PRIVACY STATEMENT
The protection of your personal data is very important to us. We would therefore like to take this opportunity to inform you about data protection within our company. We will provide you with information about which data we collect from you and how we use it. We will furthermore inform you about your rights under applicable data protection law and advise you on whom to contact if you have any questions.
From time to time it may become necessary to update this privacy statement, for example due to new legal or regulatory requirements or new offerings on our website. In order to keep yourself informed about the current status of our data use provisions, you should visit this page regularly. You can see whether changes have been made, among other things, by the fact that the status at the very bottom of this document has been updated.
1. NAME AND ADRESS OF THE DATA CONTROLLER
We, LÖWEN ENTERTAINMENT GmbH, are to be considered the data controller within the meaning of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG) as well as other data protection provisions on our website and bear responsibility for any related data processing. Comprehensive information about our company can be found in the legal notice.
The online offering is provided for all legal entities of the LÖWEN Group. Further details can be found on the respective subpages (https://www.loewen-gruppe.de/, https://www.admiral-spielhalle.de/, https://www.admiral-gastro.de/, https://www.loewen-service.de/, https://www.loewen-system.de/, https://mynovo.de/, https://www.novodatasolutions.com/, https://novo-cash.com/, https://css.loewen-gruppe.de/, https://www.clever-entry.de/) in the linked legal notices.
LÖWEN ENTERTAINMENT GmbH
Saarlandstraße 240
D-55411 Bingen/Rhein
Tel.: +49 6721 4070
e-mail: info@loewen-gruppe.de
2. DATA PROTECTION OFFICER
Questions regarding the processing of your data can be directed to the data protection officer. You can reach the data protection officer at the following contact details:
LÖWEN ENTERTAINMENT GmbH
Data protection officer
Saarlandstraße 240
D-55411 Bingen/Rhein
E-Mail: Datenschutz@Loewen-Gruppe.de
3. GENERAL INFORMATION ON DATA PROCESSING
1. Scope of the processing of personal data
As a matter of principle, we process your personal data only to the extent that this is necessary to provide our services. Your personal data is generally only processed on the basis of your consent. An exception shall apply in cases where it is not possible to obtain prior consent due to practical reasons or where the processing of your personal data is permitted by law.
2. Legal basis for the processing of personal data
Where we obtain your consent for the processing of personal data, Art. 6 Para. 1 Item a GDPR serves as our legal basis. For the processing of personal data required for the performance of a contract between you and us, Art. 6 Para. 1 Item b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.
To the extent that the processing of personal data is required for the fulfillment of a legal obligation to which we are subject, Art. 6 Para. 1 Item c GDPR serves as the legal basis. In the event that your vital interests or the vital interests of another natural person require the processing of personal data, Art. 6 Para. 1 Item d GDPR serves as the legal basis. If the processing is necessary to protect a legitimate interest of ours or of a third party and if your interests, fundamental rights and fundamental freedoms do not outweigh such interest, Art. 6 Para. 1 Item f GDPR serves as the legal basis for the processing.
3. Deletion of data and storage period
Your personal data is deleted or blocked as soon as the purpose of its storage ceases to apply. Beyond this, storage may occur if stipulated by European or national legislation in regulations, laws or other ordinances pertaining to Union law to which we are subject. The data will also be blocked or deleted when a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.
4. Transfer of personal data to third parties and processors
As a matter of principle, we do not pass on personal data to third parties without your express consent. If, in the course of processing, we nevertheless disclose your data to third parties, transfer it to them or otherwise grant them access to the data, this is also done exclusively on the basis of one of the legal grounds mentioned.
In some cases we use carefully selected external service providers to process your data. Should data be passed on to service providers within the scope of so-called contract processing, this is done on the basis of Art. 28 GDPR. Our contract processors are carefully selected, bound by our instructions and inspected by us in regular intervals. We only commission such contract processors who offer sufficient guarantees that suitable technical and organizational measures are taken in such a way that the processing is carried out in accordance with the requirements of the GDPR and BDSG and guarantees the protection of your rights.
5. Transfer of data to third countries
The GDPR ensures an equally high level of data protection throughout the European Union. When selecting our service providers and cooperation partners, we therefore rely on European partners whenever possible if your personal data is to be processed. Only in exceptional cases will we have data processed outside the European Union or the European Economic Area when availing ourselves of the services of third parties.
We will only allow your data to be processed in a third country if the special requirements of Art. 44 ff. GDPR are fulfilled.
