top of page

Privacy policy

EXCON appreciates your visit to this website and your interest in our services. To ensure that you feel safe and comfortable during your visit, we would like to inform you about how we handle your data.

You can find details of the person responsible at EXCON at any time in our imprint.

User data

In order to improve the quality of our web pages, we store data on individual access to our pages for statistical purposes. This data set consists of:

  • the page from which the file was requested,

  • the name of the file,

  • the date and time of the request,

  • the amount of data transferred,

  • the access status (file transferred, file not found),

  • the description of the type of web browser used,

  • the IP address of the requesting computer shortened by the last three digits.

 

This data is stored anonymously in accordance with the German Telecommunications, Digital Services, and Data Protection Act (TDDDG). The creation of personal user profiles is thus excluded.

Data transfer to third parties

We will only disclose the data we have collected and stored about you to third parties if we are legally entitled or obliged to do so (e.g. for contractual or law enforcement purposes) or if you expressly request us to do so. In these cases, we strictly comply with the requirements of the General Data Protection Regulation. The scope of the data transfer is limited to a minimum.

Contact form

We only collect personal data via our contact form if it is necessary for the purpose you have requested (contacting us). We use your personal data to answer your inquiry. To use our contact form, we need your name and e-mail address. You can provide us with further details such as your company address, but you do not have to.

Newsletter

We offer you the possibility to order our newsletter on our website. To do this, we only need your e-mail address and your last name, the further specification of your first name is voluntary and will only be used for the personal address in the newsletter. You can unsubscribe from the newsletter at any time, e.g. by sending an e-mail to info@excon.com  or via a corresponding link at the end of each newsletter.

Use of Google reCaptcha

We use Google's reCaptcha service to determine whether a human or a computer is making a particular entry in our contact or newsletter form. Google uses the following data to check whether you are a human or a computer: IP address of the terminal device used, the website you visit with us on which the captcha is embedded, the date and duration of the visit, the recognition data of the browser and operating system type used, Google account if you are logged in to Google, mouse movements on the reCaptcha areas and tasks that require you to identify images. The legal basis for the described data processing is Art. 6 (1) lit. f of the General Data Protection Regulation. There is a legitimate interest on our side in this data processing to ensure the security of our website and to protect us from automated entries (attacks).

The information may also be transferred to servers in the United States.

Recipient of the data:
Google Ireland Ltd, Gordon House, 4 Barrow St, Dublin, D04 E5WE, Ireland.

 

If the data is transferred to the USA:
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

o conduct video conferences, the online tool GoToMeeting is used, which is operated by LogMeIn Ireland Unlimited Company on the basis of a data protection agreement including associated standard data protection clauses for any data exports outside the EU and the EEA. Details on data processing by LogMeIn can be found in the associated privacy policy at https://www.logmein.com/de/legal/privacy/international. Accordingly, there may be a data transfer to the USA and the UK for the purpose of processing the video conference.

This online tool can already be used by calling up a sent link in the browser. Alternatively, a corresponding app can also be installed locally. In both cases, it is necessary to call up the provider's website, at least initially.

When using GoToMeeting are stored:

  • User details, consisting of IP address, start and end of connection, user ID entered at the start of the event itself.

  • Meeting metadata: Topic, description (optional), attendee IP addresses, device/hardware information.

  • When dialing in with the telephone: information about the incoming and outgoing phone number, country name, start and end time

  • When entering chat messages, uploading files or sharing screen content: Corresponding information that is explicitly disclosed by the user himself for this purpose.

  • When the microphone is activated: audio data recorded by the microphone used by the user.

  • When the camera is activated: image data recorded by the camera used on the part of the user.


Video conferences are not recorded by default and otherwise only with the consent of all participants.

