Skip to content
Hybrick Logo

Data privacy

Data protection information according to Art. 13 GDPR

In the following, we will inform you about why and how personal data is processed when you visit our website and use the contact forms offered on the website:

 

I. Responsibility:

(1) The controller responsible for the processing of personal data on this website is

Hybrick GmbH
Törringstraße 22
D-81675 München

Entry in the Commercial Register Munich Local Court HRB 282280

 

Represented by

Moritz Kränkl, Peter Forster

 

Contact details

T: +49 30 856 215 781
Email: contact-hybrick@investa.de

Please send data protection inquiries for Hybrick to our data protection team

Hybrick GmbH
co: Investa Holding GmbH
Data Protection Team
Düsseldorfer Straße 15
65760 Eschborn

Email: datenschutzteam-hybrick@investa.de

 

(2) As part of the Investa Group, Hybrick has appointed an external data protection officer with the competent supervisory authorities in accordance with Art. 37 GDPR. We will be happy to provide you with his personal contact details on request.

(3) The website is maintained by service providers on our behalf and in accordance with our instructions. If necessary, contracts for order processing are concluded with service providers.

 

 

II. Data processing when using the website:

 

1) Usage data:

Each time an Internet file is requested, the following personal access data is stored by Hybrick, Investa and service providers for statistical analyses:

the page from which the file was requested,

the name of the called file,

the date and time of the request,

the amount of data transmitted,

the access status (file transmitted, file not found, etc.),

the type of access (GET, POST),

the browser or operating system used,

the IP address of the requesting computer,

the session ID

Cookies

For reasons of functionality, data security, to clarify unauthorised access or to prevent misuse of the website, the complete IP address of the requesting computer is recorded, stored and automatically deleted 14 days after the end of access.

 

2) Purposes of the processing

– Provision of our online services and user-friendliness.
– Contact enquiries and communication.
– (Virtual) security measures of the website
– Contractual benefits and service

 

3) Contact form:

If you provide us with personal data as part of an enquiry via our contact form, we will use this data to fulfil our tasks, your order and exclusively for the purpose for which you provide us with this data.

The provision of your personal data for processing your enquiry is voluntary. In the course of processing your enquiry, it may be necessary for us to request further data and information from you. If you do not wish to provide us with further information in such a case, this will not have any direct legal consequences. In individual cases, however, it is possible that failure to provide the requested information may make it difficult or impossible to process your enquiry. If you contact us using the contact form provided on the website, this is done on the basis of your consent (Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time, optimally in writing by e-mail to the contact details given under point I. of this data protection information.

 

4) Use of Matomo (without cookies) for web analysis / user analysis using Matomo

Our web pages are analysed using the Matomo tool to determine how the individual pages are visited (frequency of visits, duration of visits, bounce rate). We use the web analysis tool Matomo on our website to statistically analyse visitor access. Matomo is an open source software that helps us to better understand the behaviour of our users and to optimise our website.

For the above reasons, the legal basis for these surveys is Art. 6 para. 1 lit. f) (legitimate interest of the controller).

We use Matomo configured in such a way that no cookies are set. The analysis is carried out exclusively on the basis of anonymised data collected without the use of cookies. In particular, the following information is processed:

– Your anonymised IP address (shortened by the last digits so that no conclusions can be drawn about your identity)
– The page visited and the time of access
– The page of origin (referrer), if you have reached our website via an external link
– Browser used, operating system and screen resolution

As Matomo works without cookies in this configuration, no explicit consent is required. The data processing is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, as it serves to improve our website and the user experience. If you do not want your visits to be statistically recorded, you can object here:

 

Further information on data processing by Matomo can be found at: https://matomo.org/privacy/.

 

5) Relevant legal bases

In the following, we inform you of the legal basis of the General Data Protection Regulation (GDPR), on the basis of which we process personal data.

a) Consent (Art. 6 para. 1 sentence 1 lit. a GDPR)
The data subject has given their consent to the processing of their personal data for a specific purpose or several specific purposes (e.g. newsletter registration).

b) Contract fulfilment and pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR)
Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract

c) Legal obligation (Art. 6 para. 1 sentence 1 lit. c. GDPR)
Processing is necessary for compliance with a legal obligation to which the controller is subject

d) Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR)
Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data (e.g. functionality of the website).

 

6) Data erasure and storage duration

We will only store your data for as long as is necessary for the respective purposes. Personal data will be deleted by us or only stored to a limited extent as soon as the last specific purpose has been fulfilled.

For the implementation of pre-contractual measures via our contact forms, this takes place, for example, until the actual conclusion of the contract.

Use for a legitimate interest, e.g. to verify claims

Data that we believe may be necessary to investigate, defend or bring claims against you, us or third parties may be retained by us for as long as such proceedings may be possible.

Use for customer service and marketing purposes

For customer service and marketing purposes, the data collected from you may be stored for 3 to 10 years after collection, unless you request the deletion of this data and there are no contractual or statutory retention obligations that conflict with this deletion request.

 

7) Advertising consent, newsletter, contact forms

If you provide us with your personal data for these purposes, you trigger a so-called double opt-in procedure. Only after confirming a separate link will your data be permanently processed and stored for the intended purposes. In these cases, your data is processed on the basis of your consent.

