Data privacy declaration of KoDeJa GmbH
The General Data Protection Regulation of the European Union has been in force since May 25, 2018. According to this, companies that collect personal data are obliged to provide their customers and business partners with comprehensive information about how they handle data. The aim, as formulated in the basic regulation, is to ensure “fair and transparent processing” of the data. KoDeJa GmbH also processes personal data. For this reason, this presentation serves to inform our customers, business partners and website visitors.
The purpose of processing personal data is the fulfillment of contracts and the further development of products and services, the core of the business model of KoDeJa GmbH: consulting, training and communication services with reference to Japan, as well as import and distribution of products with reference to Japan. Customers should be given the greatest possible benefit. In order to contact customers and business partners by post about services and inquiries, we need your name and address; the provision of this data is necessary for the conclusion of a contract. This also applies to info mails and other digital services, which we can only send if the respective mail addresses are provided. In addition, we develop products and services in various channels - printed, digital and in personal exchange - that are intended to create personal and / or corporate added value for our private and business customers. This is only possible if we have sufficient information about the personal requirements and business challenges of our customers. In order to process orders and for the use of our online shop, it is necessary to record contact details such as name, address, mail address, telephone number and, depending on the payment method, bank details. KoDeJa GmbH does not intend to process the personal data for any other purpose than that for which they were collected. Should this ever be the case, KoDeJa GmbH would have to inform its customers and business contacts (GDPR article 13 paragraph 3) beforehand.
The legal basis for data processing is the express consent to the collection of data (GDPR article 6 paragraph 1 letter a), the performance of a contract or response to inquiries (GDPR article 6 paragraph 1 letter b) and legitimate interests (Article 6 paragraph 1 letter f) of KoDeJa GmbH to maintain, expand and further develop our content and service for our customers. For this purpose, our employees also ask about business challenges, product and service requests and information on the use of products and services; There are also digital surveys to measure the satisfaction of customers, suppliers and other business partners and to take up any suggestions.
The personal data is among other things processed in customer service, sales, marketing, accounting and IT. In addition to these internal recipients , we have also commissioned service providers with whom we have agreed GDPR conformity for order processing, who are already subject to the rules on GDPR conformity or who are subject to similarly strict rules at home and abroad. These include translators, interpreters, web service providers such as providers of shopping platforms and legal and tax advisors. The personal data will be transmitted to the following third countries or international organizations. These include customer advisors and contacts in Japan, service providers for IT and the web such as Google in Ireland or the USA, as customers, business partners and vicarious agents. Please also note the following information on data protection of our websites.
This data is stored until the contractual relationship ends and they are no longer necessary for the purposes for which they were collected (GDPR Article 17 paragraph 1 letter a) and the contractual partners' legal claims are regulated. Only the data that is required for an audit and the fulfillment of other legal requirements is anonymized and stored for ten years.
What rights do customers have? Affected persons have a right to information (GDPR article 15 paragraph 1), for what purpose which categories of personal data are collected for how long and who receives this data. There is also a right to correct (GDPR article 16) incorrect data and to complete incomplete personal data, also by means of a supplementary declaration. There is also a right to immediate deletion ("right to be forgotten") (GDPR article 17) of personal data, provided that KoDeJa GmbH does not need it to fulfill a legal obligation (GDPR article 17 paragraph 3 letter b). There is also a right to restriction of processing (GDPR article 18) if a customer or business partner denies the accuracy of the personal data, he objects to the processing or needs it to assert, exercise or defend legal claims and KoDeJa GmbH does not need it any longer. If personal data is corrected, deleted or restricted, KoDeJa GmbH will notify all recipients of this and will inform the person concerned about the recipients upon request (GDPR article 19). In addition, there is a right to data portability (GDPR article 20). This means that customers who have expressly consented to the collection of personal data or whose collection is necessary for the performance of a contract, have the right to receive the personal data relating to them that they have provided to KoDeJa GmbH in a structured, current and machine-readable format and to transmit it to a third party without hindrance. They also have the right to have KoDeJa GmbH transfer this data directly to a third party, as long as the rights and freedoms of other people are not impaired.
