PRIVACY POLICY

Name: Deutsche Nachhaltigkeit
Price range: $

Privacy Information for the Website

Please note: This is an English translation provided for information and convenience only. The German-language version of this privacy information is the legally binding text. In the event of any discrepancy or inconsistency between the two versions, the German version shall prevail.

Controller within the meaning of the GDPR

DN Group AG
Opernturm
Bockenheimer Landstraße 2-4
60306 Frankfurt am Main, Germany

Phone: +49 69 408027270

Email: info(a)dn-ag.com

Contact details of the Data Protection Officer

LOROP GmbH
Elsa Mirapeix
Landgrafenstraße 16
10787 Berlin, Germany

Phone: 030 330 96 26 -27

Email: datenschutz(a)lorop.de

Your rights as a data subject

You have the right:

to request information about the data we have stored about you (Art. 15 GDPR),
to request the rectification of incorrect or incomplete data (Art. 16 GDPR),
to request the erasure of your stored data, provided that no statutory retention obligations preclude this (Art. 17 GDPR),
to request the restriction of processing (Art. 18 GDPR),
to receive your data in a structured, commonly used and machine-readable format (Art. 20 GDPR),
to revoke any consent given at any time with effect for the future. The lawfulness of the processing carried out on the basis of the consent up to the point of revocation remains unaffected by the revocation (Art. 7 (3) GDPR),
to object to the processing (Art. 21 GDPR),
to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).

Server log files

When you use our website, we process personal data to the extent necessary for the technical provision of the website, to ensure security and stability, and to provide individual functions:

IP address of the requesting device,
date and time of access,
name and URL of the file retrieved,
website from which access is made (referrer URL),
browser used and, where applicable, the operating system of your computer as well as the name of your access provider.

The legal basis for this is our legitimate interest in the technical provision and stability of the website pursuant to Art. 6 (1) (f) GDPR.

This information is stored temporarily in what is known as a log file, generally for a period of 7 days.

Hosting

For the technical provision and maintenance of our website, we use BAM Communication GmbH (Ritterstraße 8, 10969 Berlin) as a service provider. In doing so, it may occur that this web agency gains knowledge of personal data, in particular technical access data, server log files, or data transmitted in the context of a contact request.

The web agency processes personal data on our behalf on the basis of a data processing agreement pursuant to Art. 28 GDPR and, for the hosting of our website, uses the hosting service provider Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany, as a sub-processor.

The legal basis for the processing of personal data in connection with hosting is Art. 6 (1) (f) GDPR (legitimate interest in the secure, stable, reliable and efficient provision of the website).

Your personal data is processed by us exclusively in data centres located in the European Union.

Cookies and similar technologies

Our website uses cookies and similar technologies. Cookies are small pieces of information that can be stored on your device. Local storage and session storage are storage areas within your browser. Local storage can store information permanently until it is deleted. Session storage generally stores information only for the duration of the respective browser session.

a) Necessary cookies and similar technologies

Necessary cookies are required for the technical provision, security, and management of consents. These include, in particular, cookies and similar technologies from:

Cloudflare Turnstile (Cloudflare Germany GmbH, c/o Design Offices München Atlas, Rosenheimer Straße 143C – 8th floor, 81671 Munich)

Privacy information: https://www.cloudflare.com/turnstile-privacy-policy/

We use Cloudflare Turnstile on this website. This cookie is used to distinguish between humans and bots. This serves to protect our website from spam, abuse and automated attacks, in particular when forms are used.

In this context, personal data may be transferred to servers in the USA (Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA). For the USA, an adequacy decision of the EU exists only insofar as the respective recipient is certified under the EU-U.S. Data Privacy Framework. Cloudflare is currently certified under the Data Privacy Framework: https://www.dataprivacyframework.gov/list

Cookiebot by Usercentrics (Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark)

Privacy information: https://www.cookiebot.com/de/privacy-policy/

We use Cookiebot by Usercentrics on this website to obtain, manage and document visitors' consent to the use of cookies and comparable technologies. Cookiebot stores the user's consent status for cookies on the current domain. This allows the selected privacy settings to be saved and taken into account on subsequent page visits.

In this context, technical information may be processed, in particular your IP address, browser and device information, the URL accessed, the date and time of the visit, the consent status, and information on the selected cookie categories.

The processing generally takes place within the European Union or the European Economic Area.

