Data protection
ACCORDING TO THE GDPR
I. Name and address of the responsible person
The person responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is the:
CPI GmbH
Tax ID: DE 223 568 934
Managing Director: Chris Malley
Address: Birkstraße 10 | 25917 Leck
Policy statement on the core labor standards of CPI books GmbH
Data Protection Team: FKC-Consult GmbH
Office Hamburg:
Hans-Henny-Jahn-Weg 15
22085 Hamburg
Phone + 49 40 413 463 31-0
Fax: + 49 40 413 463 31-1
You can find more information about FKC-Consult GmbH finden Sie here.
II. General information about data processing
1. Extent of processing of personal data
In principle, we process personal data of our users only to the extent necessary for the provision of a functional website and our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies to cases in which prior consent is not possible for reasons of fact and the processing of the data is permitted by law.
2. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (DSGVO) as legal basis.
In the processing of personal data necessary for the performance of a contract of which the data subject is a party, Art. 6 para. 1 lit. b DSGVO as legal basis. This also applies to processing operations required to carry out pre-contractual measures.
Insofar as the processing of personal data is required to fulfill a legal obligation that our company is subject to, Art. 6 para. 1 lit. c DSGVO as legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO as legal basis.
If processing is necessary to safeguard the legitimate interests of our company or a third party, and if the interest, fundamental rights and freedoms of the data subject do not prevail over the first interest, Art. 6 para. 1 lit. f DSGVO as legal basis for processing.
3. Data erasure and storage duration
The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage is deleted. In addition, it may be stored if provided for by the European or national legislator in EU regulations, laws or other regulations to which the controller is subject. Blocking or deletion of the data also takes place when a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for conclusion of a contract or fulfillment of the contract.
4. Recipients or categories of recipients
Your personal data will not be transferred to third parties for purposes other than those listed below.
We will only share your personal information with third parties if:
- you have given your express consent to this,
- the disclosure is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
- in the event that a legal obligation exists for the disclosure, and
- this is legally permissible and necessary for the processing of contractual relationships with you.
Exceptions to this rule (e.g.: by third-party providers) can be found in this privacy notice.
5. Transfer to a third country or an international organization
The responsible party does not actively transfer data to a third country or an international organization. Exceptions to this rule (e.g.: by third-party providers) can be found in this data protection notice.
6. Your data subject rights
If personal data of a user is processed, he is a "data subject" within the meaning of the GDPR. He or she is entitled to the following rights vis-à-vis us as the controller:
- Right to information
- Right to rectification or erasure
- Right to restriction of processing
- Right to data portability
- Right to object to processing
Bitte wenden Sie sich zur Ausübung der aufgeführten Rechte an den Ansprechpartner in Sachen Datenschutz unter:
(see contact button above)
Revocation of consent
If you have given us consent for data processing, you have the right to revoke this consent at any time. Please address the revocation of consent to: (see contact button above)
Complaint to a supervisory authority
If you are of the opinion that a processing of data concerning you violates data protection regulations, you have the right to complain to a supervisory authority.
Automated decision making including profiling
We do not use profiling on our website.
To exercise the rights listed, please contact the data protection contact at: (see contact button above)
III. Provision of the website and creation of log files
1. Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the calling computer.
The following data is collected here:
- Information about the browser type and version used
- The operating system of the user
- The IP address of the user
- Time zone and, if applicable, the location
- The subpages accessed on the website
- The date and time of the call of the web page
- The amount of data transferred
The data is also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place.
2. Legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f DSGVO. Our legitimate interest follows from the data collection purposes listed above.
3. Purpose of data processing
The aforementioned data will be processed by us for the following purposes:
- Ensuring a smooth connection of the website,
- Ensuring a comfortable use of our website,
- Evaluation of system security and stability, and
- for other administrative purposes.
4. Duration of storage
The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection. In the case of collecting the data for providing the website, this is the case when the respective session is completed.
In the case of storing the data in log files, this is the case after no more than seven days. An additional storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.
5. Opposition and removal possibility
The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no contradiction on the part of the user.
IV. Hosting
1. Description and scope of data processing
This website is hosted by an external hoster PixelX. All data that we collect to operate our website is stored on the hoster's server. This is mainly the login data (see above), but also the communication with our customers and all other data that we process in connection with our website.
