Privacy Policy

This privacy policy informs you about the processing of personal data on the website at: www.ecoflows.de
This privacy policy reflects the legal status as of May 25, 2018 (GDPR).

1) Information on the collection of personal data and contact details of the controller

1.1 Personal Data

Below we inform you about how we handle your personal data. Personal data are all data with which you can be personally identified or that can be related to you, such as name, address, email addresses, user behavior.

1.2 Controller

The controller is DMU Consult Ingenieurgesellschaft mbH, Neumarkter Str. 80, 81673 Munich
info@dmu.de

1.3 Data Protection Supervisory Authority

The competent supervisory authority for us is the Bavarian State Office for Data Protection Supervision, P.O. Box 606, 91511 Ansbach Tel: +49 981 53 1300, poststelle@lda.bayern.de

2. Data collection when visiting our website

When you access our website, you transmit data to our web server via your internet browser (for technical reasons). The following data are recorded during an active connection between your browser and our web server:

Date and time of request
Name of requested file
Page from which the file was requested
Access status (file transferred, file not found, etc.)
Browser used and operating system
Full IP address of the requesting computer
Amount of data transferred

For technical security reasons, in particular to protect against attack attempts on our web server, we store this data briefly. It is not possible to draw conclusions about individual persons based on this data. Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. We do not pass on or otherwise use the data. However, we reserve the right to retrospectively review server log files if there are concrete indications of unlawful use.

2.1 TLS encryption with https

We use https to transmit data securely on the internet. By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the internet, we can ensure the protection of confidential data. You can recognize the use of this data transmission security by the small padlock symbol at the top left of the browser and the use of the term https as part of our internet address.

2.2 Cookies

Our website uses cookies to store user data.

A cookie is a text file that is exchanged between web browser and web server.

First‑party cookies are created by our website.
Third‑party cookies are created by other websites (e.g. Google Analytics).

Strictly necessary cookies to ensure basic functions of the website
Functional cookies to ensure the performance of the website
Targeted cookies to improve the user experience

We use cookies to make our website more user‑friendly. Some cookies remain stored on your device until you delete them. They allow us to recognize your browser on your next visit.

If you do not wish this, you can configure your browser to inform you about the setting of cookies and only allow them on a case‑by‑case basis.

You can delete cookies that are already on your computer at any time or deactivate cookies. The procedure varies by browser; the best way is to search Google for “delete cookies chrome” or “disable cookies chrome,” or replace “chrome” with your browser name (e.g. edge, firefox, safari).

If you generally do not allow us to use cookies (disable them via browser settings), some functions and pages may not function as expected.

2.2.1 Google Analytics 4

Purpose of the Data

The following list represents the purposes of data collection and processing. Consent applies only to the purposes specified. The collected data cannot be used or stored for any purpose other than those listed below.

Analysis
Marketing

Technologies Used

Tracking code

Collected Data

This list contains all (personal) data collected by or through the use of this service.

Account data
Anonymized IP address
App updates
Bounce rates
Browser information
Click path
Date and time of visit
Device information
Downloads
Visit duration
Location information
Internet service provider
Mouse movements
Referrer URL
Screen resolution
Behavioral data

Legal Basis

Art. 6 para. 1 sentence 1 lit. a GDPR

Transfer to Third Countries

This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area and to a country that does not provide an adequate level of data protection. If data are transferred to the USA, there is a risk that your data may be processed by US authorities for control and surveillance purposes without you having legal recourse.

2.2.2 Usercentrics Consent Management Platform

This is a consent management service.

Processing Company

Usercentrics GmbH Sendlinger Str. 7, 80331 Munich, Germany

Purpose of the Data

Compliance with legal obligations
Storage of consent

Technologies Used

Local storage
Cookies release

Collected Data

Browser information
Opt‑in and opt‑out data
Requested URLs of the website
Page path of the website
Geographic location
Device information
Date and time of visit

Legal Basis

Art. 6 para. 1 sentence 1 lit. c GDPR

Processing Location

European Union (consent database located in Belgium)

Retention Period

The retention period is the period during which the collected data will be stored for processing purposes. Data must be deleted as soon as they are no longer needed for the specified processing purposes.

Consent data (consent and withdrawal of consent) will be stored for three years. The data will then be deleted immediately or provided upon request as a data export to the responsible person.

Data Recipients

Usercentrics GmbH

Below is the email address of the data protection officer of the processing company.

datenschutz@usercentrics.com

Click here to read the data protection provisions of the processor. https://usercentrics.com/privacy-policy/

2.2.3 Google Tag Manager

This is a tag management system for managing JavaScript and HTML code snippets that can implement tracking, analytics, personalization, and marketing performance tags and tools.

Processing Company

Google Ireland Limited Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Purpose of the Data

Functionality

Technologies Used

Pixel

Collected Data

Aggregated data for triggering tags

Legal Basis

Art. 6 para. 1 sentence 1 lit. a GDPR

Processing Location

United States of America

Retention Period

The retention period is the period during which the collected data will be stored for the processing purposes specified. Data must be deleted as soon as they are no longer needed for the specified processing purposes.

Data will be deleted 14 days after retrieval.

