Contact details of the data controller

This data protection information applies to data processing by:

pantocomo GmbH
Roentgenstraße 8
76133 Karlsruhe, Germany

Telefonnummer:  +49 (0)721 963 143 30

E-Mailadresse: info@pantocomo.com

Responsible: Oliver Braun

Basic information on data processing and legal framework

This data protection declaration explains the data protection practices with regard to the collection and use of your personal data (hereinafter: “customer data”) within our online presence and sets out your data protection rights. This privacy policy applies regardless of the domains, systems, platforms and devices (e.g. desktop or mobile) on which the online offer is executed.

We collect, process and use your customer data only with your consent or if permitted by law. We will only collect, process and use customer data which is necessary for the performance and use of our services and which you voluntarily make available to us.

Personal data is all data that contain information about personal or factual circumstances of a specific or identifiable person. This includes, for example, your name, e-mail address, home address, gender, date of birth, telephone number or age.

With regard to the terms used, we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

Legal bases:

Art. 6 para. 1a. and Art. 7 GDPR (consents)

Art. 6 para. 1b. GDPR (processing for the fulfillment of our services and implementation of contractual measures)

Art. 6 para. 1c. GDPR (processing to fulfill our legal obligations)

Art. 6 para. 1f. GDPR (processing to protect our legitimate interests)

Collection and storage of customer data and type and purpose of use

a) When visiting the websites

When you visit our websites, the browser you use automatically transmits the following information to the server of our website and stores it in a so-called “log file” for a limited period of time:

  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the retrieved file,
  • Transferred data volume
  • Notification of successful retrieval
  • Website from which access is made (referrer URL),
  • Browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

The above-mentioned data will be processed by us on the basis of Art. 6 para. 1 1f GDPR for the following purposes:

  • Ensure a smooth connection of the website,
  • Ensure comfortable use of our website,
  • Enabling interest-based advertising
  • Evaluation of system security and stability as well as

other administrative purposes.

The legitimate interest in data processing follows from the purposes listed above for data collection.

We also use cookies and analysis tools when you visit our website (see below for terms).

b) When using our contact form or by e-mail

When contacting us via contact form or e-mail, the user’s details are processed for processing the contact enquiry and its handling in accordance with Art. 6 Para. 1b) GDPR. A valid e-mail address is required, further information can be provided voluntarily.

Data processing for the purpose of establishing contact is carried out in accordance with Art. 6 para. 1a) GDPR on the basis of the consent given voluntarily.

c) When registering for our newsletter

After registering for our newsletter you will receive an e-mail asking you to confirm your registration via a link. The logon data (e-mail address, logon and confirmation time, IP address) are logged in order to be able to prove the logon.

In the event that you have registered to receive our newsletter, you are deemed to have given your express consent pursuant to Art. 6 para. 1a) GDPR. In this case we are entitled to use your e-mail address for the regular sending of our newsletter.

You will find a link to cancel the newsletter or to revoke your consent at the end of each newsletter. You can also unsubscribe at any time by sending an e-mail to

Performance of contractual services

We process customer data to fulfill our contractual obligations and services in accordance with Art. 6 para. 1 b) GDPR.

Customers have the possibility to create a customer account in which they can check and change the transmitted customer data (e.g. name, address, contact data, order status etc.).

During the necessary registration the customer will be informed about the required information.

The data stored in the customer accounts is not public and cannot be indexed by search engines.

During registration, repeated registrations and use of our online services, we save the following data:

  • IP address of the requesting computer,
  • Date and time of access,

This data is stored primarily to protect the customer from misuse and other unauthorized use of customer data and on the basis of our legitimate interests. A passing on of this data to third parties does not take place in principle, unless it is necessary to pursue our claims or there is a legal obligation in accordance with Art. 6 para. 1c) GDPR.

We process customer data in a user profile for purposes of advertising, market research and demand-oriented design of these websites.

We regularly check your creditworthiness when concluding contracts and in certain cases where there is a justified interest. For this we work together with Schufa,  Creditreform, Creditsafe and Company Check from whom we receive the necessary data.

You have the right to obtain information about your personal data stored from Schufa,  Creditreform, Creditsafe and Company Check. If the data stored about you is incorrect, you have a right to correction or deletion.

If the customer account is deleted at the customer’s instigation (termination), the customer data will be deleted insofar as their storage is not necessary for commercial or tax reasons pursuant to Art. 6 para. 1c) GDPR.

After termination of the contract, we are entitled to delete all user data stored during the contract period. Customers are responsible for backing up any data they require before the end of the contract.

