General Privacy Policy (May 2026)
With the following information we would like to inform you about the processing of your personal data by us and your rights resulting from the data protection laws and especially from the general data protection regulation (regulation (EU) 2016/679 - "GDPR").
Konica Minolta Business Solutions (UK) Limited
Konica House, Miles Gray Road, Basildon, Essex., SS14 3AR
Tel: 0371 5747200
E-mail: U2FsdGVkX1/URhaEgvE/fQvxoqz7t1ShgEs7T3+4ONVUTT9I8fS9lTozQonvxGNIcdk2ldvmdFV4Jebg4efG1A==
If you have any questions concerning data protection, you are welcome to contact Konica Minolta Business Solutions (UK) ltd data protection officer:
Anna Busson Email: U2FsdGVkX1+WNaFXP/As5fgfyCKLwz9MYqjWSeGSdxsRvPfXnhtXQNUd4642HwyuuM+UrfTeP7Xuv9eqNgTRCg==
As a data subject, you have the following rights:
2.1 Right of access: You have the right to be informed at any time of the categories of personal data processed, the purposes of processing, any recipients or categories of recipients of your personal data and the planned storage period.
2.2 Right of rectification: You have the right to request the rectification or completion of personal data concerning you that is incorrect or incomplete.
2.3 Right to erasure („right to be forgotten“): You have the right to request the immediate erasure of your personal data. In particular, we are obliged as the controller to delete your data in the following cases:- Your personal data is no longer needed for the purposes for which it was collected.
- A processing of your personal data took place solely on the basis of your consent, which you have now withdrawn, and there is no other legal basis that legitimises a processing of your personal data.
- You have objected to a processing which is based on the legitimate interest or public interest and we cannot prove that there are legitimate grounds for processing.
- Your personal data has been processed unlawfully.
- The erasure of your personal data is necessary in order to comply with a legal obligation to which we are subject.
- Your personal data has been collected in connection with information society services offered in accordance with GDPR.
Please be aware that the right to erasure is subject to a limitation in the following cases, so that a deletion is excluded:
- Your personal data is used to exercise the right to freedom of expression and information.
- Your personal data serves to fulfil a legal obligation to which we are subject.
- Your personal data is used to carry out a task that is in the public interest or in the exercise of official authority that has been assigned to us.
- Your personal data serves the public interest in the field of public health.
- Your personal data are necessary for archiving purposes in the public interest, for scientific or historical research or for statistical purposes.
- Your personal data serve for us to establish, exercise or defend legal claims.
2.4 Right of restriction of processing: You also have the right to request that the processing of your personal data be restricted; in such a case, your personal data will be excluded from any processing. This right applies if:- You contest the accuracy of your personal data and we have to verify the accuracy of your personal data.
- The processing of your personal data is unlawful and instead of erasing your personal data, you request a restriction of processing.
- We no longer need your personal data for the fulfilment of the specific purposes, but you still need this personal data to establish, exercise or defend legal claims.
- You object to the processing of your personal data and it has not yet been determined whether your or our legitimate reasons override this.
2.5 Right of data portability: You have the right to receive the personal data concerning you that you have provided to us as a controller in a structured, common and machine-readable format and to transfer it to another controller. Furthermore, you also have the right to request that your personal data be transferred from us to another controller, insofar as this is technically feasible.
The requirements for the applicability of data portability are:- Your personal data is automatically processed based on your consent or a contract.
- Your personal data does not serve to fulfil a legal obligation to which we are subject.
- Your personal data will not be used to perform a task that is in the public interest.
- Your personal data does not serve the performance of a task which is performed in the exercise of an official authority delegated to us.
- The exercise of your right shall not interfere with the rights and freedoms of others.
2.6 Right to object: You have the right at any time to object to the processing of your personal data on grounds arising from your situation. This also applies to profiling. The requirement for this is that the processing is based on a legitimate interest on our part or the public interest.
Furthermore, you may also at any time object to the processing of your personal data for the purposes of direct marketing or profiling linked to such direct marketing.
Should you object to the processing of your personal data based on a legitimate interest, we will check in each individual case whether we can show grounds worthy of protection that overrides your interests and rights and freedoms. If there are no reasons worthy of protection on our part or your interests as well as rights and freedoms override our own, your personal data will no longer be processed. An exception is made if your personal data is still used for the establishment, exercise or defense of legal claims.
If you object to the processing of your personal data for the purposes of direct marketing or profiling, insofar as this is linked to such direct marketing, your personal data will no longer be processed for these purposes.
2.7 Right to lodge a complaint with the supervisory authority: You also have the right to lodge a complaint with a supervisory authority at any time, in particular with a supervisory authority in the Member State of your residence, place of work or place of suspected infringement, if you consider that the processing of personal data concerning you is in breach of the data protection regulations.
