General instructions for handling your data
The following notes give you information about the nature, extend and purpose of the collection, use and processing of personal data on our website https://www.officeinspiration.com/.
1. Responsible authority, contact
1.1 Responsible authority in the sense of the Data Protection Act
Responsible body within the meaning of Article 4 sect. 7 of the EU General Data Protection Regulation (GDPR) is:
Office Inspiration GmbH
representend by General Manager Wolf Wienecke
Timms Hege 19
Contact: Wolf Wienecke
a) If you have any questions about privacy, rights or claims to your personal information, you can contact us using the contact details above (under 1.1.) or via our contact form.
b) In our contact form, you must provide mandatory information to answer your request, which is marked with an asterisk (your e-mail address and your name). We need the information to process your request and to contact you. The remaining fields can be filled in voluntarily.
c) When contacting us (for example by telephone, e-mail or contact form), as well as in the event that follow-up questions arise, your data for processing the inquiry is beeing stored (according to. Art. 6 sect. 1 lit. b) GDPR. We will delete the related data after the storage is no longer required or restrict processing it if there are statutory retention requirements (see section 16).
1.3. Submitting projects
a) You can submit Office projects to us via e-mail (firstname.lastname@example.org). When processing your request, the data transmitted by you will be saved (see 1.2 b)) and, in addition, the data specified in the request will be processed. These are, in particular, the name of the customer, its location or place of business, project data such as the budget used, space, number of workplaces and the names of participating companies as well as their website and social media accounts.
b) We process your data in the event that follow-up questions arise and to present the transmitted materials on our website and thus to fulfill our contractual obligation (Article 6 sect. 1 lit. b) GDPR).
2. Data processed by us
2.1. Legal Basis
a) Personal data may be processed each time you visit our website. The processing of your personal data will only take place if permitted by law (legal basis). This is according to Art. 6 sect. 1 GDPR the case, if
- you have given us your consent, or
- the processing is required to fulfill our contractual obligations with you, or
- in the case of a request by you, if pre-contractual measures are required, or
- the processing is necessary to protect your vital interests, or those of another natural person, or
- the processing is necessary for the protection of our legitimate interests or that of a third party, unless your interests or fundamental rights and fundamental freedoms, which require the protection of personal data, are outweighed (balance of interests).
b) Personal data collected by you will be deleted as soon as the purpose of the elicitation ceases (see section 16).
2.2 What is personal data
a) The definition of "personal data" is grounded on Article 4 of the General Data Protection Regulation (GDPR). According to this, personal data is information that can be allocated with relative means to your person. Information that can not or only with a disproportionate amount of time, cost and labor be assigned to a particular or identifiable person is not personal data. A natural person is considered to be identifiable, if he or she can be identified directly or indirectly, in particular by association with an identifier such as a name, with location data or with one or more special features expressing the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.
b) When visiting our website for technical reasons, other data will be processed. These are mainly technical information such as your IP-address that your Internet Access provider assigns to your computer when you connect to the Internet, or information about the Internet page from which you accessed our offer, or the type and version of your browser. It also includes login details, your operating system, download errors, length of visits to particular pages, and any phone numbers from which you call our customer service number. This technical information may be personally identifiable information in individual cases. Usually, however, we use technical information only for technical reasons and if fit is required for the operation and protection of our website from attacks and misuse according to Art. 6 sect. 1 lit. f. GDPR.
2.3. What means "processing?
The meaning of "processing" is also grounded on Article 4 GDPR. “Processing” includes all processes that belong to the handling of data. Even the raising or the grasping, but also the organization or the arrangement or the storage, the adjustment or the change, are included in the term "processing". Also other manners, such as the actual use, or the transmission or the passing on are enfolded. Ultimately, however, this includes the restriction, the deletion or the destruction of data.
3. Data Security
The security of your personal data is one of our top priorities. We therefore protect your stored data with technical and organizational measures. This ensures that the regulations of data protection laws are adhered to and that any loss or misuse by third parties is effectively prevented. In particular, our employees who process personal data are required to maintain data secrecy and must comply with it.