 

8) Reach measurement & cookies

This website uses session cookies for service processing, which are transferred to the user’s browser either from our server or the server of a third party. Cookies are small files that are stored on your end device. Your browser accesses these files. The use of cookies increases the user-friendliness and security of this website.
Most browsers are set to accept cookies. However, you can deactivate the storage of cookies in your browser at any time or set your browser so that you receive a message as soon as cookies are sent. However, we would like to point out that you may then not be able to use all the functions of this website.
Only session cookies are currently used. Your usage behaviour is not measured.

 

9) Data forwarding to third parties

User data is only forwarded to third parties if this is permitted by law or if a user has consented to the forwarding. This is the case, for example, if the forwarding of the data serves to fulfil contractual obligations towards the user.

 

10) Recipients or categories of recipients

As a rule, personal data that you provide to us about yourself will only be processed by Hybrick. If we use service providers for our website who process personal data on our behalf, we conclude order processing agreements with them in accordance with Art. 28 GDPR.

 

11) Newsletter dispatch

If you wish to receive the newsletter offered on the website, we require an e-mail address from you. Registration for the newsletter takes place using the double opt-in procedure. We use the “double opt-in” procedure (DOI procedure) to check that a registration is actually made by the owner of an e-mail address. This means that following your newsletter registration, you will receive an e-mail in which you must confirm your registration again. This prevents unauthorised persons from registering with your email address. Your registration for the newsletter is logged via (storage of the time of registration and confirmation and the IP address). With the help of the logging, the registration process can be verified in accordance with legal requirements. The legal basis for logging is Art. 6 para. 1 lit. f GDPR: Our legitimate interest arises from the fact that we use a secure and user-friendly newsletter system that is useful for sending and protects the personal data of newsletter subscribers. It also allows us to provide proof of consent.
The legal basis for sending the newsletter and the associated performance measurement is based on the consent of the data subject (recipient) in accordance with Art. 6 para. 1 lit. a GDPR, Art. 7 GDPR.
If applicable, for existing customers also on the basis of Art. 6 para. 1 lit. f) GDPR in conjunction with Section 7 para. 2 no. 3 UWG or on the basis of the legal authorisation pursuant to Section 7 para. 3 UWG and Art. 6 para. 1 lit. f) GDPR. Our legitimate interest in measuring success arises from recognising the reading habits of our users based on newsletter openings, opening times and clicked links in order to be able to create and send them interest-based and useful content.
You can object to the further delivery of the newsletter at any time by clicking on the unsubscribe link displayed at the end of each newsletter or by sending us an informal e-mail with the subject “Unsubscribe newsletter” to the e-mail: datenschutzteam-hybrick@investa.de.

 

12) Whitepapers, Webinars / Requirement for the use of free services:

Via our website, we offer you the opportunity to take advantage of white papers and free webinars as free services. As a prerequisite for receiving these free services, consent to the sending of our newsletter can be made dependent. You can revoke your consent to the sending of advertising in the form of newsletters at any time and unsubscribe at any time via the unsubscribe link in every newsletter, for example.

 

13) Whitepapers:

To download the free white papers offered by us via our website, you must provide an e-mail address and optionally your first name, surname and company name. The use / downloading of the contents of the whitepapers is free of charge, but with the consent of the person concerned that in return consent is given to receive advertising mailings (see newsletter). After requesting the download of the whitepaper, you will receive a double opt-in e-mail with which you must confirm your consent to receive the whitepaper. This prevents unauthorised persons from misusing your e-mail address. In order to receive the whitepaper, you must confirm the registration link in the registration e-mail.

The storage period for the registration for the whitepaper and newsletter is generally as long as the consent to the newsletter dispatch is not revoked.

 

14) Rights of data subjects under the GDPR

As a data subject, you have various rights under the GDPR, which arise in particular from Art. 15 to 18, 21 GDPR:

a) Right to information:
You can request information about your personal data processed by us in accordance with Art. 15 GDPR. In your request for information, you should specify your request in order to make it easier for us to compile the necessary data.

b) Right to rectification:
If the information concerning you is not (or no longer) correct, you can request a correction in accordance with Art. 16 GDPR. If your data is incomplete, you can request that it be completed.

c) Right to cancellation:
You can request the erasure of your personal data under the conditions of Art. 17 GDPR. Your right to erasure depends, among other things, on whether the data concerning you is still required by us for the fulfilment of our legal tasks or whether legitimate interests conflict with the erasure.

d) Right to restriction of processing:
Within the framework of the provisions of Art. 18 GDPR, you have the right to request that the processing of data concerning you be restricted.

e) Right to object:
In accordance with Art. 21 GDPR, you have the right to object to the processing of data concerning you at any time for reasons arising from your particular situation. However, we cannot always comply with this, e.g. if a legal provision obliges us to process the data or if legitimate interests conflict with this.

You can assert your aforementioned data subject rights against us at any time, preferably in writing by e-mail to our data protection team:

Hybrick GmbH, co: Investa Holding GmbH
Data protection team, Düsseldorfer Straße 15, 65760 Eschborn
E-mail: datenschutzteam-hybrick@investa.de

 

15) Right to lodge a complaint

Without prejudice to any other administrative or judicial remedy, every data subject has the right to lodge a complaint with a supervisory authority if the data subject considers that the processing of personal data relating to him or her infringes the GDPR (Art. 77 GDPR). The data subject may exercise this right before a supervisory authority in the Member State of their habitual residence, place of work or place of the alleged infringement.

If you have any questions about data processing or data protection with us, you can contact our data protection team or our data protection officer at any time, ideally by e-mail to datenschutzteam-hybrick@investa.de.