Data protection statement of Theben AG as of May, 31st 2023
We, Theben AG (hereinafter referred to as “Theben”), are delighted you have chosen to visit our website and are interested in our products and services. Protection of your privacy and any personal data you may make available to us is a matter that we take very seriously. It goes without saying that we comply with the legal regulations relating to data protection. In the following, we will provide you with information on which data we collect from you and for what purposes, how long we store this data, and the rights that you have when we process your data.
Theben AG, Hohenbergstraße 32, 72401 Haigerloch, Germany, is responsible for processing your data on this website. The legal notice on this website provides you with information on how you can get in touch with us.
In our data protection statement, we use terms and definitions from the European General Data Protection Regulations (GDPR), and in particular from Article 4. Under the terms of these regulations, we are the “data controller” and you are the “data subject”. Data that relates either directly or indirectly to you is termed “personal data”. When we make further reference to your “data” in this data protection statement, we are generally referring to data that relates directly or indirectly to you personally.
As a data subject, you have the right to obtain access from us to the data relating to you (Art. 15 GDPR). In accordance with Art. 16 GDPR, you may have your data rectified or, provided certain requirements are met in line with Art. 17 GDPR, you may request that the data is erased. In accordance with Art. 18 GDPR, you have the right to restriction of processing and, if you make a claim in relation to a particular personal situation, you also have the right – in accordance with Art. 21 GDPR – to object to your data being processed either in general or in relation to certain aspects. With respect to data that you have provided to us, you may request that it is issued to you in a commonly used and machine-readable format. You have the right to withdraw consent you have given to us regarding the processing of your data at any time with future effect. This means that your withdrawal of consent can only relate to the future processing of your data; any processing that has already taken place therefore continues to comply with data protection regulations.
You have the right to object to us using your contact and address details to send you advertising and information in the post, if you have not explicitly requested to receive this.
In order to exercise your rights, please contact firstname.lastname@example.org.
You can get in touch with our company data protection officer directly at email@example.com.
You have the right to contact a supervisory authority if you wish to make a complaint regarding how we process your data. In Baden-Württemberg, this is the state commissioner for data protection and freedom of information (Landesbeauftragte für den Datenschutz und Informationsfreiheit), postal address, Postfach 102932, 70025 Stuttgart, Germany, e-mail firstname.lastname@example.org.
Fully automated processing of data when visiting our websites
If, pursuant to Art. 6 para. 1 sentence 1 lit. a DSGVO, you consented explicitely, we will use your e-mail address to regularly send you our newsletter. For the receipt of the newsletter the indication of an email address is sufficient. We save your consent and the time that you gave your consent. Your subscription can be cancelled by unsubscribing from the newsletter. If you want to unsubscribe, you can find a link in the footer of each newsletter.
In order to send you appropriate offers and content, we track your click behaviour in the newsletter. This involves recording which newsletter has been opened and how often, or how often users have clicked on links to our products or other information in a newsletter. Analysing this click behaviour enables us to keep optimising the newsletter and adapting it to suit the interests of our customers. For analysis purposes, usage data is summarised when it is collected – a process which anonymises it. This prevents the data from being linked to any particular e-mail address. As a result, we do not know what your personal click behaviour looks like.
However, you may opt out of this monitoring process at any time by unsubscribing from the newsletter. The legal basis for our usage analysis of click behaviour is our legitimate interest in tailoring the content of our newsletters to our customers.
In addition to the A10 environment, an additional proxy for SSL / TLS termination has been in operation since September 2020, which will replace the A10 environment in the future. Here, emails are only encrypted using TLS 1.2 or TLS 1.3.
Theben Media Pool
In accordance with the terms and conditions for the use of Theben Brand and Media Content, registration of the user is required for access thereto. In doing so, not only data of the legal entity "licensee" is collected and processed, but also of the natural person(s) who use the brand and media content on behalf of the licensee. Registration cannot take place without the provision of this data. Further personal data is voluntary. The personal data collected in the process will be processed solely for the purpose of implementing, monitoring and fulfilling the licence agreement. Neither your e-mail address (mandatory information) nor your address or telephone number (optional information) will be processed for purposes other than those stated.
