Privacy
Policy
Data protection information for binat-businesswear.com
When you visit our website binat-businesswear.com, we process your personal data. The protection of this data is just as important to us as it is to you, which is why we comply with all relevant laws, in particular the General Data Protection Regulation (GDPR). This data protection information provides you with all the important information about the basis on which we process your data, for what purposes and for how long.
Name and contact details of the controller and the data protection officer
For the processing of your data via binat-businesswear.com is controller within the meaning of the GDPR:
Nova Unternehmensberatung und -beteiligung GmbH
Turnerheimstrasse 1, 08064 Zwickau
info@binat-businesswear.de
Cookies and similar
We use cookies or similar technologies such as pixels tags or web beacons (hereinafter collectively referred to as "cookies") on our website. These are small files that your browser automatically creates and that are stored on your end device (laptop tablet smartphone etc.) when you visit our website. Cookies do not cause any damage to your end device and do not contain any viruses Trojans or other malware. Pixels are small graphics that are integrated via the HTML code of our website. The pixel tag itself does not store or change any information on your end device so pixels do not cause any damage to your end device and do not contain any viruses Trojans or other malware.
Information is stored in the cookie that results in each case in connection with the specific end device used. However this does not mean that we obtain direct knowledge of your identity. Cookies send your IP address the referrer URL of the website visited the time at which the website was viewed the browser used and previously set cookie information to a web server. This enables us to perform and offer the services described in this privacy policy.
On the one hand the use of cookies serves to offer you the basic use of our website from a technical point of view.
For example we use so-called session cookies or transient cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site. The data processed by these cookies is required for the aforementioned purposes to safeguard our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR and technically in accordance with Section 25 para. 2 no. 2 TDDDG in order to provide a service requested by you.
In addition to optimize user-friendliness we use temporary cookies or persistent cookies that are stored on your end device for a specified period of time. If you visit our website again to use our services it is automatically recognized that you have already visited us and which entries and settings you have made. The data processed by these cookies is required for the aforementioned purposes to safeguard our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR and technically in accordance with Section 25 para. 2 no. 2 TDDDG in order to offer a service requested by you. We also use third-party tools based on cookies to statistically record the use of our website and for the purpose of optimizing our offer. The cookies are set if you have explicitly consented to the cookies when accessing our website Art. 6 para. 1 sentence 1 lit. a GDPR and Section 25 para. 1 TDDDG.
The cookies are automatically deleted after a defined period of time. You will find more detailed information in the relevant data processing section.
You can revoke or adjust your consent at any time with effect for the future under "Cookie settings". You will find the link at the bottom of the website.
Most browsers accept cookies automatically. However you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However completely deactivating cookies may mean that you cannot use all the functions of our website. You can prevent the use of cookies on our pages by using appropriate tools or browser add-ons (e.g. the "AdBlock" add-on for the Firefox browser).
Services
Visiting our website
When you visit our website certain data is automatically sent from your browser to the servers of our website. This data includes among other things
- IP address
- Date and time
- Approximate location
- Browser and device information
Purpose: We process the data in order to be able to present you with an attractive stable and secure website. We also secure our website against fraudulent activities.
Legal basis: Data processing is necessary in order to make the website technically available and to protect it against unlawful activities. This corresponds to our legitimate interest in being able to maintain a website and is justified in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.
Recipient: Our website is hosted by the provider Amazon Web Services EMEA SARL (hereinafter "AWS"). We have concluded an order processing contract with AWS in which they guarantee that they will only process your data in accordance with our instructions and in compliance with applicable data protection law.
Third country transfer: The parent company of AWS Amazon Web Services Inc. is based in the USA. Your data may therefore also be transferred to the USA as a third country. Amazon Web Services Inc. is subject to the DPF. This ensures that a standard of protection comparable to the European level of data protection is guaranteed when data is transferred to the USA.
We have also included the standard contractual clauses of the EU Commission in the data processing addendum with AWS; this also ensures that AWS complies with a level of data protection comparable to that in Europe when transferring data to third countries. You can view the standard contractual clauses here .
Storage periods: Your data is only stored temporarily in log files and is automatically deleted after 30 days at the latest.