The hoster is contractually obligated to process the data only as required to fulfill its service obligations.
2. Purpose of data processing
In the case of potential customers, the data is processed for the purpose of fulfilling or initiating the contract. Otherwise, based on a consideration of interests. Here, we pursue the legitimate interest of providing our website in an up-to-date and secure manner.
The purpose of data processing is to provide our website.
3. Legal basis of data processing
The legal basis for data processing is Art. 6 para. 1 lit. b DSGVO, Art. 6 para. 1 lit. f DSGVO.
V. Contact form and e-mail contact
1. Description and scope of data processing
On our website is a contact form available, which can be used for electronic contact. If a user realizes this possibility, the data entered in the input mask is transmitted to us and stored. These data are:
- Name
- Phone
- Topic
- Business
- Message
At the time of sending the message, the following data is also stored:
- The IP address of the user
- Date and time of registration
For the processing of the data, your consent is obtained during the sending process and reference is made to this privacy policy.
Alternatively, contact via the provided e-mail address is possible. In this case, the user's personal data transmitted by e-mail will be stored.
There is no disclosure of data to third parties in this context. The data is used exclusively for processing the conversation.
2. Legal basis for data processing
Legal basis for the processing of the data is in the presence of the consent of the user Art. 6 para. 1 lit. a GDPR.
The legal basis for the processing of the data transmitted in the course of sending an e-mail is Article 6 (1) lit. f DSGVO. If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.
3. Purpose of data processing
The processing of the personal data from the input mask serves us only to process the contact. In the case of contact via e-mail, this also includes the required legitimate interest in the processing of the data.
The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
4. Duration of storage
The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection. For the personal data from the input form of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation ends when it can be inferred from the circumstances that the matter in question has been finally clarified.
The additional personal data collected during the sending process will be deleted at the latest after a period of seven days.
5. Opposition and removal possibility
The user has the opportunity to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he may object to the storage of his personal data at any time. In such a case, the conversation can not continue.
All personal data stored in the course of contacting will be deleted in this case.
VI. Registration option
The purpose of data processing is the provision of special content for registered visitors. The legal basis results from Art. 6 para. 1 lit. f DSGVO.
VII. Newsletter
The purpose of the data processing is to provide up-to-date information.
For existing customers, we send the newsletter based on a weighing of interests. In doing so, we pursue the legitimate interest of informing our customers about our services and related developments. The legal basis here is Art. 6 para. 1 lit. f DSGVO.
For sending, we use the following provider: MailChimp a brand of "The Rocket Science Group, LLC", 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA.
Privacy policy of MailChimp can be found at: https://mailchimp.com/de/gdpr/
You can unsubscribe at any time by using the unsubscribe option contained in the newsletter.
VIII. Analysis tools
In detail, these are the following cookies:
| Cookie-Name | Purpose/Function | Storage duration (Until the end of the session or concrete time specification) |
| wpl_user_preference | This cookie is necessary to remember the selection of cookies that you accept | 1 month |
| swpm_session | Session cookie for the internal (login) areas of cpi-print.de | 1 day |
| fuerNewsletterAngemeldet | Saves an already occurred insertion of the hint to the CPI Newsletter Service. | 1 year |
| rbrDesign | Saves the selected design of the back width calculator | 1 year |
| _gid | A cookie used by Google Analytics to distinguish between users | 1 day |
| _ga | A cookie used by Google Analytics to distinguish between users | 2 years |
| __qca | A cookie used by Google Analytics to distinguish between users | 1 year |
| _gat_gtag_UA_155730405_1 | Session cookie for Google Analytics | 1 day |
IX. Tracking tools (data processing)
The data processing described below is only used if you have given us your consent to do so. This consent is obtained by us when you call up the website via the cookie consent manager in the "data protection settings". The data protection settings are managed by you.
The following data processing will only be used if you make the intended selection in the data protection settings in the corresponding categories by operating the activation button.
In our Cookie-Consent-Manager you can adjust your data protection settings at any time according to your needs and make changes. You can revoke your consent at any time by deactivating the data processing function in the privacy settings by pressing the activation button again.
