Skip to main content

Privacy Policy

NOE takes the protection of your data very seriously. We observe the statutory data protection requirements and take precautions to ensure the confidentiality and security of your data.

We point out that data transmissions over the Internet (e.g. by e-mail) may have security gaps and that complete protection from access by third parties is not possible.

In this policy we inform you about the collection and processing of personal data by our company. This Privacy Policy, as well as the Legal Notice and Disclaimer, must be seen as part of the Internet service from which you were referred to this page.

This Privacy Policy applies to Internet pages outside of our website only insofar as we have influence on their processing and are therefore responsible for such processing.

If parts or some of the wording of the following text do not or no longer or do not fully comply with the applicable law, the content and validity of the remaining parts of the document remain unaffected by this.

Table of Contents

  1. Contact details
  2. Processing of personal data by our company
  3. What data do we collect?
  4. Use of analysis tools and use of features/plugins of other Internet platforms
  5. Consent to sharing personal data with third parties
  6. Copyright and trademark rights
  7. Your rights
  8. Changes to our Privacy Policy

1 Contact details

1.1   Name and address of the Data Controller

The Data Controller pursuant to the General Data Protection Regulation (GDPR) and other national data protection legislation is named in the Legal Notice.

1.2   Contact details of the Data Protection Officer

The Data Protection Officer of the Data Controller can be contacted as follows:

Data Protection Officer

Dipl.-Kfm. Herbert Eidloth

E-mail:   dsb@noe.de

2 Processing of personal data by our company

Our web pages can generally be used without providing personal information. In some cases, however, we require personal information in order to provide the requested service (e.g. sending informational material, a newsletter...) or to process an order. In addition, we store and process only such data that you provide to us voluntarily.

Where you send us information via a contact form, the information entered there will be used to provide the service that you requested, to execute an order that you placed and/or to contact you.

Storage period

Personal data of the Data Subject is deleted as soon as the purpose of such storage is no longer valid unless statutory retention and warranty periods that apply to the Data Controller prevent such deletion, or unless continued storage is necessary for entering into (further) contracts or performing contracts with the Data Subject.

To the extent that the content of contact forms or e-mail messages is business-relevant, such content must be treated as business correspondence, i.e., it is subject to statutory retention periods. We store incoming/outgoing e-mails and messages communicated via a contact form in an electronic archive.

Private communications using business e-mail addresses are not desired.

Please note that we do not distinguish between private and business communications. This means that private mails that you send to a business e-mail address will be treated as business-relevant communications. If you still send private messages to a business e-mail address, you will be aware of this situation and accept that you will not have any claims against our company for measures regarding the data backup, recovery or deletion of such messages from data backups or archives.

3 What data do we collect?

3.1 Automated data collection

When you visit websites, your Internet browser may automatically transmit the following information to our web server. These data may be collected by website operators or by our own data processing equipment:

(1) Date and time of access

(2) Host name of the accessing computer

(3) URL of the referring web site (referrer URL)

(4) Files retrieved

(5) Data volume transmitted

(6) Browser type and version

(7) Operating system

(8) IP address used

We do not merge these data with other data sources. Nor do we attribute this information to any specific person, and we do not receive any personally identifiable evaluations or statistics prepared by third parties.

However, we reserve the right to examine such data retroactively if concrete evidence of unlawful use is brought to our attention.

Purpose of processing

The temporary storage of the IP address is necessary in order to deliver the website to the user’s computer. The other information mentioned above is stored in order to ensure the functionality of the website, to optimise the website and to guarantee the security of our information technology systems.

Legal basis of processing

The above information is stored in accordance with Article 6(1)(f) GDPR. Our legitimate interest is to ensure the functionality, availability and user-friendliness of our website.

Storage period

The information is deleted when it is no longer required for achieving the purpose of its collection. The data collected is not stored for more than 3 months unless misuse is suspected.

Right to object

The collection of data for the provision of the website and storage of the data in log files is essential for the operation of the website. Consequently, the user does not have a right to object.

3.2   Data for the provision of services and/or for order processing

If you want to use a service (e.g. be sent a newsletter) or place an order, we will require personal data to do this.

When placing an order:

(1) Surname, forename

(2) Company name

(3) Address (country, postcode, city, street, house number)

(4) Methods of contact (telephone, fax, e-mail)

(5) Credit check

We conduct credit checks to protect our legitimate interests (e.g. minimising credit risks). For this purpose, we request information from credit agencies (e.g. Schufa, Bürgel, Creditreform etc.).