The address of the supervisory authority responsible for our company is:
Information Commissioner’s Office
Make a complaint | ICO
2.8 Right of withdrawal a consent: You have given us consent to process your personal data, you can withdraw this consent at any time without giving reasons and in an informal manner. Withdrawal of consent does not affect the lawfulness of the processing that has taken place on the basis of the consent up to the point of withdrawal.As a matter of principle, the processing of your personal data by us is always linked to a specified, explicit and legitimate purpose, which has already been defined before the processing activity is commenced, in accordance with the principle of purpose limitation under GDPR.
We process your personal data in accordance with the GDPR. Accordingly, the processing of your personal data is always founded on a legal basis.
4.1 Legal bases for the processing of personal data
Consent
If we obtain your consent for the processing of your personal data, the processing will be carried out on the legal basis of Art. 6 I 1 lit. a GDPR. The following example serves to clarify this legal basis: You receive advertising from us by electronic mail and/or telephone and have given your prior consent.
Contract or pre-contractual measure
If the processing of your personal data is necessary for the fulfilment of a contract with you or for the implementation of pre-contractual measures taken in response to your request.
Legal obligation
In cases where the processing of your personal data is necessary to comply with a legal obligation to which we are subject
Vital interest
Should the processing of your personal data be necessary to protect your vital interests or those of another person
Public interest
In cases where we process your personal data in order to perform a task which is in the public interest or in the exercise of official authority delegated to us
Legitimate interest
If the processing of personal data is necessary to safeguard a legitimate interest of our company or a third party and at the same time the interests, basic rights and fundamental freedoms of the data subject, which require the protection of personal data, do not override our legitimate interest.Unless otherwise stated, we delete personal data in accordance with Art. 17 GDPR or restrict its processing in accordance with Art. 18 GDPR. Apart from the retention periods stated in this privacy notice, we process and store your personal data only as long as the data are necessary for the fulfilment of our contractual and legal obligations.
Personal data that are no longer required after the purpose has been fulfilled will be regularly deleted, unless further processing is required for a limited period of time, which may result from other legally permissible purposes. In order to comply with both the documentation obligations and the legal obligations regarding the retention of documents in UK, the necessary contractual documents are kept for 10 years.We do not sell or rent user data in principle. A transfer to third parties beyond the scope described in this privacy notice will only take place if this is necessary for the processing of the respective requested service. For this purpose, we work together with service providers in the areas of marketing, sales, IT, logistics, among others.
We select these service providers extremely carefully. In other cases, we transfer data to requesting governmental authorities. However, this only takes place if there is a legal obligation to do so, for example if a court order exists.
Locations of the processing of your personal data
In principle, we process your data in UK and in other European countries (EU/EEA)7.1 General information regarding the topic „cookies“
We use cookies on our website. Cookies are small text files that are stored on your hard drive in accordance with the browser you are using and through which certain information flows to the website that sets the cookie. Many of the cookies we use are deleted after the browser session ends (so-called session cookies). Other cookies remain on your end device and enable us to recognize your browser on your next visit (persistent cookies).
Cookies are used on our website for various purposes. For a better overview, each cookie has been assigned to one of the following categories:
Technically necessary
Cookies that belong to this category are necessary to ensure the core functionality and/or security of this website.
Functionality
Cookies of this category are used to increase user comfort e.g. by storing preferences such as language settings, text size adjustments, user names or local settings.
Marketing
These cookies are used by advertisers to serve ads that are relevant to their prospects.
Performance and analysis
This type of cookie is used to help us analyze website usage in order to measure and improve performance.
In the settings of the browser you use, you have the option of rejecting the acceptance of cookies or, for example, to limit this rejection to cookies from other parties, so-called third-party cookies.
However, the browser settings you have made may mean that you may not be able to use all the functions of our website to their full extent.
Here you will find further information on the administration of cookies for corresponding browsers:8.1. Processing activity – Content Management System / Kentico
For our website we use the Content-Management-System (short: CMS)called Kentico. Kentico is operated by the company Kentico software s.r.o, Nové sady 996/25, 602 00 Brno, Czech Republic. The CMS is used to present and manage websites, online stores, intranets or other corporate websites. We use Kentico EMS and Kentico Cloud in combination as CMS, which is provided as Software as a Service for creation and maintenance of our websites. It enables us to create website content and distribute it to the websites of our subsidiaries and partner companies via defined workflows.
We have connected Kentico to our SDL translation management platform to initiate translations directly from Kentico and enable automatic distribution of these translations to our subsidiaries and partners' websites.
In the course of using the CMS, we collect activity data from all visitors of our website in an anonymous form. Once visitors to our website identify themselves, e.g. by filling out a contact form, this information is attached to their email address.