Vimeo / technically required security cookies (Robert Niedermeier Cyberlegis-RA GmbH, Maximilianstr. 13, 80539 Munich, Germany)

Privacy information: https://vimeo.com/legal/privacy/policy

We use Vimeo on this website to embed and play video content. In connection with the provision of the Vimeo player, technically required security cookies may be set. These cookies are used to distinguish between humans and bots. This is necessary in order to protect the website and embedded video content from automated access, abuse and attacks.

In this context, technical information may be processed, in particular your IP address, browser and device information, operating system, referrer URL, time of visit, and information on the use of the embedded Vimeo player. The processing also serves to create valid reports on the use of the website and to ensure the technical security and functionality of the website.

Individual cookies may form part of Cloudflare's services. These services include, in particular, load balancing, the provision of website content, the defence against automated access, and the provision of a DNS connection for website operators.

In this context, personal data may be transferred to servers in the USA (Vimeo.com, Inc., 330 West 34th Street, 10th Floor, New York, NY 10001, USA). For the USA, an adequacy decision of the EU exists only insofar as the respective recipient is certified under the EU-U.S. Data Privacy Framework. Vimeo is currently certified under the Data Privacy Framework: https://www.dataprivacyframework.gov/list

The use of necessary cookies and similar technologies is based on Section 25 (2) TDDDG. Insofar as personal data is processed in this context, the processing is carried out on the basis of Art. 6 (1) (f) GDPR. Our legitimate interest lies in the secure, stable and functional provision of our website as well as in the legally compliant management of consents.

Further information on the respective cookies and their storage periods can be found in our cookie consent tool. There, you can view, change or revoke your consents for consent-based services at any time with effect for the future.

Important note: Necessary cookies cannot be deactivated via the cookie consent tool, as they are required for the operation of our website.

b) Statistics cookies

On our website, we use statistics cookies in order to evaluate the use of our website, measure reach, and continuously improve our offering. These cookies can in particular process page views, time spent, user interactions, source pages, and technical information about the device used. These include, in particular, cookies from:

Google Analytics (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland)

Privacy information: https://business.safety.google/privacy/

We have extended Google Analytics on this website with the code "anonymizeIP", so that your IP address is truncated within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area prior to transmission. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. The IP address transmitted by your browser is not merged with other Google data.

In this context, personal data may be transferred to servers in the USA (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). For the USA, an adequacy decision of the EU exists only insofar as the respective recipient is certified under the EU-U.S. Data Privacy Framework. Google is currently certified under the Data Privacy Framework: https://www.dataprivacyframework.gov/list

Jotform (Jotform Ltd., 6 Albert Mews, Albert Road, London, United Kingdom, N4 3RD)

Privacy information: https://www.jotform.com/de/gdpr-compliance/

We use Jotform to provide and evaluate online forms on this website. When you complete and submit a corresponding form, the data you enter, your IP address, and other technical information are transmitted to Jotform and processed there on our behalf. This data is used for internal analyses and to optimise the website.

In this context, personal data may be transferred to servers in the USA (Jotform Inc., 111 Pine St. Suite 1815, San Francisco, CA 94111, USA). For the USA, an adequacy decision of the EU exists only insofar as the respective recipient is certified under the EU-U.S. Data Privacy Framework. Jotform is currently certified under the Data Privacy Framework: https://www.dataprivacyframework.gov/list

Statistics cookies are only used if you have previously given your consent via our cookie consent tool. The legal basis for storing information on your device or accessing information on your device is Section 25 (1) TDDDG. The legal basis for the subsequent processing of personal data is Art. 6 (1) (a) GDPR.

Further information on the respective cookies and their storage periods can be found in our cookie consent tool. There, you can view, change or revoke your consents at any time with effect for the future.

c) Marketing cookies and comparable technologies

On our website, we use marketing cookies and comparable technologies in order to provide embedded content, evaluate the use of this content, and display or optimise content based on usage. These include, in particular, cookies and comparable technologies from:

Jotform (see Jotform above)

We use Jotform to provide online forms on this website. In connection with the use of the forms, marketing cookies may be used. These record information about how the visitor arrived at the website, for example via a link, a search engine or an advertisement. This information is used by the website operator to determine the effectiveness of marketing measures.

In this context, technical information may be processed, in particular your IP address, browser and device information, referrer URL, time of visit, and information on the origin of the visitor.

YouTube (see Google above).

We use YouTube on this website to embed and play video content. In connection with the display and use of embedded YouTube videos, cookies and comparable technologies may be used. These serve to provide video content, technically enable playback, and record information about the use of the embedded videos.

