1. PRIVACY POLICY

1. Privacy policy

Thank you very much for your interest in our company. Privacy is extremely important to the management of Lennon.de Language Services. It is possible to use the website of Lennon.de Language Services without providing personal data. However, if a data subject intends to take advantage of particular services offered by our company via our website, it may become necessary to process personal data. If personal data processing is necessary and there is no legal basis for such processing, we will generally obtain the data subject’s consent.

Personal data, such as a data subject’s name, address, email address and telephone number, is always processed in accordance with the EU General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection provisions applicable to Lennon.de Language Services. Our company intends to use this privacy policy to inform the public about the nature, extent and purpose of the personal data that we collect, use and process. This privacy policy also serves to inform data subjects of their rights.

As the data controller, Lennon.de Language Services has taken numerous technical and organisational steps to ensure that personal data processed through this website is protected as completely as possible. Nonetheless, data transfers over the internet may generally entail security gaps, meaning that absolute protection cannot be guaranteed. For this reason, every data subject also has the option to transmit personal data to us using alternative means, such as by telephone.

2. Definitions

The privacy policy of Lennon.de Language Services is based on the terms used by European policymakers and lawmakers when they adopted the General Data Protection Regulation (GDPR). Our privacy policy is intended to be easy to read and understand for the public as well as for our clients and business partners. To ensure that this is the case, we would first like to explain the terminology used.

Among others, we use the following terms in this privacy policy:

The data controller as defined by the General Data Protection Regulation, by other applicable data protection laws in the Member States of the European Union and by other provisions of a nature relating to data protection is:

Lennon.de Language Services
Ludgeristraße 9
48143 Münster, Germany
Telephone: +49 251 484440-0
Telefax: +49 251 484440-29
Email: go@lennon.de
Website: https://www.lennon.de

3. Name and address of the data protection officer

The data protection officer of the data controller is:

Mr van Straelen
trans-acta Datenschutz GmbH
Ebgert-Snoek-Straße 1
48155 Münster, Germany
Telephone: +40 251 70 38 99 0
Email: Datenschutz@trans-acta.de
Website: www.trans-acta.de / www.datenschutz-nrw.net /

Every data subject can contact our data protection officer directly at any time with any questions or concerns related to data protection.

4. Cookies

The Lennon.de Language Services website uses cookies. Cookies are text files that are placed and stored on a computer system by an internet browser.
Numerous websites and servers use cookies. Many cookies contain what is known as a cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters through which websites and servers may be matched to the specific browser where the cookie was stored. This makes it possible for the visited websites and servers to distinguish between the individual browser of the data subject and other internet browsers that contain cookies. A certain internet browser can be recognised and identified through the unique cookie ID.

By using cookies, Lennon.de Language Services is able to provider visitors of this website with user-friendly services that would not be possible without setting cookies.

With the aid of a cookie, the information and offerings on our website can be optimised in the user’s interest. Cookies allow us, as previously mentioned, to recognise the users of our website. The purpose of recognising users is to facilitate their use of our website. Users of a website that employs cookies do not, for example, have to enter their access data each time they access a given website, as this is handled by the website and the respective cookies stored on users’ computer systems. Another example is the shopping basket cookie in an online shop. The online shop uses a cookie to remember the items that a customer has placed in the virtual basket.

Data subjects can prevent our website from setting cookies at any time by choosing the appropriate settings in their browsers, thereby permanently refusing the placement of cookies. In addition, cookies that have already been set can be deleted at any time through an internet browser or other software programs. This option is available in all standard internet browsers. If data subjects deactivate the setting of cookies in the internet browsers that they use, they may not be able to use the functions on our website in their entirety.

