Privacy policy
This English text is a convenience translation of our Privacy Policy. Only the German version is legally binding. In case of discrepancies, the German version prevails. The binding German version is available at: https://www.jupus.de/datenschutz.
Privacy Policy
We are pleased about your visit to our website www.jupus.de and your interest in our company. Â
The protection of your personal data, such as date of birth, name, telephone number, address, etc., is an important concern for us. The purpose of this Privacy Policy is to inform you about the processing of your personal data that we collect from you when you visit our website.
Our data protection practices comply with the statutory provisions of the European Unionâs General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz â BDSG).
The following Privacy Policy serves to fulfil the information obligations arising from the GDPR.
Controller
The controller within the meaning of Art. 4(7) GDPR is the person who, alone or jointly with others, determines the purposes and means of the processing of personal data.
With regard to our website www.jupus.de, the controller is:
JUPUS GmbH
Hohenzollernring 89-93
50672 Cologne
Germany
E-mail: hello@jupus.de
Tel: +49 221 82826135â
Provision of the Website and Creation of Log Files
Each time our website is accessed, our system automatically collects the following data and information from the accessing device (e.g. computer, mobile phone, tablet, etc.):
- Information about the browser type and the version used;
- The operating system of the accessing device;
- Hostname of the accessing computer;
- The IP address of the accessing device;
- Date and time of access;
- Websites and resources (images, files, other page content) accessed on our website;
- Websites from which the userâs system accessed our website (referrer tracking);
- Notification of whether the access was successful;
- Amount of data transferred.
This data is stored in our systemâs log files.
This data is not stored together with other personal data of a specific user; therefore, individual website visitors are not identified.
Legal basis for processing
Art. 6(1)(f) GDPR (legitimate interest). Our legitimate interest consists in ensuring the achievement of the purpose described below.
Purpose of data processing
The temporary (automated) storage of the data is necessary for the process of visiting the website in order to enable delivery of the website.
The storage and processing of personal data also serves to maintain the compatibility of our website for as many visitors as possible and to combat misuse and remedy malfunctions.
For this purpose, it is necessary to log the technical data of the accessing computer in order to be able to respond as early as possible to display errors, attacks on our IT systems and/or functional errors of our website.
In addition, the data helps us to optimise the website and to generally ensure the security of our information technology systems.
Storage period
The aforementioned technical data will be deleted as soon as it is no longer required to ensure the compatibility of the website for all visitors, but no later than 3 months after access to our website.
Special Functions of the Website
Our website offers you various functions, during the use of which we collect, process and store personal data.
Login Area
We will process the registration and login data you enter with us in order to fulfil the purpose stated below.
Legal basis for the processing of personal data
Art. 6(1)(b) GDPR (performance of (pre-)contractual measures)
Purpose of data processing
You have the option of using a separate login area on our website.
In order to verify your authorisation to use the protected area and/or the protected documents, you must enter your login data (e-mail or username and password) into the corresponding form.
Storage period
The collected data will be stored for as long as you maintain a user account with us.
Necessity of providing personal data
Use of the content protected by the login area is not possible without entering the personal data.
If you wish to use our login area, you must complete the fields marked as mandatory (username and password).
Entering the data requires an existing user account.
Registration is not possible if the data you enter is incorrect.
If the data is entered incorrectly or not entered at all, the protected area cannot be used.
The rest of the site can still be used without logging in.
Newsletter Subscription Form
By registering for the newsletter on our website, we receive the e-mail address you enter in the registration field and, if applicable, further contact data if you provide this via the newsletter subscription form.
As part of the double opt-in procedure, we additionally store technical log data regarding consent: time of registration and confirmation, IP address/hash used, source of the registration (form/page) and the content of the consent declaration. In the event of unsubscription, we store the time of unsubscription.
Legal basis for the processing of personal data
Art. 6(1)(a) GDPR (consent by clear affirmative action or conduct)
You may withdraw your consent at any time with effect for the future or object to receiving the newsletter, e.g. via the unsubscribe link in every newsletter e-mail or by notifying us using the contact details stated in this Privacy Policy.
The withdrawal does not affect the lawfulness of processing carried out up to the withdrawal. After withdrawal/unsubscription, you will not receive any further newsletters.
Purpose of data processing
We process your data for sending and administering our newsletter, including maintaining recipient lists and ensuring deliverability (e.g. handling bounces and suppression lists). Voluntarily provided information is used to personalise content. We log the double opt-in process in order to be able to prove your consent. Open and click tracking takes place only with prior explicit consent and serves exclusively for content optimisation and technical improvement of dispatch.
Storage period
We store your data until you withdraw your consent/unsubscribe from the newsletter.
After unsubscription, your data for newsletter dispatch will be deleted or further processed in a suppression list solely to enforce your objection.
Necessity of providing personal data
Providing your e-mail address is required for sending the newsletter. Further information is voluntary and serves personalisation. Without an e-mail address, delivery is not possible; the remaining online offer can be used independently of this.
Appointment Booking Form
We will process the data you enter as part of our appointment booking form in order to fulfil the purpose stated below.
Legal basis for the processing of personal data
Art. 6(1)(b) GDPR (performance of (pre-)contractual measures)
Purpose of data processing
We will use the data collected via our appointment booking form only for processing appointment requests received through the appointment booking form.
Storage period
Your appointment booking will be deleted by us without delay 12 months after the scheduled appointment date, unless statutory retention obligations exist.
We reserve the right to delete data without stating reasons and without prior or subsequent notification.â
Necessity of providing personal data
Use of our appointment booking form is neither contractually nor legally required; however, it is necessary if you wish to book an appointment with us online.
To book online, you must provide certain mandatory information. If you do not complete the mandatory fields in full, your appointment booking cannot be accepted or processed.
WhatsApp Newsletter
Which personal data is collected and to what extent is it processed?
We will process the data you enter when ordering the WhatsApp newsletter in order to fulfil the purpose stated below.
Legal basis for the processing of personal data
Art. 6(1)(a) GDPR (consent by clear affirmative action or conduct)
Purpose of data processing
The data collected from you as part of the registration for the WhatsApp newsletter will be used exclusively to add you to our broadcast list, which is used to send regular information.
The mobile phone number you provide will not be passed on to third parties, but will be used solely within the scope of our WhatsApp newsletter through which we inform you about all our services.
The number provided will expressly not be used for advertising calls.
Other subscribers of the WhatsApp newsletter do not have access to your mobile phone number via this function.
The WhatsApp newsletter uses WhatsAppâs broadcast function, which is not identical to the group function.
As part of the WhatsApp newsletter, the message generated by us is sent via WhatsApp to all recipients on the broadcast list.
To participate in the newsletter, it is necessary that you add the number specified by us to your WhatsApp contact list and additionally provide us with your mobile phone number via our âWhatsApp newsletter formâ.
Storage period
Your mobile phone number and all other personal data you provide when ordering our WhatsApp newsletter will be stored by us for the duration of your subscription.
We reserve the right to delete data without stating reasons and without prior or subsequent notification.
Options for withdrawal and removal
You can unsubscribe from our WhatsApp newsletter at any time by clicking the unsubscribe link or sending us a corresponding unsubscribe message.
Merely deleting our number from your contact list is not sufficient. Your data will be deleted by us without delay after you unsubscribe.
Your data will also be deleted within six months in the event of an incomplete registration.
You may withdraw your consent at any time in accordance with Art. 7(3) GDPR.
The processing carried out up to the time of withdrawal remains unaffected. With regard to further rights, we refer you to the overview at the end of this Privacy Policy.
Necessity of providing personal data
Providing your telephone number is neither contractually nor legally required; however, it is necessary so that we can provide you with our WhatsApp newsletter service.
Without providing it, you will not receive a newsletter.
It is also possible that you will not receive our newsletter if you do not add the telephone number specified by us to your contact list.
Integration of External Web Services
We use active content from external providers on our website, so-called web services.
By accessing our website, these external providers may receive personal information about your visit to our website.
This may involve processing of data outside the EU.
You can prevent this by installing a corresponding browser plugin or disabling the execution of scripts in your browser.
This may result in functional restrictions on websites you visit.
HubSpot Forms
We use HubSpot Forms by HubSpot, Inc., 25 First Street, 2141 Cambridge MA, United States, e-mail: privacy@hubspot.com, website: https://www.hubspot.de/.
Processing also takes place in a third country for which there is no adequacy decision by the Commission. Therefore, the level of protection customary under the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that, in the third country, e.g. authorities may access the data collected.
The legal basis for the transfer of personal data is your consent pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, which you have given on our website.
With the help of hsforms we can provide you with surveys and forms on our website in an easy way.
You may withdraw your consent at any time. Further information on withdrawing your consent can be found either in the consent itself or at the end of this Privacy Policy.
Further information on how the transferred data is handled can be found in the providerâs privacy policy at https://legal.hubspot.com/de/privacy-policy.
HubSpot
We use HubSpot, a service provided by HubSpot, Inc., 25 First Street, 2141 Cambridge MA, United States, e-mail: privacy@hubspot.com, website: https://www.hubspot.de/.â
The legal basis for the transfer and processing is Art. 6(1)(c) GDPR. Use of the service supports us in meeting our legal obligations.
The service enables tracking of individual users on our website.
The rights you have with regard to processing can be found at the end of this Privacy Policy.
Further information on how the transferred data is handled can be found in the providerâs privacy policy at https://legal.hubspot.com/de/privacy-policy.
Website-Check âSiegelâ
We use the Website-Check âSiegelâ service provided by Website-Check GmbH, BeethovenstraĂe 24, 66111 SaarbrĂŒcken, Germany, e-mail: support@website-check.de, website: https://www.website-check.de/.
The transfer and processing of personal data takes place exclusively on servers within the European Union.
The legal basis for the transfer of personal data is our legitimate interest in processing pursuant to Art. 6(1)(f) GDPR. Our legitimate interest lies in achieving the purpose described below.
The script of Website-Check GmbH is the technical integration of the Website-Check seal. With this seal we wish to demonstrate that we take data protection very seriously. The transfer of data to Website-Check GmbH takes place for the purpose of delivering and displaying the seal on our website.
With regard to processing, you have the right to object set out in Art. 21 GDPR. Further information can be found at the end of this Privacy Policy.
Further information on how the transferred data is handled can be found in the providerâs privacy policy at https://www.website-check.de/datenschutzerklaerung/.
WordPress
We use WordPress, a service provided by Automattic Inc., 60 29th Street #343, CA 94110 San Francisco, United States, e-mail: help@wordpress.com, website: https://automattic.com/.
Processing also takes place in a third country for which there is no adequacy decision by the Commission. Therefore, the level of protection customary under the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that, in the third country, e.g. authorities may access the data collected.
The legal basis for the transfer of personal data is our legitimate interest in processing pursuant to Art. 6(1)(f) GDPR. Our legitimate interest lies in achieving the purpose described below.
WordPress is the technical system behind our website for operating our WordPress website. We require this integration so that we can display our website to you and edit content.
Further information on how the transferred data is handled can be found in the providerâs privacy policy at https://automattic.com/privacy/.
CloudFront
We use the CDN Amazon CloudFront (provider: Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, 1855 Luxembourg and/or Amazon.com, Inc., USA) on our website and for providing our services. CloudFront distributes content via a global network of servers to reduce loading times and deliver content efficiently.
In doing so, CloudFront processes technical log data, e.g. IP address, date/time of access, referrer URL, browser information and device identifiers. This processing is necessary to ensure the availability and performance of our content.
The transfer and processing of data is based on our legitimate interest in the fast and secure operation of the website and our products pursuant to Art. 6(1)(f) GDPR. Insofar as personal data is transferred, we have concluded a data processing agreement with AWS pursuant to Art. 28 GDPR.
If data is transferred to countries outside the EU/EEA (e.g. USA), this will only take place with appropriate safeguards (e.g. adequacy decision, Standard Contractual Clauses or the Data Privacy Framework).
Information on the Use of Cookies
On various pages we integrate and use cookies to enable certain functions of our website and to integrate external web services.
âCookiesâ are small text files that your browser can store on your access device.
These text files contain a characteristic string that uniquely identifies the browser when you return to our website.
The process of storing a cookie file is also referred to as âsetting a cookieâ. Cookies can be set both by the website itself and by external web services. The cookies are set by our website or by the external web services in order to maintain the full functionality of our website, improve user-friendliness or pursue the purpose specified with your consent.
Cookie technology also enables us to recognise individual visitors using pseudonyms, e.g. an individual or random ID, so that we can offer more personalised services.
Legal basis for the processing of personal data
Insofar as cookies are processed on the basis of consent pursuant to Art. 6(1)(a) GDPR, this consent also constitutes consent within the meaning of Section 25(1) of the German Telecommunications Telemedia Data Protection Act (TTDSG) for setting cookies on the userâs end device.
Insofar as another legal basis under the GDPR is stated (e.g. for contract performance or to fulfil legal obligations), storage or setting takes place on the basis of an exception pursuant to Section 25(2) TTDSG.
This exception applies where âthe sole purpose of storing information in the end-userâs terminal equipment or the sole purpose of accessing information already stored in the end-userâs terminal equipment is to carry out the transmission of a communication over a public telecommunications networkâ or âthe storing of information in the end-userâs terminal equipment or the accessing of information already stored in the end-userâs terminal equipment is strictly necessary in order for the provider of a telemedia service to provide a telemedia service expressly requested by the userâ.
Which legal basis applies results from the cookie table listed later in this section.
Purpose of data processing
Cookies are set by our website or by external web services in order to maintain the full functionality of our website, improve user-friendliness or pursue the purpose specified with your consent.
Cookie technology also enables us to recognise individual visitors using pseudonyms, e.g. an individual or random ID, so that we can offer more personalised services. Details are set out in the following table.
Storage period
Our cookies are stored until they are deleted in your browser or, in the case of a session cookie, until the session has expired.
Right to object and removal option
You can configure your browser settings so that cookies are generally prevented from being set. You can then decide on a case-by-case basis whether to accept cookies or generally accept cookies.
Cookies can be used for various purposes, e.g. to recognise that your access device has already connected to our website (persistent cookies) or to store recently viewed offers (session cookies).
If you have expressly granted us permission to process your personal data, you can withdraw this consent at any time.
Please note that the lawfulness of processing carried out on the basis of your consent up to the withdrawal is not affected.
Cookie name Server Provider Purpose Legal basis Storage period Type
â
â
Real Cookie Banner
To manage the cookies and similar technologies (tracking pixels, web beacons, etc.) used and the related consents, we use the consent tool âReal Cookie Bannerâ. Details on how âReal Cookie Bannerâ works can be found at <a href=âhttps://devowl.io/de/rcb/datenverarbeitung/â rel=ânoreferrerâ target=â_blankâ>https://devowl.io/de/rcb/datenverarbeitung/.
The legal bases for the processing of personal data in this context are Art. 6(1)(c) GDPR and Art. 6(1)(f) GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.
The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we cannot manage your consents.
Data Security and Data Protection, Communication by E-mail
Your personal data is protected through technical and organisational measures during collection, storage and processing so that it is not accessible to third parties.
In the case of unencrypted communication by e-mail, complete data security on the transmission path to our IT systems cannot be guaranteed; therefore, for information requiring a high level of confidentiality, we recommend encrypted communication or postal mail.
Your Rights in Connection with the Processing of Personal Data
Right of Access
You have the right to request confirmation as to whether we process personal data relating to you. If this is the case, you have the right of access to the information listed in Art. 15(1) GDPR, insofar as the rights and freedoms of other persons are not adversely affected (cf. Art. 15(4) GDPR). We will also be happy to provide you with a copy of the data.
Right to Rectification
Pursuant to Art. 16 GDPR, you have the right to have any incorrectly stored personal data about you (such as address, name, etc.) corrected by us at any time.
You may also request completion of the data stored with us at any time. The corresponding adjustment will be made without delay.
Right to Erasure
Pursuant to Art. 17(1) GDPR, you have the right to have us erase the personal data collected about you,
- if the data is no longer required;
- if, due to the withdrawal of your consent, the legal basis for processing no longer applies without replacement;
- if you have objected to the processing and there are no overriding legitimate grounds for the processing;
- if your data is processed unlawfully;
- if a legal obligation requires it or if collection has taken place pursuant to Art. 8(1) GDPR.
The right does not exist pursuant to Art. 17(3) GDPR if
- processing is necessary for exercising the right of freedom of expression and information;
- your data has been collected on the basis of a legal obligation;
- processing is necessary for reasons of public interest;
- the data is necessary for the establishment, exercise or defence of legal claims.
Right to Restriction of Processing
Pursuant to Art. 18(1) GDPR, in certain cases you have the right to request restriction of the processing of your personal data.
This is the case if
- the accuracy of the personal data is contested by you;
- the processing is unlawful and you oppose erasure;
- the data is no longer needed for the purposes of processing, but the collected data is required for the establishment, exercise or defence of legal claims;
- an objection has been lodged against the processing pursuant to Art. 21(1) GDPR and it is not yet clear whose interests prevail.
Right to Withdraw Consent
If you have given us explicit consent to process your personal data (Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR), you may withdraw this consent at any time.
Please note that the lawfulness of processing carried out on the basis of consent up to the withdrawal is not affected.
Right to Object
Pursuant to Art. 21 GDPR, you have the right to object at any time to the processing of personal data relating to you that has been collected on the basis of Art. 6(1)(f) GDPR (legitimate interest).
This right exists only if special circumstances speak against the storage and processing.
How can you exercise your rights?
You can exercise your rights at any time by contacting the contact details below:
JUPUS GmbH
Hohenzollernring 89-93
50672 Cologne
Germany
E-mail: hello@jupus.de
Tel: +49 221 82826135
Right to Data Portability
Pursuant to Art. 20 GDPR, you have the right to receive the personal data relating to you.
The data will be provided by us in a structured, commonly used and machine-readable format.
The data may, at your choice, be transmitted either to you or to a controller designated by you.
Upon request, we will provide you with the following data pursuant to Art. 20(1) GDPR:
- data collected on the basis of explicit consent pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR;
- data we have received from you pursuant to Art. 6(1)(b) GDPR in the context of existing contracts;
- data that has been processed by automated means.
We will transmit the personal data directly to a controller of your choice where technically feasible.
Please note that we may not transfer data that interferes with the freedoms and rights of other persons pursuant to Art. 20(4) GDPR.
Right to Lodge a Complaint with a Supervisory Authority pursuant to Art. 77(1) GDPR
If you suspect that your data is being processed unlawfully on our website, you may of course seek judicial clarification of the issue at any time.
In addition, any other legal remedy is available to you.
Independently of this, pursuant to Art. 77(1) GDPR you have the option of lodging a complaint with a supervisory authority.
The right to lodge a complaint pursuant to Art. 77 GDPR exists in the EU Member State of your habitual residence, your place of work and/or the place of the alleged infringement, i.e. you may choose the supervisory authority to which you address your complaint from among the places mentioned above.
The supervisory authority with which the complaint has been lodged will then inform you of the status and the outcome of your complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.