Privacy

Data protection


Status: December 17, 2020


1. Name and contact details of the person responsible

train Gesellschaft für Personalentwicklung mbH

Reuterstraße 20

53113 Bonn

Tel .: 0228 243900

Email: train.bonn@train.de


2. Contact details of the data protection officer

Riske IT GmbH

Mr. Pascal Riske

Keldenicher Strasse 23

50389 Wesseling, Germany

Web: www.riske-it.de  Email: datenschutz@riske-it.de


3. Data processing when you visit our website

Every time our website is accessed, we temporarily collect and save data via so-called log files, which may allow identification, each time the content of this website is accessed. The following data are collected:

  • the date and time of access to the website
  • the browser types and versions used
  • IP address of the calling computer
  • Host name of the accessing computer
  • the operating system used by the accessing system
  • Website from which the website was accessed
  • Websites that were accessed via the website
  • Visited page on our website
  • amount of data transferred
  • Message as to whether the retrieval was successful
  • Information about the browser type and the version used.

This data is processed to safeguard our legitimate interests in accordance with Article 6, Paragraph 1, Sentence 1, Letter f of the GDPR.


The temporary storage of the data, especially the IP address, is necessary for the course of a website visit in order to enable the website to be delivered. The log files are stored further to ensure the functionality of the website and the security of the information technology systems, in particular the web server. Our legitimate interests lie in these purposes.


We save the server log files for 7 days. However, we reserve the right to save the server log files for a longer period of time for a subsequent review should specific indications point to illegal use.


Because our web shop is based on a CMS from a provider, services from foreign third-party providers are integrated, which collect server log files for our own purposes, over which we have no influence or can have no influence. You can find out more about this at the relevant point in this data protection declaration (points 9 and 10).


The State Commissioner for Data Protection and Freedom of Information in North Rhine-Westphalia provides information on how you can pseudonymize your IP address. You can find out more about this at:


https://www.ldi.nrw.de/mainmenu_Tipps/submenu_Tipps_A-Z/Inhalt/Anonymisierungsdienste/Anonymisierungsdienste.php


4. Cookies

We use cookies on our website. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site.


Information is stored in the cookie that results in connection with the specific device used. However, this does not mean that we are immediately aware of your identity. Cookies also do not cause any damage to your device.


With the use of technical cookies we pursue the purpose of making the use of our offer more pleasant for you. We use so-called session cookies to recognize that you have already visited individual pages on our website. Most cookies are automatically deleted on a regular basis after leaving our site ("maximum age: end of session"). Other cookies are typical for functions of a web shop. Cookies store the information that you have moved a specific product to the shopping cart. This information remains stored even if you call up another subpage or end your browser session.


The data processed by cookies are required for the purposes mentioned to safeguard our legitimate interests and those of third parties in accordance with Article 6 Paragraph 1 Clause 1 Letter f GDPR.


Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, if you completely deactivate cookies, you may not be able to use all the functions of our web shop.


We also use services that may set third-party cookies on your device. You can find out more about this at the relevant point in this data protection declaration. You have the option of setting your browser so that JavaScript is not executed. In this case, too, you may only be able to use our website to a limited extent or not use all of its functions, or possibly not use it at all.


5. Visitor statistics

Statistics are created when you visit our online shop. The following information is automatically included in the visitor statistics:

  • Number of visitors
  • Number of product calls
  • Visitors with product calls
  • Added to cart
  • Payments started
  • Orders placed.

These statistics are anonymous and help us continuously to improve our offers and services. No software is used that transfers this data to third countries and possibly merges it with other (already existing) data. As the provider of the services offered, we have a legitimate interest (Article 6 Paragraph 1 Clause 1 Letter f GDPR) in collecting visitor statistics in order to improve our services. Such information can also help us to identify misuse of our systems in good time.


6. Contacting us

If you contact us (e.g. via our contact form, by e-mail or telephone), we will process your information insofar as this is necessary to answer the contact request and any requested measures.


