Secure handling of your data:
Data protection at Ceyoniq
Contents:
Privacy Policy
I. Name and address of controller
Controller under the General Data Protection Regulation and other national data protection laws of the member states and other provisions of data protection law:
Ceyoniq Technology GmbH, Boulevard 9, 33613 Bielefeld, Germany
Tel.: 0521/ 9318-1000, e-mail: info@ceyoniq.com, website: www.ceyoniq.com,
Contact details of the data protection officer:
E-mail: datenschutz@ceyoniq.com
II. General provisions on data processing
We only process your personal data as a user insofar as this is necessary to provide a functional website and our content and services. Personal data on our users is usually only processed with the permission of the user. An exception applies in cases in which it is not possible to gain permission for practical reasons and the processing of the data is permitted by statutory provisions.
III Legal basis for the processing of personal data
Where we obtain the permission of the data subject for the processing of personal data, Art. 6 Para. 1 Point a GDPR shall serve as the legal basis. Art. 6 Abs. 1 Point b GDPR shall serve as the legal basis for the processing of personal data that is required in order to fulfil a contract of which the data subject is a contractual party. 1 Point b GDPR shall serve as the legal basis This also applies to processing that is required in order to conduct pre-contractual measures. Where processing of personal data is required in order to fulfil a statutory obligation to which our company is subject, Art. 6 Para 1 Point c GDPR shall serve as the legal basis Where vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 Para. 1 Point d GDPR shall serve as the legal basis. Where processing is required in order to safeguard a legitimate interest of our company or a third party, and the interests, basic rights and basic freedoms of the data subject do not outweigh the aforementioned interest, Art. 6 Para. 1 Point f GDPR shall serve as the legal basis for the processing.
IV. Data erasure and storage duration
The personal data of the data subject will be erased or blocked as soon as the purpose of storage expires. Data may also be saved where this is prescribed by European or national legislation in the form of EU directives, laws or other provisions to which the responsible person is subject. Data may also be blocked or erased when a storage period prescribed by the aforementioned standards expires, unless further storage of the data is required for conclusion or fulfilment of a contract.
V. Use of cookies and third-party resources
Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user accesses a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when a website is called up again. You can change your cookie settings at any time.
Open configuration box.
You can also find the respective duration of the cookies in the cookie settings. Cookies are stored on the user’s computer and transmitted from this computer to our page. Therefore, the user has full control over the use of cookies. The user can deactivate or limit the transmission of cookies by changing the settings in their internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. Where cookies are deactivated for our website, it may no longer be possible to use all the functions of the website in full. It is also possible to deactivate cookies in your browser.
Third-party resources are content such as videos, audio or functions that are provided by third-party providers or whose platform is used for our content. Although these are integrated into our website, they must be accessed by these third-party providers via the user’s browser. For this to work, the third-party provider must receive the user’s IP address. In some cases, the third-party resources use cookies and tracking pixels to evaluate the use of the third-party resources.
a. Technically necessary cookies
We use cookies in order to make our website more user friendly. Some elements of our website require the browser accessing it to be identifiable even once the page is left. The following data is stored and transmitted in the cookies: Session ID and language settings.
The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 Point f GDPR. The purpose of using technically necessary cookies is to make the use of websites easier for the users. Some of the functions of our website cannot be offered without the use of cookies. For this, the browser needs to be recognised even once the page is left. We require cookies for the following applications: adoption of language settings, user recognition on our service portal and storage of the settings of visitors selected in the cookie box. The user data collected by technically necessary cookies is not used to create user profiles. Our legitimate interest in processing the personal data in accordance with Art. 6 Para. 1 Point f GDPR.
b. Cookies for statistical purposes (statistics)
The setting of cookies for “reach measurement” measures visitor behavior on our website and may contain information about behavior, interests or demographic information about visitors, such as age or gender, as pseudonymous values. These statistical analyses enable us to ensure target group-oriented and continuously optimized online presences. Subject to other information in the details on individual cookies for statistical purposes in the cookie box(open configuration box), usage processes and user information may be stored and read on the user’s device on our website for the purpose of measuring reach. The data processed in this process generally includes information about websites visited, user behavior on the websites, browser type, end device type, usage times, consent data, time data, metadata, IP address and, if applicable, location data with corresponding consent. We use an IP masking procedure (i.e. pseudonymization by shortening the IP address) and server site tracking to protect users and, like the providers of the analysis tools, use pseudonymized data. This data is used to measure reach, improve the user experience on our website, create user profiles and improve the functionality of the website.
The legal basis for the processing of personal data using statistics cookies is Art. 6 para. 1 sentence 1 lit. a GDPR (consent).
The following services are used for this purpose:
Adobe Analytics (Adobe Systems Software Ireland, 4-6, Riverwalk Drive, Citywest Business Campus, Brownsbarn, Dublin 24, D24 DCW0, Ireland) for website analytics. Generates statistical data on how visitors use the website. Data transfers to the USA are based on the Data Privacy Framework (DPF).
Website: https://business.adobe.com/de/products/analytics/adobe-analytics.html
Privacy Policy: https://www.adobe.com/de/privacy.html;
Google Analytics (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) for website analysis of user behavior by means of a pseudonymous user identification number, which enables the evaluation of pseudonymous user profiles. As part of Google Analytics, we use “server-side tracking” in consent mode. This is a method of collecting data about user interactions on our website. In contrast to client-side tracking, which takes place directly in the user’s browser, the data is stored and processed on the server. This enables a better analysis of user behavior and improved data protection. The user-related data is automatically deleted after 14 months. Google Analytics does not process any name, address or contact details or any clearly assignable IP addresses for EU users (only shortened IP addresses on EU servers exclusively for the derivation of an approximate location). Data transfers to the USA take place on the basis of the Data Privacy Framework (DPF).
Website: https: //marketingplatform.google.com/intl/de/about/analytics/ and https://business.safety.google/adsservices
Privacy Policy: https://policies.google.com/privacy
Data processing agreement: https://business.safety.google/adsprocessorterms/
Settings and opt-out options: https://tools.google.com/dlpage/gaoptout?hl=de
https://myadcenter.google.com/personalizationoff
Google Tag Manager (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) is a management interface for so-called tags. Tags are code segments that are provided by analysis, marketing and support providers. They are used to integrate products on the website. Although the tag manager itself collects the IP address and transmits it to Google, it does not create any analyses or set any cookies. Data transfers to the USA take place on the basis of the Data Privacy Framework (DPF).
Website: https://marketingplatform.google.com
Privacy Policy: https://policies.google.com/privacy;
Data processing agreement: https://business.safety.google/adsprocessorterms
c. Cookies for marketing purposes (marketing)
Marketing cookies are used by third-party providers or publishers to display personalized advertising. They do this by tracking visitors across websites. User profiles are created and stored, for example, in a cookie used by several websites. Although these profiles do not usually contain any data about the identity of the user (such as name or contact information), they do contain information about user behavior, usage times, the operating system used, truncated IP addresses, websites visited, social media services used and similar information. The data is used to optimize advertisements, carry out conversion measurements, retarget users with advertisements and evaluate user behavior in order to optimize marketing efforts.
The legal basis for the processing of personal data using statistics cookies is Art. 6 para. 1 sentence 1 lit. a GDPR (consent).
The following services are used for this purpose:
LinkedIn Insight Tag (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) is a small JavaScript code snippet. It enables detailed campaign reporting and provides information about the users of the website. The LinkedIn Insight Tag can be used to track conversions, retarget users and gain aggregated insights into LinkedIn member categories that respond to our ads. LinkedIn Insights Tags use cookies to track the visitor’s journey from the interaction on the website to the LinkedIn platform. Data transfers to the USA are based on the Data Privacy Framework (DPF).
Website: https://www.linkedin.com;
Privacy Policy: https://www.linkedin.com/legal/privacy-policy
Cookie Policy: https://www.linkedin.com/legal/cookie_policy
Data Processing Agreement: https://www.linkedin.com/legal/l/dpa
Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
d. Media provision and web analysis for media provision (external media)
Media is provided by means of content provided by third-party providers or whose platform is used for our content. The data processed in this context generally includes information about websites visited, user behavior on the websites, browser type, end device type, usage times, consent data, time data, metadata, IP address. In addition to the provision and unblocking of media, some of this data is also used to measure reach, for marketing purposes, to improve the user experience on our website, to create user profiles and to improve the functionality of the website.
Content from video platforms and social media platforms is blocked by default. If third-party cookies for external media are accepted, access to this content no longer requires manual consent. Details on individual cookies from external media can be found in the cookie box(open configuration box).
The legal basis for the processing of personal data, insofar as we request consent, is Art. 6 para. 1 sentence 1 lit. a GDPR (consent). Otherwise, the legal basis is legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR) in the form of our interest in a user-friendly and efficient integration of content.
The following services are used for this purpose:
YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) is a platform for video content. Data transfers to the USA take place on the basis of the Data Privacy Framework (DPF).
Website: https://www.youtube.com
Privacy Policy: https://policies.google.com/privacy
Opt-out: https://tools.google.com/dlpage/gaoptout?hl=de
Settings for the display of advertisements: https://myadcenter.google.com/personalizationoff
Vimeo (Vimeo Inc., 555 West 18th Street New York, New York 10011, USA) is a video player service. Data transfers to the USA take place on the basis of the Data Privacy Framework (DPF).
Website: https://vimeo.com
Privacy policy: https://vimeo.com/privacy
Data processing agreement: https://vimeo.com/enterpriseterms/dpa
e. Use of the Leadinfo technology
We use the lead generation service of Leadinfo B.V., Rotterdam, Netherlands. This recognizes visits from companies to our website based on IP addresses and shows us publicly available information, such as company names or addresses. In addition, Leadinfo sets two first-party cookies to evaluate user behavior on our website and processes domains from form entries (e.g. “leadinfo.com”) in order to correlate IP addresses with companies and improve the services. Further information can be found at www.leadinfo.com
On this page: www.leadinfo.com/en/opt-out you have an opt-out option. If you opt out, your data will no longer be collected by Leadinfo.
VI Forms and downloads
Using forms, we offer you the opportunity to request downloads or contact us for other purposes after providing your contact details. Data collection is used to generate leads and initiate business contacts. If we request consent, the legal basis for processing personal data is Art. 6 para. 1 sentence 1 lit. a GDPR (consent). Otherwise, the legal basis is legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR) in the form of our interest in direct advertising and convenient communication. Unless otherwise described below, the data will be stored either until you actively unsubscribe or until the purpose has been fulfilled and then permanently deleted.
We explicitly ask that applicants refrain from transmitting sensitive personal data under Art. 9 Para. 1 GDPR.
The following services are used:
ClickDimensions LLC: This cookie is used to identify unique visitors to the website and is updated each time a page is displayed. In addition, this cookie is marked with a unique identifier that the application uses to ensure the validity and accessibility of the cookie as an additional security measure. To the privacy policy
Gravity Forms: In conjunction with ClickDimensions, we also use the Gravity Forms form tool, including the additionally available data protection plug-in, which enables further and more detailed data protection settings as part of the form download via Gravity Forms, we collect the following data in our CRM system: name, email address, company.
Contact form: There is a contact form on our website which can be used to contact us electronically. We use the Gravity Forms plugin for this, too. If a user uses this opportunity, the data entered in the input fields is transmitted to us and saved. These data are:
name, e-mail address, content of the message. The following data is also stored when the message is sent: Date and time of registration.
Alternatively, you can contact us via the email address provided. In this case, the user’s personal data transmitted with the email is saved. No data is passed on to third parties in this context. The data is used exclusively in order to process the conversation. The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our IT systems. The data is erased as soon as it is no longer required in order to fulfil the purpose of its collection. For the personal data from the input fields of the contact form and the personal data sent via email, this is the case once the respective conversation with the user is completed. The conversation is completed when the circumstances indicate that the issue in question has been finally clarified. The personal data also collected during the sending process is erased after a period of seven days at the latest.
VII Application portal
You can apply for jobs online on our homepage. On the Careers page, we set out the information required for an application process at Ceyoniq Technology. Applicants will be asked for specific personal data (name, address, email address) and to attach their cover letter, CV and other application documents. This data is not anonymised and is available to our Application Management team and the HR department. The following data is also stored at the time the message is sent: IP address of the user, date and time of registration.
The processing of your data is necessary to carry out the application process.
The legal basis for data processing in the application process and as part of the personnel file are: § Section 26 para. 1 Clause 1 BDSG and Art. 6 Para. 1 Sub-para. 1 letter b GDPR.
Art. 6 para. 1 Sub-para. 1 Item a GDPR where the user has granted consent, such as by sending information not necessary for the application process or by marking relevant checkboxes. The legal basis for data processing after a rejection is: Art. 6 para. 1 Sub-para. 1 Item f GDPR. The legitimate interest in the processing based on Art. 6 Para. 1 Sub-para. 1 Item f GDPR is defence against legal claims. The legal basis for storage under budgetary and tax law is: Art. 6 para. 1 Sub-para. 1 Point c GDPR.
The data entered will be processed and used exclusively for the purpose of applicant selection and, if you have given your consent, for the preparation of an individualized interview environment.
