Privacy Statement

We are pleased about your use of our website. The protection of your personal data is important to us and we want you to feel safe when using our website.

1. Information concerning the collection of personal data

(1) The following shall inform you about the collection, processing and utilization of personal data on our website. Personal data means all data relating to a living individual who can be identified.

(2) Controller as per the EU General Data Protection Regulation (GDPR) is:

Neo Q Quality in Imaging GmbH
Salzufer 15/16
In der Lanolinfabrik
10587 Berlin
Germany
Phone: +49 (0) 30 863 236 440
Fax: +49 (0) 30 863 236 499
E-mail: info@neo-q.de

You can reach our data protection officer by contacting us on the following email address: datenschutz@neo-q.de or by sending us a letter addressed to “Data Protection Officer”.

(3) If we use contracted service providers for individual functions to present our services to you or to your data for advertising purposes, we will inform you in detail about the respective processes below.

2. Your rights as a data subject

(1) You have the following rights against us with respect to the personal data concerning you:

  • Right of access by the data subject (Art. 15 GDPR):
    You have the right to request information on the data we hold about you from us at any time. This information includes, but is not limited to, the categories of data we process, the purposes for which it is processed, the source of the data if not collected directly from you, and, if applicable, the recipients with whom we have shared your data. You can obtain a copy of your data from us free of charge. If you require additional copies, we reserve the right to charge you for these copies;
  • Right to rectification (Art. 16 GDPR):
    You have the right to request that we rectify inaccurate data relating to you. We will take appropriate steps to keep the data we store and process on an ongoing basis accurate, complete and current, based on the most up-to-date information available;
  • Right to erasure (Art. 17 GDPR):
    You have the right to demand the deletion of your personal data stored with us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • Right to restriction of processing (Art. 18 GDPR):
    You have the right to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, if the processing is unlawful but you refuse to have it deleted and we no longer need the data, but you need it for the assertion, exercise or defence of legal claims or if you have lodged an objection to the processing pursuant to Art. 21 GDPR;
  • Right to data portability (Art. 20 GDPR):
    You have the right to request that we transfer your data – if technically possible – to another responsible party. However, you may only enforce this right if data processing is based on your consent or is necessary for the performance of a contract. Rather than receiving a copy of your data, you may also ask us to submit the data directly to another responsible party specified by you.
  • Right to object (Art. 21 GDPR):
    You have the right to object to the processing of your data at any time for reasons that arise from your particular situation, as long as data processing is based on your consent, on our legitimate interests or those of a third party. In this case, we will cease to process your data. This does not apply if we can show that there are compelling legitimate grounds for processing that outweigh your interests, or if we need your data for the establishment, exercise or defence of legal claims.
  • Right to withdraw consent (Art. 7 (3) GDPR):
    You have the right to revoke your consent to us at any time. As a result, we are not allowed to continue the data processing that was based on this consent in the future.

 

(2) Inquiries regarding your rights as a data subject you can direct to us under the contact details mentioned under §1 or by post to the controller’s postal address.

(3) If you have the feeling we have not responded in an appropriate manner to your complaints or you have further concerns, you additionally have the right to complain to a data protection authority. The responsible authority to us is the Berliner Beauftragte für Datenschutz und Informationssicherheit; https://www.datenschutz-berlin.de/.

3. Collection of personal data when visiting our website

If you use the website simply for informational purposes, i.e. if you do not register yourself or send us any information, we collect only the personal data which your browser sends to our server. If you wish to view our website, we collect the following technical data which we need to enable us to show you our website and ensure stability and security (the legal basis is Article 6, Paragraph 1, Sentence 1, Letter f of the GDPR):

  • IP address
  • date and time of the query
  • time zone difference relative to Greenwich Mean Time (GMT)
  • content of the query (specific site)
  • access status/HTTP status code
  • data volume transmitted in each case
  • website from which the request emanates
  • browser
  • operating system and its user interface
  • language and version of the browser software

 

The data mentioned above gets processed for the following purposes:

  • To ensure a smooth connection of the website,
  • Guarantee a comfortable use of our website,
  • Evaluation of system security and stability as well as for other administrative purposes.