Automated procedures are also used in the generation of such information, the result of which is included in the decision to accept/reject a business relationship. However, a final decision is always made by one of our employees taking into account the individual case.

When conducting credit checks, we comply with the applicable legal requirements.

When requesting information via electronic means (e.g. newsletter)

(1) Surname, forename

(2) Company name

(3) E-mail address

In addition, we offer you an opportunity to submit messages via an appropriate form field or using an e-mail address.

When you sign up for a newsletter, you will receive a confirmation e-mail from us, with which we check whether you are the owner of the specified e-mail address and whether you agree to receiving the newsletter. You can revoke your consent to receiving the newsletter at any time, for example, by using the “Unsubscribe link” at the end of each newsletter.

Purpose of processing

We process the data in question in order to provide the desired performance and service. Certain services are reserved for registered users. Registration and processing of registration data is intended to prevent misuse of the service offered and to help ensure the security and availability of our data processing equipment.

Legal basis

We process these data on the basis of your consent in accordance with Article 6(1)(a) GDPR. In addition, under Article 6(1)(f) GDPR, we have a legitimate interest in preventing misuse of our services as well as in ensuring the confidentiality and availability of our data processing systems.

Storage period

Personal data of the Data Subject will be deleted or blocked as soon as the purpose of storage no longer applies. Insofar as there are statutory retention or warranty periods for data to which the Data Controller is subject, the data will be deleted upon expiry of these periods, unless further storage is required for entering into or executing contracts.

Right to object

You may object to the future processing of your data. For contract-relevant data of services, the provision of which has already begun, this right to object only applies once the contractually agreed services have been provided by both parties.

You may direct your objection to: info@noe.de (Subject: Privacy)

3.3 Contact form, e-mail contact

On our website we offer you the possibility to contact us by means of contact forms. The data that you enter in these forms will be transmitted to us encrypted and used by us exclusively for the purpose of processing your request or contacting you.

Contact forms:

(1) for ordering documents can be obtained via http://www.noe.de/kontakt.html.

(2) for registration to download product information can be obtained via https://www.noe.de/technische-information.html.

(3) for registration to receive our newsletter can be obtained via https://www.noe.de/anmeldung-noenews.html.

(4) for a request via the NOEsale contact form: https://www.noesale.com/anfrage.html.

If you use these means to contact us, we will collect the following data, depending on the context:

(1) Salutation

(2) Surname, forename

(3) Company name

(4) Department

(5) Address (country, postcode, city, street)

(6) Telephone

(7) Fax

(8) E-mail address

(9) Your message text

(10) Info on desired service

The use of our contact options and the associated provision of your personal data is voluntary. However, if you decide to use these options, we will expect a certain minimum of information. The context determines the classification of specific data as mandatory fields. For example, we will ask only for your e-mail address when you sign up for the newsletter.

The information marked as mandatory fields must be provided, so that we can process your request. Any other information is provided on a voluntary basis.

It may also be that your IP address, date and time of transmission are stored when you transmit data via a contact form.

Our website is encrypted. The data transmitted by you in the contact forms is encrypted (transport encryption).

Alternatively, we offer you the option of contacting us via a specific e-mail address. In this case we save such personal data of the user as is transmitted with the e-mail. If you would like to transmit encrypted content, please contact us in advance.

No data are shared with third parties. We process the data provided solely for the purpose of correspondence or for the fulfilment of the service requested by you.

Purpose of processing

The personal data from the input mask is processed solely for the purpose of handling your request and contacting you.

Other personal data processed during the transmission process (IP address, date etc.) is used to prevent misuse of the contact form and to ensure the security of our information technology systems.

Legal basis of processing

Data are processed in accordance with these statutory provisions:

(1) Article 6(1)(a) GDPR when there is consent

(2) Article 6(1)(b) GDPR where contact is established for the purpose of initiating, entering into or executing a contract.

(3) Article 6(1)(f) GDPR regarding the data transmitted in the process of making contact. Our legitimate interest is to ensure smooth communications with you. Furthermore, we are interested in preventing the misuse of our services and in ensuring the confidentiality and availability of our data processing equipment.

