Privacy Policy
Privacy Policy at a Glance
General Information
The following information provides a brief overview of what happens to your personal data when you visit this website. Personal data refers to any data that can be used to personally identify you. Detailed information on data protection can be found in the full privacy policy below.
Data Collection on This Website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator, STRATO, on our behalf. You can find our contact details in the section “Note on the Responsible Party” in this privacy policy.
How do we collect your data?
On the one hand, your data is collected when you provide it to us—for example, via a contact form.
Other data is collected automatically by our IT systems when you visit the website. This data includes primarily technical data (e.g., browser, operating system, or time of page access).
What do we use your data for?
Some of the data is collected to ensure the website is provided without errors. Other data may be used to analyze user behavior.
What rights do you have regarding your data?
In accordance with Art. 13 et seq. GDPR, you have the right to receive free information at any time about the origin, recipient, and purpose of your stored personal data. You also have the right to request correction or deletion of this data. Furthermore, under certain circumstances, you have the right to request the restriction of the processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority.
For this and any other questions regarding data protection, feel free to contact us at any time.
Analysis Tools and Third-Party Tools
Your browsing behavior may be statistically evaluated when you visit this website. This is primarily done using analysis programs. Detailed information about these tools can be found in this privacy policy if applicable.
Hosting
We host this website with:
STRATO GmbH
Otto-Ostrowski-Straße 7
10249 Berlin
Privacy policy: https://www.strato.de/datenschutz/
Our agreement with STRATO is based on a data processing contract as per Art. 28 GDPR and § 62 BDSG. This legally required agreement ensures that STRATO processes personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
The processing of personal data is based on Art. 6(1)(e) GDPR.
General Information and Mandatory Information on Data Protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.
When you use this website, various personal data are collected. Personal data is any information that can identify you personally. This privacy policy explains what data we collect and how we use it. It also explains how and for what purpose this occurs.
Please note that data transmission over the internet (e.g., via email communication) can have security vulnerabilities. Complete protection of data from third-party access is not technically possible.
Note on the Responsible Entity
The entity responsible for data processing on this website is:
Duisburg Business & Innovation GmbH
Calaisplatz 5
47051 Duisburg
Phone: +49 203 36 39 0
Email: kontakt@duisburg.business
The responsible entity is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).
Storage Duration
Unless a more specific retention period is stated in this privacy policy, your personal data will remain with us until the purpose for processing the data no longer applies. If you assert a legitimate deletion request, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, deletion will occur once these reasons no longer apply.
Legal Basis for Data Processing
All personal data collected via this website is processed based on Art. 6(1)(e) GDPR (processing is necessary for the performance of a task carried out in the public interest). Data is only transferred to third countries when third-party tools are used, which are detailed below.
Data Protection Officer
We have appointed a data protection officer for our company:
Duisburg Business & Innovation GmbH
Andree Schäfer
Calaisplatz 5
47051 Duisburg
Phone: +49 203 3639 343
Email: schaefer@duisburg.business
Note on Data Transfer to the USA and Other Third Countries
We use tools from companies based in the USA or other countries with insufficient data protection laws. If these tools are active, your personal data may be transferred to and processed in these third countries—typically including your IP address, browser identifier, and the time of website access.
Please note that these countries may not offer a data protection level comparable to that in the EU. For example, U.S. companies are obligated to provide data to authorities without legal recourse available to you. Therefore, we cannot rule out the possibility that U.S. agencies (e.g., intelligence services) may process, evaluate, and store your data on U.S. servers for surveillance purposes. We have no influence over these processing activities.
Withdrawal of Your Consent to Data Processing
Many data processing operations are only possible with your explicit consent. You can withdraw consent at any time. The legality of the data processing carried out until the withdrawal remains unaffected.
Right to Object to Data Collection in Special Cases and Direct Marketing (Art. 21 GDPR)
IF DATA PROCESSING IS BASED ON ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RELEVANT LEGAL BASIS FOR PROCESSING CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR THE PROCESSING SERVES TO ESTABLISH, EXERCISE OR DEFEND LEGAL CLAIMS (OBJECTION UNDER ART. 21(1) GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS ASSOCIATED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION UNDER ART. 21(2) GDPR).
Right to Lodge a Complaint with a Supervisory Authority
In the event of a GDPR violation, data subjects have the right to lodge a complaint with a supervisory authority, particularly in the member state of their habitual residence, workplace, or the place of the alleged infringement. This right exists without prejudice to other administrative or judicial remedies.