The website also enables customers to purchase in our web shop through a connection with our internal KM ERP systems. Following data is processed by this service:- First Name
- Last Name
- Email Address
- Company Name
- D&B Number
- Billing and Shipping Address
- Mobile Phone
- IP Address
- Purchase History
This data is necessary for the operation of our commerce platform and will be stored as long as a customer relationship exists and in accordance with the applicable legal retention periods.
As part of the technical implementation of the individual functions of the CMS, Kentico sets cookies. Further information on the subject of cookies can be found under "7. Cookies".
In principle, data is stored directly in Kentico, so that any data collected by Kentico is stored on the designated web servers of Microsoft Azure in the Netherlands. An exception is when a subsidiary or partner company uses the marketing automation software called Marketo. In this case, only the activity data is stored in Kentico and all other data is transferred directly to Marketo and held there. For more information about Marketo, please see "8.6.1 Marketo".
Due to the storage of your personal data on Microsoft Azure web servers, in exceptional circumstances, due to Microsoft's headquarters, your personal data may be transferred to the United States of America and thus be transferred to a so-called third country. In the USA no guarantees for an adequate data protection level are in place. As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. Data subjects might in the worst case not be able to exercise their rights.
The legal basis for the processing of your personal data in the scope of the visitor activities collected within the scope of the use of Kentico is our legitimate Our legitimate interest here is to ensure the operation and security of our website.
Further information on data protection at Kentico can be found under the following address: https://kenticocloud.com/privacy
8.2. Processing activity – Content Management System / Kentico
For the handling of payments, we work together with the payment service provider Novalnet Ltd, Easyhub Croydon 22 Addiscombe Road, Croydon England CR0 5PE. Novalnet Ltd. requires certain personal data for payment processing, such as name, address and account details. The privacy notice of Novalnet Ltd as the independent responsible party will be displayed to you during the ordering process and can be viewed by you at any time at https://www.novalnet.com/
8.3. Processing activity – Usercentrics
On our website we use the Usercentrics Consent Management Platform. This is a consent management tool based on JavaScript. With the help of this tool, we can give the visitor of our website both an overview of the essential software solutions used and the possibility to decide on the use of any other software solutions that require prior consent.
Furthermore, the platform offers the visitor the possibility to withdraw any given consent at any time without giving reasons and thus to prevent the future processing of personal data by the respective software solution.
Furthermore, with the help of the platform, we can meet the requirement resulting from the GDPR for consent management, which provides, among other things, the possibility to prove that consents have been given or not.
In the context of the use of the Usercentrics Consent Management Platform, the following data may be processed, among other things:- Consent data
- Consent -ID
- Consent status (Opt-in, Opt-out)
- Consent timestamp
- Language of the consent banner
- Version of the banner template
- Device data (http Agent, http Referrer)
The use of the Usercentrics Consent Management Platform and the associated processing of personal data serves to fulfill legal obligations.
Deletion of your personal data in connection with the use of the Usercentrics Consent Management Platform will take place as soon as it is no longer required to fulfill the purpose. In case of withdrawal of consent, we retain the information regarding the withdrawal for three years. The retention results on the one hand from the accountability according to the GDPR
8.4. Processing activity – Webanalytics
8.4.1. Google Analytics
On our website we use the service Google Analytics. This is a web analytics service provided by the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: Google). We use Google Analytics to analyze the use of our website and to improve it regularly. We can use the statistics obtained to improve our offer and make it more interesting for you as a user.
Within the scope of the use of Google Analytics, cookies are set on your end device which enable an analysis of your visit / use of our website. You can find further information on the topic of cookies under "7. cookies".
You can prevent the storage of cookies by making the appropriate setting in your browser; however, we would like to inform you that you may then not be able to use all functions of this website to their full extent. In addition, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the further processing of this data by Google by downloading and installing the browser plugin available under the following link (Google Analytics Opt-out Browser)
When the information stored in the cookies about your visit and use of our website is transferred to Google's servers, it may be transferred to a third country (e.g. to the USA) due to its localization. However, due to the activated anonymization function, your IP address will be shortened within the European Union or the European Economic Area even before it is transferred to Google.
Furthermore, the IP address transmitted by your browser will not be merged with other Google data. In addition, we also use the cookieless solution of Google Analytics 4.On behalf of the provider of this website, Google will use the information received to evaluate your use of the website, to compile reports regarding the website activities and to provide further services to the website provider in connection with the use of the website and the internet.
The legal basis for the processing of your personal data in the context of the use of Google Analytics is your consent. Due to Google's localization, the transfer of your personal data to Google may involve a third country transfer, i.e. a transfer of personal data to a destination that is neither in the European Union nor in the European Economic Area, in this case especially to the USA.