Storage period

The data are deleted when it is no longer required for achieving the purpose of its collection. Personal data from the input mask of the contact form and data sent by e-mail is deleted when the respective conversation with the user has ended. The conversation ends when it can be inferred from the circumstances that the factual situation has been clarified conclusively and a further conversation is not required/requested.

Business-relevant components of communications are subject to legal retention periods. We are obligated to store such data at least until retention and warranty periods have expired. For this type of data, the processing purpose is deemed completed upon expiry of the respective periods.

Right to object

The user may at any time revoke his consent to the processing of personal data. In the absence of statutory requirements to the contrary, the user may object to the storage of his personal data at any time. In such a case, the conversation cannot continue, and requested services cannot be provided (any more).

You may send your objection by e-mail to: info@noe.de (Subject: Privacy)

3.4 Registration for user groups

Some services offered are aimed at a selected group of users. You can register for such a user group. You will need to provide the following information:

(1) Forename, surname

(2) E-mail address

(3) User password

The registration data are transmitted encrypted.

After registration you will receive a confirmation link from us, with which we check whether you are the person who used the e-mail address for the registration. If you confirm this, a user will be created with the data that you have provided.

You are obligated to keep your login data confidential and not to share it with third parties. You further agree not to engage in any activity using your account that could jeopardise the confidentiality, security and integrity of our data processing equipment.

We reserve the right to block or delete accounts if there is a reasonable suspicion of improper or criminally relevant use.

Purpose of processing

We store the data voluntarily provided by you in order to be able to offer you the requested service. We process the data to prevent misuse and to ensure the availability and confidentiality of our data processing equipment.

Legal basis

We process the data in accordance with the following statutory provisions:

(1) Following registration by the user, data are processed in accordance with the user’s consent pursuant to Article 6(1)(a) GDPR.

(2) Under Article 6(1)(f) GDPR, we have a legitimate interest in preventing the misuse of our services and in ensuring the confidentiality and availability of our data processing equipment.

Storage period

We store your data as long as your registration for the requested service is active. If you de-register from the service, your data will be deleted unless there is a reasonable suspicion of improper or criminally relevant use. In this event, we will store the data until the suspicion has been cleared or the process of securing evidence has been completed.

Right to object

You can object to the future processing of your data by submitting a request to delete your account.

You may send your objection by e-mail to: info@noe.de (Subject: Privacy)

3.5 Newsletter

We offer you an opportunity to subscribe to free newsletters. The data of the input mask will be sent to us when you sign up for the newsletter. To exclude misuse and multiple use, we request and/or collect automatically the following data:

(1) E-mail address

(2) Time of registration

(3) Time of confirmation

For the processing of the data, your consent is obtained by means of a double opt-in as part of the registration process and reference is made to this Privacy Policy.

The data that you enter will be processed by us solely for the purpose of sending you the newsletter.

We use MailChimp.

To send the confirmation e-mails for managing the data in our subscriber lists, we use the list provider MailChimp, a service from The Rocket Science Group, LLC, 512 Means St., Suite 404 Atlanta, GA 30318.

All you need to register for this list is your e-mail address. Registration involves the double opt-in method, that is, after you register you will receive an e-mail in which you can confirm your registration again in express terms. Only then will the newsletter service be activated for you. When you sign up for our newsletter, the data you provide when signing up for the newsletter will be transmitted to MailChimp and stored there. MailChimp offers extensive analysis options to determine how the newsletters are opened and used. These analyses are group-based and are not used by us for individual evaluation.

In addition, MailChimp uses the analysis tool Google Analytics and, if necessary, integrates it with the newsletter.

The service provider stores the e-mail addresses of the subscribers on a server in the USA. MailChimp is certified under the US-EU Privacy Shield (Link: https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG) and has thus committed to complying with EU privacy standards.

More information about MailChimp and privacy at MailChimp can be found here (https://mailchimp.com/legal/privacy/)

By submitting the e-mail address you consent to this processing by MailChimp.

Purpose of processing

The user’s e-mail address is collected for the purposes of newsletter delivery including subscriber management. We log the registration process in order to meet legal record-keeping requirements.

Legal basis

Following the user’s registration for the newsletter, the data are processed on the basis of the user’s consent in accordance with Article 6(1)(a) and Article 7 GDPR as well as in accordance with Section 7(2)(3) or Section 7(3) of the German Unfair Competition Act (UWG).