The intended purpose of the processing during a video conference is based on the associated mail traffic with which the corresponding video conference was invited, with reference to the meeting metadata entered. The legal basis underlying the respective videoconference can also be inferred from the respective circumstances and is based either on consent according to Art. 6 (1) a DSGVO, the performance of a contract according to Art. 6 (1) b DSGVO, the fulfillment of a legal obligation according to Art. 6 (1) c DSGVO or the protection of legitimate interests according to Art. 6 (1) f DSGVO. Associated storage periods depend on the corresponding underlying purposes and are otherwise based on the specifications for telemedia services regarding audiovisual usage data.

 

Users are requested to disclose only necessary data during the video conference. This explicitly includes the selected image section (possibly using blurring), presented screen content and the transmitted background noise while the user's own microphone is activated.

Video conference using GoToMeeting

o conduct video conferences, the online tool GoToMeeting is used, which is operated by LogMeIn Ireland Unlimited Company on the basis of a data protection agreement including associated standard data protection clauses for any data exports outside the EU and the EEA. Details on data processing by LogMeIn can be found in the associated privacy policy at https://www.logmein.com/de/legal/privacy/international. Accordingly, there may be a data transfer to the USA and the UK for the purpose of processing the video conference.

This online tool can already be used by calling up a sent link in the browser. Alternatively, a corresponding app can also be installed locally. In both cases, it is necessary to call up the provider's website, at least initially.

When using GoToMeeting are stored:

  • User details, consisting of IP address, start and end of connection, user ID entered at the start of the event itself.

  • Meeting metadata: Topic, description (optional), attendee IP addresses, device/hardware information.

  • When dialing in with the telephone: information about the incoming and outgoing phone number, country name, start and end time

  • When entering chat messages, uploading files or sharing screen content: Corresponding information that is explicitly disclosed by the user himself for this purpose.

  • When the microphone is activated: audio data recorded by the microphone used by the user.

  • When the camera is activated: image data recorded by the camera used on the part of the user.


Video conferences are not recorded by default and otherwise only with the consent of all participants.

The intended purpose of the processing during a video conference is based on the associated mail traffic with which the corresponding video conference was invited, with reference to the meeting metadata entered. The legal basis underlying the respective videoconference can also be inferred from the respective circumstances and is based either on consent according to Art. 6 (1) a DSGVO, the performance of a contract according to Art. 6 (1) b DSGVO, the fulfillment of a legal obligation according to Art. 6 (1) c DSGVO or the protection of legitimate interests according to Art. 6 (1) f DSGVO. Associated storage periods depend on the corresponding underlying purposes and are otherwise based on the specifications for telemedia services regarding audiovisual usage data.

 

Users are requested to disclose only necessary data during the video conference. This explicitly includes the selected image section (possibly using blurring), presented screen content and the transmitted background noise while the user's own microphone is activated.

YouTube video, embedded via iFrame in enhanced privacy mode

We use YouTube, a Google service, to display video content to you. To protect your privacy, we have enabled enhanced privacy mode.

By clicking the play button, you consent to the transmission of data to Google. This also involves the use of other Google services (e.g., Google Fonts).

Data recipient: Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.

Video Conferences with Google Meet

We use the online tool Google Meet to conduct video conferences. Google Meet is part of Google Workspace and is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The use of Google Meet is based on a data processing agreement in accordance with Article 28 of the GDPR, including the applicable standard contractual clauses for any data transfers to third countries outside the EU and the EEA. For more information on data processing by Google, please see Google’s Privacy Policy at: https://policies.google.com/privacy. Depending on the configuration and use of the service, data transfers to third countries (in particular to the United States) cannot be completely ruled out.

Google Meet can be used directly through a browser by accessing a meeting link provided by the organizer. Alternatively, the Google Meet application can be installed locally.

In both cases, access to Google’s infrastructure is technically necessary.

When using Google Meet, the following data may be processed:

  • User data, including IP address, device and browser information, login and logout times, and the user ID or display name provided by the participant.

  • Meeting metadata, such as the meeting title, description (optional), date and duration of the meeting, participants’ IP addresses, and technical connection data.

  • Audio data, if the participant’s microphone is enabled.