The processing of your personal data outside the EU/EEA will be based on your consent. In the USA no guarantees for an adequate data protection level are in place. As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. Rights of data subjects might, in the worst case, not be able to be exercised. Information on your right of withdrawal can be found under point 2.8 "Right of withdrawal (Art. 7 GDPR)" in this privacy notice.
You can find more information on the terms of use and data protection of Google under https://www.google.com/analytics/terms/de.html or https://www.google.com/intl/de/analytics/privacyoverview.html.
8.4.2. Dynatrace
We use the service of Dynatrace (1601 Trapelo Road, Suite 116, Waltham, MA 02451, USA) to measure the performance and load times of the website. With the use of cookies, the visitor's IP address is processed for this reason. The software is hosted in-house Konica Minolta's own servers in Germany, ensuring no data transfer to the provider.
We will keep these data for 35 days. The legal basis for the processing of your personal data in the context of the use of Dynatrace is your consent in accordance with Art. 6 I 1 lit. a GDPR. Information on your right of withdrawal can be found under point 2.8 "Right of withdrawal$in this privacy notice.
8.4.3. Microsoft Clarity
This website uses features of the web analytics service Microsoft Clarity. The provider is Microsoft Ireland Operations Ltd., One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland (hereinafter: Microsoft).
Microsoft Clarity provides website usage statistics, session recordings, and heatmaps, created mainly through the tracking of mouse movements.
Microsoft Clarity will use the processed information for evaluating the use of our website, compiling reports on website activity, and providing other services related to the use of the website. Hence, we use Microsoft Clarity to analyze and regularly improve the user behavior on our website and with the help of the statistics we can make our offer more interesting and user-friendly for you as a user.
The collection of your user data is done via cookies to which you consent and which are set on your end device and enable an analysis of the visit of our website. For more information on cookies, please see "7. Cookies" in this privacy policy.
We will process the following data with Microsoft Clarity:
- Unique user ID
- Date and time of visit
- IP Address
- Location data
- Session ID
- User behavior
o Interaction data
o Mouse movements
o Clicks
o Scrolling activity
The deletion of the data processed on a user level in Microsoft Clarity takes place automatically after 13 months.
Text fields, such as contact forms, surveys or search fields are masked out in the screen recordings so that the entries you make are not recorded. Personal data entered in our online forms is therefore not processed by Microsoft Clarity. Personal data incorporated in contact forms, surveys or search fields of the website is processed by Konica Minolta. The legal basis for the processing of your personal data is your consent pursuant to Art. 6 lit a GDPR.
In exceptional circumstances, due to Microsoft's headquarters, your personal data may be transferred to the USA and thus be transferred to a so-called third country. A transfer to a third country is a transfer of personal data to a destination in a country that is neither in the European Union nor in the European Economic Area. Microsoft Corporation is certified under the Data Privacy Framework so that the GDPR standard of data protection applies to these transfers.
The legal basis for the processing of your personal data in the context of the use of Microsoft Clarity is your Cookie consent pursuant to Art. 6 I lit. a GDPR. Information on your right of withdrawal of this consent can be found under point "2.8 Right of withdrawal " in this privacy policy.
8.5 Processing activity – Targeting and Advertisement
8.5.1. Marketo
Within the scope of registration for the newsletter as well as for sending information to you, we use the marketing automation software Marketo from Marketo Inc, 901 Mariners Island Blvd. suite 500, San Mateo, CA 94404, USA. With the help of Marketo, we collect statistical data on the usage of our website and communication activities in order to optimize our services/products accordingly and to conduct e-mail marketing and sales activities.
The processing is partly automated, with the aim of evaluating certain personal aspects (profiling). Marketo records your IP address and uses cookies to track and analyze the use of the website in order to provide information specifically tailored to the interests of the user. For more information on the subject of cookies, please refer to "7. cookies".
The information generated by the cookies is transferred to a Marketo server (located within the EU/EEA) and stored there. On our behalf, Marketo uses this information to evaluate the use of the website by registered persons and to compile reports on website activities.
You can prevent the storage of cookies by adjusting your browser settings accordingly. However, your browser settings may result in not being able to use all the functions of our website. In exceptional and unforeseen cases where personal data is transferred to the USA, we have concluded a contract with Marketo.When you submit a Marketo form on our website, we collect the information you provide, including:
Mandatory fields:
- First Name
- Last Name
- Company Name
- Email Address
- Message
Optional fields:
- Job Title
- Phone
Additional fields for support forms:
- Equipment Number
- Topic
This information is used to respond to your enquiry, provide support, or manage your request.