Use of applicant contact data

By providing your contact details (e-mail address, telephone number, etc.), applicants agree that we may use them as a communication channel for the further application procedure. When using the e-mail address, we expressly point out to you that this currently takes place in the context of unsecured e-mail traffic. In the case of unencrypted transmission, the possibility of unauthorized third parties being able to access and modify data cannot be ruled out. In knowledge of these circumstances, through providing your email address, you agree to unencrypted electronic communication and to the sending of unencrypted e-mails by pantocomo on a reciprocal basis. You can revoke this consent at any time.

Disclosure of data to third parties

Data will only be passed on to third parties if:

  • you must comply with your obligations under Art. 6
  • on the basis of justified interests pursuant to Art. 6 para. 1f) GDPR on the economic and effective operation of our business operations
  • the disclosure pursuant to Art. 6 para. 1f) GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
  • in the event that a legal obligation exists for the transfer pursuant to Art. 6 para. 1c) GDPR, and
  • this is legally permissible and is necessary for the processing of contractual relationships with you in accordance with Art. 6 para. 1b) GDPR.

If we make use of other companies’ data processing services to fulfill our contractual obligations towards you, they are contractually obliged to handle your data carefully in compliance with data protection regulations and our instructions and neither to use them for their own purposes nor to pass them on to third parties.

If content or service offers of other providers (“third-party providers”) are used and their named registered office is in a third country, data may be transferred to countries in which the GDPR is not directly applicable law. In this case, data will only be transferred if an appropriate level of data protection, user consent or other legal permission is available.

Cookies

In order to protect our legitimate interests and the interests of third parties, we use cookies in our online offer on the basis of the provisions of Art. 6 para. 1f) GDPR. A cookie is a text file that is stored in the cache of your browser or on your terminal device (laptop, tablet, smartphone or similar) and which enables an analysis of your use of our website.

We use so-called “session cookies” to recognise that you have already visited individual pages of our website. A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. A cookie also contains information about its origin and the storage period. These cookies cannot store any other data. Session cookies are deleted when you have finished using our online offer and log out or close your browser, for example.

In addition, to optimise usability, we use temporary cookies that are stored on your end device for a specified period of time. If you visit our site again, it is automatically recognised that you have already been with on our site and which entries you have made in order not to have to enter them again.

Finally, we use cookies to record the use of our website and to statistically evaluate it for the purpose of optimising our services (see “Analysis tools”). These cookies enable us to automatically recognise that you have already been with us. These cookies are automatically deleted after a defined period of time.

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, the complete deactivation of cookies can lead to the fact that you cannot use all functions of our website.

Analytic tools

  1. Google Analytics

We use Google Analytics, a web analysis service of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) on the basis of our legitimate interests within the meaning of Art. 6 Para. 1f) GDPR. Google Analytics uses cookies (see above), which are stored on the user’s computer and which enable an analysis of the use of the website by them. The information generated by the cookie about your use of this website such as:

  • Browser type/version,
  • Operating system used,
  • Referrer URL (the previously visited page),
  • Host name of the accessing computer (IP address),
  • Time of the server request,

are transferred to a Google server in the USA and stored there.

The information is used to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with further services connected with the use of this online offer and the use of the Internet.

This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of the company. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are pseudonymized so that an assignment is not possible (IP masking).

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, the complete deactivation of cookies can lead to the fact that you cannot use all functions of our website.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en).

As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie is set to prevent future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.

Further information on data use by Google, setting and objection options can be found in the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=en).

Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

2) Google / Marketing Services

On the basis of Art. 6 para. 1f) GDPR the marketing and remarketing services (“Google Marketing Services”) of Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).

This feature allows the website’s customers to be targeted with advertising by delivering personalized, interest-based ads to visitors to the website when they visit other websites on the Google Display Network. For these purposes, when our online offer on which Google marketing services are active is called up, a code is executed directly by Google and so-called (re)marketing tags (invisible graphics or code, also known as “web beacons”) are integrated into the website. These codes are used to record visits to the website and anonymous data on the use of the website (browser and operating system, referring websites, visiting time and other information on the use of the online offer). No personal data of visitors to the website is stored. If the customer then visits other websites, the ads tailored to his interests can be displayed to him.

You can permanently deactivate the use of cookies by Google by following the following link and downloading and installing the plug-in provided there: https://www.google.com/settings/ads/plugin. Alternatively, you can disable the use of cookies by third parties by visiting the deactivation page of the Network Advertising Initiative at http://www.networkadvertising.org/choices/ and implementing the additional opt-out information mentioned there.

For more information about Google Remarketing and Google’s privacy policy, please visit: http://www.google.com/privacy/ads/.

Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

3) Google Adwords Conversion Tracking

On the basis of Art. 6 para. 1f) GDPR uses the online advertising program “Google AdWords” and within the framework of Google AdWords the conversion tracking to statistically record the use of our website and for the purpose of optimising our website.

Google Adwords sets a cookie (see above) on your computer when you access our website via a Google ad.

These cookies lose their validity after 30 days, do not contain any personal data and are therefore not used for personal identification. If the user visits certain pages of the Adwords customer’s website and the cookie has not yet expired, Google and the customer can recognize that the user has clicked on the ad and has been redirected to this page.

Each Adwords customer receives a different cookie. Cookies cannot therefore be traced via the websites of Adwords customers. The information collected using the conversion cookie is used to generate conversion statistics for Adwords customers who have opted for conversion tracking. Adwords customers see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, you will not receive any information that personally identifies users.

If you do not wish to participate in the tracking process, you can also reject the setting of a cookie required for this – for example using a browser setting that generally deactivates the automatic setting of cookies. You can also deactivate cookies for conversion tracking by setting your browser to block cookies from the “www.googleadservices.com” domain.

Google’s privacy policy for conversion tracking can be found here (https://services.google.com/sitestats/de.html).

We may use various other tools in connection with the use of the Google Marketing Services on the basis of Art. 6 para. 1f) GDPR:

“AdSense”

AdSense uses cookies to enable Google and its partner sites to serve ads based on users’ visits to this site or other sites on the Internet.

“DoubleClick”

DoubleClick uses cookies to enable Google and its partner sites to serve ads based on users’ visits to this site or other sites on the Internet.

“Google Optimiser”

Google Optimizer makes it possible to track the effects of various changes to a website within the framework of so-called “A/B-Testings”. Cookies are stored on the user’s devices for these test purposes. Only pseudonymous user data is processed.

We can also use the “Google Tag Manager” to integrate and manage Google analysis and marketing services into our website.

“Google Maps”

Google Maps is a map service of Google Inc, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. By using Google Maps, information about the use of this website including your IP address and the (start) address entered in the route planner function can be transmitted to Google in the USA.

When you visit a website on our website that contains Google Maps, your browser establishes a direct connection to Google’s servers. The map content is transmitted by Google directly to your browser and integrated into the website. Therefore, we have no influence on the amount of data collected by Google in this way. According to our knowledge this is at least the following data:

  • the date and time of the visit to the website concerned,
  • Internet address or URL of the called website,
  • IP address,
  • (Start) address entered in route planning.

We have no influence on the further processing and use of the data by Google and can therefore assume no responsibility for this.

If you do not want Google to collect, process or use data about you via our website, you can deactivate JavaScript in your browser settings. In this case, however, you cannot use the map display.

The purpose and scope of the data collection and the further processing and use of the data by Google as well as your rights and setting options for the protection of your privacy can be found in Google’s data protection information.

Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

4) Matomo

In order to optimize our Internet offer, we set out in Art. 6 para. 1). GDPR uses the web tracking tool “Matomo” (former name: Piwik), which is operated on our own server.

Cookies are used for this purpose (see above). The information generated by the cookie about website usage is transmitted to our servers and combined in pseudonymous user profiles. The information is used to evaluate the use of the website and to enable a demand-oriented design of our website. The information is not passed on to third parties.

Under no circumstances will the IP address be linked to other data relating to the user. The IP addresses are pseudonymised so that an assignment is not possible (IP masking).

If you do not agree to the storage and use of your data, you can deactivate the storage and use here (https://matamo.org/docs/privacy/). In this case, an opt-out cookie is stored in your browser to prevent Matamo from saving usage data. If you delete your cookies, the Matamo Opt-Out cookie will also be deleted. The opt-out must be reactivated the next time you visit our site.

Social media plug-ins

We use social plug-ins of the social networks Facebook and Twitter on our website on the basis of art. 6 para. 1f) GDPR. The underlying advertising purpose is to be regarded as a legitimate interest within the meaning of the GDPR. Responsibility for data protection-compliant operation must be guaranteed by the respective provider.

The integration of these plug-ins by us takes place in the way of the so-called two-click method around visitors of our web page in the best possible way to protect.

a) Facebook

Our website uses social media plugins from Facebook to personalize their use. The list and appearance of Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/. This is an offer from Facebook.

Every time a web page containing such a plugin is called up, the browser you use downloads a corresponding representation of the Facebook component. This process informs Facebook which specific page of our website you are currently visiting.

By integrating the plugins, Facebook – regardless of whether you have a Facebook account or not – receives information that your browser has called up the corresponding page of our website. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the USA and stored there.

