Privacy policy

Welcome to COCUS AG

We are pleased that you are visiting our website and thank you for your interest in our company, our services, our products and our website. The protection of your personal data and privacy is very important to us. Therefore, compliance with the provisions of the General Data Protection Regulation (DSGVO) is a matter of course for us. The purpose of this law is to protect individuals from having their personal rights infringed by the handling of their personal data. In principle, you can access and view our website without being asked to provide us with your personal data.

Welcome to COCUS AG

Table of contents

1. scope of application and responsible body

2. collection and processing of personal data

3. passing on your data

4. data security

5. provision of the website and creation of log files

6. use of analytical tools (web tracking, cookies and other technologies)

7. references and links to other websites

8. information and data correction / deletion of data

9. Further notes on data protection
10. reservation of right of modification

1. scope of application and responsible body

The data controller for websites (www.cocus.de, www.cocus.com) operated by us (hereinafter also “we”, “us” or similar) is:

COCUS AG(headquarter)
Frankfurter Straße 80-82
65760 Eschborn

+49 211 87 542-860
info@cocus.com

The controller decides alone or jointly with others on the purposes and means of the processing of personal data. The use of our website is generally possible without providing personal data. Insofar as personal data (e.g. name, address or e-mail addresses) is collected on our pages, this is always done, as far as possible, on a voluntary basis. This data will not be passed on to third parties without your express consent. Please note that our Internet pages sometimes contain links to pages of other providers to which this data protection declaration does not apply.

1.1. Data Protection Officer

We have appointed a data protection officer:

Matthias Edelmann
Prinzenallee 11
40549 Dusseldorf
T +49 211 875 420
datenschutz@cocus.com

2. collection and processing of personal data

In principle, you can visit the COCUS AG website without telling us who you are. We only learn the name of your internet service provider, the website from which you visit us, the duration of your visit and the web pages you visit on our site. This information is evaluated for statistical purposes.

The collection, storage and use of personal data via our websites is subject to your prior consent. This means that you alone decide whether you provide us with the data requested there, e.g. when requesting information or filling out an online form. An exception applies in those cases where obtaining prior consent is not possible for factual reasons and the processing of the data is permitted by legal regulations.

We use your personal information for problem diagnosis, website administration and demographic information. If you register, we will send you the requested information, news or promotional material. We forward the data from an online form to the relevant department and the respective specialist department responsible. After the process is finished, the data is deleted.
Personal data will only be passed on to state institutions and authorities within the framework of mandatory legal provisions.

2.1. Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) of the Data Protection Act shall apply. 1 lit. a EU General Data Protection Regulation (GDPR) as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) serves as the basis. 1 lit. b DSGVO as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 Para. 1 lit. c DSGVO as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (2) of the Data Protection Act shall apply. 1 lit. d DSGVO as the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) of the Data Protection Act shall apply. 1 lit. f DSGVO as the legal basis for the processing.

2.2. Contact

A contact form is available on our website, which can be used for electronic contact. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and stored. These data are: Name, email address and company name.

Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user’s personal data transmitted with the e-mail will be stored.

In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation.

2.2.1. Legal basis for data processing

The legal basis for the processing of the data is Art. 6 (2) if the user has given his consent. 1 lit. a DSGVO.

The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f DSGVO.

2.2.2. Purpose of the data processing

The processing of the personal data from the input mask serves us solely to process the contact. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in processing the data.

The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

2.2.3. Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

3. passing on your data

We only pass on personal data to third parties on the basis of strict German data protection regulations or with your express consent.

3.1. COCUS service provider

Purpose of transmission:

If service providers provide services on behalf of COCUS that are necessary for the processing of communications; strict contractual regulations are agreed within the scope of this so-called processing on behalf (Art. 28 DS-GVO), technical and organisational measures as well as supplementary controls ensure the protection of your data.

Transfer to a third country or to an international organisation:

If a COCUS service provider is located in a third country, appropriate measures (in particular the use of EU standard contractual clauses) are taken to ensure that your rights as a data subject are protected.

4. data security

We use technical and organisational security measures to protect the data we have under our control against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons. Our security measures are continuously improved.