 

This information is temporarily stored in so-called log files. This information is recorded without your intervention and stored until it is automatically deleted.

4. Cookies

(1) In addition to the before mentioned data categories we use cookies to make the experience of visiting our website as user-friendly as possible and to allow you to make use of certain functions. Cookies are little text files that are saved on your browser’s delegated hard drive, through which certain information flows back to the person who sets the cookie (in this case us). Cookies are used to improve the user experience and effectiveness of our website.

(2) Kind of Cookies

This website uses the following types of cookies:

  • Transient Cookies
  • Persistent Cookies

 

a) Transient cookies are automatically deleted when you close your browser. These are mostly session cookies, which save a so-called “session-ID”, which allows for the assigning of different queries within your browser during a particular session. This can be used to identify your device when one repeatedly visits a website during a session. These cookies are deleted once you log out or the browser window is closed.

b) Persistent cookies enable the website to remember your information and settings on your next visit. This gives you faster and more convenient access to the website, as you do not have to change your language settings again, for example. How long the cookie remains on your device depends on the duration or expiration date of the respective cookie and your browser settings. These cookies are automatically deleted after a set period of time which can differ from cookie to cookie. Persistent cookies can be deleted via the security settings in your browser at any time.

(3) Depending on the kind of cookie, we use cookies either on the basis of our legitimate interests (technically necessary cookies) or on the basis of your consent (optional cookies), according to your selection of the cookie banner displayed when you access the website. You can also configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. This may result in a functional limitation of our offers.

5. Recipients or categories of recipients of personal data

(1) Within the scope of our activities and services, it may become necessary for us to disclose the personal data stored about you to natural persons, legal entities or public authorities. We conclude contracts with our service providers, which ensure that they may only process your personal data in a way that we have explicitly instructed them to do so. Furthermore, we ensure that they take the necessary technical and organizational measures to process your data securely and store your personal data only as long as necessary. External service providers who may receive personal data generally fall into the following categories of recipients:

  • Credit institutions and providers of payment services for billing and payment processing (online payment providers)
  • Parcel Shipper
  • IT service provider e.g. to maintain our IT infrastructure or for the management of customer data
  • Cloud provider
  • Service provider for the optimization of the online offer
  • Collection service providers or lawyers to collect receivables and enforce claims in court. If, in the event of a collection case, personal data (customer and contact data, payment and consumption data and data on the claim) is transferred to a collection service provider, we will inform you in advance about the intended transfer.

 

(2) If data is processed in countries outside the European Union or the EWR, we will ensure that your personal data is processed in accordance with the European data protection level. In the absence of a decision by the EU Commission, we only transfer data to service providers from third countries that offer suitable guarantees in accordance with Art. 46 GDPR (usually EU Standard Contract Clauses). In cases where this cannot be ensured even through this contractual extension, we endeavor to obtain additional regulations and commitments from the data recipient.

6. Contact form

(1) When you contact us (for example by e-mail or via the contact form), the information you provide will be processed for the purpose of processing your request and for the event that follow-up questions arise. The contact form is an additional service provided by us to enable you to contact us quickly and easily and is based on Art. 6 para. 1 f GDPR.

(2) The personal data collected by us in this context will be deleted when the request associated with the contact has been completely clarified and it is also not to be expected that the specific contact will become relevant again in the future, unless legal storage obligations stand against this.

7. Social-Media, portals

(1) We are represented in the social networks and employer evaluation portals mentioned below. These presences are operated exclusively by the respective provider. They serve to communicate directly with customers, interested parties and users. If you contact us via our social media channels, we process the data that you provide us with as well as the data that is necessary to process your request (Art. 6 para. 1 letter b GDPR). Insofar as you have given your consent to the operators of the respective social media platforms (e.g. by means of a checkbox opt-in), the processing is carried out on the basis of Art. 6 para. 1 a GDPR. You can revoke your consent at any time with the operator of the respective platform with effect for the future.