Further information on data protection at Marketo can be found at: https://documents.marketo.com/legal/privacy/
The legal basis for the processing of your personal data within the framework of Marketo is your consent. Information on your right of withdrawal can be found under point 2.8 "Right of withdrawal" in this privacy notice.8.5.2 use of reCaptcha
We use Google reCAPTCHA (Invisible) on webpages that contain an embedded Marketo web form. This security measure helps us validate form submissions and protect our website against automated or fraudulent activity. reCAPTCHA operates independently as a security tool and is not connected to any marketing technologies. It does not share behavioral data, scoring information, or identifiers with marketing platforms.
When reCAPTCHA is triggered, certain technical and interaction‑based information may be processed to determine whether a form submission is made by a human user. This may include your IP address, device and browser details, and interaction patterns necessary for security validation. This information is processed solely for the purpose of protecting our online forms and ensuring the integrity of our services.
Google provides reCAPTCHA as our data processor and processes this information strictly on our behalf and according to our instructions. We rely on our legitimate interest in maintaining the security of our website as the legal basis for this processing.
8.5.2. Newsletter
Konica Minolta offers a newsletter to customers and interested parties on a consent-based approach. The only mandatory data for receiving the newsletter is your e-mail address. The provision of further, separately marked data is voluntary and will be used to address you personally.
Registration for the newsletter takes place by means of the so-called double opt-in procedure. This means that after your registration, we will send you an e-mail to the e-mail address you provided, in which we ask you to confirm that you wish to receive the information. If you do not confirm your registration by clicking on the link provided in the e-mail, the link sent to you will be deactivated and your data will be deleted. If you agree to receive information, you will have access to the following information:- News and information about Konica Minolta's product portfolio
- Exclusive invitations to events, trade fairs and webinars
- Sending of testimonials and success stories
- Market trends in the form of studies, market research and white papers
- Possibility of taking part in customer satisfaction surveys
As part of the double opt-in process carried out during registration, we store the IP addresses you use for a period of 30 days as well as the times of registration and confirmation. Based on your consent, we will evaluate your user behavior on our websites as well as within the newsletters which we send out and assign them to your e-mail address / user profile within our database.
In addition, we store information about the browser you use and the settings made in your operating system as well as information about your Internet connection with which you have accessed our website.
Via the newsletter sent to you, we receive, among other things, receipt and read confirmations as well as information about the links you have clicked on in our newsletter. We also store which areas you have visited on our website and in our apps. By creating a personal user profile, we want to tailor our advertising approach to your interests and optimize our offers on our website for you.
Our newsletter contains information and news from Konica Minolta Business Solutions Europe GmbH and Konica Minolta Business Solutions UK Ltd.
The legal basis for the processing of your personal data for the above-mentioned purposes is your consent. Your consent can be withdrawn at any time without giving reasons. You can revoke your consent here or you can send an email to the contact details given in the imprint. The withdrawal of your consent does not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal. For more information about your right of withdrawal, please see point 2.8 "Right of withdrawal" in this privacy notice.
Konica Minolta can also use the e-mail address(es) collected in the course of the conclusion of the contract to inform the owner(s) of the respective e-mail address(es) by e-mail about similar goods/services of Konica Minolta. You can object to this use at any time without incurring any costs other than the transmission costs according to the base rates. The objection is to be addressed to: dataprotection@konicaminolta.co.uk
8.5.3. LinkedIn Insight Tag
On our website we have included the conversion tool "LinkedIn Insight Tag" from the LinkedIn Ireland Unlimited Company (hereinafter: LinkedIn).
The LinkedIn Insight Tag is a small JavaScript code snippet that we have implemented on our website. With the help of the LinkedIn Insight tag, data about the visit of our website is collected and transmitted to LinkedIn. This data includes the referrer URL, IP address, device information, browser information, and a timestamp for the visit of our website. LinkedIn does not provide us with access to the personal data collected in detail. LinkedIn uses this information to provide us with reports on website audiences and ad performance, based on aggregate data, so that we can optimize our website based on the information we receive.
In addition, LinkedIn provides us with the ability to track conversions and retarget our website visitors through the LinkedIn Insight tag. This allows us to display targeted advertising outside of our website without identifying the website visitor.
Because of LinkedIn's localization, the transfer of your personal data to LinkedIn may involve a transfer of personal data to a third country, in this case especially to the USA, which is neither in the European Union nor the European Economic Area.
The legal basis for the processing of your personal data in the context of the use of LinkedIn is your consent pursuant to Art. 6 I 1 lit. a GDPR. The processing of your personal data outside the EU/EEA will be based on your consent according to Art. 49 I lit. a GDPR. In the USA no guarantees for an adequate data protection level are in place.
As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. Rights of data subjects might, in the worst case, not be able to be exercised. Information on your right of withdrawal can be found under point 2.8 "Right of withdrawal (Art. 7 GDPR)" in this privacy notice.