Data Recipients

Alphabet Inc.
Google LLC
Google Ireland Limited

https://support.google.com/policies/contact/general_privacy_form

Transfer to Third Countries

Worldwide

Click here to read the processor’s privacy policy. https://policies.google.com/privacy?hl=en

Click here to revoke across all domains of the processor. https://safety.google/privacy/privacy-controls/

Click here to read the processor’s cookie policy. https://www.google.com/intl/de/tagmanager/use-policy.html

3. Contact

If you do not use the offered contact forms for contact, no data collection beyond section 2 takes place. If you use a web form offered by us and provide personal data in it, or if you contact us by e‑mail, we will collect, process and use your personal data solely for the purpose of processing your enquiry.

The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR. Your data will be deleted after your request has been finally processed, which is the case when the circumstances indicate that the matter has been finally clarified and provided that no legal retention obligations prevent deletion.

4. Processing of personal data in the context of applications

If you apply unsolicitedly for one of our job postings, the data you provide will be processed to carry out the relevant application process and to make a decision on the establishment of an employment relationship. The legal basis for this is Art. 6 para. 1 lit. f GDPR. Our legitimate interest for processing personal data also lies in these purposes.

Processing may take place by post or electronically by sending your application documents to us by post or e‑mail. If your application is unsuccessful or no employment relationship is established, we will delete the data stored six months after rejection unless legitimate interests of ours prevent deletion. Legitimate interests may include proceedings for violations of the AGG. If you have sent us your application documents by post, we will return them to you.

More information for applicants on the processing of personal data by DMU Consult Ingenieurgesellschaft mbH can be found [ccz4]

5. Disclosure of data

Personal data will only be transmitted to third parties if (a) the data subject has given explicit consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, (b) the disclosure is necessary for the assertion, exercise or defense of legal claims in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR and there are no reasons to assume that the data subject has an overriding legitimate interest in non‑disclosure, (c) there is a legal obligation to disclose data in accordance with Art. 6 para. 1 sentence 1 lit. c GDPR, and/or d) disclosure is necessary for the performance of a contract with the data subject in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR. In other cases, personal data will not be disclosed to third parties.

5.1 Data transmitted to the following service providers in the context of visiting the website:

wunderlabs GmbH Dorfstr. 6 85777 Fahrenzhausen

6. Rights of data subjects

The applicable data protection law gives you extensive rights vis‑à‑vis the controller regarding the processing of your personal data (rights of access and intervention), about which we inform you below:

6.1 General

Under Art. 15 para. 1 GDPR, the data subject has a graduated right of access. They can request confirmation from the controller as to whether personal data concerning them is being processed. A negative confirmation is also required if the controller either does not process any data about that person or has irreversibly anonymized personal data.

The data subject can also request specific information about which personal data is being processed (e.g. name, first name, address, date of birth, profession). In addition, the following information must be provided by the controller during data disclosure in accordance with Art. 15 para. 1 GDPR, in particular: - Processing purposes - Recipients or categories of recipients who have already received or will receive the data - Planned storage period if possible, otherwise the criteria for determining the storage period - Rights to rectification, erasure or restriction of processing - Right to object to this processing under Art. 21 GDPR - Right to lodge a complaint with a supervisory authority - Origin of the data, if not collected from the data subject themselves

6.2 Rights in detail

the right to rectification pursuant to Article 16 GDPR
the right to erasure pursuant to Article 17 GDPR
the right to restriction of processing pursuant to Article 18 GDPR
the right to object pursuant to Article 21 GDPR
the right to lodge a complaint with a supervisory authority pursuant to Article 77 GDPR
the right to withdraw consent pursuant to Art. 7 para. 3 GDPR

7. Duration of storage of personal data

The duration of storage of personal data is measured according to the respective statutory retention period (e.g., commercial and tax retention periods). After expiration of the period, the corresponding data is routinely deleted as long as it is no longer necessary for contract fulfillment or contract initiation and/or there is no legitimate interest on our part to continue storage. Storage of data beyond the minimum period will only take place with your consent.

8. Links to other websites

Our online offer contains links to other websites. We have no influence over whether their operators comply with the data protection regulations. As a provider, we are responsible for our own content according to general laws. It is necessary to distinguish our own content from content provided by other providers that is accessible via links. For illegal, incorrect or incomplete content and for damages resulting from the use or non‑use of the information, the provider of the website to which the link refers is solely liable. The editorial team is only responsible for external references if they have positive knowledge of them, i.e. also of any illegal or criminal content, and it is technically possible and reasonable for them to prevent their use.

Cookies, especially from third parties (e.g. Google Analytics) and social media plugins require a separate explanation regarding specific data processing should they be used.

It must be concretely presented here which cookies are used and which data is processed.

An extra cookie banner is needed on your website. Visitors/users must explicitly consent to the use of cookies if they are used.

Here should be a link to the detailed privacy policy regarding applicant data. We can assist you in creating this privacy policy.

Which service providers the data is actually passed on to in the context of visiting the website must be included here.

Please note that this must also be implemented accordingly.

Before clicking on corresponding links (including social media plugins), a concrete notice of the respective data usage should be given again.