Consent Management
We use a consent management tool on our website. The following data is processed by this tool:
- IP address
- Date and time
- Browser information
- Device information
- Consent status
Purpose: The purpose of processing is to be able to document the consent you have given and thus to comply with our legal obligations under Art. 5 para. 2 Art. 7 para. 1 GDPR.
Legal basis: These purposes also correspond to our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR which justifies the processing within the framework of the Consent Management Tool.
The Consent Management Tool places a cookie on your end device in which your consent status is stored. This is justified in accordance with Section 25 para. 2 No. 2 TDDDG.
Storage periods: We store your data for the purpose of consent management for as long as is necessary to achieve this purpose.
Integration of YouTube videos
We embed videos from the YouTube service provided by Google Ireland Limited on our website.
Purpose: We use this service to provide you with an aesthetically pleasing site and to better present ourselves as entrepreneurs and our content.
Legal basis: The implementation is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR and Section 25 para. 1 sentence 1 TDDDG. You can revoke this at any time with effect for the future via our Consent Management Tool.
Recipients: We share your data with Google Ireland Limited Gordon House Barrow Street Dublin 4 Ireland.
Third country transfer: When data is transferred to Google Ireland Limited it is also transferred to servers of the parent company Google LLC in the USA. Google LLC is DPF-certified. This ensures that a level of data protection comparable to that in Europe exists when your data is transferred to the USA.
Storage periods: We store your personal data for as long as this is necessary for the aforementioned purposes. As soon as you have withdrawn your consent we will stop processing your data.
Contact us
On our website we offer you the opportunity to contact us. To do so you can either write to our e-mail address above call us by telephone or use our contact form. If you send us a message using the contact form we will receive it as a message in our e-mail inbox.
When you contact us we process the following data depending on the channel:
- E-mail address or telephone number
- First and last name
- Company
- Any information you provide us with in your message
Purpose: We process your data in order to be able to respond to your contact.
Legal basis: Contacting us is voluntary. We process your data on the basis of our legitimate interest in responding to your request in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.
Recipient: We use the Google Workspace (GSuite) service of Google Ireland Limited Gordon House Barrow Street Dublin 4 Ireland to receive and send emails.
Third country transfer: Google Workspace is a cloud-based service. Your data is therefore stored on servers of Google Ireland Limited. Your data may also be transferred to servers of the parent company Google LLC based in the USA. Google LLC is DPF-certified. This ensures that a level of data protection equivalent to that in Europe exists when your data is transferred to the USA.
In addition we have included the standard contractual clauses of the EU Commission in our data processing agreement with Google Ireland Limited. This means that Google also undertakes to comply with a level of data protection comparable to that in Europe when processing our customer data. You can view the standard contractual clauses here .
Storage periods: We store your data for as long as we need it to fully process your request and no statutory retention periods apply.
Customer portal
We offer a customer portal on our website. You can either register directly via our website or alternatively register and log in with your Google account which is provided by Google LLC. If you use the "Sign in with Google" / "Mit Google anmelden" function Google will send us the data required for login or registration.
When you register for our customer portal we process the following data:
- E-mail address
- Name
- Company
- Function in the company
- Phone number
- Address
Purpose: We process your data in order to provide you with our customer portal and the included functions such as purchase processing and data management. We enable registration via Google to make it easier for our customers to create an account with us.
If you have provided your telephone number we may also call you for advertising purposes and present our products to you. We will only do this if and insofar as you have not expressly objected to this.
Legal basis: We only offer our services to companies. Simplified customer management for us and simplified purchase processing for our customers correspond to our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR. In addition our customers have a legitimate interest in the processing of any personal data of their representatives in the form of the interest in concluding and processing the contract in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.
We process your telephone number for advertising purposes on the basis of our legitimate interest in direct advertising and thus in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR in conjunction with Section 7 para. 2 no. 1 UWG.
Recipient: When you log in via your Google account not only does Google send data to us but we also send required information to Google LLC 1600 Amphitheatre Parkway Mountain View CA USA.
For more information on data processing by Google please refer to their privacy policy.