If a customer or business partner has expressly consented to the collection of personal data (GDPR article 6 paragraph 1 letter a), revocation is possible at any time. Until the time of revocation, the data processing remains lawful (GDPR article 13 paragraph 2 letter c). Affected persons can also object to the processing of data (GDPR article 21) at any time if KoDeJa GmbH has raised this for legitimate interests (GDPR Article 6 Paragraph 1 Letter f). This also applies to the profiling of data. If personal data is processed in order to operate direct mail, data subjects can also object at any time. Then this data will no longer be processed for these purposes.
There is a right of appeal to a supervisory authority (GDPR article 77) if customers or business partners are of the opinion that the processing of their personal data violates the General Data Protection Regulation.
Further information on data protection on our website
General information and mandatory information
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
When you use this and other of our websites, various personal data is collected. Personal data is data with which you can be personally identified. This data protection declaration explains which data we collect and what we use it for. It also explains how and for what purpose this is done.
We point out that data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of the data against access by third parties is not possible.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the website operator, our pages use a SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.
Analysis tools and third-party tools
When you visit our website, your surfing behavior can be statistically evaluated. This is mainly done with cookies and so-called analysis programs. The analysis of your surfing behavior is usually anonymous; surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You can find detailed information on this below.
You can contradict this analysis. We will inform you about the possibilities of objection in this data protection declaration.
Objection to advertising mail
We hereby object to the use of the contact data published as part of the imprint obligation for sending unsolicited advertising and information material. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam mails.
Data collection on our website
Some of the websites use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit.
Cookies are blocked on our website until you allow them in whole or in part. You can also set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when you close the browser. Deactivating cookies may restrict the functionality of our website.
Cookies that are required to carry out the electronic communication process or to provide certain functions you require (e.g. shopping cart function) are stored on the basis of GDPR article 6 paragraph 1 letter f. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies for analyzing your surfing behavior) are stored, these will be treated separately in this data protection declaration.
Server log files
The website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version
- operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is not combined with other data sources.
This data is collected on the basis of GDPR article 6 paragraph 1 letter f. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website - the server log files must be recorded for this.
Data protection declaration for the use of Google Analytics
Our websites use functions of the web analysis service Google Analytics. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of our website is usually transferred to a Google server in the USA and stored there.
The storage of Google Analytics cookies is based on GDPR article 6 paragraph 1 letter f. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.
We have activated the IP anonymization function on our website. As a result, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before it is transmitted to the USA. The full IP address is only transmitted to a Google server in the USA and shortened there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install: https://tools.google.com/dlpage/gaoptout?hl=en.
Objection against data collection
You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie is set that prevents your data from being collected when you visit this website in the future: Deactivate Google Analytics
You can find more information on how to handle user data on Google Analytics in Google's data protection declaration: https://support.google.com/analytics/answer/6004245?hl=en.
Order data processing
We have concluded a contract data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Demographic characteristics in Google Analytics
Our website uses the “demographic characteristics” function of Google Analytics. This allows reports to be created that contain statements on the age, gender and interests of the site visitors. This data comes from interest-based advertising from Google and visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the position “Objection to data collection”.
Plugins and tools
Storing Matomo cookies is carried out on the basis of GDPR article 6 paragraph 1 letter f. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.
Our websites use social media with analysis functions from the Facebook Inc. group of companies , 1601 S California Ave, Palo Alto, California 94304, USA.