4. SSL encryption
Our website uses secure SSL encryption during the transmission of personal data or personal content of our users. Please make sure that the SSL-encryption is activated. The use of encryption is easy to recognize: The display in your browser line changes from "http: //" to "https: //". SSL encrypted data is not readable by third parties. Therefore, transmit your confidential information only with activated SSL encryption and contact us in case of doubt.
5. Collection of personal data when visiting our website
a) In the case of merely informative use of the website (if you do not register or otherwise provide us with information) we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to show you our website and to ensure stability and security (legal basis is Art. 6 sect. 1 sentence 1 lit. f. DSGVO):
- the IP address of the requesting device (ie your computer or smartphone),
- date and time of access,
- Time zone difference to Greenwich Mean Time (GMT),
- content of the request (concrete page),
- Access status / http status code,
- the transferred amount of data,
- the website from which the access takes place (referrer URL),
- Operating system and its interface,
- as well as the browser used and, if applicable, the operating system of your computer as well
as the name of your access provider.
b) In addition to the aforementioned data, cookies are stored on your computer when you use our website. For more information about cookies see section 9.
c) The data mentioned above is processed by us on the basis of our legitimate interests within the range of Art. 6 sect. 1 lit. f. GDPR. In no case we use the collected data for the purpose of drawing conclusions about you. Among the purposes we pursue are:
- ensuring a smooth connection of the website,
- ensuring comfortable use of our website,
- investigating abuse or fraud,
- evaluating our system security and stability as well as
- other administrative purposes.
6. Other features and offers of our website
In addition to the mainly informative use of our website, we offer various services that you can use if you are interested. To do this, you will generally need to provide other personal information that we use to provide the service and for which the aforementioned data processing principles apply.
a) We send newsletters, e-mails and other electronic notifications with promotional information (hereinafter referred to as "newsletter") only with your consent or a legal permission. Decisive for the consent of the users is the content of the information within the scope of the subscription to the newsletter. Our newsletters contain information about our products, offers, promotions and our company.
b) To register for our newsletter, we use a double opt-in procedure. This means that after you have registered, we will send you an e-mail to your e-mail address in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within [24 hours], your information will be blocked and automatically deleted after one month. In addition, we store your IP addresses and times of registration and confirmation. The purpose of this procedure is to prove your registration and, if necessary, to inform you about possible misuse of your personal data. Our interest is to provide a user-friendly and secure newsletter, which serves both our business interests and the expectations of the users. The legal basis is Art. 6 sect. 1 lit. f GDPR.
c) The only requirement for sending the newsletter is your e-mail address. The specification of additional, separately marked data is voluntary and will be used to address you personally. After your confirmation, we will save your e-mail address for the purpose of sending you the newsletter. The legal basis is Art. 6 sect. 1 sentence 1 lit. a GDPR.
d) We point out that we evaluate your user behavior when sending the newsletter. For this evaluation, the emails sent include so-called web beacons or tracking pixels that represent one-pixel image files stored on our website. For evaluational purposes, we link the data mentioned in Section 5 and the web beacons with your e-mail address and an individual ID. With the data obtained, we create a user profile to adjust the newsletter to your individual interests. This means we record when you read our newsletters and which links you click so we can conclude your personal interests. We link this data with actions you have taken on our website.
You can object to the afore mentioned tracking at any time by clicking on the separate link provided in each e-mail or by informing us via another contact path (see above). The information will be stored as long as you have subscribed to the newsletter. After unsubscribing, we store the data purely statistically and anonymously.
e) If you have only subscribed to the newsletter and then cancel the subscription, your personal data will be deleted.
You can withdraw your consent to receiving the newsletter at any time and unsubscribe from it. You can declare the cancellation by clicking on the link provided in each newsletter e-mail, by e-mail to email@example.com or by sending a message to the contact details provided in the imprint.