The data processed in the LinkedIn Insight tag is encrypted and anonymized within seven days. After 90 days at the latest, the anonymized data is automatically deleted if it is no longer required for the fulfillment of the defined purpose.
For more information about LinkedIn's privacy notice, please visit the following address: https://www.linkedin.com/legal/privacy-notice
8.5.4 Facebook pixel
We use the offer of the social network Facebook Inc., 1601 South California Avenue, Palo Alto, CA 94304, USA ( hereinafter: Facebook) and use a so-called Facebook pixel on our website. This is a marketing service from Facebook. In the course of this service, a cookie is deposited on your end device.
This cookie makes it possible for us to show certain visitors of our website, who also use Facebook, individually tailored and interest-based advertising on Facebook. The Facebook pixel allows us to track the behavior of users after they have clicked on a Facebook advertisement. With the help of the Facebook pixel, we can track how our marketing measures are accepted on Facebook and if necessary take optimization measures.
The information collected through the pixel may also be aggregated by the Facebook Ireland Limited and the aggregated information may be used by the Facebook Ireland Limited for its own advertising purposes as well as for third party advertising purposes.
For example, the Facebook Ireland Limited may infer certain interests from your browsing behavior on this site and may also use this information to promote third party offers. The Facebook Ireland Limited may also combine the information collected via the pixel with other information that the Facebook Ireland Limited has collected about you via other websites and/or in connection with the use of the social network "Facebook", so that a profile about you can be created and stored at the Facebook Ireland Limited. This profile may be used for advertising purposes.
For more information about the privacy notice of the Facebook Ireland Limited, please visit https://www.facebook.com/notice.php.
Due to the localization of Facebook, the transfer of your personal data to Facebook may result in a transfer to a third country such as the USA.
The legal basis for the use of the Facebook Pixel is your consent in accordance with Art. 6 I 1 lit. a GDPR. Due to Facebook´s localization, the transfer of your personal data to Facebook may involve a third country transfer, i.e. a transfer of personal data to a destination that is neither in the European Union nor in the European Economic Area, in this case especially to the USA.
The processing of your personal data outside the EU/EEA will be based on your consent according to Art. 49 I lit. a GDPR. In the USA no guarantees for an adequate data protection level are in place. As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. Rights of data subjects might, in the worst case, not be able to be exercised. Information on your right of withdrawal can be found under point 2.8 "Right of withdrawal (Art. 7 GDPR)" in this privacy notice.
8.5.5. Twitter Tag
We have implemented a Twitter Tag on our website to enable target group-based online advertising and conversion tracking. This service is offered by Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. With the Twitter remarketing function, we can address you with advertising based on your interests on the Twitter platform.
For this purpose, Twitter uses so-called "tags". This tag is used to record visits to our website as well as data on usage (e.g. all interactions regarding the displayed advertising such as clicking on links, retweets or likes). If you subsequently visit Twitter, you will be shown advertisements based on your interests. Twitter thereby receives the information from your browser that our website was called up from your end device. If you are registered with a Twitter service, Twitter can assign the visit to your account. Even if you are not registered with Twitter or have not logged in, it is possible that the provider will learn and store your IP address and other identifying features.
The Twitter tag enables us to record the effectiveness of the Twitter ads for statistical and market research purposes. The data collected in this way is anonymous for us, which means that we do not see the personal data of individual users. However, this data is stored and processed by Twitter, because information generated by the tags about your use of our services is transmitted to a Twitter server in the USA and stored there.
The legal basis for the processing of your personal data in the context of the Twitter Tag is your consent according to Art. 6 I 1 lit. a GDPR. Due to Twitter’s localization, the transfer of your personal data to Twitter may involve a third country transfer, i.e. a transfer of personal data to a destination that is neither in the European Union nor in the European Economic Area, in this case especially to the USA.
The processing of your personal data outside the EU/EEA will be based on your consent according to Art. 49 I lit. a GDPR. In the USA no guarantees for an adequate data protection level are in place. As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. Rights of data subjects might, in the worst case, not be able to be exercised. Information on your right of withdrawal can be found under point 2.8 "Right of withdrawal in this privacy notice.
You can find more information on how to prevent this function on Twitter itself at Your privacy options for personalized ads | Twitter Help. For more information on data processing by Twitter, please visit Privacy Notice (twitter.com).
8.5.6. Channel Mix
Channel Mix (1100 Main Street, Suite 1700, Kansas City, MO 64105, USA) is used to measure marketing campaign performance using data form Google Analytics. No personal data is processed for this purpose. In this context, we only use statistical data collected via Google Analytics, for example, to optimize our marketing activities and our customer platform.