The registration process is logged in accordance with Article 6(1)(c) GDPR in order to comply with our accountability and record-keeping obligations.

The use of the service provider MailChimp is based on our legitimate interest, pursuant to Article 6(1)(f) GDPR, in utilising a user-friendly and secure newsletter management system.

Storage period

Your data will be stored as long as your newsletter subscription is active.

Right to object

The user in question may cancel the newsletter subscription at any time. Each newsletter contains a link for this purpose. To cancel the subscription, you will need the e-mail address that you specified when you signed up. When you cancel the subscription, the data you provided will be deleted.

3.6 Job application documents

Thank you for your interest in our company.

You can send us your application documents by post. But you can also submit your application documents online.

Please use only the e-mail account specified for the submission of your application documents, as this is the only way to ensure that your application will be kept confidential and considered in the selection process.

When transmitting documents via the Internet there is a risk of unauthorised access.

When sending to an e-mail address, it is possible to transmit content in encrypted form. If you would like to transmit encrypted content, please contact our Human Resources department in advance. If you do not want to use encryption for your application documents, your documents (attachments) may be transmitted unencrypted. In the event, your documents (attachments) may theoretically be viewed and modified by unauthorised third parties.

Within our company, only the Human Resources department, the Works Council and employees involved in the selection process will have access to the application documents that you submit.

In some cases, we may wish to make alternative job offers to applicants. For this purpose, we store the application documents in a pool of applicants and/or forward them to other Group companies.

Please note that your data will be forwarded to us via a web host. For the transmission process to succeed, it is absolutely necessary for the web host to process the data for technical reasons.

We store the following data of applicants whom we cannot offer a position in an applicants’ history:

(1) Surname, forename

(2) Date of birth

(3) Address

(4) Date of application

(5) Position for which you applied.

Purpose of processing

We process the data submitted by you for the purposes of the applicant selection process.

The purpose of storage in a pool of applicants is to offer certain applicants whom we could not consider in the selection process a position at a later date.

The information is stored in the applicants’ history in order to exclude multiple applications.

Legal basis

Your data are processed in accordance with Article 6(1)(a) GDPR (consent has been obtained). You consent to the data processing by submitting your application documents.

Under Section 99(1) of the German Works Constitution Act (BetrVG), we are obligated to submit the application documents to the Works Council prior to any recruitment.

The storage of your data in the applicants’ history, the transfer of your data to a personnel service provider as well as the storage of applicant data in a pool of applicants are in accordance with Article 6(1)(f) GDPR (legitimate interest). Our legitimate interest is the efficient organisation of applicant selection procedures and the avoidance of multiple applications.

Storage period

If we cannot offer you a suitable position, we will delete your application documents after six (6) months at the latest.

If you do not object to the storage of your application documents in the applicants’ pool, they will be deleted from the pool after a maximum of two (2) years.

In the applicants’ history, we store your data for a period of two (2) years.

The web host stores the communication content until successful completion of the transmission.

Right to object

You can object to storage in an applicants’ pool in your cover letter. If you do not do this, you will be informed about your application documents being stored in a pool of applicants in the rejection letter. You may then object to the storage at any time with future effect. If you revoke your consent, we will delete your data from the applicants’ pool.

If you do not agree to sharing your application documents with a personnel service provider, please inform us when you submit your documents. In this event, we may not be able to consider your application in the relevant selection process.

Please direct your objection to: personal@noe.de (Subject: Privacy).

You cannot object to storage in the applicants’ history.

The processing of your data by the web host in the context of the transmission process is technically necessary. You cannot object to such processing.

3.7 Data of children

Persons under the age of 16 should not submit any personal data to us without the consent of their parents or guardians. We do not request personal data from children and adolescents. We do not knowingly collect such data.

3.8 Integration of third-party providers

Content or services of third party providers (e.g. YouTube, Google Maps…) may be integrated within our website. The integration of such content requires that the third-party providers detect the IP address of the user, since they would not be able to send the content to the user’s browser without the IP address. The IP address is therefore required for this content to be displayed. Furthermore, providers of third-party content can set their own cookies and process users’ data for their own purposes. In doing so, they can create usage profiles for site visitors from the processed data.

Please note the privacy policy of the respective provider when using their respective services.

Videos of the “YouTube” platform and maps of the “Google Maps” service:

Provider: Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Privacy policy: https://www.google.com/policies/privacy/ . 