Control of use
Legal basis of the processing, your rights as a data subject
If you use the Media and Branded Content as an employee or agent of the Licensee, your personal data will be processed, on the one hand, in the legitimate interest of Theben AG to set up, grant, control and terminate the use for the Licensee and, on the other hand, in the legitimate interest of the Licensee as a third party under data protection law to set up, grant, control and terminate the use. The purpose of the processing is not directed at you as a natural person, but at the licensee as a legal entity. Your counter-interests may prevail, for example, if you are no longer working for the licensee.
Passing on data
In order to send you the access data for Theben Mediapool after registration, we will pass on your collected data to our service provider to create your personal access data. The service provider has been carefully selected and strictly bound to comply with data protection by means of an order processing contract.
When using our Theben Mediapool, you have the rights listed under Data subject rights.
Storage period of usage data
The usage data will remain stored in a personalised form for as long as personalised control of the usage is necessary for the contractual partner Theben AG or the licensee.
Social media plug-ins
According to Art. 6 para. 1 sentence 1 lit. f DSGVO, we use social plug-ins of the social networks Facebook, Twitter, Instagram, Xing, linkedin, kununu and youtube to popularise our company. The underlying commercial purpose is to be regarded as a legitimate interest within the meaning of GDPR. The responsibility for the privacy-compliant operation is to be guaranteed by the respective providers.
Our website uses social media plugins from Facebook to personalize use. For this we use the "LIKE" or "SHARE" button. This is a facility of Facebook. If you visit a page of our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and integrated by the latter into the website. By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are currently not logged in to Facebook. This information (including your IP address) is transmitted from your browser directly to a Facebook server in the US and stored there.
If you are logged in to Facebook, Facebook can directly assign the search of our website to your Facebook account. If you interact with the plugins, for example, press the "LIKE" or "SHARE" button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information will also be published on Facebook and displayed to your Facebook friends. Facebook may use this information for the purpose of advertising, market research and tailor-made Facebook pages. For this purpose, Facebook uses user, interest and relationship profiles, e.g. to evaluate your use of our website in relation to the advertisements displayed on Facebook, to inform other Facebook users about your activities on our website, and to provide other services related to the use of Facebook.
In our website we use YouTube. This is a video portal of YouTube LLC., 901 Cherry Ave., 94066 San Bruno, CA, hereinafter referred to as "YouTube." YouTube is a subsidiary of Google LLC., Gordon House, Barrow Street, Dublin 4, Ireland, hereafter referred to as "Google." Certified under the EU-US Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active)
Google and thus the subsidiary YouTube guarantees, that the data protection requirements of the EU are also observed when processing data in the USA. We use YouTube in conjunction with the Advanced Privacy Mode feature to show you videos. Legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the quality improvement of our website. According to YouTube, the Enhanced Privacy Mode feature means that the data below is not transmitted to YouTube's server unless you actually start a video. Without this "Advanced Privacy," you will be connected to the YouTube server in the United States as soon as you visit one of our web pages that embed a YouTube video.
This connection is required to be able to display the respective video on our website via your Internet browser. In the course of this, YouTube will at least collect and process your IP address, the date and time as well as the website you are visiting. It also connects to Google's DoubleClick ad network. If you're logged in to YouTube at the same time, YouTube will provide the connection information to your YouTube account. If you want to prevent this, you must either log out of YouTube before visiting our website or make the appropriate settings in your YouTube user account. For the purpose of functionality as well as for the analysis of the usage behaviour, YouTube permanently stores cookies via your internet browser on your device. If you do not agree with this process, you have the option to prevent the storage of cookies by a setting in your Internet browser. For more information, see "Cookies" above.
For further information about the collection and use of data as well as your related rights and protections please refer to Google‘s privacy notices: https://policies.google.com/privacy.
On our website plugins of the short message network of Twitter Inc. (Twitter) are integrated. The Twitter plugins (tweet button) can be recognized by the Twitter logo on our site.
When you visit a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. In this case, Twitter receives the information that you have visited our site with your IP address. If you click on the Twitter "tweet button" while logged in to your Twitter account, you can link the contents of our pages to your Twitter profile. This allows Twitter to associate your visit to our pages with your user account. We point out that we (as the provider of the pages) are not aware of the content of the transmitted data and their use by Twitter.
Our website also uses so-called social plugins ("plugins") operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram"). The plugins are marked with an Instagram logo, for example in the form of an "Instagram camera".