If your message is sent with the aim of initiating a contractual relationship with us or is necessary for the fulfillment or (reverse) processing of an existing contract between you and us, we base the processing of the relevant data on Article 6 Paragraph 1 Clause 1 Letter b GDPR.


If your message is of a general nature, we base the processing of your request on our legitimate interest in accordance with Article 6 Paragraph 1 Clause 1 Letter f GDPR. Our legitimate interest lies in finally processing the received message and in contacting you externally. We will save your message until processing is complete. A longer storage only takes place if a law expressly authorizes us to do so.


Please note that, despite the greatest possible care, we cannot ensure that communication over the Internet is secure. We therefore recommend that you always send your message encrypted.


We would be happy to inform you that we have integrated Google reCAPTCHA via our contact form to prevent spam and unwanted automated messages. Personal data is processed by Google. If you do not want this, you can contact us at any time by email or phone. You can find out more about data processing by Google reCAPTCHA under point 10 of this data protection declaration.


7. Order process and processing

We process the following categories of personal data to process your order: information on whether a private customer or a business customer, salutation "Mr or Ms", first and last name, your e-mail address, your address (street and number, postcode, city). Providing your telephone number is voluntary, and it makes it easier and faster to contact you if you have any questions.


We base the processing of your data for the execution of the sales contract on Article 6 Paragraph 1 Clause 1 Letter b GDPR. The purpose of the processing is the initiation or processing of the purchase contract and the implementation of warranty rights.


We delete the data as soon as further storage is no longer required or prescribed. This is especially the case when defenses of the statute of limitations are no longer enforceable, 10 years for invoices.


8. Newsletter

We offer you the opportunity to subscribe to our newsletter mailing list. We process your first and last name as well as your specified email address. Further information (salutation Mr / Ms, title) is optional and not necessary for registration in our newsletter mailing list.


We process your information about sending our newsletter on the basis of your consent, Article 6 Paragraph 1 Clause 1 Letter a GDPR, Article 7 f. GDPR, possibly in conjunction with Article 9 Paragraph 2 Letter a GDPR. You have the right to revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent up to the time of revocation. You can contact us at any time to exercise your revocation. The provision of your first and last name as well as your e-mail address and any further information is not required by law or contract or required for the conclusion of a contract and you are not obliged to provide personal data. However, you cannot be included in our newsletter mailing list without your consent.


The registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registration you will receive an email in which you will be asked to confirm your registration. This confirmation is necessary so that nobody can register with someone else's e-mail address. The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes storing the time of registration and confirmation as well as the IP address. Changes to your data stored by the shipping service provider are also logged.


9. PayPal

We offer you the option of processing your order with PayPal. The operator is PayPal (Europe) S.à.rl & Cie. SCA, 22-24 Boulevard Royal, 2449 Luxembourg. If you choose PayPal as the payment method, your data required for the payment process will be automatically transmitted to PayPal. This regularly involves the following data: first and last name, address, company, e-mail address, contact details, log files (IP address) and, if applicable, other personal data that are necessary for payment processing, also with regard to prevention an abusive payment transaction. We ourselves do not receive any information about your account details, only a confirmation that the payment has been processed successfully.


The data processing for payment processing takes place for the execution of the contract, Article 6 paragraph 1 sentence 1 letter b GDPR.


The data transmitted to PayPal may be transmitted to credit agencies by PayPal. The purpose of this transmission is to check your identity and creditworthiness. PayPal may also pass on your data to third parties if this is necessary to fulfill contractual obligations or if the data is to be processed on behalf of us. You can read PayPal's privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full/ call. Since PayPal is an international group with headquarters in the USA, your personal data may also be transferred to third countries. You can find more information on the admissibility of such possible third-country transfers at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full/#7.


10. Google web fonts (web fonts)

Our website includes fonts from Google that are automatically loaded by Google's servers: Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA and the EU subsidiary Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5 , Dublin, Ireland (hereinafter referred to as Google). As soon as you call up the content of our website, a connection is automatically established to servers from which Google web fonts are loaded. Regular log files are collected, in particular the IP address. However, this does not mean that we have knowledge of your identity.