We store your personal data for as long as is necessary for the decision on your application. Personal data and application documents are erased no later than six months following the end of the application process (e.g. following notification of the rejection decision), unless a longer retention period is legally required or permissible. In addition, we only store personal data where this is required by law or in the specific case in order to assert, exercise or defend against legal claims for the duration of a legal dispute.
VIII Event registration
On our website you can register for face-to-face and online events organized by Ceyoniq Technology GmbH. If a user uses this opportunity, the data entered in the input fields is transmitted to us and saved. These data are: Date and time of registration, name, professional contact details, company affiliation. The following data is also stored at the time the message is sent: Date and time of registration.
During the sending process, the user is asked to give their consent to this data processing and referred to this Privacy Policy. Furthermore, you have the option of giving your consent to further contact for the purpose of invitations to events or the sending of product information. If you participate in an event organized by Ceyoniq Technology GmbH, the following data will be passed on to other subsidiaries of the Kyocera Group: name, company affiliation, event participation. This transfer serves internal administrative purposes and may also take place to Japan (Japan is considered a safe third country according to the adequacy decision of the EU Commission of January 14, 2019. Information on recognized safe third countries can be found on the EU website: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en).
Where the user has granted consent, the legal basis for processing is Art. 6 Para. 1 Point a GDPR. The legal basis for passing on data within the Group is Art. 6 Para. 1 Point f GDPR. The processing of the personal data from the input fields serves our purposes for organising and conducting the relevant event. Where the user has continued to give permission, this information also allows us to contact them for promotional purposes regarding future events or our products. The other personal data processed during the sending process serves to prevent misuse of the registration form and to ensure the security of our IT systems.
The data is erased as soon as it is no longer required in order to fulfil the purpose of its collection. For the personal data from the input screen of the registration form, this is 2 years after the event has taken place. The personal data also collected during the sending process is erased after a period of seven days at the latest. Data that we process in order to contact the user for promotional purposes based on consent is erased as soon as the user withdraws consent.
Consent to the processing of personal data can be withdrawn at any time. Where consent to processing for the purpose of executing the event is withdrawn before the date of the respective event, however, participation in the event will not be possible. Regardless of this, consent to contact for promotional purposes can be withdrawn at any time. The withdrawal of consent can be directed at the email address or postal address above. We will notify the user as soon as the data is erased. In this case, all personal data that was saved in this contact request will be erased.
IX. LinkedIn lead generation
If you download files such as information material, flyers or white papers from Ceyoniq via the LinkedIn platform, your data will be transferred to our CRM system after you confirm by clicking on our contact form and after a double opt-in procedure by e-mail. Type of data: Date and time, name, professional contact details, company affiliation.
Where the user has granted consent, the legal basis for processing is Art. 6 Para. 1 Point a GDPR. Data storage is used to generate leads and initiate business.
If you do not confirm the confirmation e-mail in the double opt-in procedure, your data will be automatically deleted after one week. Otherwise, it will be erased following termination of the potential business relationship, taking statutory retention periods into account.
However, it is possible to withdraw consent to the processing of personal data. The withdrawal of consent can be directed at the email address or postal address above. We will notify the user as soon as the data is erased. In this case, all personal data that was saved in this contact request will be erased.
X. Data protection information for interested parties (access via QR code or link, newsletter registration, other advertising permission)
If we collect your data as part of a conversation with a prospective customer, a newsletter registration or other permission to contact you for advertising purposes, we will provide a QR code or link to this page. By doing so, we want to inform interested parties about the processing of their data.
Both we and any carefully selected and supervised service providers (printshops, lettershops etc.) we commission process the data that we receive as part of acquiring new business partners or initiating contractual relationships. This primarily concerns business contact data, but also other information exchanged in the process. In particular: Title, name, company affiliation, professional contact details, interests/inquiries.
The legal basis for the processing of the data is Art. 6 para. 1 Point f GDPR. In the case of processing on the basis of Art. 6 Para. 1 Point f GDPR, the legitimate interest lies in acquiring and initiating new business contacts, gaining consent to contact for promotional purposes, and direct advertising itself. The legal basis for the processing of the data is Art. 6 para. 1 Point a GDPR.
The processing of the data serves, if not already done, to obtain consent for advertising contact in accordance with Section 7 UWG and, subject to consent in accordance with Section 7 UWG, to send product information and advertising (direct advertising) regarding our products or, if consent has been given or the conditions for presumed consent are met, for advertising contact by telephone. Data processing is also used for inclusion in a customer and prospective customer directory of our marketing and sales department and for processing in analyses for advertising and marketing purposes.