Third country transfer: Your data will be transferred to Google LLC in the USA. The USA is a third country. Google LLC has certified itself under the Data Privacy Framework (DPF). This enables us to ensure that a level of data protection comparable to that in Europe is guaranteed when your data is transferred to the USA. You can view the certification at any time here .
We have also included the EU Commission's standard contractual clauses in our contract with Google. This also ensures that Google maintains a level of data protection comparable to that in Europe when processing your data. You can view the standard contractual clauses here .
Storage periods: We store your data which is required to create a user account until you delete the user account.
Orders
You can place orders via our website if you are registered in the customer portal. You can only pay on account with us.
We process the following data from you:
- Name and company
- E-mail address
- Delivery and billing address
- Payment data
Purpose: We process your data as part of the order in order to be able to assign and deliver the order to you to process the payment and if necessary to carry out a credit check.
We will also use your e-mail address to send you advertising for products similar to those you have ordered.
Legal basis: The processing of your data is based on our legitimate interest in the execution of the contract pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR. Insofar as we have concluded the contract with you as an entrepreneur the processing is necessary for the fulfillment of the contract and justified according to Art. 6 para. 1 sentence 1 lit. b GDPR.
Data processing for the purpose of direct advertising corresponds to our economic interest in the sale of our products and is justified in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR in conjunction with Section 7 para. 3 UWG.
Recipients: We also pass on your data to the logistics company DHL Paket GmbH Sträßchenweg 10 53113 Bonn for the purpose of delivering your order.
Storage periods: We store your data for as long as we are obliged to do so under tax law. This retention obligation is 5 optionally 10 years.
We will store your e-mail address for the purpose of direct advertising until you have declared your objection. If you have declared your objection we will securely store your e-mail address in a so-called advertising block file for an unlimited period of time for comparison purposes in order to ensure that you do not receive any advertising from us.
Calendly
You can make appointments with us or specify the desired time of your delivery on our website. For appointment management we use the service of the provider Calendly LLC 115 E Main St Ste A1B Buford GA 30518 USA ("Calendly").
The following data will be processed by you:
- Your e-mail address
- Your name
- Date and time of the appointment
Purpose: The purpose of this data processing is the efficient management of appointment requests from our customers.
Legal basis: Making an appointment is voluntary for you. The aforementioned purposes correspond to our legitimate interest which justifies data processing in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.
Calendly uses cookies. The legal basis for this is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR and Section 25 para. 1 TDDDG.
Recipient: We pass on your data to Calendly. Calendly processes your data on our behalf. We have therefore concluded a data processing agreement with Calendly in which they assure us that they will only process your data on our instructions and in accordance with the applicable data protection law. Calendly also uses various sub-processors. Calendly undertakes to subject them to the same data protection standards as we have agreed with you in the data processing agreement. You can view the list of sub-processors in the current version here .
Third country transfer: Calendly is based in the USA. In order to ensure that your data is subject to an adequate level of data protection when it is transferred to the USA Calendly has submitted to the DPF. You can access this certification at any time here .
We have also included the EU Commission's standard contractual clauses in our data processing agreement. This also ensures that a level of data protection comparable to that in Europe is guaranteed in the event of a transfer to a third country. You can view the concluded standard contractual clauses here .
Storage periods: We store your data until the appointment has been held or the appointment will no longer take place. In any case we store your data for as long as we are legally obliged to do so.
Third country transfer
In connection with data processing data may be transferred to third countries i.e. to recipients outside the EU or the European Economic Area (EEA). If the European Commission has decided that an adequate level of protection exists in the third country (see Art. 45 (3) GDPR) no additional measures are required for the data transfer. If data is transferred to recipients based in the USA this is done on the basis of the Transatlantic Data Privacy Framework (DPF) of 10.07.2023 provided the recipient has appropriate certification. A list of currently certified companies can be found here . In other cases and in the case of data transfers to other so-called non-secure third countries data will only be transferred if the requirements of Art. 46 et seq. GDPR are met. Specifically this means that data is only transferred to third countries if
- the recipient provides sufficient so-called guarantees in accordance with Art. 46 GDPR for the protection of personal data
- you have expressly consented to the transfer after we have informed you of the risks in accordance with Art. 49 para. 1 lit. a GDPR
- the transfer is necessary for the fulfillment of contractual obligations between you and us or
- another exception pursuant to Art. 49 GDPR applies.