4.1. SSL or TLS encryption

For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses an SSL or SSL protocol. TLS encryption. This means that data that you transmit via this website cannot be read by third parties. You can recognise an encrypted connection by the “https://” address line of your browser and the lock symbol in the browser line.

5. provision of the website and creation of log files

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.

The following data is collected:
(1) Information about the browser type and version used
(2) The operating system of the user
(3) The Internet service provider of the user
(4) The anonymised IP address of the user
(5) Date and time of access
(6) Websites from which the user’s system accesses our website

(7) Websites that are accessed by the user’s system via our website

The log files contain IP addresses or other data that allow an assignment to a user.
This data is not stored together with other personal data of the user.
This data is not merged with other data sources. The basis for data processing is Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the performance of a contract or pre-contractual measures.

5.1. Purpose of the data processing

The temporary storage of the anonymised IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the anonymised IP address of the user must remain stored for the duration of the session.

The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

These purposes also constitute our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f DSGVO.

5.2. Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or alienated so that an assignment of the calling client is no longer possible.

6. use of analytical tools (web tracking, cookies and other technologies)

Information about our customers is very important to us and helps us to constantly improve the offers on our website according to the needs of our customers. For this reason, we use analysis tools on our Internet pages. An analytics tool is software developed by a third party provider that helps us to see where a visitor to a website is coming from, which areas on a website are visited and how often and for how long which sub-pages and categories are viewed. On our Internet pages, we use the technologies of the provider Google Inc. .

6.1. Google Analytics

Our website uses functions of the web analysis service Google Analytics. The provider of the web analytics service is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses “cookies.” These are small text files that your web browser stores on your end device and enable an analysis of website usage. Information generated by cookies about your use of our website is transmitted to a Google server and stored there. The server is usually located in the USA.

The setting of Google Analytics cookies is based on Art. 6 para. 1 lit. f DSGVO. As the operator of this website, we have a legitimate interest in analysing user behaviour in order to optimise our website and possibly also our advertising.

IP anonymisation

We use Google Analytics in conjunction with the IP anonymisation function. It ensures that Google truncates your IP address within member states of the European Union or in other contracting states to the Agreement on the European Economic Area before transferring it to the USA. There may be exceptional cases where Google transmits the full IP address to a server in the USA and truncates it there. Google will use this information on our behalf for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to us. The IP address transmitted by Google Analytics is not merged with other Google data.

Job processing

In order to fully comply with the legal data protection requirements, we have concluded an order processing contract with Google.

6.2. Hubspot

For marketing and sales purposes, the COCUS Group uses the Hubspot service.

HubSpot is a software company from the USA with a branch in Ireland.

Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Telefone: +353 1 5187500.
Hubspot is an integrated software solution that covers various aspects of our online marketing. These include, among others:
Email marketing, social media publishing & reporting, reporting, contact management (e.g. user segmentation & CRM), landing pages and contact forms.
Our sign-up service allows visitors to our website to learn more about our company, download content and provide their contact information and other demographic information. This information as well as the content of our website is stored on HubSpot servers. They may be used by us to contact visitors to our website and to determine which of our company’s services are of interest to them. All information we collect is subject to this privacy policy. We use all information collected exclusively to optimise our marketing measures.
More information about HubSpot’s privacy policy
More information from HubSpot regarding EU data protection regulations
You can find more information about the cookies used by HubSpot here & here
As part of the optimisation of our marketing measures, the following data may be collected and processed via Hubspot:

– Geographical position
– Browser-Type
– Navigation informationen
– Performance data
– Information about how often the application is used

– Reference URL
– Mobile Apps-Data
– Subscription information for the Hubspot subscription service
– Files displayed on site
– Domain Names
– Viewed Pages
– Aggregated usage
– Operating system version
– Internet service provider
– IP-Address
– Device identifier
– Duration of the visit
– Where the application was downloaded from
– Operating system
– Events that occur within the application
– access times
– Clickstream-Data
– Device model and version

In addition, we also use Hubspot to provide contact forms. Further information in this regard can be found in sub-section 7 of this data protection declaration.

The legal basis of the processing is your consent pursuant to Art. 6 para. 1 lit. a DSGVO. If you do not want Hubspot to collect and process the aforementioned data, you can refuse your consent or revoke it at any time with effect for the future.