Marketing cookies and comparable technologies are only used if you have previously given your consent via our cookie consent tool. The legal basis for storing information on your device or accessing information on your device is Section 25 (1) TDDDG. The legal basis for the subsequent processing of personal data is Art. 6 (1) (a) GDPR.

Contacting us

If you contact us by email or via our contact form, we process the personal data you provide generally only to handle and respond to your enquiry and for the purposes for which you provided the data to us. Processing of data for other purposes is only considered if the legal requirements pursuant to Art. 6 (4) GDPR are met. Any information obligations under Art. 13 (3) GDPR and Art. 14 (4) GDPR will, of course, be observed in such a case.

The legal basis for the processing of personal data is generally, unless there are more specific legal provisions, Art. 6 GDPR. The following possibilities in particular come into consideration here:

Consent, Art. 6 (1) (a) GDPR
Data processing for the performance of contracts, Art. 6 (1) (b) GDPR
Data processing for the fulfilment of a legal obligation, Art. 6 (1) (c) GDPR
Data processing on the basis of a balancing of interests, Art. 6 (1) (f) GDPR

If personal data is processed on the basis of your consent, you have the right to revoke your consent at any time vis-à-vis us with effect for the future. If we process data on the basis of a balancing of interests, you as the data subject have the right, taking into account the provisions of Art. 21 GDPR, to object to the processing of the personal data.

We process the data for as long as this is necessary for the respective purpose. Insofar as statutory retention obligations exist, e.g. under commercial law or tax law, the personal data concerned will be stored for the duration of the retention obligation. After the retention obligation has expired, it is checked whether there is a further need for processing. If there is no longer a need, the data is deleted. As a general rule, towards the end of a calendar year we review data with regard to the need for further processing.

Your personal data is generally only passed on to third parties if this is necessary for the performance of the contract with you, the disclosure is permissible on the basis of a balancing of interests within the meaning of Art. 6 (1) (f) GDPR, we are legally obliged to disclose it, or you have given your consent in this respect.

Social media

For data processing in connection with our social media presences, DN Group AG is primarily the controller.

For certain processing operations, we act jointly with the respective platform operator as joint controllers within the meaning of Art. 26 GDPR.

Please note that when you visit our social media pages, personal data is also processed by the respective platform operator. In our case, this concerns Facebook, Instagram, LinkedIn, and X.

a) Facebook and Instagram

(Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)

Meta processes users' personal data for profiling, analysis and advertising, including the use of cookies and similar technologies. This is carried out under Meta's own data protection responsibility.

Meta is certified under the EU-U.S. Data Privacy Framework. A transfer to the USA is therefore carried out on the basis of the adequacy decision of the EU Commission. Insofar as individual data processing operations are not covered by this certification, the transfer is carried out on the basis of the EU Commission's standard contractual clauses. Despite these measures, a residual risk may exist with regard to the enforcement of your rights in the USA. Furthermore, it cannot be ruled out that processing by Meta Platforms Ireland Ltd. also takes place via Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, in the USA.

b) LinkedIn

(LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland)

LinkedIn processes users' personal data for profiling, analysis and advertising, including the use of cookies and similar technologies. This is carried out under LinkedIn's own data protection responsibility.

LinkedIn is certified under the EU-U.S. Data Privacy Framework. A transfer to the USA is therefore carried out on the basis of the adequacy decision of the EU Commission. Insofar as individual data processing operations are not covered by this certification, the transfer is carried out on the basis of the EU Commission's standard contractual clauses. Despite these measures, a residual risk may exist with regard to the enforcement of your rights in the USA. Furthermore, it cannot be ruled out that processing also takes place via the operating company LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, in the USA.

c) X

(X Internet Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02, AX07, Ireland)

X processes users' personal data to provide the platform, for profiling, analysis, personalisation and advertising, including the use of cookies and similar technologies. This is carried out under X's own data protection responsibility.

X is certified under the EU-U.S. Data Privacy Framework. A transfer to the USA is therefore carried out on the basis of the adequacy decision of the EU Commission. Insofar as individual data processing operations are not covered by this certification, the transfer is carried out on the basis of the EU Commission's standard contractual clauses. Despite these measures, a residual risk may exist with regard to the enforcement of your rights in the USA. Furthermore, it cannot be ruled out that processing by X Internet Unlimited Company also takes place with the involvement of X Corp., 865 FM 1209, Building 2, Bastrop, TX 78602, USA.