7. Disclosure of data to third parties
a) A transfer of data to third parties only takes place within the extent of the statutory requirements. We will only transfer user data to third parties if:
- You have given express consent according to Art. 6 sect. 1 sentence 1 lit. a GDPR,
- according to Art. 6 sect. 1 sentence 1 lit. f GDPR the transfer is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not transferring your data,
- according to Art. 6 sect. 1 sentence 1 lit. c GDPR we are legally obliged to transfer data, as well as
- it is legally permissible and required for the settlement of contractual relationships with you (Art. 6 sect. 1 sentence 1 lit. b GDPR).
b) When transferring your personal data, we always ensure the highest possible level of security. Therefore, your data will only be transferred to carefully selected and contractually-obligated service providers and partner companies in order to protect your personal data in accordance with the relevant statutory provisions.
8. Where is your personal information stored?
a) The personal data collected will generally be stored within the European Union ("EU"). However, it may exceptionally happen that personal data is transmitted to non-European countries. In these so-called countries the GDPR is no directly applicable law. Usually, third countries have a less stringent data protection law.
We use so-called "cookies" to recognize the multiple use of our website by the same user or Internet access holder. The data processed by cookies is required for the protection of our legitimate interests according to Art. 6 sect. 1 p. 1 lit. f GDPR (see section 3.1.).
9.1. What are "cookies"?
Almost every single website uses different cookies, so that the respective pages work as desired and their design and functions can be presented to you optimally.
Cookies are information files that are transmitted from our web server or third-party web servers to your web browser, where they are stored for later retrieval. These information-files are specific information related to your device (PC, smartphone and browser used). However, this does not mean that we are immediately aware of your identity. Cookies are mainly used for the user-friendliness of websites (eg, they store login data or the selected language). Cookies do not harm your device or contain viruses, trojan horses or other malicious software.
9.2. What types of "cookies" do we use?
This website uses transient and persistent cookies, their extent and operation are explained below:
- a) Transient cookies are automatically being deleted when you close your browser. This includes session cookies in particular. Those cookies store a so-called session ID, with which various requests from your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our website. We therefore use these cookies to identify you for follow-up visits if you have an account with us. Otherwise, you would have to log in again for each visit. The session cookies are deleted when you log out or close your browser.
- b) Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can delete cookies in the security settings of your browser at any time.
Most browsers accept cookies automatically. If you do not want cookies to be stored on your machine, you can disable the corresponding option in the system settings of your browser. Saved cookies can also be deleted in the system settings of the browser. However, the exclusion of cookies can lead to functional restrictions of this online offer. For information on disabling cookies on the most popular browsers, see the links below:
Google Chrome: https://support.google.com/accounts/answer/61416?hl=en
Microsoft Internet Explorer: http://windows.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
10. Integration of services and content of third parties
a) We will not disclose your personal information to third parties, unless the data is required for the processing of your contract, there are legitimate interests or you have expressly consented to the disclosure. Insofar as we are legally obliged to do so, we will pass on your data to government agencies and authorities entitled to receive information. Our legitimate interests are, for example, the interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 sect. 1 lit. f. GDPR.
b) In cases of transfering your personal data, we always ensure the highest possible level of security. Therefore, your data will only be tranfered to carefully selected and contractually-obligated service providers and partner companies in order to protect your personal data in accordance with the relevant statutory provisions.
c) If our service providers or partners are based in a country outside the European Economic Area (EEA), we inform you about the consequences of this circumstance in the description of the offer.