The personal data shall be kept for as long as necessary to fulfil the purpose of the processing. The data is deleted as soon as it is no longer required to achieve the purpose.

Within the scope of processing via HubSpot, data may be transmitted to the USA. The security of the transfer is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a level of security that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to establish an adequate level of security, your consent can be withdrawn in accordance with Art. 49 (2). 1 lit. a DSGVO serve as the legal basis for the transfer to third countries. Please refer to the subsection “7. Forms”.

6.3. Personalised advertising

With the help of the above-mentioned cookies (see chapter 6.1), no personalised advertising is generated on this website and/or advertising tailored to you by COCUS on third-party websites.

6.4. Cookies

Our website uses cookies. These are small text files that your web browser stores on your end device. Cookies help us to make our website more user-friendly, effective and secure.

Some cookies are “session cookies”. Such cookies are deleted automatically at the end of your browser session. On the other hand, other cookies remain on your terminal device until you delete them yourself. Such cookies help us to recognise you when you return to our website.

With a modern web browser, you can monitor, restrict or prevent the setting of cookies. Many web browsers can be configured so that cookies are deleted automatically when the programme is closed. Deactivating cookies may result in limited functionality of our website.
The setting of cookies, which are necessary for the exercise of electronic communication processes or the provision of certain functions desired by you (e.g. shopping cart), is carried out on the basis of Art. 6 Para. 1 lit. f DSGVO. As the operator of this website, we have a legitimate interest in the storage of cookies for the technically error-free and smooth provision of our services. If other cookies are set (e.g. for analysis functions), these will be treated separately in this data protection declaration.

Here you will find a detailed list of all cookies that are used on the website: Cookie Directive (EU)

6.5. Youtube

Our website uses plugins from YouTube to integrate and display video content. The video portal is provided by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

When a page with an integrated YouTube plugin is called up, a connection to the YouTube servers is established. This tells YouTube which of our pages you have accessed.

YouTube can assign your surfing behaviour directly to your personal profile if you are logged into your YouTube account. By logging out beforehand, you have the option of preventing this.

YouTube is used in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO dar.

Details on the handling of user data can be found in the privacy policy of
Youtube.

6.6. Google Maps

On some websites, COCUS uses the Google Maps service from Google (Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043 USA), with whom we have concluded an order processing agreement and the so-called standard contractual clause of the EU Commission. By using Google Maps, information about the use of the websites called up, including their IP address and the start address entered as part of route planning, can be transmitted to Google. When you visit a website that contains Google Maps, your browser establishes a direct connection to Google’s servers. The map content is transmitted directly from Google to your browser, which then integrates it into the website. We have no influence on the scope of the data collected by Google in this way.

I. Legal basis for the processing of personal data

The legal basis for the processing is Art. 6 para. 1 lit. f DSGVO.

II. purpose of the processing

Display of an interactive map with route planner.

III. Duration of storage, deletion, possibility of objection and removal

If you do not agree to the collection of data through the use of Google Maps, you can deactivate JavaScript in your browser. However, you cannot use the map display and route planning in this case.

6.6. Google AdWords and Google Conversion Tracking

Our website uses Google AdWords. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States.

AdWords is an online advertising programme. As part of the online advertising programme, we work with conversion tracking. After a click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that your web browser stores on your terminal device. Google AdWords cookies lose their validity after 30 days and are not used to personally identify users. The cookie allows Google and us to recognise that you have clicked on an ad and have been redirected to our website.

Each Google AdWords customer receives a different cookie. The cookies are not trackable via AdWords customers’ websites. Conversion cookies are used to create conversion statistics for AdWords customers who use conversion tracking. Adwords customers learn how many users clicked on their ad and were redirected to pages with the conversion tracking tag. However, AdWords customers do not receive any information that enables personal identification of users. If you do not wish to participate in tracking, you can object to its use. Here, the conversion cookie must be deactivated in the user settings of the browser. In this way, there is also no inclusion in the conversion tracking statistics.

The storage of “conversion cookies” is based on Art. 6 para. 1 lit. f DSGVO. As the website operator, we have a legitimate interest in analysing user behaviour in order to optimise our website and our advertising.