When using Google Web Fonts, we base the processing on Article 6 Paragraph 1 Clause 1 Letter f GDPR to safeguard our legitimate interests. The purpose is a uniform presentation of our website on the Internet and the promotion of our range optimization through the use of a secretary who is suitable for indexing in search engines: search engine optimization. By outsourcing, our website also gains loading speed, which has a positive effect on search engine optimization. Our interests lie in these purposes. In addition, we would like to point out that the fonts are specified by the provider of the CMS on which this homepage is based.


Since Google Webfonts is owned by the Google Group and Google has distributed its servers all over the world, it cannot be ruled out that your personal data will be stored and processed worldwide, including on servers in the USA. These could be countries in which the level of data protection is not as high as within the European Union. Due to the possibly lower level of data protection in third countries, you may not be able to assert your rights as a data subject, or only partially, with the recipients listed below. Furthermore, your data could be exposed to the access of foreign authorities and legal remedies at courts and authorities abroad could not lead to success. There is no adequacy decision by the EU Commission within the meaning of Article 45 GDPR for the USA. Suitable guarantees within the meaning of Article 46 GDPR for data transfer are the EU standard contractual clauses used here. A copy of the standard contractual clauses approved by the EU Commission, which Google relies on, can be found at:


https://policies.google.com/privacy/frameworks?hl=de&gl=de.


Please note that the integration of these web fonts with automatic server connections to Google can lead to tracking. Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA is responsible for this tracking.


11. Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our website. The provider is Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.


The aim of Google reCAPTCHA is to check whether data is entered on our website (e.g. in a contact form) by a person or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, length of stay of the website visitor on the website or mouse movements made by the user). The data collected during the analysis are forwarded to Google.


The reCAPTCHA analyzes run completely in the background. Website visitors are not informed that an analysis is taking place.


The data processing takes place on the basis of Art. 6 Para. 1 lit.f GDPR. The website operator has a legitimate interest in protecting its web offers from abusive automated spying and from SPAM.


Since Google reCAPTCHA is owned by the Google Group and Google has distributed its servers all over the world, it cannot be ruled out that your personal data will be stored and processed worldwide, including on servers in the USA. These could be countries in which the level of data protection is not as high as within the European Union. Due to the possibly lower level of data protection in third countries, you may not be able to assert your rights as a data subject from the recipients listed below, or only partially. Furthermore, your data could be exposed to the access of foreign authorities and legal remedies at courts and authorities abroad could not lead to success. There is no adequacy decision by the EU Commission within the meaning of Article 45 GDPR for the USA. Suitable guarantees within the meaning of Article 46 GDPR for data transfer are the EU standard contractual clauses used here. A copy of the standard contractual clauses approved by the EU Commission, which Google relies on, can be found at:


https://policies.google.com/privacy/frameworks?hl=de&gl=de.


Please note that the integration of these web fonts with automatic server connections to Google can lead to tracking. Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA is responsible for this tracking.


12. Your rights

In accordance with Article 15 GDPR, you have the right to receive information about the data stored about you, including any recipients and the planned storage period.


You have the right to revoke your consent without affecting the legality of the processing carried out on the basis of the consent up to the time of revocation.


If incorrect personal data is processed, you have the right to rectification in accordance with Article 16 GDPR.


If the legal requirements are met, you have the right to delete or restrict the processing of the data concerned (Article 17 and Article 18 GDPR).


According to Article 21 GDPR, you have the right to object at any time to the processing of your personal data based on Article 6 Paragraph 1 Clause 1 Letter f of the GDPR for reasons that arise from your particular situation. We will then no longer process the personal data unless we can prove compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. The collection of the data for the provision of the website and the storage of the log files are essential for the operation of the website.


According to Article 77 (1) GDPR, you have the right to complain to a data protection supervisory authority if you are of the opinion that the processing of your data violates applicable data protection law.


The provision of personal data is not required by law, but is required in most cases to access this website or to conclude a contract. Failure to provide it would usually result in you being unable to use our webshop or only to a very limited extent, we cannot answer your message satisfactorily or you cannot use our services.


We do not use automated decision-making, including profiling.


Share by: