Data protection statement
As the operator of this website, we take the protection of your personal data extremely seriously. We will handle your personal data confidentially and in accordance with statutory data protection regulations and this data protection statement. You can use our website without having to input personal data. Where personal data (e.g. name, address, email address etc.) is collected on this site, it is collected on a voluntary basis wherever possible. This data will not be shared with any third party without your express permission. For security reasons, our website uses SSL or TLS encryption, which ensures that data transmitted via the site cannot be accessed by any third party.
Nonetheless you should be aware that data transfer via the Internet (e.g. via email) is never wholly secure and the protection of your data against third party access cannot be guarantee.
1. Name and contact details for the data controller responsible for data processing and for the company data protection officer
This data protection information applies to the processing of data by:
Data controller: HBI Helga Bailey GmbH, represented by its managing directors Corinna Voss and Helga Bailey, Stefan George Ring 2, 81929 Munich, email email@example.com,
tel. +49 (0)89 99 38 87-0, fax +49 (0)89 930 24 45.
2. Collection and storage of personal data and type and purpose of use of personal data
a) When you visit our website
When you visit our website, the browser used on your device will automatically send information to our server. This information will be temporarily saved in a logfile. The following information will be captured and stored until it is automatically deleted:
- IP address of requesting computer
- Date and time of access
- Name and URL of file accessed
- Website you were on before visiting ours (referrer URL)
- Browser type used and version and where applicable your computer’s operating system and the name of your access provider
- Websites accessed by user via our website
The aforementioned data will be used by us for the following purposes:
- Establishing a trouble-free connection to our website
- Guaranteeing ease of use of our website
- Evaluation of system security and stability
- Other administrative purposes
The legal basis for data processing is art. 6 para. 1 f) GDPR. Our legitimate interest lies in the aforementioned purposes of data collection. In no circumstances will the data collected be used to identify you. Logfiles and their contents are stored for a maximum of 7 days and then deleted, unless they are required for the clarification or documentation of an abusive or illegal use that has become known within the retention period.
b) When you subscribe to our newsletter
You can subscribe to a free newsletter on our website. If you have expressly agreed to the double opt-in procedure in accordance with Art. 6 para. 1 a) GDPR, we will use your e-mail address to send you our newsletter on a periodic basis. To receive the newsletter, it is sufficient to provide an e-mail address. When registering for the newsletter, the IP address of the accessing computer and the date and time of registration are also transmitted.
You can unsubscribe at any time by, for example, clicking on the link at the end of every newsletter. Alternatively you can email us at firstname.lastname@example.org. When you unsubscribe from the newsletter, we delete your e-mail address.
c) When you use our contact form
For questions of any kind, you can contact us using the contact form on our website, for which you will have to enter your first name, surname and email address so that we know who has sent the enquiry and so that we can respond. Other information can be provided voluntarily.
If you would like to use our chat to contact us quickly and directly, you first have to agree to use the chat. When using the chat, a cookie is set (see 5 c) HubSpot). If you chat with us, only your IP address will be saved. All other data that you provide us with in the context of the chat will be answered if necessary to process further questions.
Data processing for the purpose of contacting us and processing, documenting and following up your enquiry is carried out in accordance with Art. 6 para. 1 b) or f) GDPR. Your data will be deleted as soon as your enquiry has been answered and there is no other purpose for storage.
3. Data sharing
Your personal data will not be shared with any third party for any purpose other than those defined in this data protection statement. A commercial sale of your personal data expressly does not take place.
Your personal data will be shared with third parties only if:
- You have given your express consent under art. 6 para. 1 a) GDPR
- The sharing is required under art. 6 para. 1 f) GDPR for the assertion of or defence against claims or for the exercise of rights and there are no grounds for supposing that you have an overwhelming interest in your data not being shared
- There is a statutory obligation to do so as per art. 6 para. 1 c) GDPR
- The sharing is permissible under statute and under art. 6 para. 1 c) GDPR is necessary for the processing of contractual relations with you.
Cookies contain information relating to your specific device, but this information cannot be used to identify you.
Also, for the purposes of increasing user-friendliness, we also use temporary cookies, which are stored on your device for a specific period. If you revisit our site, it will automatically recognise that you have visited the site before and will recall the data you inputted and the settings you selected so that you don’t have to input/select them again.
