The translation service consultancy Paul Alexander Deman e.K., owner Cédric Sigoire, Grafenberger Allee 68, 40237 Düsseldorf, Germany, takes the protection of your personal data (“data”) very seriously. In the cases described below, we process such data on the basis of the General Data Protection Regulation (EU) 2016/679 (GDPR). Personal data is information that refers to a natural person.
1. Visiting our website
You can visit our website without entering any data. Data is entered on a voluntary basis. Nevertheless, data is processed automatically as described below.
a) General information
When you visit this website, your IP address, the country from which you access our website, the date, time and duration of access to our website and its subpages, information about the browser you use and the operating system you use, including display resolution and language settings, will be processed. This data is stored in log files for 14 days.
This data is processed on the basis of Art. 6 Sec. 1 b) and f) GDPR and Art. 8 Sec. 1 a) and c) of the “e-Privacy Regulation” and solely for the purpose of enabling you to visit our website and – after anonymising the data – for statistical purposes according to No. 1. c). The collection of this data is neither legally nor contractually required; however, for technical reasons it is not possible to use the website without collecting this data.
We also use session cookies and permanent cookies. Cookies are small files containing an identification number assigned by us. Cookies are stored on your computer or mobile device when you visit our website. If you visit our website again, your computer or mobile device can be recognised by this identification number. Cookies make it easier for you to navigate through our website and help us adapt the design and content of our website to your expectations.
We are entitled to set session cookies in accordance with Art. 6 Sec. 1 f) GDPR and Art. 8 Sec. 1 a) and d) “e-Privacy Regulation”. Session cookies are deleted after closing the browser. Permanent cookies are set on the basis of Art. 6 Sec. 1 f) GDPR and Art. 8 Sec. 1 b) and d) “e-Privacy Regulation”. Permanent cookies are valid for up to 24 months and will be deleted afterwards.
c) Google Analytics
Google will use this information on our behalf to evaluate the use of our website by users, compile reports on activities within this website and to provide us with further services associated with the use of this website. In the process, pseudonymous user profiles of the user can be generated from the data processed.
We only use Google Analytics with activated IP anonymisation. This means users’ IP addresses are abbreviated by Google within member states of the European Union or in other contracting states of the European Economic Area. The whole IP address will only be transmitted to a Google server in the USA and truncated there in exceptional cases. The IP address transmitted by the user’s browser will not be associated with any other data from Google.
Users can prevent cookies being stored by adjusting their browser software settings accordingly, as described above. Furthermore, users can prevent the data generated by the cookie and data related to their use of the website from being recorded and processed by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
Alternatively, or within browsers on mobile devices, the user can click on the following link: [Schalter ga-disable-UA-XXXXXX-Y] (see https://developers.google.com/analytics/devguides/collection/gajs/?hl=de#disable). In the process, an opt-out cookie will be placed on the user’s device for our website with effect for the browser currently used by the user. If the user deletes their cookies in this browser, they will have to click on this link again. If the user uses multiple devices or browsers, they will have to click on this link again in each individual browser for each individual device.
For the exceptional cases in which Google transmits data to the USA, Google has submitted to the “EU-US Privacy Shield”. In its Adequacy Decision (EU) 2016/1250 of 12 July 2016, the European Commission has decided that this will ensure an adequate level of data protection.
The data will be processed on the basis of Art. 6 Sec. 1 f) GDPR and, if you are a Google customer, also on the basis of Art. 6 Sec. 1 a) or b) GDPR, if applicable. We have a legitimate economic interest in adapting our website to the needs of its visitors and using these statistics for internal market research on the basis of the evaluation of the above statistics. The provision of this data is not obligatory and is not required for concluding a contract with us.
There is further information about Google Analytics on the following Google website: https://support.google.com/analytics/answer/6004245?hl=de.