We use so-called Facebook pixels (Facebook Custom Audiences) from Facebook Inc. (Facebook). This means that interest-based advertisements (Facebook ads) can be shown to users of our website when they visit the social network Facebook or other websites that also use the process. Your browser automatically establishes a direct connection with the Facebook servers through the Facebook pixel. We have no influence on the extent and further use of the data that is collected by Facebook through the use of this tool and therefore inform you according to our level of knowledge: By integrating the Facebook pixel, Facebook receives the information that you are viewing an ad from us which you clicked or which you called up the corresponding website on our website. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or are logged in, there is the possibility that the provider will find out and save your IP address and other identification features. You can find more information on handling user data on Facebook in the Facebook data policy: https://www.facebook.com/policy.php. Further information on the "Like" button and data collection is available at https://www.facebook.com/help/186325668085084.
With the use of the Facebook pixel, we pursue the purpose of only displaying Facebook ads that we have placed to Facebook users who have also shown an interest in our product- or website portfolio. With the help of the Facebook pixel, we want to ensure that our Facebook ads correspond to the potential interest of our users and are not annoying. Furthermore, with the help of the Facebook pixel, we can understand the effectiveness of Facebook ads for statistical purposes by seeing whether users were redirected to our website after clicking on a Facebook ad.
The Facebook pixel is used on the basis of GDPR article 6 paragraph 1 letter f. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its websites and its advertising.
Newsletter and Infopost
We send newsletters via MailChimp, a platform for newsletters from US vendor The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 500, Atlanta, GA 30308, USA.
The mail addresses of our newsletter recipients, as well as other data described in these notes, are stored on MailChimp's servers in the USA. MailChimp uses this information to send and evaluate the newsletter on our behalf. According to its own information, MailChimp can also use this data to optimize or improve its own services, for example to technically optimize the dispatch and presentation of the newsletter or for economic purposes, for example to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write them down or to pass them on to third parties.
MailChimp undertakes to comply with EU data protection regulations. You can view MailChimp's data protection regulations at https://mailchimp.com/legal/privacy/.
By ticking in our order form to be informed about news and exclusive offers, you consent to receiving newsletters and Infopost.
Your mail address and the other data that you provided during the ordering process are used for this purpose. This is in particular your first and last name and your address.
We use this data for personalization and to ensure correct delivery.
Statistical survey and analysis
Newsletters contain a so-called web beacon, a pixel-sized file that is retrieved from the MailChimp server when the newsletter is opened. As part of this retrieval, technical information, such as the browser and your system, as well as the IP address and time of retrieval, are collected.
This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behavior based on the retrieval locations or the access times that can be determined using the IP address.
The statistical surveys also include determining whether and when the newsletters are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients - but it is neither our aim nor that of MailChimp to monitor individual recipients. Rather, the evaluations serve to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our recipients.
If you have deactivated the display of images in your mail program by default, tracking via tracking pixels is not possible. In this case, the newsletter will not be displayed in full and you may not be able to use all functions. If you display the images manually, the tracking described above takes place.
Online access and data management
In this context, we would like to point out that cookies are used on the MailChimp websites and thus personal data is processed by MailChimp, its partners and service providers (such as Google Analytics). We have no influence on this survey.
Termination / Revocation
You can cancel the receipt of our newsletter at any time and revoke your consent. At the same time, your consent to its sending via MailChimp and for the statistical analysis expires. A separate revocation of the dispatch via MailChimp or the statistical analysis is not possible. You can find a link to cancel the newsletter at the end of each newsletter.
Registration for the newsletter takes place on the basis of GDPR article 6 paragraph 1 letter a. The use of the newsletter service provider MailChimp, the implementation of statistical surveys and analyzes as well as the logging of the registration process are based on GDPR article 6 paragraph 1 letter f. The sender of the newsletter has a legitimate interest in analyzing user behavior in order to optimize both its newsletter content and its advertising.
Payment service provider
We use the PayPal service to process payments. Customers are redirected to the PayPal website (possibly through a pop-up window), where they enter the required personal data directly into an input form provided by PayPal. Further data protection information can be found in PayPal's data protection declaration at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Sources: Impulse Medien GmbH, eRecht24 GmbH & Co. KG