Details on Google AdWords and Google Conversion Tracking can be found in the privacy policy of
Google.
With a modern web browser, you can monitor, restrict or prevent the setting of cookies. Deactivating cookies may result in limited functionality of our website.

7. references and links to other websites

Our websites also contain links to third-party websites. COCUS AG is not responsible for the data protection precautions or the content of other websites.

COCUS AG is not responsible for any contents linked or referred to from his pages – unless COCUS AG has full knowledge of illegal contents and would be able to prevent the visitors of his site from viewing those pages.

COCUS AG hereby expressly declares that at the time the links were created, no illegal content was discernible on the linked pages. COCUS AG has no influence on the current and future design, content or authorship of the linked pages. Therefore, it hereby expressly dissociates itself from all contents of all linked pages that were changed after the link was set. This statement applies to all links and references set within the own Internet offer as well as to external entries in link directories set up by COCUS AG, mailing lists and in all other forms of databases to whose content external write access is possible. For illegal, incorrect or incomplete content and in particular for damages arising from the use or non-use of such information, the provider of the page to which reference is made shall be solely liable, and not the party who merely refers to the respective publication via links.

8. information and data correction / deletion of data

If you have registered for one or more of our websites and would like to delete the data transmitted during registration, you will find corresponding information in the terms of use / general terms and conditions of the respective website. We would like to ask you to read the relevant information there and, if you have any questions or problems, to contact our company data protection officer, Mr Matthias Edelmann, who is of course also available at any time to answer any further questions you may have on the subject of data protection at COCUS AG. You can reach Mr Edelmann at the following e-mail address: datenschutz@cocus.com.

8.1. Your rights

In the following, we would like to inform you of the rights available to you under the law. We would like to draw your attention to the rights to which you are entitled under Art. 15ff DSGVO with regard to the processing of your personal data:

– You have the right to request information about your personal data stored by us free of charge.
– You have the right to request the rectification, erasure (“right to be forgotten”) or restriction of the processing of your personal data.
– You have the right to object to data processing that is necessary to protect the legitimate interests of COCUS or a third party, or that is carried out for the purpose of direct advertising, within the framework of the legal provisions.
– You have the right to receive the data concerning you in a structured, common and machine-readable format (so-called “right to data portability”).

If you wish to exercise any of these rights, please contact us as described in section 1. If you consider that the processing of personal data concerning you by COCUS is contrary to relevant legal provisions, you may also contact a supervisory authority, in particular in the member state of your residence or of the place of the alleged infringement.

8.2. Withdrawal of your consent to data processing

Only with your explicit consent are some data processing operations possible. Revocation of your consent already given is possible at any time. An informal communication by e-mail is sufficient for the revocation. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

8.3. Retention period for business letters (e.g. letter post, emails)

6 years, beginning with the end of the calendar year in which the business letter was received or sent.
Where data is not affected by this, the data will be deleted when the purposes for which it was collected cease to apply or when you withdraw consent on which data processing is based.
In the event that deletion is not possible or only possible with disproportionate effort for legal, technical or organisational reasons, the processing of your data will be restricted.

8.4. Right to complain to the competent supervisory authority

As a data subject, you have a right of appeal to the competent supervisory authority in the event of a data protection breach. The competent supervisory authority with regard to data protection issues is the State Data Protection Commissioner of the federal state in which our company’s registered office is located. The following link provides a list of data protection officers and their contact details.

8.5. Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to third parties. The provision shall be in a machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

8.6. Right to information, correction, blocking, deletion

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, the origin of the data, its recipients and the purpose of the data processing and, if applicable, a right to correction, blocking or deletion of this data. In this regard and also for further questions on the subject of personal data, you can contact us at any time via the contact options listed in the imprint.

9. Further notes on data protection

With regard to the use of publicly accessible areas offered on our Internet pages, in which you can also voluntarily post personal information (forums, comment functions, etc.), we would like to point out at this point that the information you voluntarily post can be viewed, collected, stored and used by other users. We therefore recommend that you exercise due caution when posting personal information in these areas and always act responsibly to prevent misuse of this data by third parties.

10. reservation of right of modification

We reserve the right to change this privacy policy at any time within the framework of the applicable laws.
Version 1.4, as of February 2021.