Privacy Notice

Last updated on August 30, 2022

This privacy notice provides you with information as required by Article 13 General Data Protection Regulation (GDPR) about the processing of personal data that takes place when you visit this website or that may take place if you should make use of certain functionalities of this website.     

Table of Contents

• Controller
• Recipients 
• Log files
• Cookies
• External links
• Contacting
• Webforms
• Job Applications
• Your rights
• Questions

Controller

The controller of the processing is: 

EuroPriSe Cert GmbH
Joseph-Schumpeter-Allee 25
53227 Bonn
Germany
Phone: +49 228 763 679 30
Fax: +49 228 763 679 09
E-Mail: contact@euprivacyseal.com

Recipients

EuroPriSe Cert GmbH discloses your personal data to service providers who support us in operating this website and in managing processes that are related to the operation and maintenance of the website. These service providers process the personal data as processors on behalf of EuroPriSe Cert GmbH. We make use of the following service providers:

2B Advice GmbH
2B Advice s.r.o. 

Log files

Your IP address is processed when you access the publicly available sections of this website and/or the "expert internal" section (this is necessary due to technical reasons). EuroPriSe Cert GmbH processes your IP address only for the purpose of establishing and maintaining a communication channel between our website and your technical device that allows you to make use of the funcionalities of the website. Your IP address is not kept beyond your visit on our website. In particular, IP addresses are not stored in log files (cf. below for details regarding log files).

During access to publicly available sections of the website, specific data are stored in log files. Log data cannot be related to individual persons. This means that the keeping of the log files does not result in the processing of personal data.

In detail the data stored in log files are:

• Name of the requested file
• Date and time of the request
• Message if transmission was successful

EuroPriSe Cert GmbH does not store visitors’ IP addresses.

The log files are used for statistical purposes only.

Cookies

This website makes use of http cookies. An http cookie is a small piece of data sent from a website and stored on the visitor's device (computer or other technical device) by their web browser while the visitor is browsing the website.

A session cookie is stored in the device used by a visitor of the website.

The name of the cookie is ASP.NET_SessionId. It is used to clearly identify a session (time during which the user browses the website). Legal basis for the processing of this cookie is Article 6(1)(1)(f) GDPR, the legitimate interest pursued is to offer certain functionalities of this website to its visitors by upholding a session. The cookie is deleted when visitors close their browsers.

External links

Hyperlinks on this website may lead to external sites that are not controlled by EuroPriSe Cert GmbH. Such external links are marked explicitly, e.g.

http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/ [external link]

Secured external connections are identified as such, e.g.

https://secure.edps.europa.eu/EDPSWEB/ [external link / TLS]

All other hyperlinks within this website point to internal resources that are subject to the conditions stated in this privacy notice.

EuroPriSe Cert GmbH cannot assume any responsibility for contents or privacy policies of external resources. This privacy notice and the assurances provided in it do not apply to visitors’ actions on, or related to, such third-party sites.

Contacting

The following contact opportunities are available:

• Contact webform
• Contact e-mail address
• Information about the processing of personal data resulting from the use of these contact means 

Contact webform

Visitors of the website may make use of the contact webform at

https://www.euprivacyseal.com/EPS-en/Contact

in order to provide feedback on the website or other topics to EuroPriSe Cert GmbH or to make an enquiry with us.

When completing the webform, visitors are required to provide the following information:

• Subject
• Message
• Captcha (captchas are used to prevent abusive use of the form by means of bots)

Visitors may also provide the following information on a voluntary basis:

• Name
• E-mail address (the email address is necessary if a visitor wants EuroPriSe Cert GmbH to reply to his or her message)

Transmission of information is secured by means of transport layer security (TLS).

The submitted information may contain personal data.

Contact e-mail address

Visitors of the website may contact EuroPriSe Cert GmbH via e-mail (contact@euprivacyseal.com) in order to provide feedback on the website or other topics or to make an enquiry with us. 

EuroPriSe Cert GmbH supports the exchange of encrypted e-mail messages. Visitors who want to send an encrypted e-mail can find our PGP key at https://www.euprivacyseal.com/EPS-en/EuroPriSe-Imprint. Please configure your PGP client to the extent that it provides the highest possible level of security.   

The submitted information may contain personal data. 

Information about the processing of personal data resulting from the use of these contact means 

EuroPriSe Cert GmbH processes the information submitted via the contact webform or by e-mail for the purpose of processing the enquiry of the visitor of the website. If the visitor should submit contact information such as an e-mail address or a phone number via the form, then EuroPriSe Cert GmbH may make use of this information to respond to the respective enquiry. If the visitor should aim at ordering services of EuroPriSe Cert GmbH, the information might also be processed to take steps at the request of the visitor prior to entering into a contract and for the performance of such a contract (if applicable). 

Legal basis for the processing of personal data that may result from the use of the contact webform is Article 6(1)(1)(b) or Article 6(1)(1)(f) GDPR. In respect of Article 6(1)(1)(f) GDPR, the legitimate interest pursued is to process and answer your enquiry timely and as excpected. Your personal data are deleted as soon as they are no longer necessary in relation to the purpose(s) stated above, unless they are required for a legal dispute that is related to a contract or unless EuroPriSe Cert GmbH is subject to legal retention periods. Commercial letters and other relevant data are stored for a period of ten years as is required by German commercial law (if applicable).  