5. Collection of general data and information

The Lennon.de Language Services website collects a range of general data and information every time the website is accessed by a data subject or an automated system. This general data and information is stored in the server’s log files. The following may be collected: (1) the browser types and versions used, (2) the operating system used by the system requesting access to the site, (3) the website from which the system requesting access arrives at our site (known as the referrer), (4) the pages that may be used to come to our site through a system requesting access, (5) the date and time of access to our website, (6) an internet protocol address (IP address), (7) the internet service provider of the system requesting access and (8) other similar data and information that serve security in the event of attacks on our IT systems.

When using this general data and information, Lennon.de Language Services does so in a manner in which no data subjects are individually identifiable. Rather, this information is needed (1) to properly provide the content of our website, (2) to optimise the content of our website as well as the advertisements for it, (3) to guarantee the lasting functionality of our IT systems and our website’s technology, as well as (4) to provide law enforcement authorities with the necessary information for prosecution in the event of a cyberattack. This anonymously collected data and information are therefore analysed by Lennon.de Language Services both for statistical purposes and with the aim of enhancing data protection and data security at our company in order to ultimately ensure an optimum level of protection for the personal data that we process. The anonymous data of the server log files is stored separately from all personal data provided by a data subject.

6. Establishing contact through the website

Due to legal provisions, the Lennon.de Language Services website contains information that makes it possible to quickly establish electronic contact with our company and facilitates direct communication with us, which also includes a general address for electronic mail (email address). If a data subject establishes contact with the data controller via email or by way of the contact form, the personal data transmitted by the data subject is automatically stored. Such personal data voluntarily sent by the data subject to the data controller is stored for the purposes of processing or establishing contact with the data subject. This personal data is not shared with third parties.

7. Routine erasure and blocking of personal data

The data controller processes and stores the data subject’s personal data only for the length of time necessary for fulfilling the purpose of storage or as specified by European policymakers and lawmakers or by other legislators in laws or requirements to which the data controller is subject.
If the purpose of storage ceases to exist, or if a storage period dictated by European policymakers and lawmakers or by other competent legislators expires, the personal data is routinely blocked or deleted in accordance with the legal requirements.

8. Data subject rights

The existence of a right to the rectification or erasure of the relevant personal data or to the restriction of its processing by the data controller or a right to object to said processing. The existence of a right to lodge a complaint with a supervisory authority if the personal data is not collected from the data subject.

All available information about the origin of the data, the existence of automated decision-making, including profiling, pursuant to Art. 22 (1) and (4) GDPR and – at least in those cases – meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject, which has been collected or otherwise processed for such purposes.
The data subject withdraws his or her consent that served as the basis for processing pursuant to Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR, and there is no other legal basis for processing.

The data subject objects to processing pursuant to Art. 21 (1) GDPR, and there are no overriding legitimate grounds for processing, or the data subject objects to processing pursuant to Art. 21 (2) GDPR.

The personal data was unlawfully processed.
The erasure of personal data is necessary to fulfil a legal obligation under EU law or the law of the Member States to which the controller is subject.
The personal data was collected in relation to information society services pursuant to Art. 8 (1) GDPR.
The accuracy of the personal data is contested by the data subject for a period enabling the controller to verify the accuracy of the personal data.
The processing is unlawful, the data subject opposes the erasure of the personal data and requests the restriction of the personal data’s use instead.
The controller no longer needs the personal data for the purposes of processing, but it is required by the data subject for the establishment, exercise or defence of legal claims.
The data subject has objected to processing pursuant to Art. 21 (1) GDPR and verification of whether the legitimate grounds of the controller override those of the data subject is pending.

9. Data protection provisions on the deployment and use of Google Analytics (with anonymisation function)

The data controller has incorporated Google Analytics (with anonymisation function) into this website. Google Analytics is a web analytics service. Web analytics is the measurement, collection and analysis of data regarding the behaviour of website visitors. A web analytics service collects data on such things as the website that a data subject visited prior to accessing the current website (known as the referrer), which pages on a website were accessed or how often and how long a particular page was viewed. Web analytics is mainly used to optimise a website and for cost/benefit analyses of online advertisement.