8.5.7. Google Adwords
On our website we use the service Google Adwords from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: Google). This service enables us to draw attention to our appealing offers on external websites by means of advertising material (so-called Google Ads). These advertising materials are delivered by Google via so-called "Ad Servers". Ad server cookies are used for this purpose. For further information on the topic of cookies, please go to "7. cookies". Ad server cookies enable the evaluation of performance parameters (e.g. ad impressions, clicks or conversions).
In this way we can determine how successful the individual advertising measures are. If you come to our website via an ad from Google, Google Adwords stores a cookie on your end device. This cookie stores analysis values (unique cookie ID, number of ad impressions per placement (frequency), last impression, opt-out information (marking that the user no longer wants to be addressed)).
The cookies set by Google Adwords lose their validity after 30 days. These cookies are not intended to identify you personally. Rather, they enable Google Adwords to recognize your internet browser. If you visit certain pages on the website of an Adwords client, Google and the client will recognize that you have been redirected to the client's page via a clicked advertisement. Google provides us as an Adwords customer with a statistical analysis. This analysis enables us to measure the effectiveness of our advertising measures. We do not receive any further data beyond this.
The legal basis for the processing of your personal data in the context of the use of Google Adwords is your consent according to Art. 6 I 1 lit. a GDPR. Due to Google's localization, the transfer of your personal data to Google may involve a third country transfer, i.e. a transfer of personal data to a destination that is neither in the European Union nor in the European Economic Area, in this case especially to the USA.
The processing of your personal data outside the EU/EEA will be based on your consent according to Art. 49 I lit. a GDPR. In the USA no guarantees for an adequate data protection level are in place. As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. Rights of data subjects might, in the worst case, not be able to be exercised.
Information on your right of withdrawal can be found under point 2.8 "Right of withdrawal (Art. 7 GDPR)" in this privacy notice.
Further information on data protection at Google can be found here:
8.6 Processing activity – Google Fonts
On our website, we use fonts from Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. We have integrated the Google fonts locally on our web server - not on Google's servers. This means there is no connection to Google servers and thus no data transfer or storage.
With Google Fonts, you could use fonts without uploading them to your own server. But in order to prevent any information transfer to Google servers in this regard, and any related transfer of your personal data to the USA, we have downloaded the fonts to our server. This way, no data is sent to Google.
8.7. Processing activity – Order Processing
We use a message broker software hosted on AWS Frankfurt servers to connect our CMS with our internal servers needed for order processing. The following data is routed through this service:- Name
- Company Name
- Contact data (Email address, telephone)
- Billing and Shipping Address
- Order notes (free text)
- IP Address
Due to the processing of your personal data on Amazon AWS web servers, in exceptional circumstances, due to Amazon's headquarters, your personal data may be transferred to the United States of America and thus be transferred to a so-called third country. In the USA no guarantees for an adequate data protection level are in place.
As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. Data subjects might in the worst case not be able to exercise their rights.
The legal basis for the processing of your personal data in the scope of the order processing is our legitimate interest. Our legitimate interest here is to fulfil the order request and execute the contract requested by you.
You can obtain further information on data protection at Amazon Web Services at the following address: https://aws.amazon.com/de/privacy
8.8. Processing Activity – Assignment for Lease Funding Arrangement
In the course of fulfilling your order, we may assign the purchased Products to a third-party entity (“Assignee”) for the purpose of arranging lease funding related to the rental of the Products. To enable this process, we may share limited contact information of our customers (including representatives of legal entities) with the Assignee.
The following personal data may be shared:- Name of company representative
- Contact data (email address, telephone number, address)
The Assignee acts as an independent data controller, processing personal data for its own purposes in connection with the lease funding arrangement. We do not instruct the Assignee on how to process this data, and it is responsible for ensuring compliance with applicable data protection laws.
If you need more information you can contact our DPO at U2FsdGVkX1/dx18Gub4K2N+R1Uld5DT17aDJS1qSmFNWwLV1+8baBf9lPLe7AtUgad17TLeXohDJz2oyTH35xg==
8.9 Processing Activity – Assignment to Logistics Partners
In the course of fulfilling your order, we may use logistic partners for the purpose of arranging transportation, delivery, and related logistics services. To enable this process, we may share limited contact information of our customers with the Partners
The following personal data may be shared:- Name of company representative
- Contact data (email address, telephone number, address)
The Logistic partners act as an independent data controllers, processing personal data for its own purposes in connection with the logistics arrangement. We do not instruct them on how to process this data, and they are responsible for ensuring compliance with applicable data protection laws.
If you need more information, you can contact our DPO at U2FsdGVkX18V31S1OcJNQI6AHLj68g13bo54VgUKH5VvwqZ7FiBeZCijCDv8huWZpkPl/DLxvvaqyR2nxcO76w==.