(2) When you visit our social media pages, your user data is recorded and provided to us by the operator. The exact types of data differ from provider to provider, but generally include the following information:

  • Follower: number and stored profiles; information about growth and development over a defined time frame.
  • Reach: number of people who see a specific contribution; number of interactions with a contribution. From this, it can be deduced, for example, which content is better received by the community than others.
  • Ad performance: How many people were reached by a contribution or a paid ad and have interacted with it?
  • Demographics: Average age of visitors, gender, location, language.

 

(3) Since our social media channels are operated by the providers of the respective social network, there may be a supplementary use of your personal data by the respective operator, over which we have no influence. This often involves the recording of your IP address, the creation of static evaluations and the processing of further information stored in the form of cookies. We have no influence on the generation and presentation of this data and can neither turn off this function nor prevent the processing of the data.

(4) The assertion of data subject rights and requests can most effectively be addressed directly to the platform providers, since only they have access to your data and can take immediate action and provide information. Should our cooperation be necessary for this, we will support you in enforcing your rights as a data subject.

(5) On our social media platforms, we are jointly responsible with the respective providers for the data processing operations that take place there. Whenever possible, we have concluded a joint controllership agreement with the providers in accordance with Art. 26 GDPR.

(6) More detailed information about the terms of use of the respective platform as well as a detailed description of further data processing and the respective possibilities of objection can be found on the pages of the providers under:

LinkedIn (LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland): https://www.linkedin.com/legal/privacy-policy.
Xing (New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany): https://privacy.xing.com/de/datenschutzerklaerung/allgemeine-hinweise.
Kununu (Anwendung der New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany): https://privacy.xing.com/de/datenschutzerklaerung/allgemeine-hinweise.
YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland): https://policies.google.com/privacy?hl=de&gl=de.

8. Google Analytics

(1) Provided that you have given your consent, this website will utilise Google Analytics 4, a web analytics service provided by Google LLC. The responsible entity for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

(2) Google Analytics uses cookies, which enable an analysis of your use of our websites. The information collected by the cookies about your usage of the website is generally transmitted to and stored on a Google server in the USA.

(3) We use the User-ID feature. With the help of the User ID, we can assign a unique, persistent ID to one or more sessions (and the activities within these sessions) and analyze user behavior across devices.

(4) In Google Analytics 4, IP address anonymization is activated by default. Due to IP anonymization, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

During your visit to the website, your user behavior is captured in the form of “events”. Events can include:

  • Page views
  • First visit to the website
  • Start of the session
  • Your “click path”, interaction with the website
  • Scrolls (whenever a user scrolls to the bottom of the page (90%))
  • Clicks on external links
  • Internal search queries
  • Interaction with videos
  • File downloads
  • Viewed/clicked ads
  • Language settings

 

Otherwise, the following is also recorded:

  • Your approximate location (region)
  • Date and time of the visit
  • Your IP address (in shortened form)
  • Technical information about your browser and the devices you use (e.g., language settings, screen resolution)
  • Your internet service provider
  • The referrer URL (via which website/advertising medium you came to this website)

 

(5) On behalf of the operator of this website, Google will use this information to evaluate your use of the website and to compile reports on website activities. The reports provided by Google Analytics are used to analyze the performance of our website.

(6) Recipients of the data may include:

  • Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as a processor according to Art. 28 GDPR)
  • Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
  • Alphabet Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

It cannot be excluded that US authorities may access the data stored by Google.

(7) On July 10, 2023, the European Commission adopted its adequacy decision for the USA. Google LLC is certified under the EU-US Privacy Framework. Since Google servers are distributed worldwide and transmission to third countries (for example, to Singapore) cannot be completely excluded, we have also concluded the data processing agreement and EU standard contractual clauses with the provider.