Opt-out: https://www.google.com/settings/ads/ .

Purpose of processing

We would like to provide you with information that will help you to contact us, to plan your trip or to inform you about our products.

Legal basis

The integration of third-party services is in accordance with Article 6(1)(f) GDPR (legitimate interest). Our legitimate interest is derived from the processing purpose.

The use of the services is voluntary. By using the services, you consent to the processing of your data in accordance with Article 6(1)(a) GDPR.

Storage period and right to object

See “3.9 Cookies”

3.9 Cookies

Cookies are small text files that are stored on your device. Cookies do not contain executable software and do not harm your computer.

We use cookies to facilitate the use of our website. In addition, certain settings (e.g. your objection to the use of tracking tools) that you can make are stored on your computer, so that you do not have to enter these settings again when you visit our website at a later time.

You can configure your browser so that you are informed about the setting of cookies, allow cookies only in individual cases or accept or reject cookies in general. You can also specify that cookies set be deleted when the browser is closed. Please refer to the help pages of your browser for information on how your browser handles cookies. Please note that you may not be able (any more) to make full use of websites that work with cookies if you disable/delete cookies.

Consent to the use of cookies

If you do not object to the use of cookies by disabling them in your browser or by leaving our website, you consent to the storage of cookies on your device by continuing to use our website.

Purpose of processing

The purpose of the cookies we set is to make it easier for users to use our website. Some features of our website cannot be provided without the use of cookies. These features require that the browser be recognised again, even after the user changes pages/sites.

Legal basis

Cookies are stored with your consent in accordance with Article 6(1)(a) GDPR. You consent to the storage of cookies (including third-party cookies) by using our website and through the settings in your browser.

The use of cookies is in accordance with Article 6(1)(f) GDPR (legitimate interest). Our legitimate interest is derived from the processing purpose.

Storage period

As a rule, session cookies are set, which are automatically deleted after the browser session has ended. In some cases, cookies may also be stored permanently in order to maintain your settings on your next visit.

Right to object

You can disable or restrict the transmission of cookies by changing your browser settings. Cookies already stored can be deleted. Please refer to the operating instructions of your browser to learn about how your browser handles cookies.

If cookies are disabled, it may not be possible to make full use of all the functions of the website. In addition, an objection (e.g. to the use of tracking tools) cannot be recorded or will have to be re-issued the next time you visit our pages.

4 Use of analysis tools and use of features/plugins of other Internet platforms

By using this website, you consent to the collection, processing and use of automatically collected data and data entered by you by the following (third-party) providers.

4.1 List of and notes about the analysis and tracking tools used

4.1.1 Google Analytics

This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses “cookies”, text files that are stored on your computer and that allow an analysis of your use of the website. The information generated by the cookie about your use of this website is generally transmitted to a Google server in the USA and stored there.

However, if IP anonymisation is enabled on this site, Google will truncate your IP address beforehand within Member States of the European Union or other signatory states to the Agreement of the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services related to website activity and Internet usage.

The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by changing the settings of your browser software accordingly; however, please note that if you do this, you may not be able to make full use of all the features of this website. In addition, you may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of these data by Google by using the link (http://tools.google.com/dlpage/gaoptout?hl=de) to download and install a specific browser plugin.

You can prevent the collection of data by Google Analytics by clicking on the following link. An opt-out cookie will be set which prevents the future collection of your data when visiting this website: <a href=„javascript:gaOptout()“>Deactivate Google Analytics</a>

In mobile device browsers, the add-on for suppressing Google Analytics User Tracking may not work. In this case, you can use the opt-out cookie only to prevent the collection of your data when you visit the website. Please note: If you delete your cookies, the opt-out cookie will be deleted as well. The opt-out will then have to be enabled again when you visit our site again.

For more information about Terms of Service and Privacy, please visit https://www.google.com/analytics/terms/de.html or https://www.google.de/intl/de/policies/ .

We point out that on this website Google Analytics has been extended by the code “anonymizeIp” to ensure anonymised collection of IP addresses (IP masking).

An agreement for contract data processing has been entered into with Google in accordance with the specifications of the German data protection authorities.

Demographics in Google Analytics

The website uses the Demographics feature of Google Analytics. This allows for reports to be generated that contain information on the age, gender and interests of site visitors. These data are derived from interest-based Google advertising and visitor data from third parties. Such data cannot be attributed to any specific person. You can disable this feature at any time through the Ads Settings in your Google account, or generally prohibit the collection of your data by Google Analytics as outlined in the section “Objection to data collection”.

Anonymisation

We use Google Analytics with activated IP anonymisation. This means that Google will truncate users’ IP addresses beforehand within Member States of the European Union or other signatory states to the Agreement of the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there.

4.1.2 Google Remarketing

This website uses the Google Remarketing service. Google Remarketing is an online advertising program of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. This feature is designed to show interest-based ads to visitors to the site through the Google advertising network. The website visitor’s browser stores “cookies”, text files that are stored on your computer and that allow visitors to be recognised again when they visit websites that belong to the Google advertising network. On these pages, ads can then be displayed to visitors that relate to content that the visitor previously displayed on websites that use Google’s Remarketing feature. Google says it does not collect any personal information during this process.

However, if you still do not wish to use Google Remarketing, you can disable it by configuring the appropriate settings at https://www.google.com/settings/ads . Alternatively, you can disable the use of cookies for interest-based advertising through the Network Advertising Initiative by following the instructions at http://www.networkadvertising.org/managing/opt_out.asp .

For more information about Google Remarketing and Google’s Privacy Policy, please visit: https://www.google.com/privacy/ads/ .

4.1.3 Google Ad Services / Google AdWords Conversion

This website uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. This is used to recognise that a visitor has come across our website through a Google ad.

Google uses cookies that are stored on your computer and that allow for an analysis of your use of the website. “Conversion tracking” cookies are set when you click on an ad served by Google. These cookies expire after 30 days and are not used for personal identification.

If you want to prevent conversion tracking, you can set your browser to block cookies from the domain “googleadservices.com”. You can also exercise your right to opt out through the site: http://www.networkadvertising.org/choices/ .

If you would like to learn more about these methods or to know what you can do to prevent Google from using this information, please click here: https://www.google.com/settings/u/0/ads/authenticated. 

4.1.4 Google Adsense

This website uses Google Adsense, a web advertising service provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. Google Adsense uses “cookies”, text files that are stored on your computer and that allow an analysis of your use of the website. Google Adsense also employs “web beacons” (small invisible graphics) to gather information. Through web beacons, simple actions such as visitor traffic on the website can be recorded and collected. The information generated by the cookie and/or web beacon about your use of this website (including your IP address) will be transmitted to and stored by Google on servers in the USA. Google will use this information to evaluate your use of the website in terms of advertising, to compile reports on website activity and advertisements for website operators, and to provide other services related to website activity and Internet usage. Google may also transfer this information to third parties if required by law or insofar as third parties process these data on behalf of Google. According to Google, it will never associate your IP address with other Google data.

You can prevent the storage of cookies on your hard disk and the display of web beacons by selecting “Do not accept cookies” in your browser settings; however, please note that in this case you may not be able to make full use of all features of this website. By using this website, you consent to the processing of the data collected about you by Google in the manner and for the purposes set out above.

4.1.5 Google Web Fonts

External fonts, Google Fonts, are used on these web pages. Google Fonts is a service of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. These web fonts are integrated by a call to a server, usually a Google server in the USA. This way, information about which of our web pages you have visited is transmitted to the server. The IP address of the browser in the device used by the visitor to this website is also stored by Google.

For more information, see Google’s Privacy Policy, which you can access here: https://policies.google.com/privacy?hl=en .

The following applies to all Google Marketing services:

Purpose of processing

We use analysis and tracking tools to optimise our website and provide you with targeted information. In addition, we enable you to store user-specific settings beyond the respective browser session and to use them on your next visit.

Legal basis

Cookies are stored with your consent in accordance with Article 6(1)(a) GDPR. You consent to the storage of cookies (including third-party cookies) by using our website and through the settings in your browser.

The use of analysis/tracking tools is in accordance with Article 6(1)(f) GDPR (legitimate interest). Our legitimate interest is derived from the processing purpose.

Storage period and right to object

See “3.9 Cookies”.

If you wish to opt out of Google Marketing Services, you can use the settings and opt-out options provided by Google: https://www.google.com/ads/preferences/ .

4.2 List of and notes about social media plugins

Our website does not use any plugins of social networks.