  • Video/image data, if the participant’s camera is enabled.

  • Chat messages and shared content, including text entries, files, or screen content, provided that these features are actively used by the participant.

Video conferences are not recorded.

The purpose of processing during a video conference is derived from the associated email correspondence through which the respective video conference was arranged with reference to the meeting’s metadata. The legal basis for the respective video conference can also be derived from the specific circumstances and is based either on consent pursuant to Art. 6(1)(a) of the GDPR, the performance of a contract pursuant to Art. 6(1)(b) of the GDPR, the fulfillment of a legal obligation pursuant to Article 6(1)(c) of the GDPR, or the protection of legitimate interests pursuant to Article 6(1)(f) of the GDPR. The associated retention periods depend on the respective underlying purposes and are otherwise governed by the guidelines for telemedia services regarding audiovisual usage data.

Users are asked to disclose only the necessary data during the video conference. This expressly includes the selected camera frame (using a blur effect if necessary), the screen content being presented, and any background noise transmitted when the user’s microphone is activated.

Data processing for the purpose of direct marketing

Mail advertising

 

To the extent permitted by law, we may also use the name and postal address of our business customers to send you advertising for our own offers. The legal basis is Art. 6 para. 1 lit. f) in conjunction with. Recital 47 DSGVO. Our legitimate interest is to promote sales or demand among our existing customers. Of course, you can object to the processing of your data for advertising purposes at any time for the future. A notification in text form to the above contact details is sufficient. We will then delete your data from our distribution list. We will then retain the data proving your objection for another 6 years in accordance with Art. 17 (3) e) DSGVO. During this time, however, your personal data will be blocked against further processing.

 

Telemarketing

 

To the extent permitted by law, we may also use your name, company affiliation and the telephone number you provide in order to inform you about our own offers, provided that you are presumably interested. The legal basis is Art. 6 para. 1 lit. f) in conjunction with. Recital 47 DSGVO, § 7 para. 2 no. 2 UWG. Our legitimate interest is to promote sales or demand among our existing business customers. Of course, you can object to the processing of your data for advertising purposes at any time for the future. A notification in text form to the above contact details is sufficient. We will then delete your data from our distribution list. We will then retain the data proving your objection for another 6 years in accordance with Art. 17 Para. 3 lit. e) DSGVO. During this time, however, your personal data will be blocked against further processing.

Storage duration

We store personal data within the scope of legal regulations or your consent.
We use the following criteria to determine the specific storage period:
We store the personal data until the purposes for which they were collected cease to apply (e.g. upon termination of a contractual relationship or through the last activity, if there is no continuing obligation, or in the event of a revocation of your consent for the specific data processing).

Storage beyond this takes place only insofar as

  • statutory retention obligations (e.g. according to AO and HGB) exist;

  • the data is still required for the assertion and exercise of legal claims or for the defense against legal claims, e.g. due to technological and forensic requirements for the defense against attacks on our web servers and their prosecution;

  • deletion would be contrary to the legitimate interests of the data subjects;

  • another exception pursuant to Art. 17 (3) DSGVO applies.

Your rights as data subject

 

As a user, you have the right to request information about what data about you is stored by us and for what purpose this storage takes place. If you have allowed us to process your personal data by giving your consent, you have a right of revocation with effect for the future pursuant to Art. 7 (3) DSGVO. In addition, you have the right to restrict (block) or object to processing and to lodge a complaint with the competent supervisory authority (Der Hessische Datenschutzbeauftragte, Postfach 3163, 65021 Wiesbaden, e-mail: poststelle@datenschutz.hessen.de). In addition, you can correct incorrect data or have such data deleted whose storage is inadmissible or no longer necessary. Please do not hesitate to contact us for information, requests or suggestions on the subject of data protection.

Cookies

You can find information on the cookies used on this website in our cookie policy.

 

Data Privacy Officer

 

The contact details of the data protection officer of the EXCON Group are:
datenschutz@excon.com

bottom of page