The use of all the company’s websites implies the consent for those cookies that are absolutely necessary for their functioning. In addition, you can give us consent to use other cookies (e.g. for analysis and marketing purposes). This request is always made before using our websites for the first time and serves as the legal basis for the processing of personal data (title, title, name, company, IP address, user information, etc.), which is automatically collected by our websites, on the basis of Art. 6 para. 1 a) GDPR.
Most browsers accept cookies automatically. You can however adjust your browser’s settings so that cookies are not saved on your computer or so that you are notified in advance before cookies are accepted. However, if you completely deactivate cookies, you may not be able to use all the functions of our website.
5. Analysis tools
The following tracking measures are used by us on the basis of art. 6 para. 1 a) GDPR and are intended to ensure the smooth operation and ongoing optimisation of our website. We also use these tracking measures to statistically evaluate the use of our website and for the purposes of optimisation and to evaluate our services. These interests are legitimate in the sense intended by the aforementioned provisions.
The purposes of the data processing and the data categories involved can be inferred from the tracking tools involved.
a) Google Analytics
- Browser type/version,
- Operating system used
- Referrer URL (the site you were on before ours)
- Hostname of accessing computer (IP address)
- Time of server request
– is transferred to, and saved on a Google server in the US. This information will be used to evaluate the use of our website, to compile reports on website activity and to provide additional services connected with website and Internet usage for the purposes of market research and the optimum delivery of this website. This information may also be shared with third parties where prescribed under statute or where the data in question is to be processed by a third party to order. In no circumstances will your IP address be stored with other Google data. Your IP address will be anonymised so that it cannot be used to identify you (IP masking). On this website IP anonymisation has been activated so that, within the EU and EEA, IP addresses are abbreviated by Google in advance.
In exceptional cases only, the user’s full IP address may be transferred to a Google server in the US and abbreviated there. On behalf of the operator of this website, Google will use this information to evaluate the user’s usage of this website, to compile reports on website activity and to provide the website operator with additional services relating to website usage and Internet usage. The IP address transferred from your browser as part of the Google Analytics service will not be merged with other Google data. You can reject cookies by adjusting your browser settings, although if you do so you may not be able to make full use of all the functions of this website. You can also prevent the capture and processing by Google of the data created by the cookies and based on your use of this website (incl. your IP address) by downloading and installing the browser plug-in at https://tools.google.com/dlpage/gaoptout?hl=en
Instead of the browser add-on, and especially for browsers used on mobile devices, you can prevent Google Analytics capturing your data by clicking on the opt-out link below. This will store an opt-out cookie on your device that prevents the future capture of your data when you visit this website. The opt-out cookie will work only in the browser where it is stored and only for our website and will be stored on your device. If you delete cookies in your browser, you will have to store the opt-out cookie again.
For more information on data protection and Google Analytics visit their help pages at https://support.google.com/analytics/answer/6004245?hl=en
b) Google Ads conversion tracking
In order to capture statistics on the use of our website and to evaluate usage for the purposes of optimising the site, we also use Google Ads conversion tracking. This involves Google Ads placing a cookie (see 4) on your computer when you land on our website via a Google ad.
These cookies are valid only for thirty days and cannot be used to identify you. If the user visits certain pages of the website of a Google Ads customer and the cookie has not yet expired, Google and the customer can establish that the user has clicked on the ad and been forwarded to the page in question.
Every Google Ads customer receives a different cookie. Cookies therefore cannot be tracked via the websites of Google Ads customers. The information obtained using the conversion cookie is used to produce conversion statistics for Google Ads customers who use conversion tracking. These customers can ascertain the total number of users who have clicked on their ad and been taken to a page in which a conversion tracking tag is embedded. The cookies do not however contain any information that can be used to identify users personally.
If you wish to opt out of tracking, you can reject the cookies required for tracking, for example by adjusting your browser settings so that the default acceptance of cookies is deactivated. You can also deactivate conversion tracking by adjusting your browser settings so that cookies from the domain https://ads.google.com are blocked. Google’s data protection notice on conversion tracking can be found at https://services.google.com/sitestats/en.html
You can also prevent data capture by Google Ads by clicking on the opt-out link below. This will involve the placing of a cookie that prevents the capture of your data when you visit this website in the future. The opt-out cookie will apply only for this browser and only for our website and will be stored on your computer. If you delete cookies from you browser, you will have to re-set the opt-out cookie.