4.3 Notes about further websites of our company

Our company maintains sites on Facebook, Google+, Twitter, LinkedIn and YouTube.

While our website does not use social media plug-ins, network platform providers may be able to collect information about your visit to our website when you are logged into your account. Data processing by the respective providers is beyond our company’s control.

Comments function

Some social-media platforms offer a comments function. Please note that your comments and other input will be processed by the platform provider. Further data (such as your IP address etc.) may also be processed by the provider.

Data processing by the respective providers is beyond our company’s control.

We reserve the right to delete comments from the social media service’s corporate pages, block the comments function or the user account altogether, or request removal/blocking if the user violates any personal rights, copyright or criminal law provisions, infringes personal rights of third parties or posts insulting, slanderous, anti-constitutional, racist, sexist, violence-glorifying or pornographic comments or images.

Scope of our Privacy Policy regarding social media

This Privacy Policy does not apply to data processing by social-media providers. Please note, therefore, the privacy policy of the respective provider.

5 Consent to sharing personal data with third parties

The personal data collected automatically on our websites, provided by you voluntarily or requested from you as part of a service will not be shared with third parties without your consent.

The data will not be transferred to a third country or an international organisation.

Consent to contractually required disclosure

Insofar as the service requested or the order placed is clearly associated with a material delivery and/or the service is clearly provided by a third party, your consent to the transfer of personal data required for this to the service provider in charge of the execution will be deemed to have been given without any further query.

If a contractually agreed service is provided in a third country, the service may also be performed by one of our cooperation partners. In the event, we will name the cooperation partner and, if you have consented to the transmission, submit the contract-relevant data to this partner.

If you do not agree to a transmission, this may mean that the service you requested cannot be provided.

6 Copyright and trademark rights

6.1 Copyright

Anyone who infringes copyright law (such as by copying images or texts without permission) commits an offence under Sections 106 et seq. of the German Copyright Act (UrhG) will receive a cease-and-desist letter with costs and must pay compensation (§ 97 UrhG).

All contents of our website and Internet pages, particularly texts, photographs, graphics and images (in short: media), are protected under copyright law. Unless expressly indicated otherwise, the copyright owner is the Data Controller of this website.

Please note, however, that we may not be entitled to the exclusive, unrestricted copyright for all media used on our website, and that third parties may hold rights to these images, even if this is not indicated explicitly.

For information about the copyright owner of the media used, as well as if you intend to download, republish, retransmit, reproduce or otherwise use any media as a separate file, please contact: info@noe.de.

Note that we do not assume any liability if our logo or our contact data are used for fraudulent purposes by third parties, who will be subject to prosecution. Please let us know if you receive any questionable documents with our logo or under our name.

6.2 Links

Insofar as we use links to third-party content, these were checked for possible legal violations at the time of linking. No unlawful content was detected at the time of linking. However, continuous examination of the contents of the linked pages is not reasonable without specific evidence of an infringement. If we learn of violations or infringements, we will remove such links immediately.

Where our online services contain links to contents and offers of other providers, ensuring such other providers’ compliance with data protection regulations is beyond our control. Please inform yourself if necessary about the privacy policy of a provider before you follow such a link or disclose information on the linked pages.

7 Your rights

As the Data Subject, you have the following rights vis-à-vis the Data Controller under the GDPR:

7.1 Right of access by the Data Subject

You may ask the Data Controller to confirm whether personal data concerning you is processed by us.

If such data are processed, you can request from the Data Controller the following information:

(1) the purposes for which the personal data are processed;

(2) the categories of personal data that is processed;

(3) the recipients and/or categories of recipients to whom the personal data in question has been disclosed or is yet to be disclosed;

(4) the planned duration of storage of personal data concerning you or, if specific information is not available, criteria for defining the storage period;

(5) the existence of a right to correct or delete the personal data concerning you, a right to restrict the processing by the Data Controller or a right to object to such processing;

(6) the existence of a right to lodge a complaint with a Supervisory Authority;

(7) all available information on the source of the data if the personal data are not collected from the Data Subject;

(8) the existence of an automated decision-making process, including profiling under Article 22(1) and (4) GDPR and – at least in such cases – meaningful information on the logic involved as well as the scope and intended effects of such processing on the Data Subject.

You have the right to request information about whether your personal data are transferred to a third country or an international organisation. In such context, you may demand information on appropriate guarantees in accordance with Article 46 GDPR in connection with the transmission.

