standard contractual clauses (SCC) are model templates provided by the European Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as India) and stored there. Through these clauses, Visual Website Optimizer undertakes to comply with the European level of data protection when processing your relevant data, even if the data is processed in the third country. These clauses are based on an implementing decision of the European Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The legal basis for the processing of your personal data is Art. 6 para. 1 lit. a GDPR (consent).

You can prevent the processing of your data by VWO at any time by not giving us consent to the use of “behavioral cookies” on this website or by objecting.

Alternatively, you can generally prevent the collection of your data by VWO by disabling the tool via VWO’s opt-out page: https://vwo.com/opt-out/

Further information about Wingify Software Pvt. Ltd. and the VWO tool can be found at: https://vwo.com/
The privacy policy of Wingify Software Pvt. Ltd. can be found at: https://vwo.com/privacy-policy/

12. Lead Forensics

The website uses Lead Forensics. This is a SaaS (Software as a Service) solution provided by Lead Forensics, Building 3000, Lakeside, North Harbour, Portsmouth, PO6 3EN (“Lead Forensics”). Lead Forensics provides our company with insights into the visitors to our website and works on the basis of so-called “reverse business IP tracking.”

The Lead Forensics software identifies the companies that visit our website via their IP address and matches the corporate IP address to a global database of companies and company information wholly owned by Lead Forensics. Lead Forensics does not identify personal IP addresses, mobile devices, or other data not associated with the company. IP addresses that cannot be assigned are securely stored during the validation process and then deleted.

Information on Lead Forensics’ privacy practices can be found here: https://www.leadforensics.com/privacy-policy/

Recipients of the data:
Lead Forensics Limited
3000 Lakeside North Harbour, Portsmouth
Hampshire PO6 3EN / United Kingdom

We have concluded an order processing agreement with Lead Forensics in accordance with Art. 28 GDPR.

Purposes of processing:
The purpose of the processing is to provide you with relevant product and company information. We use the data to gain insights for our sales and marketing departments in order to contact relevant contacts within these companies and to provide information about CWS products and services.

Legal basis:
Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest). Processing is necessary so that CWS can pursue its legitimate interests in contacting contacts in organizations that have shown interest in CWS products and/or services. However, business-related data does not fall under the GDPR, as it is intended to protect personal data. Therefore, the version of the Lead Forensics solution used by CWS is not relevant for the GDPR.

Storage period:
The data stored in Lead Forensics is processed and stored in the United Kingdom within a secure environment.

Lead Forensics has a continuous cycle of data cleansing and updating. All data in the Lead Forensics solution is verified at least once within a 12-month cycle. Invalid records are placed in a deletion queue and then securely deleted four times within a 12-month period.

Place of data storage:
The storage of data in connection with the use of Lead Forensics takes place exclusively in the United Kingdom / the EU. No transfer of data to third countries takes place.

Obligation to provide data:
You are not obliged to provide us with personal data when you visit our website in connection with Lead Forensics.

VII. Newsletter

1. Purpose and scope of the processing, legal basis of the processing

When registering for our newsletter, we process your master and contact data (name, email address) in order to send you the newsletter (including customer satisfaction surveys) by email (direct advertising). The legal basis for processing your data is your consent (Art. 6 para. 1 lit. a) GDPR).

If you give us separate consent for performance measurement for our newsletter, we also collect statistical data on the reach of our newsletter (data on whether and how the newsletter is read and whether or by whom links inserted in the newsletter are clicked). We also use this data in order to be able to send you personalized advertising. The legal basis for processing your data is your consent (Art. 6 para. 1 lit. a) GDPR).

You can find the exact wording of your consent on the website through which you submitted the declaration (e.g. contact form, newsletter registration). Consent to the sending of the newsletter and to newsletter performance measurement can be withdrawn at any time with effect for the future. Newsletter recipients can declare the withdrawal by clicking the “unsubscribe link” provided in every newsletter or, for example, by email to widerruf-de@cws.com. By clicking the “unsubscribe link,” both consents (if granted) are withdrawn. If you send us an email to withdraw your consent, please specify which consent you wish to withdraw.

In addition, we process your email address in order to be able to carry out proper registration for the newsletter (double opt-in procedure, i.e. you will receive a message at the specified email address asking you to confirm your newsletter registration) and, if you unsubscribe from the newsletter, to ensure that you do not receive any further newsletters (inclusion on a suppression list). The legal basis for this processing is our legitimate interest (Art. 6 para. 1 lit. f) GDPR) in operating the newsletter in a legally compliant manner.

2. Controller and contact option

The respective CWS company named when registering for the newsletter is responsible for the processing described under section 1. The individual CWS companies can be viewed here. These are referred to as the “CWS companies” in this section VII. (Newsletter). The responsible CWS company can also be taken from the newsletter itself (see the footer there). Occasionally, several CWS companies together with CWS International GmbH decide how the processing described in section 1 is carried out (e.g. when products of several CWS companies are advertised). In this case, the CWS companies and CWS International GmbH are jointly responsible.

Between the jointly responsible CWS companies, it has been agreed that the CWS company named in the footer of the newsletter is responsible vis-à-vis the data subjects for information obligations and data subject rights under the GDPR. It has also been agreed that the jointly responsible companies cooperate closely in fulfilling their obligations under the GDPR and in particular provide each other with the necessary information in order to be able to properly fulfill information obligations and data subject rights.

If you have any questions about data processing or wish to exercise your data subject rights, you can contact our data protection officer by post (CWS International GmbH – Data Protection Officer –, Franz-Haniel-Platz 1b, 47119 Duisburg) or by email (datenschutzbeauftragter@cws.com). You are also free to contact each individual jointly responsible company (e.g. in order to exercise your rights).

3. Storage period

Insofar as the processing is based on consent, the data is deleted after withdrawal of consent or upon unsubscribing from the newsletter. After withdrawal, we may only continue to process your data if we still need it for another purpose and are allowed to process it in compliance with data protection law (e.g. email address for answering a contact inquiry you have submitted) or if we must retain the data to fulfill statutory retention obligations. If you unsubscribe from the newsletter, your email address remains stored in a suppression list so that you do not receive any further newsletters. For carrying out the registration process (double opt-in procedure), we store your email address for 14 days on a list of addresses pre-registered for the newsletter.

4. Transfer of personal data to other persons and to recipients in third countries

If you have given your consent, your data will be passed on to the CWS companies named in the declaration of consent (you can see which CWS companies these are here). Furthermore, we and the other CWS companies may use service providers and commission them with data processing (e.g. to send the newsletter or carry out performance measurement). These service providers are obligated by us to comply with data protection and act only on our instructions.

Your personal data is stored exclusively in Germany. As a rule, we do not transfer your data to recipients established outside the European Union.

VIII. Contact form and email contacts

1. Description and scope of data processing

The processing of your name and contact information in order to provide you with information about our products, to manage your registration, for registration and participation in our events and webinars, for managing your registration for competitions or promotions, for providing customer support, or when we communicate with you in another way.

There is a contact form on our website which can be used for electronic contact. If a user makes use of this option, the data entered in the input mask is transmitted to us and stored. This data is:

Mandatory:

Email address
Last name
First name
ZIP code/city
Telephone number
Company/institution
Street and house number
Your message

Voluntary:

Need
Upload CV (for applicants only)

At the time the message is sent, the following data is also stored:

IP address of the calling computer
Date and time of registration

For the processing of the data, your consent is obtained as part of the sending process and reference is made to this privacy information.

Alternatively, contact can be made via the email address provided. In this case, the user’s personal data transmitted with the email will be stored.

In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation.

2. Legal basis of the processing

If the user has given consent, the legal basis for processing the data is Art. 6 para. 1 lit. a GDPR.

The legal basis for processing the data transmitted in the course of sending an email is our legitimate interest in answering your request pursuant to Art. 6 para. 1 lit. f GDPR.

If the email contact aims at the conclusion of a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR.

3. Purpose of data processing

The processing of the personal data from the input mask serves us solely for handling the contact request. In the event of contact by email, this also constitutes the necessary legitimate interest in processing the data.

The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.

4. Duration of storage

The data is deleted as soon as it is no longer required for achieving the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

The personal data additionally collected during the sending process will be deleted no later than after a period of 7 days.

5. Possibility of objection and removal

The user has the possibility at any time to withdraw their consent to the processing of personal data. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued. To withdraw consent and to object to storage, you can use the email address used for contact or the email address stated in the legal notice.

All personal data stored in the course of contacting us will be deleted in this case.

IX. CWS Assistant (Chatbot)

You can use the CWS Assistant (chatbot) on our website for questions about customer service and our products. The automated bot is a product of Qodea Ltd., Lowry House, 17 Marble Street, Manchester / United Kingdom.

So that a user who has already started a conversation with the chatbot can be recognized again after a pause, an anonymous identifier is stored with the user when a conversation is started. This ensures that the user dialogue can continue over multiple website visits without loss of context. Chat histories are deleted after no later than 90 days. Information on the privacy practices of the name of the chatbot company can be found here: https://qodea.com/privacy-policy/

Recipients of data:
Qodea Limited
Lowry House, 17 Marble Street
M2 3AW Manchester / Great Britain

We have concluded an order processing agreement with the name of the company Qodea in accordance with Art. 28 GDPR.

Processing purposes: The purpose of processing is to provide you with an uncomplicated contact option. After the start of a chat, we store various information in local storage. The storage of this content is technically necessary for the use of the chat and serves to recognize your chat with all individual messages for one hour. This ensures that the chat is preserved for one hour even if you leave it or pause it in the meantime. After that, the chat can no longer be assigned, is archived, and deleted after no later than 14 days.

Legal bases: Section 25 para. 2 no. 2 TDDDSG for storing the local storage keys on the terminal device and accessing information on the terminal device;
Art. 6 para. 1 sentence 1 lit. b GDPR (contract), insofar as you contact us in the context of a contract or contract initiation;
Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest). The legitimate interest arises from providing the chat contact option, for which the data is processed for technical and content-related error analysis as well as for further development (adding new answers), without which the chatbot could not function.

Storage period: In the browser until deletion by the user or when the user opens the chat widget, in the Qodea platform after 1 hour. The chat history is stored for a maximum of 14 days in order to train the system and to be able to respond better to chat inquiries in the future. After that, the chat history is irrevocably deleted.

Place of data storage: The storage of data in connection with the use of the chatbot takes place exclusively in the EU. No transfer of data to third countries takes place.

No automated decision-making: No automated decision-making including profiling takes place through the chatbot.

Obligation to provide data: You are not obliged to provide us with personal data in connection with the chat function. If you do not provide us with certain required information in connection with the processing of a contract, your request may possibly not be processed further by us.

X. CWS customer portal

1. Description and scope of data processing

We provide you with the CWS customer portal, with which you can manage your contracts concluded with CWS and view invoices and delivery notes.

On the portal’s homepage, we offer you the opportunity to register for certain services provided on our website and thereby create a user profile.

The data is entered into an input mask and transmitted to us and stored. No data is passed on to third parties.

For registration to our customer portal, we use the so-called double opt-in procedure. This means that after your registration, we send you an email to the specified email address in which we ask you to confirm that you wish to register for the customer portal. If you do not confirm your registration within 48 hours, your information will be blocked and automatically deleted after one month.

As part of registration and setup, we collect and use the following personal data:

First and last name
Email address
Date and time of registration
Company
Telephone number
Customer number
Country

In addition, voluntary information may be provided (e.g. position/role, desired username, additional information, etc.). Mandatory information required for registration is marked in the input mask with an asterisk note as a mandatory field. With your user account, you have the opportunity to use further parts of our website and to log in to the offers you have acquired. The legal basis for data processing is, in the event of consent, Art. 6 para. 1 lit. a GDPR or Art. 6 para. 1 lit. b GDPR, insofar as the processing is necessary for providing the desired services.

2. Purpose of data processing

Your registration does not take place for the conclusion of a contract: your registration is necessary for providing certain content and services on our website.

The collection of data in the registration process serves to assign the correct contracts to the registrant, so that they can in fact manage only their contracts and view the corresponding invoices and delivery notes.

The collection of other data within the registration process serves to prevent misuse of the services or of the email address used.

3. Duration of storage

The data is deleted as soon as you permanently delete your access and your data is no longer required within the framework of contract performance. Furthermore, we store the voluntary data you provide for the period of your use, insofar as you do not delete it beforehand.

Your data will be deleted as soon as the user account on our website is deleted and insofar as there are no statutory retention obligations. You can usually make a change and/or deletion of your user account including the data you have provided directly in your user account after login or initiate it by means of a corresponding message to the controller named at the beginning.

The other personal data collected within the registration process is generally deleted after a period of 7 days.

4. Possibility of objection and removal

You can permanently delete your access to the customer portal at any time by carrying out the steps explained in the customer portal. However, this does not eliminate your existing contract; it remains unaffected by this.

XI. Integration of YouTube videos

On our website, we embed videos from “YouTube,” a social media platform of Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as “Google”). The legal basis for the processing of your personal data in this context is your consent granted for this purpose pursuant to Art. 6 para. 1 lit. a GDPR.

If the playback of embedded YouTube videos is started by your consent, a server request is made, usually to a Google server in the USA. In this way, the server is informed which page you have accessed and the IP address of the browser of the visitor’s end device is transmitted to Google and stored by Google.

If you are logged into Google, your data may also be assigned by Google to your account when you click on a video. If you do not wish this assignment to your YouTube profile, you must log out before activating the button. Google stores this data as usage profiles and uses it for purposes of advertising, market research and/or the needs-based design of its websites. You have a right to object to the creation of these user profiles. Please contact Google directly for this purpose.

Further information on privacy and on Google’s use of data can be found on the following Google website: https://policies.google.com/privacy?hl=de&gl=de

XII. Integration of Google Maps

Our homepage uses the online map service provider Google Maps via an interface. This enables us to display interactive maps directly on the website and allows you to conveniently use the map function. The provider of the map service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. To use the functionalities of Google Maps, it is necessary to store your IP address.

Google uses cookies here in order to collect information about user behavior. The legal basis for the processing of your personal data is your consent granted for this purpose pursuant to Art. 6 para. 1 lit. a GDPR, Section 25 para. 1 TDDDG.

Further information on the handling of user data can be found in Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/
Opt-out: https://www.google.com/settings/ads/

XIII. Integration of Google Fonts

We use “Google Fonts” on our website, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”). Google Fonts enables us to use external fonts. For this purpose, the required Google Fonts are loaded into your browser cache by your web browser when our website is accessed. This is necessary so that your browser can also display an optically improved presentation of our texts. If your browser does not support this function, a standard font from your computer will be used for display. These Google Fonts are integrated by means of a server request, usually to a Google server in the USA. In this way, the server is informed which page of our website you have visited. Google also stores the IP address of the browser of the visitor’s end device.

We use Google Fonts for optimization purposes, in particular to improve the use of our website for you and to make its design more user-friendly. Processing takes place pursuant to Art. 6 para. 1 lit. a GDPR on the basis of your consent. This consent can be withdrawn at any time with effect for the future.

Further information on privacy can be found in Google’s privacy policy: http://www.google.de/intl/de/policies/privacy
Further information on Google Fonts can be found at https://fonts.google.com/

XIV. Online presences in social media

External links:
Social networks (LinkedIn, Facebook, Instagram, YouTube, TikTok) are only integrated on our website as links to the corresponding services. After clicking on the embedded text/image link, you will be redirected to the page of the respective provider. Only after the redirection will user information be transmitted to the respective provider. For information on the handling of your personal data when using these websites, please refer to the respective privacy policies of the providers you use.

We maintain online presences within social networks and platforms in order to communicate with customers, interested parties and users active there and to inform them there about our services. When accessing the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply.

Unless otherwise stated within our privacy information, we process the data of users if they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.

XV. Data security

In accordance with Art. 32 GDPR, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of processing as well as the varying likelihood and severity of the risk for the rights and freedoms of natural persons, we take suitable technical and organizational measures to ensure a level of protection appropriate to the risk. This website uses SSL encryption for security reasons and to protect the transmission of confidential content.

XVI. Data subject rights

Below you will find information on the data subject rights granted to you by applicable data protection law vis-à-vis the controller with regard to the processing of your personal data:

The right, pursuant to Art. 15 GDPR, to request information about your personal data processed by us. In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, as well as the existence of automated decision-making including profiling and, where applicable, meaningful information on its details.