Right to Data Portability
You have the right to have data that we process automatically on the basis of your consent or in performance of a contract delivered to you or a third party in a commonly used, machine-readable format. If you request the direct transfer of data to another controller, this will only be done if technically feasible.
SSL or TLS Encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator. You can recognize an encrypted connection by the browser’s address bar changing from “http://” to “https://” and the lock icon appearing in your browser.
When SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.
Access, Deletion, and Correction
Within the scope of the applicable legal provisions, you have the right at any time to free access to your stored personal data, its origin and recipient, and the purpose of the data processing, as well as a right to correction or deletion of this data. You can contact us at any time regarding this or other questions on the topic of personal data.
(…continued in next message…)
(continued from previous message)
Right to Restrict Processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time to request this. The right to restrict processing applies in the following cases:
-
If you contest the accuracy of your personal data held by us, we usually need time to verify this. While the verification is ongoing, you have the right to request restriction of the processing of your personal data.
-
If the processing of your personal data was or is unlawful, you may request restriction of data processing instead of deletion.
-
If we no longer need your personal data, but you need it for the establishment, exercise or defense of legal claims, you may request restriction of the processing instead of deletion.
-
If you have objected pursuant to Art. 21(1) GDPR, a balancing of interests must take place. As long as it is not yet clear whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data has been restricted, such data—apart from being stored—may only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a member state.
Data Collection on This Website
Cookies
Our websites use “cookies.” Cookies are small text files and do not harm your device. They may be stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit. Persistent cookies remain stored on your device until you delete them yourself or your web browser deletes them automatically.
Sometimes, cookies from third-party companies may be stored on your device when you visit our website (third-party cookies). These cookies enable the use of certain third-party services (e.g., payment service cookies).
Cookies have various functions. Many cookies are technically necessary since certain website features would not function without them (e.g., shopping cart or video display). Other cookies are used to analyze user behavior or display advertisements.
Necessary cookies (those required for electronic communications or to provide certain functions you request, or to optimize the website) are stored based on Art. 6(1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies to ensure technically error-free and optimized service provision. Where consent is requested (e.g., for cookies or similar recognition technologies), processing is based exclusively on that consent (Art. 6(1)(a) GDPR and § 25(1) TTDSG); consent may be revoked at any time.
You can configure your browser to notify you when cookies are set, allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate automatic deletion of cookies when closing the browser. Disabling cookies may limit website functionality.
Where third-party or analysis cookies are used, we will inform you separately in this privacy policy and obtain consent if necessary.
Server Log Files
The provider of these pages automatically collects and stores information in so-called server log files, which your browser transmits to us automatically. These include:
-
Browser type and version
-
Operating system used
-
Referrer URL
-
Hostname of the accessing computer
-
Time of the server request
-
IP address
This data is not merged with other data sources.
This data is collected based on Art. 6(1)(e) and (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website—this requires the server log files to be recorded.
Contact Form
If you submit inquiries via the contact form, your details from the form—including contact details you provide—will be stored for the purpose of processing your inquiry and for potential follow-up questions. This data will not be shared without your consent.
Data is processed based on Art. 6(1)(e) and (f) GDPR if your request is related to the performance of a contract or required for pre-contractual measures. In all other cases, processing is based on our legitimate interest in efficiently handling inquiries directed to us (Art. 6(1)(e) and (f) GDPR).
The data you enter in the contact form remains with us until you request its deletion, revoke your consent to its storage, or the purpose for its storage ceases to apply (e.g., after your request has been completed). Mandatory legal requirements—especially retention periods—remain unaffected.
Requests via Email, Phone, or Fax
If you contact us by email, phone, or fax, your inquiry including all resulting personal data (name, request) will be stored and processed for the purpose of handling your inquiry. We do not share this data without your consent.
Data is processed based on Art. 6(1)(e) and (f) GDPR, depending on whether your request relates to a contract or is part of pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively managing inquiries (Art. 6(1)(e) and (f) GDPR).
Your data remains with us until you request deletion, revoke your consent, or the purpose for storing the data no longer applies. Mandatory legal provisions—especially retention periods—remain unaffected.
Social Media
This website uses features of the LinkedIn network. Provider: LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
When you access a page that contains LinkedIn features, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited this website using your IP address. If you click the LinkedIn “Recommend” button and are logged into your LinkedIn account, LinkedIn can associate your visit with you and your account. We have no knowledge of the content of the transmitted data or how LinkedIn uses it.
If consent was obtained, the use of the above service is based on Art. 6(1)(a) GDPR and § 25 TTDSG. Consent can be revoked at any time. If no consent is obtained, the use of the service is based on our legitimate interest in ensuring the greatest possible visibility in social media.
Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details: LinkedIn SCC.
For more information, see LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy
(continued in next message – including newsletter, plugins/tools, Google Fonts, Maps, and video conferencing tools)
(continued from previous message)
Newsletter
Newsletter Data
If you wish to receive the newsletter offered on the website, we require an email address from you and information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter. No additional data is collected or only on a voluntary basis. We use this data exclusively for sending the requested information and do not share it with third parties.
The processing of the data entered in the newsletter subscription form is based solely on your consent (Art. 6(1)(a) GDPR). You can revoke your consent to the storage of the data, the email address, and its use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of data processing operations already carried out remains unaffected by the revocation.
The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter, and will be deleted from the newsletter distribution list after you unsubscribe or once the purpose no longer applies. We reserve the right to delete or block email addresses from our newsletter distribution list at our discretion within the scope of our legitimate interest under Art. 6(1)(e) and (f) GDPR.
Data stored for other purposes remains unaffected.
After unsubscribing, your email address may be stored in a blacklist to prevent future mailings. Data from the blacklist will only be used for this purpose and not combined with other data. This serves both your interest and our interest in complying with legal requirements for newsletter distribution (legitimate interest under Art. 6(1)(f) GDPR). The blacklist storage is indefinite. You may object to the storage if your interests outweigh our legitimate interest.
Plugins and Tools
Google Web Fonts
For consistent font presentation, this website uses web fonts provided by Google. When a page is loaded, your browser downloads the required web fonts into its cache to display text and fonts correctly.
To do this, your browser must establish a connection to Google’s servers, which lets Google know your IP address was used to access this website. The use of Google Web Fonts is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the uniform presentation of the website’s typeface. If consent was requested, processing occurs exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TTDSG, as far as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) under TTDSG. This consent can be revoked at any time.
If your browser does not support web fonts, a default font will be used from your computer.
More information on Google Web Fonts:
https://developers.google.com/fonts/faq
Google’s privacy policy: https://policies.google.com/privacy
Google Maps
This site uses the Google Maps map service. Provider: Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
To use Google Maps features, your IP address must be stored. This information is typically transferred to a Google server in the USA and stored there. We have no control over this data transfer. If Google Maps is activated, Google may use Google Web Fonts to ensure uniform font display. When Google Maps is loaded, your browser also downloads the required web fonts.
The use of Google Maps is in the interest of providing an attractive online presence and easy location of the places mentioned on our website. This constitutes a legitimate interest under Art. 6(1)(f) GDPR. If consent is obtained, processing is based solely on Art. 6(1)(a) GDPR and § 25(1) TTDSG, insofar as consent includes the storage of cookies or access to device information under TTDSG. Consent may be revoked at any time.
Data transfer to the USA is based on EU Commission Standard Contractual Clauses:
https://privacy.google.com/businesses/gdprcontrollerterms/
https://privacy.google.com/businesses/gdprcontrollerterms/sccs/
More about handling user data: https://policies.google.com/privacy
Audio and Video Conferencing
Data Processing
We use online conference tools to communicate with our customers. These tools are listed below. When you communicate with us via video or audio conference, your personal data is collected and processed by us and the respective tool provider.
These tools collect data that you provide to use the service (e.g., email address, phone number). They also process metadata like conference duration, start/end times, participant count, and technical data such as IP addresses, MAC addresses, device IDs, operating systems, camera/microphone types, etc.
If content is shared, uploaded, or provided via the tools, it is stored on the tool providers’ servers. This includes cloud recordings, messages, voicemails, files, whiteboards, and other shared content.
Note that we have limited influence on how these tools process your data. The respective providers’ policies apply. See their privacy statements for details.
The use of conferencing tools is based on Art. 6(1)(b) GDPR (contractual relationships) and Art. 6(1)(f) GDPR (legitimate interest in efficient communication). If consent is obtained, use is based on Art. 6(1)(a) GDPR; consent is revocable at any time.
Data collected via these tools will be deleted once the purpose ceases, you revoke consent, or you request deletion. Cookies remain until manually deleted. Mandatory legal retention obligations remain unaffected.
We have no control over data stored by the tool providers for their own purposes. Please refer to their privacy policies.
Conference Tool Used
Microsoft Teams
We use Microsoft Teams, provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
Microsoft’s privacy policy: https://privacy.microsoft.com/de-de/privacystatement
We have signed a data processing agreement (DPA) with Microsoft as required by data protection law, ensuring that Microsoft processes personal data only in accordance with our instructions and the GDPR.