2. Use of our contact form
For data that you enter into our contact form and that is required for the fulfilment of a contract between your company and us or for the performance of pre-contractual measures, only clause 3 shall apply. In addition, we may also process your data entered into our contact form (e.g. email address, possibly data in the “Message” field) in accordance with Art. 6 Sec. 1 a) GDPR outside of contractual relationships, provided that you have consented to this processing by ticking the “Send” button. If you upload a file attachment containing special categories of data (origin, political views, religious beliefs, trade union membership, biometric, health or sexuality data), you also consent to the processing of this data.
The processing takes place for the treatment of your inquiry entered into the contact form. The data will be deleted three years after receipt of the request. The provision of this data is neither legally nor contractually required and is not necessary for the conclusion of a contract. However, the use of the contact form requires that you enter an email address, otherwise we will not be able to respond to your inquiry. If you provide further data, this is voluntary.
3. Data processing in the context of business relations
We may process data on the basis of Art. 6 Sec. 1 b) GDPR if this is required for the fulfilment of a contract between you and us or for the performance of pre-contractual measures that were taken at your request.
This data includes your name, billing and delivery address, email address and, if applicable, your telephone and fax numbers and, if applicable, payment data such as account details (customer data).
If you provide us with documents for translation that contain special categories of personal data, you consent to the processing of this data, which we then process in accordance with Art. 6 Sec. 1 a) GDPR.
The provision of personal data is neither legally nor contractually required. However, in order to conclude a contract with us, your name or company name, your email address and your postal address must be processed. Without this data it would not be possible to send emails to you, e.g. to provide the translations, to issue an invoice and, if necessary, to assert justified claims.
We may process this data until the final performance of the respective contract and within the limitation periods or warranty periods for the above-mentioned purposes. If processing for other purposes is permitted thereafter, the data may also be processed beyond this (Art. 5 Sec. 1 b], 6 Sec. 4 GDPR). If storage of the data is necessary for the fulfilment of our legal obligations in accordance with Art. 6 Sec. 1 c) GDPR, we are entitled to store the data until the expiry of such storage periods.
4. Recipients of data
Data is not generally passed on to third parties without your consent. We do, however, use order processers. Order processers only process the data according to instruction, on our behalf and not for their own purposes. The following order processers are involved here:
- Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
- selected freelance translators and partner translation agencies
- maintenance companies with remote access to our computer systems
- cloud and hosting providers
5. Your rights regarding data protection
You can request information from us in accordance with Art. 15 GDPR as to whether and which data we process from you. The extent and form of the information is also governed by Art. 15 GDPR.
You are entitled to receive your data transmitted to us in a structured, standard and machine-readable format and to transfer this to a third party, provided that the processing happens with consent or in relation to a contract and that the data is processed automatically. If you require this and if it is technically possible, we will also transfer this data directly to a third party.
You can request the rectification and, under certain circumstances, the completion of your data in accordance with Art. 16 GDPR. You have the right to have your data deleted in accordance with Art. 17 GDPR or restricted in accordance with Art. 18 GDPR.
Insofar as we process data for our legitimate interests exclusively on the basis of Art. 6 Sec. 1 f) GDPR, you have the right to object to the processing of your data for reasons relating to your particular situation. If you file an objection, we will no longer process the data concerned, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
In addition, you can object to our processing of your data for direct marketing purposes at any time without incurring other than the transmission costs according to the basic rates.
If processing is based on your consent, you have the right to withdraw your consent at any time. The withdrawal shall not affect the lawfulness of processing based on consent before its withdrawal. The withdrawal can be sent in an email to firstname.lastname@example.org. After withdrawal, the data will no longer be processed. This does not apply if we are legally entitled or obliged to do so.
You have the right to make a complaint to the supervisory authority “State Commissioner for Data Protection”, Nordrhein-Westfalen, Kavalleriestrasse 2–4, 40213 Düsseldorf, Germany, or to any other supervisory authority.
As at: Mai 2018