The right, pursuant to Art. 16 GDPR, to request without undue delay the rectification of inaccurate personal data stored by us or the completion of your personal data.

The right, pursuant to Art. 17 GDPR, to request the erasure of your personal data stored by us, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims.

The right, pursuant to Art. 18 GDPR, to request the restriction of processing of your personal data insofar as the accuracy of the data is contested by you, the processing is unlawful but you oppose its erasure and we no longer need the data, but you require it for the establishment, exercise or defense of legal claims, or you have objected to processing pursuant to Art. 21 GDPR.

The right, pursuant to Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request transmission to another controller.

The right, pursuant to Art. 77 GDPR, to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of the federal state of our registered office stated above or, where applicable, that of your usual place of residence or workplace.

The right to withdraw consent granted pursuant to Art. 7 para. 3 GDPR: You have the right to withdraw consent once granted to the processing of data at any time with effect for the future. In the event of withdrawal, we will delete the data concerned without undue delay, unless further processing can be based on a legal basis for processing without consent. The withdrawal of consent does not affect the lawfulness of processing carried out on the basis of the consent before its withdrawal.

1. Right to object

Insofar as your personal data is processed by us on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right pursuant to Art. 21 GDPR to object to the processing of your personal data insofar as this is done for reasons arising from your particular situation. If the objection is directed against the processing of personal data for the purpose of direct advertising, you have a general right to object without the requirement to state a particular situation.

If you wish to exercise your right of withdrawal or objection, simply send an email to datenschutzbeauftragter@cws.com.

XVII. Legal obligations

The provision of personal data for the decision on the conclusion of a contract, contract performance or for carrying out pre-contractual measures is voluntary. However, we can only make the decision in the context of contractual measures if you provide such personal data as is required for the conclusion of the contract, contract performance or pre-contractual measures.

XVIII. Automated decision-making

Automated decision-making or profiling pursuant to Art. 22 GDPR does not take place.

XIX. Reservation of the right to make changes

We reserve the right to adapt or update this privacy policy if necessary in compliance with the applicable data protection regulations. In this way, we can adapt it to the current legal requirements and take into account changes to our services, e.g. when introducing new services. The current version applies to your visit.

Version of this privacy policy: 01/01/2026

Privacy policy

I. Name and address of the controller within the meaning of the GDPR

II. Contact details of the data protection officer

III. General information on data processing

1. Definitions

2. Scope of the processing of personal data

3. Legal basis for the processing of personal data

4. Data deletion and storage period

5. Access to and storage of information in terminal equipment

6. Web hosting

IV. Server log files in the context of providing the website

V. Use of “own” cookies

1. Description and scope of data processing

a) Technically necessary cookies

b) Technically unnecessary cookies (analysis cookies)

2. Purpose of data processing

a) For technically necessary cookies

b) For technically unnecessary cookies

3. Browser settings

4. Change cookie settings

VI. Website analysis tools

1. Google Ads

2. Google Analytics

a) Description and scope of data processing

3. Google Photos

4. Google Tag Manager

5. LinkedIn Analytics / LinkedIn Insight

6. Meta Pixel

7. Microsoft Advertising (Bing Ads and Bing Conversion)

8. Vimeo

9. Etracker (CWS customer portal)

a) Description and scope of data processing

10. Infinity Call Tracking

11. Visual Website Optimizer (VWO)

12. Lead Forensics

VII. Newsletter

1. Purpose and scope of the processing, legal basis of the processing

2. Controller and contact option

3. Storage period

4. Transfer of personal data to other persons and to recipients in third countries

VIII. Contact form and email contacts

1. Description and scope of data processing

2. Legal basis of the processing

3. Purpose of data processing

4. Duration of storage

5. Possibility of objection and removal

IX. CWS Assistant (Chatbot)

X. CWS customer portal

1. Description and scope of data processing

2. Purpose of data processing

3. Duration of storage

4. Possibility of objection and removal

XI. Integration of YouTube videos

XII. Integration of Google Maps

XIII. Integration of Google Fonts

XIV. Online presences in social media

XV. Data security

XVI. Data subject rights

1. Right to object

XVII. Legal obligations

XVIII. Automated decision-making

XIX. Reservation of the right to make changes

We love washrooms!

Generally

© 2026 Clear+.