The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
The data controller uses the “_gat._anonymizeIp” feature for performing web analytics via Google Analytics. With the aid of this feature, the IP address of the data subject’s internet connection is shortened and anonymised by Google if our website is accessed from within a Member State of the European Union or from another country which is a signatory to the Agreement on the European Economic Area.
The purpose of the Google Analytics component is to analyse the stream of visitors to our website. Google uses the data and information obtained for such things as analysing the use of our website in order to compile online reports for us that show the activities on our website pages and to perform other services relating to the use of our website.

Google Analytics places a cookie on the data subject’s IT system. The explanation of what a cookie is has already been provided above. Setting cookies enables Google to analyse the use of our website. Every time one of the individual pages of this website operated by the controller and into which a Google Analytics component has been incorporated is accessed, the respective Google Analytics component automatically prompts the internet browser on data subject’s IT system to transmit data to Google for the purpose of online analysis. As part of this technical process, Google obtains knowledge of personal data, such as the data subject’s IP address, which helps Google to track visitors’ origins and clicks and to subsequently facilitate commission calculations, among other things.

Personal information, such as the time and place of access and how often a data subject visits our website, is stored by way of cookies. With each visit to our website, this personal data, including the IP address of the internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may possibly share the personal data collected through this technical process with third parties.

As described above, data subjects can prevent our website from setting cookies at any time by choosing the appropriate settings in their browsers, thereby permanently refusing the placement of cookies. Choosing such settings in the internet browser used would also prevent Google from placing a cookie on a data subject’s IT system. In addition, a cookie that has already been set by Google Analytics can be deleted at any time through an internet browser or other software programs.

Furthermore, the data subject has the option to object to and prevent the collection of data by Google Analytics as related to the use of this website as well as Google’s processing of said data. To this end, the data subject must download and install a browser add-on by visiting the link https://tools.google.com/dlpage/gaoptout. This browser add-on informs Google Analytics via JavaScript that no data and information about website visits may be transmitted to Google Analytics. The installation of the browser add-on is regarded by Google as an objection. If the data subject’s IT system is erased, reformatted or reinstalled at a later date, the data subject must reinstall the browser add-on in order to deactivate Google Analytics. If the data subject or another person within the data subject’s area of control uninstalls or deactivates the browser add-on, it is possible to reinstall or reactivate the browser add-on.

More information and Google’s applicable privacy policies are available at https://www.google.de/intl/de/policies/privacy/ and http://www.google.com/analytics/terms/de.html.

For a more detailed explanation of Google Analytics, visit https://www.google.com/intl/de_de/analytics/.

10. Data protection provisions on the deployment and use of Google remarketing

The data controller has incorporated Google remarketing services into this website. Google remarketing is a function of Google AdWords. It enables companies to show advertisements to internet users who have already visited the company’s website. The incorporation of Google remarketing therefore allows a company to create targeted advertising and consequently show internet users advertisements relevant to their specific interests.

The operator of Google remarketing services is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The purpose of Google remarketing is to show targeted advertising. Google remarketing enables us to show advertisements tailored to the specific needs and interests of internet users through Google’s ad network or to have them displayed on other websites.
Google remarketing places a cookie on the data subject’s IT system. The explanation of what a cookie is has already been provided above. The cookie’s placement enables Google to recognise the visitor of our website if the visitor subsequently accesses websites that are also part of Google’s ad network. Every time the data subject visits a website featuring the Google remarketing service, the data subject’s internet browser automatically identifies itself with Google. As part of this technical process, Google obtains knowledge of personal data, such as the user’s IP address or browsing habits, which Google uses to show targeted advertising, among other things.

Personal information, such as the websites visited by the data subject, is stored by way of the cookie. With each visit to our website, personal data, including the IP address of the internet connection used by the data subject, is therefore transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may possibly share the personal data collected through this technical process with third parties.