6. Existence of an automated decision making process
We do not engage in automatic decision making or profiling.
4. PROVISION OF THE WEBSITE AND LOG FILES
4.1. Description and scope of data processing
Whenever our website is accessed, our system, i.e. the web server, automatically collects information from the system running on the computer or end device used to access the website.
In this context, we collect the following personal data:
• IP address of the computer from which the request was sent
• Information about the browser type and version used
• The operating system of the user’s end device
• The user’s Internet service provider
• Date and time of access
• The previous website from which the user accesses our website
4.2. Legal basis for data processing
The legal basis for the temporary storage of this data and the log files is Art. 6 Para. 1 Item f GDPR (our legitimate interest as the responsible website operator).
4.3. Purpose of data processing
The temporary storage of the user’s IP address by our system is necessary to enable the website to be delivered to the user’s computer. For this purpose, the user’s IP address must necessarily remain stored for the duration of the session.
The above-mentioned data is stored in the log files in order to ensure the proper functioning of our website. In addition, we use this data to optimize the website and to ensure the security of our information technology systems (e.g. to detect attacks).
4.4 Duration of storage
The above-mentioned data is deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. This is usually the case after one month at the latest.
5. COOKIES
When you visit our website, our “cookie banner” informs you that we use cookies. Cookies are small text files that are stored on your end device (laptop, smartphone, tablet or similar) when you visit our website.
Technically required cookies
5.1 Description and scope of data processing
These cookies are required for the proper functioning of our website and cannot be deactivated in our systems. Cookies store information such as your language setting, the duration of your visit to our website, or the information that you enter there.
5.2 Legal basis for data processing
The legal basis for processing is Art. 6 Para. 1 Item f GDPR (our legitimate interest as the data controller). Without the use of these cookies, it is technically impossible for you to access and use the website.
5.3 Purpose of data processing
The use of technically required cookies serves to simplify your use of our website. Several functions of our website cannot be offered without the use of cookies. For these, your browser needs to be recognized even after switching to another page. Your personal data will not be processed in any other way.
5.4 Storage period
Your personal data is deleted as soon as it is no longer necessary to achieve the purpose for which it was processed. In our case, this is after 12 months.
5.5 Right of appeal
You can delete cookies that have already been stored on your end device at any time. If you wish to prevent the use of cookies, you can refuse to accept cookies in your browser. For full details on how this works, please read the instructions made available by the provider of your browser.
6. CONTACT FORM AND CONTACT BY E-MAIL
6.1 Description and scope of data processing
We can be contacted via our contact form as well as the e-mail address provided. In this case, the personal data of the sender that is transmitted together with the request is stored.
6.2 Legal basis for data processing
The legal basis for processing is Art. 6 Para. 1 Item f GDPR (our legitimate interest as the data controller). If the purpose of the contact is to conclude a contract, Article 6 Para. 1 Item b GDPR is an additional legal basis for the processing.
6.3. Purpose of data processing
The processing of this personal data solely serves the purpose of allowing us to process the contact.
6.4 Duration of storage
We will delete your data that we have received in the course of contacting us as soon as it is no longer required for the purpose for which it was collected, i.e. your request has been fully processed and no further communication with you is necessary or desired by you..
6.5 Right of appeal
You can object to the processing of data at any time. The appeal should be sent to the following e-mail address: info@loewen-gruppe.de
In this case, all personal data stored in the course of the contact will be deleted. We may, however, not be able to process your requests completely.
7. INFORMATION ABOUT GOOGLE SERVICES
We use various services provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
By integrating Google services, Google may process personal data. In this context, it cannot be ruled out that this data may also be processed outside the EU/EEA in a so-called third country.
For data transfers to third countries, the GDPR provides, among other things, that the EU Commission may determine the level of data protection in any such third country.
Further information can be found at https://policies.google.com/privacy/frameworks?gl=de
You will find more detailed information on the individual services provided by Google in the further provisions of the privacy statement below.
Tracking by Google Analytics
7.1 Google Analytics
Provided that you have given your consent, this website will use Google Analytics, a web analysis service operated by Google LLC. The competent service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
7.2 Scope of the processing
Google Analytics uses cookies that enable an analysis of your use of our website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
We use the “anonymizeIP” function (so-called IP masking): As a result of the activation of IP anonymization on this website, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. It is only in exceptional cases that the full IP address is transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser through Google Analytics is not associated with other Google data.