(8) Data sent by us and linked to cookies will be automatically deleted after 2 months. The maximum lifespan of Google Analytics cookies is 2 years. Data whose retention period has been reached is automatically deleted once a month.

(9) The legal basis for this data processing is your consent according to Art.6 Para.1 S.1 lit.a GDPR and § 25 Para. 1 S. 1 TTDSG.

(10) You can revoke your consent at any time with effect for the future by calling up the cookie settings and changing your selection there. The legality of the processing carried out on the basis of the consent until the revocation remains unaffected.

You can also prevent the storage of cookies by setting your browser software accordingly. However, if you configure your browser to reject all cookies, this may result in limited functionality on this and other websites. Furthermore, you can prevent Google from collecting and processing the data generated by the cookie and related to your use of the website (including your IP address) by

  1. not granting your consent to set the cookie or
  2. downloading and installing the browser add-on for disabling Google Analytics HERE.

For more information about Google Analytics’ terms of use and Google’s privacy policy, please visit

https://marketingplatform.google.com/about/analytics/terms/en/ and https://policies.google.com/?hl=en

9. YouTube-Videos

(1) For marketing purposes, we have embedded YouTube videos in our online offer, videos that are saved on http://www.youtube.com and can be played directly from our website. These videos are embedded using “privacy-enhanced mode”, i.e. YouTube does not set any cookies to analyze user behavior, e.g. to personalize the video playback. Instead, video recommendations are based on the current video. Videos played in enhanced privacy mode do not affect which videos are recommended to a user on YouTube. The legal basis for this is Art. 6 para. 1 letter f) GDPR. Our legitimate interest lies in improving the quality of our Internet presence.

(2) By visiting the website, YouTube receives the information that you have called up the corresponding subpage of our website. This results in the transmission of certain user data to YouTube. A transmission of the data to YouTube takes place regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in at Google, your data will be assigned directly to your account. If you do not want the assignment with your profile on YouTube, you have to log out before activating the play button. For the purpose of functionality as well as for the analysis of usage behavior, YouTube permanently stores cookies via your internet browser on your end device. If you do not agree with this processing, you have the possibility to prevent the storage of cookies by adjusting your internet browser settings. YouTube also stores your data as user profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide advertising tailored to your needs and to inform other users of the social network about your activities on our website. You have the right to object to the creation of user profiles, but you must contact YouTube to exercise this right. YouTube may process your personal data on servers in the US.

(3) If data processing takes place outside the EU, we have taken the necessary measures to ensure that the level of data protection is maintained (usually by concluding the EU standard contractual clauses). Google LLC (YouTube) is certified in accordance with the EU-US Privacy Framework. Further information on the EU-US Privacy Framework can be found at the following link https://www.dataprivacyframework.gov/s/

(4) Further information on the purpose, scope of data collection, your rights, setting options to protect your privacy and processing by YouTube is available under: https://www.google.de/intl/de/policies/privacy, https://policies.google.com/privacy?hl=de&gl=de, https://www.youtube.com/static?gl=DE&template=terms&hl=de, https://support.google.com/youtube/answer/171780?hl=de.

10. Analysis Tools and Advertising

SalesViewer®
Data is collected on this website and stored for marketing and market research as well as optimization purposes using SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Art. 6 (1) lit. f) of the EU General Data Protection Regulation (GDPR)).

A JavaScript-based code is used for this purpose to collect company-related data and for its usage. Data collected using this technology is encrypted using a non-reversible one-way function (termed ‘hashing’). The data is immediately pseudonymized and is not used to personally identify the visitor to this website.

You can object to the collection and storage of data at any time with effect for the future by visiting the website https://www.salesviewer.com/opt-out in order to prevent the collection of data by SalesViewer® via this website in the future. An opt-out cookie for this website is placed on your device. If you delete your cookies in this browser, you will need to click this link again.

SalesViewer® GmbH is headquartered in Bochum, Germany. More about SalesViewer can be found at: https://www.salesviewer.com/datenschutz.