Which of the above-mentioned principles applies in each individual case is shown to you in the respective processing.
Data transfers to recipients based in the USA who do not have DPF certification and for whom an adequate level of data protection cannot be established by means of guarantees within the meaning of Art. 46 GDPR will only be made with your consent within the meaning of Art. 49 para. 1 lit. a GDPR. We would like to point out that for recipients based in the USA without DPF certification an adequate level of data protection comparable to that in the EU cannot be guaranteed. Such a transfer of personal data therefore poses the following risks: There is a risk that US authorities may gain access to personal data on the basis of the PRISM and UPSTREAM surveillance programs based on Section 702 of the FISA (Foreign Intelligence Surveillance Act) and on the basis of Executive Order 12333 or Presidential Police Directive 28. EU citizens have no effective legal protection against this access in the USA or the EU.
Further information and a copy or reference to the respective appropriate guarantees can be found in the description of the respective service under section 3.
Rights of data subjects
You have certain rights under the GDPR. These are
- Right to information
- the purposes for which we process your data
- the categories of data that we process from you
- the specific recipients or if these are not known the categories of recipients to whom we transfer your data
- the duration for which we store your data or if this cannot be determined the criteria under which we store your data and
- if applicable the origin of the data if we have not collected it from you.
- Right to rectification
- Right to erasure (being forgotten)
- Right to restriction
- Right to data portability
- Right to withdraw consent
- Right to lodge a complaint with a supervisory authority
In accordance with Art. 15 GDPR you have the right to request information from us at any time about all data that we store about you. This includes in particular information about
If your data processed by us is incorrect or incomplete you can request that we correct or complete this data at any time in accordance with Art. 16 GDPR.
If the original legal basis for the data processing no longer applies or if you have withdrawn your consent or objected to the processing or if we are no longer permitted to process your data for another of the reasons stated in Art. 17 para. 1 GDPR you can request that we erase the personal data concerning you in accordance with Art. 17 GDPR.
You do not have this right if the processing is necessary for the exercise of freedom of expression and information or for the protection of public interests if there is a legal obligation to do so or if it is necessary for the assertion exercise or defense of legal claims.
In accordance with Art. 18 GDPR you can also request the restriction of processing. You have this right if you contest the accuracy of the data the processing is unlawful we no longer need the data for the stated purposes or you have objected to the processing and we are not otherwise permitted to lawfully process the data in the latter two cases.
You can also request that we transfer your data to you or another controller in a structured commonly used and machine-readable format in accordance with Art. 20 GDPR.
If you have declared your consent as the legal basis for the processing of your data by us for example in accordance with Art. 6 para. 1 sentence 1 lit. a or Art. 9 para. 2 lit. a GDPR you can revoke this consent at any time in accordance with Art. 7 para. 3 GDPR. If you do so we will stop processing your data but the lawfulness of the processing until the revocation remains unaffected by the revocation.
In accordance with Art. 77 GDPR you can also lodge a complaint with a supervisory authority. As a rule this should be the supervisory authority of your usual place of residence or workplace; alternatively you can also address your complaint to the supervisory authority of our company headquarters.
RIGHT OF OBJECTION
IN ACCORDANCE WITH ART. 21 GDPR YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA IF WE PROCESS YOUR PERSONAL DATA SOLELY ON THE BASIS OF OUR LEGITIMATE INTERESTS AND THERE ARE REASONS ARISING FROM YOUR PARTICULAR SITUATION. IF YOUR OBJECTION IS DIRECTED AGAINST DIRECT ADVERTISING YOU HAVE A GENERAL RIGHT TO OBJECT WITHOUT STATING SPECIFIC REASONS.
YOU CAN DECLARE YOUR OBJECTION BY SENDING AN E-MAIL TO [info@binat-businesswear.de].
Obligation/duty to provide
We need the data from the order to be able to execute the corresponding contract with you at all. If you do not provide us with the data we will unfortunately not be able to accept any orders from you and will not be able to conclude the respective contract.