8.10. Processing activity – LiveChatWe use the Cognigy Live Chat solution (Cognigy Ltd., 85 Great Portland Street, First Floor, London, W1W 7LT, UK) to enable real‑time communication with our website visitors. Cognigy Live Chat is available across our website pages and may include escalation to a live agent when requested by the user.
When you use the live chat, certain technical information is processed to enable the service and ensure its security. This includes your IP address, browser type and version, operating system, the URL of the previously visited page, and a session‑specific ID. A transcript of the conversation is also stored and may include personal data that you choose to provide, such as your name, email address, telephone number, company details, or other information relevant to your enquiry.
If you request escalation to a live agent, Cognigy displays a native Cognigy form. This form is rendered and processed entirely within Cognigy. The information you provide in this form is transferred to our Marketo system via a secure API connection for the purpose of responding to your enquiry or creating or updating a lead record. Marketo does not host or control the form.
For support‑related enquiries, additional information may be collected, such as Equipment Number and Topic, to allow us to process your request.
Your data is transmitted in encrypted form and stored on Cognigy’s servers for 90 days before being deleted. Depending on the nature of your request, the information you provide may be transferred to our internal systems (e.g., CRM or ERP) to allow us to follow up with you or provide the requested service.
We process this data on the basis of our legitimate interest in providing secure and effective communication channels and, where applicable, for the performance of a contract or steps taken at your request.
.
8.10 Processing activity - Identity and Access Management / Auth 0
For our LoginPage we use the Identiy and Access Management Solution (short: IAM) called auth0. auth0 is operated by the company okta, Okta Headquarters North America, 100 First Street, San Francisco, CA 94105, USA. The IAM solution is used to provide Authentication, User Administration and LogIn services for UserGroups and between Systems to be defined by the customer. We use auth0 as IAM as SaaS Cloud Service which is hosted on Amazon Web Service (short: AWS) located in Europe. It enables us to provide Single-Sign-On (Short:SSO) service and User Administration for our customer portals via defined workflows and rules.
Once visitors of our portals try to enter the portal, they will be re-directed to the auth0 authentification page. After the visitors successfully identify themselves via Log-In, the users will be re-directed again to the designated target portal.
Following data is processed to provide these services:- Email Address
- Password
- Preferred language culture
- IP Address
- Date and Time
Upon initial registration following additional information will be collected:
- Title
- First Name
- Middle Name
- Last name
- Phone number
Once the user is logged on he is able to perform the following actions within the User Account Administration, based on individual role:
Standard User- Change password
- Change email address
- Change personal information
Admin User
- Manage access to other portals for his colleagues
- Manage roles in other portals for his colleagues
- Invite new colleagues
- Edit personal information of the colleagues (first name, last name, phone)
- Initiate password reset for other colleagues
This data is necessary for the operation of our authentication services and will be stored as long as a customer relationship exists and in accordance with the applicable legal retention periods.
The legal basis for the processing of your personal data in the scope of the visitor activities collected within the scope of the use of auth0 is our legitimate interest. Our legitimate interest here is to ensure the operation and security of our portals.
Further information on data protection at okta can be found under the following address: https://www.okta.com/privacy-policy/8.11 Processing activity – Eye-Able
To enable all people barrier-free access to the information on our websites, we use the software Eye-Able Assist (“Eye-Able”) provided by Web Inclusion GmbH (Florian-Geyer-Straße 1, 97076 Würzburg, Germany). When the features are activated by the website visitor, Eye-Able uses the browser’s local storage functions – namely LocalStorage and SessionStorage – to enable certain technical features and improve the user experience. These data are used solely locally for operational purposes and to enhance user-friendliness and are not transferred further. The data are stored in the LocalStorage and SessionStorage until the browser cache is deleted.
The necessary files such as JavaScript, stylesheets, and images are loaded from an external server operated by the provider to display our website. When using Eye-Able, data from the HTTPS request is required for technical reasons, such as the IP address, browser information and similar information. However, the IP address is anonymised immediately (all digits are removed) and is never completely saved in the server logs. Eye-Able uses the Content Delivery Network (CDN) of BunnyWay d.o.o. (Cesta komandanta Staneta 4A, 1215 Medvode, Slovenia) to ward off attacks and provide their services in near real-time. Server logs are deleted entirely after three days.
The legal basis for the processing of your personal data in the context of the use of Eye-Able is based on the legitimate interest. Our legitimate interest is to provide our websites barrier freely to all website visitors. With Eye-Able personal user behaviour or other such personal data is never collected or analysed. We have concluded a data processing agreement with Web Inclusion GmbH.
Further information on data protection can be found in the Eye-Able privacy policy: https://eye-able.com/privacy-policy-eye-able