If you visit a page of our website that contains such a plugin, your browser establishes a direct connection to the Instagram servers. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram obtains the information that your browser has called up the corresponding page of our website, even if you do not have an Instagram profile or are currently not logged in to Instagram. This information (including your IP address) is sent from your browser directly to an Instagram server in the US and stored there. If you're logged in to Instagram, Instagram can instantly associate your visit to our website with your Instagram account. If you interact with the plugins, for example, press the "Instagram" button, this information is also transmitted directly to a server of Instagram and stored there.
The information will also be published on your Instagram account and displayed there to your contacts. If you do not want Instagram to directly map the data collected via our website into your Instagram account, you must log out of Instagram before visiting our website.
Our website uses features of the LinkedIn network. Provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, United States.
Each time you visit one of our pages that contains LinkedIn features, it connects to LinkedIn servers. LinkedIn is informed that you have visited our website with your IP address. If you click LinkedIn's "Recommend Button" and are logged in to your LinkedIn account, LinkedIn will be able to associate your visit to our website with you and your user account. We point out that we as the provider of the pages have no knowledge of the content of the transmitted data and their use by LinkedIn. For more information, see the LinkedIn privacy statement at:
https://www.linkedin.com/legal/privacy-policy, opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting- opt-out.
F. XING / kununu
Our website uses functions of the network XING. Supplier is XING SE, Dammtorstraße 29-32, 20354 Hamburg, Germany. KUNUNU GmbH is a subsidiary of XING SE. Responsible body and operator of the website is XING SE, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time you visit one of our sites that contains XING features, it will connect to XING servers. A storage of personal data is not done to our knowledge. In particular, no IP addresses are stored or the usage behavior is evaluated.
G. Use of social media management software - Hootsuite
We manage our social media channels with Hootsuite, HootSuite Media Inc, 5 East 8th Avenue Vancouver, V5T 1R6, Vancouver, BC, Canada. With Hootsuite we can manage our social media channels, schedule, publish and analyze posts. Hootsuite processes data that has been uploaded by users on social media channels or passed on and made public by sharing and liking posts. We use Hootsuite to organize, manage and analyze our social media channels more efficiently. The processing of personal data takes place in accordance with Art. 6 Para. 1 lit. f GDPR. The underlying advertising purpose is to be regarded as a legitimate interest within the meaning of the GDPR.
Further information on the currently applicable data protection provisions of Hootsuite and your right to object can be found at https://hootsuite.com/de/legal/privacy and at https://hootsuite.com/de/legal/general-data-protection-regulation recall.
How we process your personal data as a customer or supplier
On our website pages, we collect data (contact requests, newsletter subscriptions, registrations for training courses, customer surveys) of natural persons who get in touch with us or who belong to or represent a company with which we are in a business relationship. This data includes your name, the name of your company, the address of your company as well as your business contact details, such as your e-mail address, telephone number and your role within the company. Your data is processed on the basis of our legitimate interest to get in touch with you as a representative of our customer, as well as the legitimate interests of the company that you represent to establish communication. Your interests may conflict with these and take precedence if you leave your company, for example.
Naturally, as the data subject, you are granted data protection rights, such as the right to withdraw consent, the right to request access to the data that is stored about you, and further rights. Please refer to the General section of this data protection statement in this regard.
For contractual purposes, we process data relating to your company in our Customer Relationship Management Software (CRM) system and in the planning, production, logistics and finance modules of our Enterprise Rescoure Planning (ERP) system. Depending on your role and the responsibilities you have at your company, this data may also include the data detailed above that relates directly to you personally. However, the purpose for processing this data does not relate to you as a person, but rather to your company as our business partner. Data protection law is not applicable to purely business data that does not relate to a natural person.
Downloads of white papers or software
If you submit the form to download your copy of our white paper or software, your information will be collected and we will use your information to create a personalized download link. We do not use the data from the form for any purpose other than described below. We will only send you our newsletter if you have specifically ordered it. By using the links to download you can determine if and how often you have downloaded the file. If you have downloaded it, we would like to contact you via our sales department. This would preferably be done by e-mail. If you enter a telephone number and/or a postal address, we may also contact you by this option. If you have not completed the download, your data will be deleted automatically within 48 hours.
With your download, you consent to our use of your data in exchange for downloading the file.