As described above, data subjects can prevent our website from setting cookies at any time by choosing the appropriate settings in their browsers, thereby permanently refusing the placement of cookies. Choosing such settings in the internet browser used would also prevent Google from placing a cookie on a data subject’s IT system. In addition, a cookie that has already been set by Google Analytics can be deleted at any time through an internet browser or other software programs.

Furthermore, the data subject has the option to object to targeted advertising by Google. To this end, the data subject must visit the link www.google.de/settings/ads from each of the internet browsers he or she uses and select the desired settings there.
More information and Google’s applicable privacy policies are available at https://www.google.de/intl/de/policies/privacy/.

11. Data protection provisions on the deployment and use of Google AdWords

The data controller has incorporated Google AdWords into this website. Google AdWords is an online advertising service that allows advertisers to display ads in Google’s search engine results and in Google’s ad network. Google AdWords enables an advertiser to define certain keywords in advance which are used to display an ad in Google’s search engine results exclusively if the user accesses a hit relevant to one of the keywords with the search engine. In Google’s ad network, ads are spread over thematically relevant websites by way of an automatic algorithm and under consideration of the previously defined keywords.

The operator of Google AdWords services is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The purpose of Google AdWords is to advertise our website by showing targeted advertising on websites of third-party companies and in the search engine results of the Google search engine, and to show external advertising on our website.

If a data subject visits our website by clicking on a Google ad, Google places what is known as a conversion cookie on the data subject’s IT system. The explanation of what a cookie is has already been provided above. A conversion cookie becomes invalid after 30 days and does not serve to identify the data subject. Provided it has not expired, the conversion cookie makes it possible to determine whether certain pages, such as the shopping basket in an online shop, were accessed on our website. Through the conversion cookies, both we and Google are able to determine whether a data subject who arrived at our website by way of an AdWords ad has generated a sale, meaning completed or aborted a transaction.

The data and information collected through the use of the conversion cookie is used by Google to compile statistics about visits to our website. In turn, we use these statistics to calculate the total number of users who were connected to us through AdWords ads in order to determine the respective AdWords ad’s success (or lack thereof) and to optimise our AdWords ads for the future. Neither our company nor other Google AdWords advertising customers receive information from Google that could be used to identify the data subject.

Personal information, such as the websites visited by the data subject, is stored by way of the conversion cookie. With each visit to our website, personal data, including the IP address of the internet connection used by the data subject, is therefore transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may possibly share the personal data collected through this technical process with third parties.

As described above, data subjects can prevent our website from setting cookies at any time by choosing the appropriate settings in their browsers, thereby permanently refusing the placement of cookies. Choosing such settings in the internet browser used would also prevent Google from placing a conversion cookie on a data subject’s IT system. In addition, a cookie that has already been set by Google AdWords can be deleted at any time through an internet browser or other software programs.

Furthermore, the data subject has the option to object to targeted advertising by Google. To this end, the data subject must visit the link www.google.de/settings/ads from each of the internet browsers he or she uses and select the desired settings there.
More information and Google’s applicable privacy policies are available at https://www.google.de/intl/de/policies/privacy/.