During your visit to our website, the following data, among others, is recorded:
• the pages you have accessed, your “click path”
• the achievement of “website objectives” (conversions, e.g. downloads, orders)
• your user behavior (e.g. clicks, dwell time, bounce rates)
• your approximate location (region)
• your IP address (in truncated form)
• technical information about your browser and the end devices you use (e.g. language settings, screen resolution)
• your Internet Service Provider
• the referrer URL (through which website/advertising media you arrived at this website)
• the referrer URL (through which website/advertising media you arrived at this website)
7.3 Purpose of the processing
Google will use this information on behalf of the operator of this website to evaluate your use of the website and to compile reports about website activity. The reports provided by Google Analytics serve to analyze the performance of our website.Google will use this information on behalf of the operator of this website to evaluate your use of the website and to compile reports about website activity. The reports provided by Google Analytics serve to analyze the performance of our website.
7.4 Recipient
The recipient of the data is
• Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland as the contract processor. For this purpose, we have entered into a processing contract with Google. Google LLC, based in California, USA, and, where applicable, US authorities may have access to the data stored by Google.
7.5 Transfer to third countries
It cannot be ruled out that data may be transferred to the USA.
7.6 Storage period
The data sent by us and linked to cookies is automatically deleted after 14 months. Data that has reached its retention period is automatically deleted once a month.
You can also prevent the data generated by the cookie and related to your use of the website (including your IP address) from being sent to Google as well as the processing of this data by Google by
a) not giving your consent to the setting of the cookie or
b) downloading and installing the browser add-on for the deactivation of Google Analytics HERE.
You can also prevent the storage of cookies by adjusting the settings of your browser software accordingly. However, if you configure your browser to reject all cookies, you may experience limited functionality on this and other websites.
7.7 Legal basis and right of withdrawal
Legal basis for data processing is your consent as per Art. 6 Para 1 Item a GDPR. You can withdraw your consent at any time with effect for the future by accessing your cookie settings and changing your selection there.
For more information about Google Analytics’ terms of use and Google’s privacy policy, please visit https://www.google.com/analytics/terms/de.html and https://policies.google.com/?hl=de.
USE OF GOOGLE TAG MANAGER
7.8 Description and scope of data processing
Google Tag Manager is a service provided by Google Ireland Limited. The Google Tag Manager allows for a simplified integration of various scripts for web analysis and remarketing into your own website. This is not a tracking service in the strict sense of the term. The Google Tag Manager only passes on data and does not process it on its own.
No personal data is processed.
7.9 Further information on data processing
Google Ireland Limited is responsible for further data processing. Further information is available at: http://www.google.de/tagmanager/use-policy.html
Use of Google Fonts
7.10 Description and scope of data processing
We use Google Fonts to ensure the uniform appearance of fonts. When accessing a page, the user’s browser loads the required web fonts into its own browser cache in order to display texts and fonts correctly. For this purpose, the user’s browser must connect to Google’s servers. Through this, Google is informed that our website has been accessed from the user’s IP address.
7.11 Legal basis for data processing
The inclusion of Google Fonts is necessary for the customized design of our website. This also constitutes our interest in data processing under Art. 6 Para. 1 Item f GDPR (our legitimate interest as the data controller).
7.12 Further information on data processing
Google Ireland Limited is responsible for further data processing. Further information is available at: https://policies.google.com/privacy and https://developers.google.com/fonts/faq.
Use of YouTube
We have embedded YouTube videos into our website, which are stored at https://www.youtube.com and can be played directly from our website. The videos are all embedded in “enhanced privacy mode”, which means that no data about you as a user will be transferred to YouTube if you do not play the videos. Only when you play the videos will the data listed under “Provision of the website and log files” be transmitted. We have no influence on this data transmission.
Further information on the purpose and scope of data processing can be obtained from Google (as the operator of YouTube) at https://policies.google.com/technologies/types?hl=de&gl=de. The YouTube privacy guide can be found here: https://policies.google.com/technologies/product-privacy?hl=de&gl=de.
The integration of YouTube gives the user the opportunity to retrieve videos and, if necessary, to use the functionalities of YouTube. Our aim in doing this is to improve our offer. Legal basis for the processing is Art. 6 Para 1 Item f GDPR.
8. OTHER WEB SERVICES
8.1 Use of Vimeo
In addition to YouTube, we also use Vimeo as an external video provider on this website. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA. The integration of the videos means that a connection to the Vimeo servers is established when they are accessed. In doing so, the Vimeo server is informed about which of our pages you have visited. Vimeo also obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the USA. If you are logged in to your Vimeo account, you allow Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account.