7.2 Right to rectification

You have a right to rectification and/or completion vis-à-vis the Data Controller if the personal data concerning you is incorrect or incomplete. The Data Controller must implement such corrections without undue delay.

7.3 Right to restriction of processing

You may request restricted processing of your personal data under the following conditions:

(1) if you contest the accuracy of your personal data for a period of time that enables the Data Controller to verify the accuracy of your personal data;

(2) if the processing is unlawful and you oppose the erasure of the personal data and instead request restriction of such data’s use;

(3) if the Data Controller no longer needs the personal data for the purposes of processing, but you require the data for the establishment, exercise or defence of legal claims; or

(4) if you have objected to processing pursuant to Article 21(1) GDPR pending the verification whether the legitimate grounds of the Data Controller override your grounds.

Where processing of your personal data have been restricted, such personal data may, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

If you have obtained restriction of processing pursuant to the above conditions, you will be informed by the Data Controller before the restriction of processing is lifted.

7.4 Right to erasure

You may obtain from the data controller the erasure of your personal data without undue delay and the Data Controller is obligated to erase such personal data without undue delay where one of the following grounds applies:

(1) Your personal data are no longer necessary in relation to the purposes for which it was collected or otherwise processed.

(2) You withdraw your consent on which the processing is based according to Article 6(1)(a) or Article 9(2)(a) GDPR, and where there is no other legal ground for the processing.

(3) You object to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) GDPR.

(4) Your personal data have been unlawfully processed.

(5) Your personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the Data Controller is subject.

(6) Your personal data have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.

According to Article 17(3) GDPR, the right to erasure does not exist, inter alia, if the processing is necessary, if the Data Controller is subject to a legal obligation to process or if the processing is necessary for the establishment, exercise or defence of legal claims.

7.5 Notification obligation

Where you have exercised your right to rectification, erasure or restriction of processing vis-à-vis the Data Controller, the Data Controller must communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom your personal data have been disclosed, unless this proves impossible or involves disproportionate effort.

The Data Controller must inform you about those recipients at your request.

7.6 Right to data portability

You have the right to receive your personal data that you have provided to the Data Controller in a structured, commonly used and machine-readable format. You also have the right to transmit such data to another Data Controller without hindrance from the Data Controller to which the personal data have been provided, where:

(1) the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR and

(2) the processing is carried out by automated means.

In exercising this right, you have the right to have your personal data transmitted directly from one Data Controller to another, where technically feasible. The rights and freedoms of other persons must not be adversely affected by this.

7.7 Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data that is based on Article 6(1)(e) or (f) GDPR, including profiling based on those provisions.

The Data Controller will no longer process your personal data unless the Data Controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

Where your personal data are processed for direct marketing purposes, you will have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.

Where you object to processing for direct marketing purposes, your personal data will no longer be processed for such purposes.

In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

7.8 Right to withdraw privacy consent

You may withdraw your consent at any time. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

7.9 Automated individual decision-making, including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects for you or similarly significantly affects you. This does not apply if the decision

(1) is necessary for entering into, or performance of, a contract between you and the Data Controller;

(2) is authorised by Union or Member State law to which the Data Controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or

(3) is based on your explicit consent.

However, decisions must not be based on special categories of personal data referred to in Article 9(1) GDPR unless Article 9(2)(a) or (g) GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.

In the cases referred to in (1) and (3), the Data Controller must implement suitable measures to safeguard your rights and freedoms and legitimate interests, which includes at least the right to obtain human intervention on the part of the Data Controller to express your point of view and to contest the decision.

7.10 Right to lodge a complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a Supervisory Authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your personal data infringes the GDPR.

The Supervisory Authority with which the complaint has been lodged must inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.

The contact details of the Supervisory Authority responsible for our company are as follows:

State Commissioner for the Protection of Data and Freedom of Information

Postfach 10 29 32

70025 Stuttgart, Germany

Tel.: +49 711 6155410

E-mail: poststelle@lfd.bwl.de

Homepage: www.baden-wuerttemberg.datenschutz.de.

8 Changes to our Privacy Policy

We reserve the right to adapt this Privacy Policy to current technical and legal developments. Therefore, please inform yourself about the contents of the current Privacy Policy when revisiting our website.

The Privacy Policy was last amended on: 18.05.2018