How we process your personal data as an applicant.
On our website pages, we do not collect any data relating to applicants; instead, we make available to you the contact information for the HR department. We request that you do not use any other Theben e-mail addresses for applications. The legal basis when we process your application is a necessity, as we need to process your data in order to decide whether we are going to establish an employment relationship with you.
If your application is unsuccessful, your data will be deleted after three months. If we are interested in considering your application at a later date, we will obtain your consent to retain your data beyond three months.
How we process your personal data as an applicant
On our website pages, we do not collect any data relating to applicants; instead, we make the contact information for the head of our HR department available to you. We request that you do not use any other Theben e-mail addresses for applications. The legal basis when we process your application is necessity, as we need to process your data in order to decide whether we are going to establish an employment relationship with you.
If your application is unsuccessful, your data will be deleted after three months. If we may be interested in considering your application at a later date, we will obtain your consent for this.
Use of our contact forms
Our contact forms collect personal data that we require in order to respond to your enquiry / your catalogue order. The legal basis for the processing of your name, your e-mail address and the content of your enquiry is “contractual and pre-contractual purposes”. We process any further information that you provide voluntarily, such as your gender, your company, your address and your telephone and fax numbers, on the legal basis of the legitimate interest to improve communication with our customers. Once a contact form has been completed, its content is stored temporarily on the web server and sent from there to our marketing department in an e-mail. The marketing department then passes this e-mail on to whichever one of our specialist departments is responsible for handling the enquiry. The data in your enquiry remains stored in our e-mail system, but nowhere else. Once your enquiry has been resolved, the data is locked to prevent it being used in any other way. Any data that is stored temporarily on the web server is cleaned up on a monthly basis.
Registration for on-site trainings and workshops
On our website in the section Service > Seminars and Online Trainings you can find the names and contact details of the persons responsible for the implementation. You can send us your questions about the events on offer or also your registration via the communication options e-mail/telephone call/fax. You can also use our registration form for your registration via the "To register" button. We process the data required for your participation (your name, your company, your e-mail address) as well as your other details in the comments field. The legal basis for the processing is "Contractual and pre-contractual purposes". We use your information exclusively for processing your booking and organising the training.
Within our company, we pass on your data to those persons who are involved in the organisation of the training and billing. If you provide information about your room preference and arrival, we will pass on your name and arrival date to hotels in our vicinity.
Registration for our online seminars and events
If you register for one of our online seminars and events using the relevant form, we will process your data (surname, first name, company, e-mail address, postcode, city, country, category and, if applicable, your comments) in order to contact you after the training. This can be done by the organisers of the events themselves (follow-up surveys, sending recordings of the event) and by our sales department. Contact will be made without obligation by e-mail or, if you have given us the option, also by telephone. Contact by our sales department may relate to the topic of the event, but also to other products and solutions of Theben AG. The legal basis for the processing of this data is your consent in accordance with Art. 6 Para. 1 lit. a DSGVO. We determine the sales representative responsible for you on the basis of the postcode you provide.
If it is possible to ask questions via a chat function during the online event, these will be stored exclusively in our online seminar software. The chat protocols will not be passed on. You will be informed of this at the beginning of the relevant event. Our webinars are regularly recorded. In the event of a recording, you will be informed before the start of the event.
Registration for a day voucher
You can use our form to register with Theben AG for vouchers for a free one-day ticket to a trade fair. These vouchers are made available to us by the respective organiser, only the voucher code is transmitted to you by Theben AG.
By submitting the form, you agree that we may store your personal data for the aforementioned purpose. No further confirmation is required. The storage of your data is based on "legitimate interest" according to Art. 6 para. 1 let. f DSGVO. We will only use your data for sending the vouchers and will delete it after the event.
Processing your data in our customer survey
We offer participants in our customer survey a free gift as a thank-you for taking part. To ensure that your responses remain absolutely confidential and to enable you to enjoy the free gift that we offer you, our e-mail contains a personalised link to the customer survey which identifies you as the recipient of the e-mail when you click on it and automatically adds you to the list of participants in our customer survey. The legal basis for the processing of this data is our legitimate interest in having a high number of customers respond to our survey. We only use this identification method so that we can send you your free gift. In our e-mail, you will be informed about the purpose of the personalised link to the customer survey. Upon clicking on the link, you agree to this identification for the purposes outlined above. The legal basis for identifying you via your e-mail address so that our marketing department can send you your free gift if the contractual relationship that we enter into with you when we invite you to take part in the survey.