If you access our site while logged in to Facebook, Facebook recognizes the information collected by the plugin and assigns this information to your personal account on Facebook.

For example, if you click the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends.

Facebook may use this information for the purposes of advertising, market research and demand-oriented design of Facebook pages. Facebook creates usage, interest and relationship profiles for this purpose.

If you wish to prevent Facebook from transmitting and storing data about you and your behavior on our website, you must log out of Facebook before visiting our site.

The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights and setting options for the protection of your privacy can be found in the data protection information (https://www.facebook.com/about/privacy/) of Facebook.

You can object to the collection by the Facebook pixel and use of your data to display Facebook ads. To set what types of ads you see within Facebook, you can visit the page set up by Facebook and follow the instructions on usage-based advertising settings: https://www.facebook.com/settings?tab=ads.

Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

b) Twitter

We use social media plugins from Twitter in our online offer. Twitter is a service of Twitter Inc, 795 Folsom St., Suite 600, San Francisco, CA 94107, USA.

When you access a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. This process informs Twitter which specific page of our website is currently being visited.

An overview of tweet buttons can be found here (https://about.twitter.com/resources/buttons).

If you click the Twitter “tweet button” while logged into your Twitter account, you can link the contents of our pages on your Twitter profile. This allows Twitter to associate the visit of our pages with your user account.

We have no influence on the data Twitter collects through this, nor on the extent of the data collected through Twitter.

If you do not want Twitter to associate your visit to our pages, please log out of your Twitter account.

For more information, please see the Twitter Privacy Policy (https://twitter.com/privacy).

c) YouTube

On our website we use components (videos) from YouTube, LLC 901 Cherry Ave, 94066 San Bruno, CA, USA, a company of Google Inc, Amphitheatre Parkway, Mountain View, CA 94043, USA.

When you access a page that has an embedded video, it connects to the YouTube servers and displays the content on the website by notifying your browser.

If you are logged in to YouTube at the same time, this information will be associated with your YouTube account. You can prevent this by logging out of your member account before visiting our website.

Further information on YouTube’s data protection is provided by Google under the following link: https://www.google.de/intl/de/policies/privacy/

d) Instagram

Our website uses so-called Social Plugins (“Plugins”) from Instagram, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”).

The integrated Instagram button (for example in the form of an “Instagram camera”) on our site informs Instagram that you have called up the corresponding page of our website.

When you access a page of our website that contains such a plugin, a connection to Instagram’s servers is established and the content of the Instagram plug-in is transferred directly to your browser and integrated into the page. This integration gives Instagram – regardless of whether you have an Instagram profile or not – the information that your browser has accessed the corresponding page of our website.

This information (including your IP address) is transmitted directly from your browser to an Instagram server in the USA and stored there. If you access our site while logged in to Instagram, Instagram recognizes the information collected by the plugin and assigns this information to your personal account on Instagram. The information is also published on your Instagram account and displayed to your Instagram contacts. You can prevent this by logging out of your Instagram account before visiting our website. Please refer to Instagram’s privacy policy (https://help.instagram.com/155833707900388) for more information.

Rights of users

Users have the right to:

  • to request information about your personal data processed by us (Art. 15 GDPR).
  • immediately request the correction of incorrect or complete personal data stored by us (Art. 16 GDPR)
  • to revoke your consent to us at any time (Art. 7 para. 3 GDPR). As a result, we are no longer allowed to continue the processing of data based on this consent in the future.
  • to demand the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims (Art. 17 GDPR)
  • to demand the restriction of the processing of your personal data if you dispute the accuracy of the data, if the processing is unlawful, but you refuse to delete it and we no longer need the data, but if you need it to assert, exercise or defend legal claims or if you have filed an objection to the processing pursuant to Art. 21 GDPR (Art. 18 GDPR)
  • to receive your personal data, which you have provided to us, in a structured, current and machine-readable format or to request the transmission to another person responsible (Art. 20 GDPR)
  • to complain to a supervisory authority (Art. 77 GDPR). As a rule, you can contact the supervisory authority of your usual place of residence.

Right of objection

If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 1f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR. The objection may be lodged in particular against processing for direct marketing purposes.

To exercise your right of revocation or objection, simply send an e-mail to  info @ pantocomo.com

Deletion of data

The data stored by us will be deleted if it is no longer required for the original purpose and if there are no legal storage obligations to prevent deletion.

Validity and amendment of this data protection declaration

This data protection declaration is currently valid and has the status 04.04.2019.

Changes in the legal situation or changes in the service and data processing may make it necessary to adapt this data protection declaration. The current data protection declaration can be accessed at any time on the website under https://www.pantocomo.com/data-privacy-policy/