The respective data processing purposes and data categories can be seen from the following data processing.
1. Google Tag Manager
We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any independent analyses. It only serves to manage and play out the tools integrated via it. However, the Google Tag Manager records your IP address, which may also be transmitted to Google's parent company in the United States.
The use of the Google Tag Manager is based on Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in a fast and uncomplicated integration and management of various tools on his website.
2. Google Analytics
This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyze the behavior of website visitors. In doing so, the website operator receives various usage data, such as page views, dwell time, operating systems used and the origin of the user. This data is assigned to the respective end device of the user. An assignment to a user ID does not take place.
Furthermore, we can use Google Analytics to record your mouse and scroll movements and clicks, among other things. Furthermore, Google Analytics uses various modeling approaches to supplement the data records collected and uses machine learning technologies in data analysis.
Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.
The use of this service is based on your consent according to Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG. The consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.
The company has a certification according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
Browser Plugin
You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
For more information on how Google Analytics handles user data, please see Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.
X. Integration of external content and service providers
Integration reCAPTCHA
To protect input forms on our site, we use the service "reCAPTCHA" of the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4), hereinafter "Google". The use of this service makes it possible to distinguish whether the corresponding input is of human origin or misused by automated machine processing.
To our knowledge, the referrer URL, the IP address, the behavior of website visitors, information about the operating system, browser and dwell time, cookies, display instructions and scripts, the input behavior of the user, as well as mouse movements in the area of the "reCAPTCHA" checkbox are transmitted to "Google".
If you want to prevent this transmission and storage of data about you and your behavior on our website by "Google", you must log out of "Google" before you visit our site or use the reCAPTCHA plug-in.
The use of the service "reCAPTCHA" obtained information is in accordance with the Google Terms of Use: https://www.google.com/intl/de/policies/privacy/.
As the site operator, we have a legitimate interest in determining whether the input is made by a human, Art. 6 para. 1 lit. f DSGVO.
The purpose of the data processing is to determine whether the input is not made by machine.
2. integration of videos via Youtube
On our website it may happen that we embed Youtube videos. To ensure that these can be viewed in a privacy-friendly manner, we have implemented the so-called "two-click solution" or user-friendly button. This means that the content of the video can only be viewed if either consent is given by you within our Consent Tool, or you consciously click on the video. In this case, a cookie is set.
The operator of the corresponding plugin is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you watch the video, a connection to YouTube servers is established. This tells Youtube which pages you are visiting. If you are logged into your Youtube account, Youtube can assign your surfing behavior to you personally. You can prevent this by logging out of your Youtube account beforehand.
If you have deactivated the storage of cookies for the Google ad program, you will not have to deal with such cookies when watching Youtube videos. However, Youtube also stores non-personal usage information in other cookies. If you would like to prevent this, you must block the storage of cookies in the browser.
For more information on data protection at "Youtube", please refer to the provider's privacy policy at: https://www.google.de/intl/de/policies/privacy/
XI. Privacy policy for social networks
LinkedIn: https://de.linkedin.com/company/cpi-print-books-deutschland
The providers of the various platforms are primarily responsible for providing the data subject with information about the processing operations and enabling him to exercise his data protection rights. Irrespective of this, we would like to inform you herewith about our appearances on social networks. We recommend that you do not send us any sensitive data via these profiles. Please use a direct communication channel for this purpose.
All data that you enter on our social network profiles (e.g.: comments, pictures, private messages, etc.) are published by the platform operators and can be used by us.
The legal basis for this is the legitimate interest from Art. 6 para. 1 lit. f DSGVO. Processing purposes via CPI - accounts with our visitors can be as follows: public relations, a timely information as well as interaction opportunity and contact with network users/applicants (including via LinkedIn).
Data processing by the operators of social networks
When our profiles are called up, data is processed by the operator of the platform. The form in which this happens cannot be influenced or viewed by us. However, the procedure usually depends on whether you yourself are registered with the platform. It is possible that the providers process the data outside the EU, so that we cannot guarantee a data protection-compliant procedure according to the GDPR.
You can find more information about the data processing of the individual platform providers in their privacy policy:
LinkedIn: social network; service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Privacy policy: https://www.linkedin.com/legal/privacy-policy; Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.