Your answers to our customer survey will always remain anonymous, which means that they will not be saved or evaluated in relation to you or your company.
A distinction is made between technical cookies (1), which guarantee the correct functioning of our website (these cookies are set automatically) and tracking cookies (2) for marketing and analysis purposes, which require your consent.
(1) Session cookies, document basket functionality, handling of your opt-out opt-out.
Another way in which they differ from one another is the length of time for which they are stored on your PC. Session cookies are cleared automatically when you close your browser. A session cookie may, for example, ensure that the communication between our web server and your PC is secure. Persistent cookies, on the other hand, remain stored on your PC. Your browser may provide information on their storage duration. A persistent cookie can be read again the next time you visit our website. If you want to stop this from happening, you can clear the persistent cookie after visiting our website. Persistent cookies may be used for analysing how you use our website, for example.
Another way in which cookies differ from one another is where they originate from. First-party cookies always originate from the website shown in the address bar of your browser. Third-party cookies, meanwhile, come from websites which you have not accessed directly, but which are instead linked to the first-party website through images or advertisements. Your browser may tell you the sources from which the cookies stored on your PC originate.
Most browsers are configured to accept cookies. If you would like to switch off this function, you will need to change the relevant settings in your browser. If your browser does not accept cookies, you may find that some of the pages on our website do not function to their full extent. In order to complete a contact form, it is essential that your browser is configured to accept session cookies. Session cookies are cleared automatically when you close your browser.
You can use the Cookies for distance measurement and promotional purposes via the deactivation page of the Network Advertising Initiative (https://optout.networkadvertising.org/) and in addition the US website (https://www.aboutads.info/choices) or the European website (https://www.youronlinechoices.com/uk/your-ad-choices/).
If you would like to unsubscribe from tracking cookies or modify your agreement, please change your settings:
Founded on the legal basis of our legitimate interest to improve our web offering, our website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how you use the site. The information generated by the cookie about your use of the website (including your IP address) will generally be transmitted to and stored by Google on servers in the United States. However, if IP anonymisation is activated on this website, your IP address is abbreviated beforehand by Google within Member States of the European Union or in other states who are party to the Agreement on the European Economic Area. Your full IP address will only be transmitted to a Google server in the United States and abbreviated there in exceptional cases. On behalf of the website operator, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage vis-à-vis the website operator. The IP address transmitted by your browser as part of Google Analytics will not be associated with any other data held by Google.
You can prevent the collection of your data by Google Analytics or modify your general agreement, just change your settings: .
You may prevent cookies from being stored by making the appropriate setting in your browser software. If you do so, however, please be advised that you may not be able to use all the functions of our webshop to their full extent.
Alternatively, you can prevent Google from collecting cookie-generated data that relates to your use of our website (incl. your IP address) and from processing this data. To do this, download and install the browser plugin by accessing the following link (http://tools.google.com/dlpage/gaoptout?hl=de).
Google Analytics opt-out browser add-on
Google Analytics 4
The Theben corporate website uses Google Analytics 4.0, a service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), which can be used to analyse the use of online shops. When using Google Analytics 4.0, so-called "cookies" are used as standard. Cookies are text files that are stored on your terminal device and enable an analysis of your use of a website.
With Google Analytics 4.0, the anonymisation of IP addresses is activated by default. Due to IP anonymisation, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
Google uses this and other information on our behalf to evaluate your use of the website, to compile reports on your website activities and usage behaviour and to provide us with other services related to your website and internet usage.
The data collected in the context of the use of Google Analytics 4 will be retained for 2 months and then deleted.
All processing described above, in particular the setting of Google Analytics cookies for the storage and reading of information on the end device used by you for the use of the website, will only take place if you have given us your express consent for this in accordance with Art. 6 Para. 1 lit. a DSGVO. Without your consent, Google Analytics 4 will not be used during your use of the website.
You can revoke your consent at any time with effect for the future by accessing the link below and changing your selection there. The lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected.
You can also prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to reject all cookies, functionalities on this website and other websites may be restricted.
You can prevent your data from being collected by Google Analytics 4 by adjusting your settings: Change cookie settings