Webforms

Besides the contact webform that was already addressed under the heading "contact", this website also contains the following webforms: 

Webforms that form part of the publicly available sections of the website:

• Dispute resolution complaint form

Dispute resolution complaint form

EuroPriSe dispute resolution is an important tool to guarantee continued compliance of certified products, services and websites with EU data protection law. Anyone who has evidence that an IT product, an IT-based service or (publicly available parts of) a website that has been awarded the seal does not meet the relevant EuroPriSe requirements anymore may file a complaint with EuroPriSe Cert GmbH. For this purpose, EuroPriSe provides a dispute resolution complaint webform that is available at    

https://www.euprivacyseal.com/EPS-en/Dispute-Resolution-Complaint-Form.

In order to avoid misuse of the dispute resolution procedure, EuroPriSe requires complainants to indicate their real first name and last name as well as a valid e-mail address. They are required to affirm that they are aware of the fact that EuroPriSe will disclose this contact information to the seal holder concerned by the complaint.  

In addition, complainants are required to provide the following information when completing the webform:

• Name of the seal holder concerned by the complaint
• Name/URL of the product, service or website concerned by the complaint
• Version of the product, service or website concerned by the complaint (if applicable)
• Validity period of the seal that has been awarded to the product, service or website concerned by the complaint
• Description of the complaint
• List of documents and/or other proof supporting the complaint
• Indication whether the complaint was filed in the internal dispute resolution process previously
• Information on the result of the internal dispute resolution process or indication of extraordinary circumstances that make the internal dispute resolution process dispensable in the case at hand (as applicable)
• Captcha (captchas are used to prevent the abusive use of the form by means of bots)

As can be gathered from the list above, the submitted information does not only contain personal data about the complainant, but may also contain personal data about the seal holder concerned by the complaint. If this should be the case, then EuroPriSe Cert GmbH will inform the seal holder (or the respective employee) in accordance with Article 14 GDPR. 

EuroPriSe Cert GmbH processes the personal data collected via this form for the purpose of dispute resolution only (basic information about EuroPriSe dispute resolution is available at https://www.euprivacyseal.com/EPS-en/Dispute-Resolution). This involves the disclosure of the data to the seal holder concerned by the complaint. Complainants who want to submit the webform are required to affirm that they are aware of the fact that these disclosures will / may take place.

Legal basis for the processing of personal data that may be submitted via this form is Article 6(1)(1)(f) GDPR, the legitimate interest pursued is to uphold the high quality of the EuroPriSe certification scheme and to assist the complainant in enforcing any rights or interests that may have been violated by a seal holder. EuroPriSe Cert GmbH records and tracks all complaints as well as actions undertaken to resolve them in accordance with the International Standard ISO/IEC 17065:2012. Personal data that is processed in the context of EuroPriSe dispute resolution is stored during the complete dispute resolution process and beyond (as long as EuroPriSe Cert GmbH is required to be able to demonstrate that the respective dispute resolution activities took place).  

Transmission of information is secured by means of transport layer security (TLS).

Job Applications

EuroPriSe Cert GmbH may decide to post job offers on this website and to invite suitable candidates to apply for the respective vacancies via e-mail or postal mail. Submitted applications are solely processed for the purpose of selecting applicants in accordance with Article 6(1)(1)(b) GDPR in connection with Section 26(1) BDSG (German Federal Data Protection Act). If an application is unsuccessful, the respective personal data and all submitted documents will be deleted no later than three months after the rejection notice has been sent.

Your rights

As a user of this website, the General Data Protection Regulation (GDPR) assigns the following rights to you:  

• Right of access
• Right to rectification
• Right to erasure
• Right to restriction of processing
• Right to data portability
• Right to object
• Right to withdraw consent at any time
• Right to lodge a complaint with a supervisory authority

Right of access (Article 15 GDPR)

You have the right to obtain confirmation as to whether or not personal data concerning you are being processed. Where personal data concerning you are being processed, you have the right of access to these data and to the information listed in Article 15 GDPR.

Right to rectification (Article 16 GDPR)

You have the right to obtain the rectification of inaccurate personal data concerning you without undue delay. During access to publicly available sections of the website, specific data are stored in log files. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement. 

Right to erasure (Article 17 GDPR)

You have the right to obtain erasure of personal data concerning you without undue dealy where one of the grounds listed in Article 17 applies (e.g., the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed). 

Right to restriction of processing (Article 18 GDPR)

You have the right to obtain restriction of processing where one of the grounds listed in Article 18 applies (e.g., you have objected to processing pursuant to Article 21 GDPR pending the verification whether legitimate grounds of EuroPriSe Cert GmbH override your legitimate grounds).

Right to data portability (Article 20 GDPR)

You have the right to receive the personal data concerning you in a structured, commonly used and machine-readyble format and the right to transmit those data to another controller without hindrance, where one of the grounds listed in Article 20 GDPR applies.

Right to object (Article 21 GDPR)

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6(1)(f) GDPR. In such a case, EuroPriSe Cert GmbH will no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

Right to withdraw consent at any time (Article 7(3) GDPR)

Where the processing is based on consent, you have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.  

Right to lodge a complaint with a supervisory authority (Article 77 GDPR)

You have the right to lodge a complaint with a supervisory authority, in particular in the Member state of your habitual residence, place of work or place of the alleged infringement if you should consider that the processing of personal data concerning you infringes data protection regulations. The competent supervisory authority for companies that are situated in Bonn / Germany is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Kavalleriestr. 2-4
40213 Düsseldorf
Germany 

Questions

If you should have any questions about this privacy notice, please do not hesitate to send an email to contact@euprivacyseal.com.

EuroPriSe Cert GmbH supports the exchange of encrypted e-mail messages. Visitors who want to send an encrypted e-mail can find our PGP key at https://www.euprivacyseal.com/EPS-en/EuroPriSe-Imprint. Please configure your PGP client to the extent that it provides the highest possible level of security.