On this website we use HubSpot for our online marketing activities. HubSpot is a US-based software company with a branch in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Tel. +353 151 87500.
This involves integrated software for various online marketing activities, including:
Email marketing (newsletters and automated mailings, e.g. for the provision of downloads), social media publishing and reporting, reporting (e.g. traffic sources, access, etc.), contact management (e.g. user segmentation and CRM), landing pages and contact forms.
Our registration service enables visitors to our website to learn more about our company, download content and provide their contact details and other demographic information. This information is saved on the servers of our software partner HubSpot. It can be used by us to contact visitors to our website and to assess which of our services they might be interested in. All the information gathered by us is subject to these data protection regulations. All information captured is used solely for the purpose of optimising our marketing initiatives.
The legal basis for the use of HubSpot services is art. 6 I f) GDPR – legitimate interest. Our legitimate interest in the use of this service is the optimisation of our marketing initiatives and the improvement of our website service.
For more information on HubSpot’s data protection regulations, EU data protection regulations and the cookies used by HubSpot visit: https://legal.hubspot.com/privacy-policy and https://legal.hubspot.com/cookie-policy
If you wish to prevent the capture of data by HubSpot, you can set your browser to reject cookies or use the following opt-out link:
6. Social media
Our website uses links to social networks on the basis of art. 6 para. 1 f) GDPR in order to promote awareness of our company. The commercial purpose of this usage is a legitimate interest in the sense intended by GDPR. Responsibility for adherence to data protection regulations is that of the providers concerned.
The social media buttons we use are individual buttons embedded in the design of our website and are genuine links to the social media providers concerned. Simply visiting any of the pages of the HBI website will not in itself result in the transfer of any data to social media providers. Only when you click on the link in question will data be transferred.
When you visit our website, your browser will create a direct link to the servers of Facebook, which is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereafter “Facebook”). Facebook will thus be informed that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or, if you do have a Facebook account, even if you are not logged in to it at the time. This information (including your IP address) will be transmitted from your browser directly to a Facebook server in the US and saved there.
For more information on the scope and purpose of data collection, the processing and use of the data by Facebook, your rights in this regard and how you can adjust your settings to protect your privacy, see Facebook’s data protection statement at https://www.facebook.com/privacy/explanation
When you visit our website, your browser creates a direct connection with the servers of Instagram, which is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, US (hereafter “Instagram”). This will inform Instagram that your browser has accessed the corresponding page of our website, even if you do not have an Instagram profile or, if you do have one, even if you are not logged in to it. This information (including your IP address) will be transferred from your browser directly to an Instagram server in the US and saved there.
For more information visit https://help.instagram.com/155833707900388
When you visit our website, your browser creates a direct connection to IndustryArena, which is operated by IndustryArena GmbH, Katzbergstrasse 3, 40764 Langenfeld (hereafter “IndustryArena”). This will inform IndustryArena that your browser has accessed the corresponding page of our website, even if you do not have an IndustryArena profile or, if you do have one, even if you are not logged in to it. This information (including your IP address) will be transferred from your browser directly to an IndustryArena server and saved there.
For more information see https://en.industryarena.com/privacy
When you visit our website, your browser creates a direct connection to the servers of Xing, which is operated Xing SE, Dammtorstrasse 30, 20354 Hamburg (hereafter “Xing”). This will inform Xing that your browser has accessed the corresponding page of our website, even if you do not have a Xing profile or, if you do have one, even if you are not logged in to it. This information (including your IP address) will be transferred from your browser directly to a Xing server and saved there.
For more information see https://privacy.xing.com/en/privacy-policy
When you visit our website, your browser creates a direct connection to the servers of LinkedIn, which is operated LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereafter ” LinkedIn “). This will inform LinkedIn that your browser has accessed the corresponding page of our website, even if you do not have a LinkedIn profile or, if you do have one, even if you are not logged in to it. This information (including your IP address) will be transferred from your browser directly to a LinkedIn server and saved there.
For more information see https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
When you visit our website, your browser creates a direct connection to the servers of YouTube, which is operated YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, US (hereafter ” YouTube”). This will inform YouTube which of our website pages you have visited.
If you are logged in to your YouTube account you will enable YouTube to allocate your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.