If you have consented to the transfer of your data to our partners, the legal basis for the transfer of data to our partners is Art. 6 para. 1 Point a GDPR. In this case, our partner will also inform you of the data protection information applicable to them.
The data is erased as soon as it is no longer required in order to fulfil the purpose of its collection. The data is erased as soon as it is no longer required in order to fulfil the purpose of its collection.
Interested parties have the option of withdrawing their consent to the processing of the personal data at any time. The withdrawal of consent can be directed at the email address or postal address above. We will inform interested parties as soon as the data is erased. The rights to object to processing based on Art. 6 Para. 1 Point f GDPR or for the purposes of direct advertising are referred to separately below.
XI. Data protection information for customers
The processing of our customers’ data may be necessary for the conclusion of the contract, for the fulfillment of contractual services and for the implementation of pre-contractual measures.
We and carefully selected and monitored service providers (financial service providers, printers, lettershops, subcontractors, etc.) process the data that we receive as part of the initiation of contractual relationships or during contractual relationships. This primarily concerns business contact data, but also other information exchanged in the process. In particular: Salutation, name, company affiliation, professional contact details, orders/enquiries.
The legal basis for data processing is Art. 6 Para. 1 Point f GDPR, as contractual services must be provided or pre-contractual measures must be carried out. In addition to the contractually agreed purposes, the processing of customer data serves the processing of tender documents or requests for quotations, contract management, the fulfillment of contractual performance, payment processing, the delivery of contractually ordered products and services, reporting, forecasting, evaluation and resource planning, the sending of e-mail and postal mailings and, unless you have objected (opt-out), the sending of product information and advertising (advertising, surveys) regarding similar goods or services.
The processing of your data also serves to transfer your data to partner companies for the delivery of third-party components and third-party services, to service providers (financial service providers, printers, lettershops, etc.) and within the Japanese group of companies (Japan is considered a safe third country according to the adequacy decision of the EU Commission of January 14, 2019). Information on recognized safe third countries can be found on the EU website: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en).
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected.
We comply with the statutory retention and storage periods in accordance with the provisions of the German Commercial Code (HGB) (maximum 6 and 10 years).
XIII Rights of the data subject
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:
a. Right to information
You can request information about your personal data that we process in accordance with Art. 15 GDPR.
b. Right to object
You have the right to object on grounds relating to your particular situation. You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6 (1) GDPR. 1 Point e or f GDPR takes place, to file an objection.
The controller shall no longer process the user’s personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the user’s interests, rights and freedoms or the processing is for the establishment, exercise or defence of legal claims.
Where personal data is processed for direct marketing purposes, the user has the right to object at any time to the processing of their personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.
Where the user objects to processing for direct marketing purposes, the user’s personal data shall no longer be processed for such purposes.
c. Right to rectification
If the information concerning you is not (or no longer) accurate, you can request rectification in accordance with Art. 16 GDPR. If your data is incomplete, you can request that it be completed.
d. Right to erasure
You can request the erasure of your personal data in accordance with Art. 17 GDPR.
e. Right to restriction of processing
In accordance with Art. 18 GDPR, you have the right to request that the processing of your personal data be restricted.
f. Right to lodge a complaint
If you believe that the processing of your personal data violates data protection law, you have the right to lodge a complaint with a data protection supervisory authority of your choice in accordance with Art. 77 (1) GDPR. This also includes the data protection supervisory authority responsible for the controller State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia.
g. Right to data portability
If the requirements of Art. 20 (1) GDPR are met, you have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to third parties. The collection of data for the provision of the website and the storage of log files are absolutely necessary for the operation of the website. They are therefore not based on consent pursuant to Art. 6 (1) (a) GDPR or on a contract pursuant to Art. 6 (1) (b) GDPR, but are justified pursuant to Art. 6 (1) (f) GDPR. The requirements of Art. 20 para. 1 GDPR are therefore not met in this respect.
h. Right to revoke the declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the legality of the processing conducted based on consent before its withdrawal.
Get in touch.
"*" indicates required fields
Ceyoniq Technology GmbH is a group company of Kyocera Document Solutions.
Ceyoniq Technology GmbH
Boulevard 9 | 33613 Bielefeld
Together we develop strong ideas and implement tailor-made and individual solutions for companies and public administrations – contact us, we look forward to hearing from you!
The digitalization platform: control center of the digital transformation
A digitalization platform is the control center of a company’s digital transformation.