11. Use of social media plug-ins
a) We are currently using the following social media plug-ins: Facebook, Twitter, Instagram, Google+. We use a so-called “two-click solution”. When you visit our website, no personal data is initially passed on to the providers of the plug-in. The provider of the plug-in can be identified by the marking on the box above its initial letter or logo. We give you the opportunity to communicate directly with the provider of the plug-in via the button. Only if you click on the marked field and therefore activate it, the plug-in provider receives the information that you have accessed the corresponding website of our online service. In addition, the data referred to in point 5 of this declaration will be transmitted. In the case of Facebook, according to the respective providers in Germany, the IP address is anonymized immediately after collection. By activating the plug-in, personal data will be transmitted to the plug-in provider and stored there (with US providers in the USA). Since the plug-in provider carries out the data collection, in particular via cookies, we recommend that you delete all cookies before clicking on the greyed-out box via the security settings of your browser.
b) We have neither control over the collected data and data processing operations, nor are we aware of the full extent of the data collection, the purpose of the processing, the retention periods. We also have no information about the process of deletion regarding the data collected by the plug-in provider.
c) The plug-in provider stores the data collected about you as user-profiles and uses them for advertising, market research and / or specified website design. Such an evaluation is carried out in particular (also for non-logged-in users) for the presentation of needs-based advertising and to inform other users of the social network about your activities on our website. By the usage of the plug-ins we offer you the opportunity to interact with social networks and other users, so that we can improve our offer and make it more interesting for users. The legal basis for the use of plug-ins is Art. 6 sect. 1 sentence 1 lit. f GDPR. We use this to make our website more popular. The underlying commercial purpose is to be regarded as a legitimate interest within the range of the GDPR.
d) You have the right to object to the formation of these user-profiles. Therefore you have to contact the respective plug-in provider to exercise your rights.
e) The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged into the plug-in provider, your data collected from us will be assigned directly to your existing account with the plug-in provider. If you press the activated button and link the page, the plug-in provider also stores this information in your user account and shares it publicly with your contacts. We recommend logging out regularly after using a social network, but especially before activating the button, as this will prevent you from being assigned to your profile with the plug-in provider.
f) Further information on the purpose and extent of the data collection and its processing by the plug-in provider can be found in the following privacy statements of the listed providers. There you will also find further information about your rights and possible settings for the protection of your privacy.
a) We use the social media plugins of Facebook an it´s "LIKE" or "SHARE" button. Facebook.com is operated by Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA.
b) Facebook is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European data protection law: https://www.privacyshield.gov/EU-US%20Framework.
c) For more information on Facebook's data acquisition, please visit https://www.facebook.com/help/186325668085084.
e) If you are a Facebook member and do not wish Facebook to collect data about you via this online offer and link it with their member data stored on Facebook, you must log out of Facebook and delete your cookies before using our online offer.
f) Other settings and inconsistencies regarding the use of data for advertising purposes can be set within the Facebook profile settings: https://www.facebook.com/settings?tab=ads.
a) We use the social plugin of Twitter, which is a service of Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, United States.
b) Twitter is certified under the Privacy Shield Agreement, providing a guarantee to comply with European privacy legislation https://www.privacyshield.gov/EU-US%20Framework.
c) Further information can be found in the privacy statement of Twitter at http://twitter.com/privacy or at the overview offered by Twitter: https://dev.twitter.com/web/overview. You can change your privacy settings on Twitter in your account settings at: https://twitter.com/account/settings.
a) We use the social plugin of the LinkedIn network. Provider of this social plugin is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, United States.
a) Our website also uses social plugins operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram").
13. Integration of tracking tools and other third-party content
13.1 Google Analytics
a) For the purpose of the need-based design and continuous optimization of our website, we use Google Analytics, a web analytics service provided by Google Inc. ("Google"), 1600 Amphitheater Parkway Mountain View, CA 94043, USA.
b) The use of Google Analytics is based on our legitimate interests within the range of Art. 6 sect. 1 lit. f. GDPR. We use Google Analytics to analyze and improve the use of our website. With the statistics given by Google Analytics we can improve our offer and make it more interesting for users. For the exceptional cases in which personal data is transferred to the US, Google has submitted to the EU-US Privacy Shield, thereby guaranteeing compliance with European data protection law: https://www.privacyshield.gov/EU-US-Framework.
c) Google Analytics uses so-called "cookies". Those are text files that are stored on your computer and allow an analysis of the use of our website by the user (see paragraph 9). The information generated by the cookie is usually transmitted to a Google server in the US and stored there. However, in the event of activation of IP-anonymisation on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement in the European Economic Area. Only in exceptional cases the full IP address will be sent to a Google server in the US and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activities and to provide other services related to the website usage and internet usage to the website operator.
d) The IP address transmitted by Google Analytics as part of Google Analytics will not be merged with other data provided by Google.
e) You can prevent the storage of cookies by setting your browser software accordingly; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. You may also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google. In order to do so, you have to download and install the following browser plug-in: http://tools.google.com/dlpage/gaoptout?hl=de.
f) For more information on the use of data for advertising purposes by Google, settings and objections, visit the websites of Google:
Data usage by Google http://www.google.com/analytics/terms/en.html
Promotional data http://www.google.com/policies/technologies/ads
14. Your rights to your data
You have the following rights regarding to your personal data:
- According to Art. 15 GDPR, you may request information about your personal data processed by us. In particular, you can demand information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been tranferred, the planned retention period, the right to rectification, deletion, limitation of processing or opposition, the existence of the right to complain, the source of your data, if not collected from us, and the existence of automated decision-making including profiling and details about profiling;
- in accordance with Art. 16 GDPR, you can immediately request the correction of incorrect or incomplete personal data stored by us;
- In accordance with Art. 17 GDPR, you may request the deletion of your personal data stored with us, except for the processing for exercising the right to freedom of expression and information, for fulfilling a legal obligation, for reasons of public interest or for assertion, exercise or defense of legal claims is required;
- According to Art. 18 GDPR you can demand the restriction of processing your personal data, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject their deletion and we no longer need the data, but you assert the data to exercise or defend legal claims or you have objected to processing the data according to Art. 21 GDPR;
- according to Art. 20 GDPR you have the right to transfer data, which means we have to provide you with your personal information in a structured, common and machine-readable format. You can also require transmission to another person in charge, provided that the processing is based on your consent or a contract with us and the processing has been automated. In case of data transfer to another person in charge, however, you can only effect the transfer if it is technically feasible;
- In accordance with Art. 7 sect. 3 GDPR, you can withdraw your once given consent at any time. As a result, we are not allowed to continue the processing your data based on this consent for the future; and
- According to Art. 77 GDPR you have the right to complain to a supervisory authority. Usually you can contact the supervisory authority of your usual place of residence or workplace or our headquarters.
You can exercise your rights to rectification or deletion of personal data in the quickest, easiest and most comfortable way by logging into your account and directly editing your data stored there or by deleting your entire account.
15. Right of objection
a) If you have given your consent to the processing of your data, you can withdraw it at any time. The withdrawal will affect the admissibility of the processing of your personal data after you have given it to us.
b) As far as we base the processing of your personal data on the balancing of interests, you can object to the processing. This is the case if, in particular, the processing is not required to fulfill a contract with you. In the event of such a disagreement, we ask you to explain the reasons why we should not process your personal data as we have done. In the case of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or point out our compelling legitimate reasons on which we continue the processing. You have the right to complain to a regulator at any time (for example, the regulator at your place of residence or at our company headquarters).
c) Of course, you may object to the processing of your personal data for purposes of advertising and data analysis at any time. You can contact us under the given contact information in section 1.1.
d) If you want to withdraw or object, please send an e-mail to the person named under section 1.1.
16. Deletion and retention of your data
a) The data stored with us is deleted as soon as it is no longer necessary for the intended purpose. For details, see the sections in this statement that explain the nature and purpose of each processing of personal information.
b) Data that we have to store due to statutory or contractual retention obligations (eg for tax reasons) will be blocked instead of a deletion in order to prevent use for other purposes. This includes, for example, the storage for 6 years pursuant to § 257 paragraph 1 German Commercial Code (for trading books, inventories, opening balances, annual accounts, trade letters, accounting documents, etc.) or the storage for 10 years in accordance with § 147 Abs. 1 Tax Code (books, records, Management reports, accounting documents, trade and business letters, documents relevant to taxation, etc.).