For more information see https://policies.google.com/privacy?hl=en-GB
Twitter is a microblogging service provided by the American company Twitter, Inc. (795 Folsom St., Suite 600, San Francisco, CA 94107). If you use our services, e.g. if you visit one of our websites that contains a Twitter button, your browser will also establish a direct connection to the Twitter servers and the button will be loaded from there. In doing so, the information is transmitted to Twitter that our website has been accessed. Even if you are not logged in, Twitter may collect and save usage data.
If you click on the Twitter buttons and “tweet” information via the Twitter window that opens, you transmit the tweeted information to Twitter. This information is then published in your Twitter user profile.
7. Data subject rights
You have the right:
- under art. 15 GDPR to be informed as to the personal data of yours that we are processing. You especially have the right to be informed of: the purpose of the processing; the categories of personal data held; the categories of recipients with whom your data is or has been shared; the planned storage duration; the existence of your right to correction, deletion, restriction of processing and to object; the existence of your right to complain; the origin or your data if it hasn’t been collected by us; and the existence of any automated decision-making process, including profiling, and where applicable meaningful information about how it works;
- under art. 16 GDPR to the immediate correction of inaccurate data held by us or the completion of incomplete data held by us;
- under art. 17 GDPR to the deletion of the personal data held by us about you, unless the processing is required for the exercise of the right to freedom of speech or information, for compliance with a legal obligation, on the grounds of public interest or for the assertion of or defence against claims or the exercise of rights;
- under art. 18 GDPR to the restriction of the processing of your personal data insofar as the accuracy of the data is contested by you or the processing is unlawful, but you decline to have it deleted and we no longer need it, but you need it for the assertion of or defence against claims or the exercise of rights, or you have objected to processing under art. 21 GDPR;
- under art. 20 GDPR to have the personal data that you have provided to us issued to you in a structured, current and machine-readable form or to have it transferred to another data controller;
- under art. 7 para. 3 GDPR at any time to withdraw your previously given consent. This will mean that we will with future effect have to cease any data processing based on this consent; and
- under art. 77 GDPR to complain to the supervisory authorities. This usually involves complaining to the supervisory authority responsible for your habitual place of residence or work or for our corporate head office.
8. Right to object
Insofar as your personal data is processed on the basis of legitimate interests under art. 6 para. 1 f) GDPR, you have the right under art. 21 GDPR to object to such processing, provided your objection is based on your specific circumstances or relates to direct marketing. In the latter of these two cases you have a general right to object and do not need to give any specific circumstances.
Should you wish to exercise your right to withdraw your permission or to object, please email email@example.com or send a fax to +49 (0)89 930 24 45.
Both the capture of data for the purposes of providing the website and the storage of data in logfiles are required for the operation of our website. You therefore have no right to object to these processes.
To submit a complaint about the processing of your personal data, contact the Bayerische Landesamt für Datenschutzaufsicht (BayLDA) [Bavarian regional data protection authorities] at https://www.lda.bayern.de/de/beschwerde.html
9. Duration of storage
For the duration of website use or in the event that information or other services are required, the personal data you provide will be stored to the extent allowed and in accordance with GDPR. Your personal data will be deleted or locked as soon as it is no longer required for the purpose for which it was stored. It may be stored for longer if allowed under EU or national legislation in the form of regulations, statutes or other regulations to which the data controller is subject. Except in cases where continued storage is required for formation or performance of contract, data will also be locked or deleted if a storage period specified by the aforementioned provisions expires.
10. Data security
Our website uses the widely deployed SSL (secure socket layer) process in combination with the highest level of encryption supported by your browser, which is usually 256 bit encryption. If your browser does not support this level of encryption, we will revert to 128 bit v3 technology. Whether or not a specific page of our website is encrypted can be determined from the presence of the key or padlock symbol in the status bar at the bottom of your browser.
We also use appropriate technical and administrative security measures to protect your data from accidental or intentional manipulation, partial or total loss, destruction and unauthorised third-party access. Our security measures are continually updated in line with technological developments.
11. Further enquiries
If you have any queries about our data protection rules or the collection of your data, you can contact us at: firstname.lastname@example.org
12. Updating and amendment of this data protection statement
This data protection statement is currently valid and was last amended in September 2020.
As our website and services develop or as statutory or official regulations change, it may be necessary for this data protection statement to be amended. The latest version can always be found at, and printed out from, at https://www.hbi.de/en/datenschutzerklaerung/