Newsletter
If you subscribe to our company’s newsletter, the data in the respective input mask will be transmitted to the controller. Registration for our newsletter takes place in a double opt-in procedure. This means you will receive an e-mail after registration, requesting you to confirm your registration. This confirmation is necessary so no one can register with other e-mail addresses than their own.

When registering for the newsletter, the user’s IP address as well as the date and time of registration are stored. This serves to prevent misuse of the services or the e-mail address of the person concerned. The data will not be passed on to third parties. An exception exists if there is a legal obligation of disclosure.

The data is only be used for sending the newsletter. Subscription to the newsletter can be cancelled by the data subject at any time. Likewise, consent to storing personal data can be revoked at any time. You will find a corresponding link in every newsletter for this purpose.

The legal basis for processing the data after registering for the newsletter, as well as for the user sending the newsletter, if the user has given his consent, is Art. 6 (1) lit. a) GDPR. The legal basis for sending the newsletter to existing customers as a result of selling goods or services is, under special circumstances, Section 7 (3) of the German Unfair Competition Act (UWG).

Use of rapidmail
Description and purpose: We use rapidmail to send newsletters. The recipient of the data is rapidmail GmbH, Wentzingerstrasse, 21, 79106 Freiburg, Germany.

Rapidmail is also used to organize and analyze the dispatch of newsletters. The data you enter in order to receive the newsletter is stored on the rapidmail servers in Germany. Should you not want any analysis by rapidmail, you can unsubscribe from the newsletter at any time. We provide a corresponding link for this purpose in each newsletter message.

Furthermore, you can also unsubscribe from the newsletter directly on the website. For analysis purposes, the e-mails sent with rapidmail contain a tracking pixel, which connects to the rapidmail servers once the e-mail is opened. This allows you to determine if a newsletter message has been opened. Furthermore, with the help of rapidmail we can determine whether links are clicked on in the newsletter message and which ones. All links in the e-mail are tracking links, with which your clicks can be counted.

Legal basis: The legal basis for data processing is your consent pursuant to Art. 6 (1) lit. a) GDPR.

Recipient: The recipient of the data is rapidmail GmbH.

Transmission to third countries: The data will not be transmitted to third countries.

Duration: We only store your data with your consent for the purpose of the newsletter until the purpose is fulfilled, until you are removed from the newsletter and after unsubscribing from the newsletter the data is deleted from our servers as well as from the rapidmail servers. Data we store for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.

Revocation option: You have the possibility of revoking your consent to data processing with effect for the future at any time.

Further data protection information: For more details, see rapidmail’s data security information at: https://www.rapidmail.de/datensicherheit. For more details about rapidmail’s analysis functions, go to the following website: https://www.rapidmail.de/wissen-und-hilfe

Google reCAPTCHA
We use Google’s reCAPTCHA service when you register for the newsletter. Google collects certain data to determine whether a human or a machine is accessing our websites, e.g. your IP address, your screen and window resolution, the language set in your browser, the time zone in which you are located, the user agent of the browser and installed browser plug-ins. We have added the code “get._anonymizeIP();” to the service. This causes Google to shorten your IP address. You can find more information on IP address truncation in the Google Analytics explanations.

The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland as the processor. For this purpose, we have concluded an data  processing agreement and the EU standard data protection clauses with Google. Furthermore, Google has submitted to the EU-U.S. Data Privacy Framework (https://www.dataprivacyframework.gov/s/participant-search).

It cannot be ruled out that US authorities may access the data stored by Google.

We use this service to differentiate whether an entry in our newsletter input mask is made by a human or abusively automated/machine and thus to protect our technical systems.

Legal basis: The legal basis for data processing is our legitimate interest Art. 6 para. 1 lit. f GDPR.

Duration: The data collected via the Google functions is stored and deleted regularly. You can prevent the storage of cookies by selecting the appropriate settings in your browser.

Further information on the data protection provisions of Google Inc. can be found at: https://www.google.de/intl/en/policies/privacy/.