12. Legal basis for processing

Art. 6 (I) (a) GDPR provides our company with the legal basis for processing in cases in which we seek consent for a certain processing purpose. The basis for personal data processing necessary for the performance of a contract to which the data subject is party, which is the case, for example, for processing activities that are necessary in order to deliver goods or perform some other service or consideration, is Art. 6 (I) (b) GDPR. The same applies to processing that is necessary in order to take steps prior to entering into a contract, such as requests regarding our products and services. If our company is subject to compliance with a legal obligation for which personal data processing is necessary, such as for fulfilling tax-related obligations, Art. 6 (I) (c) GDPR serves as the basis for processing. In rare instances, personal data processing could become necessary in order to protect the vital interests of the data subject or of another natural person. For example, this would be the case if a visitor were to be injured at our place of business, thereby making it necessary to share the person’s name, age, health insurance particulars or other vital information with a doctor, a hospital or other third parties. Art. 6 (I) (d) GDPR would then provide the grounds for processing. Finally, processing may also be based on Art. 6 (I) (f) GDPR. It serves as the grounds for processing not covered by any of the aforementioned legal bases if processing is necessary for the purposes of a legitimate interest pursued by our company or by a third party, except where such an interest is overridden by the interests, fundamental rights or freedoms of the data subject. We are permitted to engage in such processing particularly because it was specifically mentioned by European lawmakers. In this respect, European lawmakers are of the opinion that a legitimate interest may be assumed if the data subject is a client of the controller (Recital 47 Clause 2 GDPR).

13. Legitimate interests in processing pursued by the controller or by a third party

If personal data processing is based on Art. 6 (I) (f) GDPR, our legitimate interest is the execution of our business operations for the good of all our employees and our shareholders.

14. Storage period for personal data

The respective statutory retention period determines how long personal data is stored. Once this period has expired, the relevant data is routinely erased, provided it is no longer needed for performing or initiating contracts.

15. Legal or contractual requirements for providing personal data; necessity for the conclusion of a contract; obligation of the data subject providing personal data; possible consequences of the failure to provide personal data

We hereby inform you that the provision of personal data is legally prescribed in some cases (e.g. tax regulations) or may arise due to contractual provisions (e.g. information about the contracting party). It may sometimes be necessary for the conclusion of a contract for a data subject to provide us with personal data that we in turn must process. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with said data subject.

Failure to provide the personal data would mean that it would not be possible to conclude the contract with the data subject. Prior to the data subject providing personal data, the data subject must first contact one of our employees. Our employee will inform the data subject on a case-by-case basis whether the provision of personal data is legally or contractually prescribed or necessary for the conclusion of the contract, whether there is an obligation to provide personal data and what the consequences of failing to provide personal data would be.

16. Existence of automated decision-making

As a responsible company, we do not employ automated decision-making or profiling.

17. SSL or TLS encryption

For security reasons and in order to protect the transmission of confidential material that you send us as the operator of the website, our website uses SSL or TLS encryption. This encryption set-up prevents third parties from being able to read data that you transmit via this website. You can see that a connection is encrypted in the “https://” address line of your browser and the browser-line lock icon.

18. Use of Vimeo plug-ins

We use Vimeo, among other providers, to integrate videos into our website. Vimeo is operated by Vimeo, LLC, which is headquartered at 555 West 18th Street, New York, New York 10011, USA.

We use plug-ins from the provider Vimeo on some of our website’s pages. If you access the pages of our website featuring such a plug-in – for example, our media library – a connection is established with the Vimeo servers and the plug-in is shown. Information about which of our pages you visited is thereby transmitted to the Vimeo server through the plug-in. If you are logged in as a Vimeo member, Vimeo will link this information to your personal user account. When using the plug-in, for example by clicking on the start button of a video, this information is also linked to your user account. You can prevent such information from being linked to your account by logging out of your Vimeo user account before using our website and deleting the corresponding Vimeo cookies.

The purpose and extent of data collection and the further processing and use of data by Vimeo, as well as your related rights and options to choose settings to protect your privacy, may be found in Vimeo’s privacy policy available at https://vimeo.com/privacy.

19. Google fonts

We incorporate fonts from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/; opt-out: https://adssettings.google.com/authenticated.

20. Online social media accounts and channels

We have online accounts and channels within social media networks and platforms to be able to communicate with clients, interested parties and users who are active on such sites and to inform them about our services. The terms and conditions and the privacy policies of the respective operators apply whenever visiting the respective networks and platforms.

Unless otherwise indicated in our privacy policy, we process users’ data if they provide us with such information within social networks and platforms, e.g. by posting comments to our online accounts and channels or sending us messages.