You can find more information on how your user data is handled in Vimeo’s privacy policy: vimeo.com/privacy.
The integration of Vimeo gives the user the opportunity to retrieve videos and, if necessary, to use the functionalities of Vimeo. Our aim in doing this is to improve our offer. Legal basis for the processing is Art. 6 Para 1 Item f GDPR.
8.2 Special information on the use of data for registration and participation in our chat function
Use of the live chat system “Tidio” (Tidio Ltd.)
In order to answer your questions as quickly as possible, we use the Tidio Chat function provided by Tidio Ltd UK, 220C Blythe Road, W14 OHH, London, on our product website.
If you have questions about our products or services, you can reach us via the displayed Tidio chat window and send us a message. In order to start the chat, we need your e-mail address and name. All online chats conducted via this external online service are sent to the operator’s servers in the UK and processed there. Please note that as soon as you access our websites, a connection to the Tidio servers is established and information about your browser, location and operating system may be sent. If you want to prevent this, you must deactivate JavaScript in your browser.
We use the data exclusively in order to process the conversation. We delete the data arising in this context as soon as the processing is no longer necessary, or limit the processing to compliance with the existing legally binding retention obligations. Legal basis for the processing is Art. 6 Para 1 Item f GDPR (legitimate interest). We carry out the above-mentioned processing for the purpose of effective customer care and to enhance our services.
We have no knowledge of the storage period at Tidio and have no influence on it. Further information on privacy can be found at https://www.tidio.com/privacy-policy/.
In addition, the LÖWEN Group’s general privacy statement applies.
9. LINKS TO WEBSITES OF OTHER PROVIDERS
Our websites may contain links to websites of other providers which are not covered by this privacy statement. Where the use of other providers’ websites involves the processing of personal data, please refer to the privacy policies of the respective providers.
10. Categories of recipients
Within our company, only those positions and departments receive personal data that require it to fulfill the aforementioned purposes. In addition, we sometimes use different service providers and transfer your personal data to other trustworthy recipients. These might be, for example:
• Hosting service providers for the operation of our servers
• Development service providers for programming, development, maintenance and support of software applications
• Social media operators for the provision of social plugins
• HR service providers to support us in the selection of applicants
• Cooperation partners
If external contract processors are used, they are contractually bound pursuant to Article 28 GDPR.
11. RIGHTS OF DATA SUBJECTS
In connection with our processing of your personal data, you have the following rights:
11.1 Right of information
You have a right of information regarding the personal data stored about you. In addition, you are entitled to be informed about the information listed in Art. 15 GDPR.
11.2 Right to rectification and right to deletion
You also have the right to rectify incorrect personal data and to complete incomplete personal data in accordance with Art. 16 GDPR and also to delete your personal data, if the requirements of Art. 17 GDPR are met.
11.3 Right to restriction of the processing
You can restrict the processing of your personal data under the conditions set out in Art. 18 GDPR
11.4 Right to deletion
If one of the reasons set out in Art. 17 Para. 1 GDPR applies, you can demand that we delete the personal data relating to you without delay, unless an exemption from the obligation to delete exists in accordance with Art. 17 Para. 3 GDPR.
11.5 Right to notification
If you have asserted your right to rectification, deletion or restriction of the processing against us, we are obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or deletion of the data or restriction of the processing, unless this proves to be impossible or would involve a disproportionate effort.
You have the right to be informed by us of these recipients.
11.6 Right to data portability
Pursuant to Art. 20 GDPR, you have the right to receive from us the personal data concerning you in a machine-readable format, and to transmit the data to another data controller without hindrance, provided that the conditions of Art. 20 Para. 1 Item a GDPR are met, or to have your personal data transmitted directly by us to another data controller, provided that this is technically feasible and does not infringe the freedoms and rights of other persons. This right does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
11.7 Right of objection
Pursuant to Art. 21 GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation, provided that this is done on the basis of Art. 6 Para. 1 Item e or Item f GDPR. In the event of such an objection, we will no longer process this data, unless we can prove that there are compelling reasons for processing worthy of protection which outweigh your interests, rights and freedoms, or that the processing serves the assertion, exercise or defense of legal claims.
11.8 Right to revocation of the declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time by making a declaration to the LÖWEN Group. The revocation of consent does not affect the legality of the processing that has taken place on the basis of the consent up until the revocation.
11.9 Right to lodge a complaint with a supervisory authority
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates data protection law.
A list of the supervisory authorities can be found at https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Privacy statement dated 24 September 2020