COSMO CONSULT AG (Schöneberger Str. 15, 10963 Berlin, Phone: +49 (0)30-3438 15-0, email: email@example.com) takes the protection of personal data very seriously. We treat your personal data as confidential and in accordance with both legislative data protection regulations and this data protection declaration.
In what follows you will find information on how Cosmo Consult collects and uses personal data, in particular what data is collected during your visit and how it is used. In section number 4 we provide you with information about your rights under the EU Data Protection Regulation and how you can exercise those rights.
We will not share your personal data with third parties without your consent or without a legal obligation; we will use it only for the technical administration of the web pages. If you are one of our customers, we will use your data for customer management and for marketing only to the extent required and legally permitted. As one of our customers, you are always entitled to revoke permission for the promotional use of your data at any time.
Personal data will only be collected or transmitted to state institutions and authorities within the context of mandatory national legislation.
Here we now offer you the possibility to conclude an EU-DSGVO-compliant contract agreement with us: SharePoint Link
Simply log in here with your YourCOSMO user account. Find more detailled information on 3.2 Order Data Processing Agreement.
1.1 Personal data
1.3 Google AdWords and conversion tracking
1.4 Google AdWords and remarketing
1.5 Google Analytics
1.6 Use of the XING button
1.7 Use of Facebook Social Plugins
1.8 Use of Google+ plugins (e.g. the "+1" button)
1.9 Use of Twitter plugins (e.g. The "Tweet" button)
1.10 Use of LinkedIn plugins
1.11 Contact requests
1.12 Comments and contributions
1.14 Objection to advertising emails
1.15 Amendment to the data protection declaration
1.16 Revocation, amendments, corrections and updates
2.0 Data Protection Officer
3.0 Members of the joint Controllership Agreement
3.1 Overview of all Partners and Contractors
3.2 Order Data Processing Agreement
3.3 Data protection and Data Security at COSMO CONSULT
The object of this data protection declaration is the collection, processing and use of personal data by the website www.cosmoconsult.com and by Cosmo Consult Group as a service provider.
Our website can generally be used without providing personal data. Personal data, such as the user's name, address, telephone number or email address, is only recorded if the user provides this information voluntarily. We use the personal data provided solely to meet your requirements.
We will process your personal data for the following purposes.
a) Contract fulfillment
We will process your data in order to be able to fulfill our contracts. This also applies to information that you provide to us in the context of pre-contractual correspondence. The specific purpose of the data processing depends on the product and the application submitted; it may also be used to analyze your needs and to determine which products and services are suitable for you. For the fulfillment of the contract we need your name, your address, and your telephone number or e-mail address, so that we can contact you. We also need your personal data in order to determine whether we can offer you products and services and if so which ones. You can find details concerning the respective purposes of the data processing in the contract documents and our general terms and conditions.
This data processing is done on the basis of Article 6 (1) b GDPR.
b) To strengthen and optimize the customer relationship
As part of our effort to continuously improve our relationship with you, we occasionally ask you to participate in our customer surveys. The results of the surveys allow us to better tailor our products and services to your needs. This data processing is done on the basis of Article 6 (1) f GDPR.
c) Data processing and data analysis for marketing purposes
Your needs are important to us, and we try to provide you with information about products and services that suit you perfectly. In the course of doing so, we make use of what we have learned during our joint business relationship and we use market research. Our main goal is to adapt our product suggestions to your needs. In this context, we guarantee that we will always process the data in accordance with applicable data protection laws. Please note: You are always entitled to revoke permission for the use of your data for this purpose at any time.
What specifically do we analyze and process?
This data processing is done on the basis of Article 6 (1) f GDPR.
d) E-mail marketing and newsletters
After you have registered via our customer portal, you will be able to receive newsletters and e-mails adapted to your needs that provide information about interesting trade fairs, news about our company, invitations to customer events, etc. To send you this information we only need your e-mail address; all other information is voluntary. You are always entitled to choose not to receive these personalized notifications and the newsletter at any time.
The processing of your data for this purpose is based on your consent in accordance with Article 6 (1) a of the GDPR. The effectiveness of electronically given consent such as it is used in the registration for the newsletter, is subject to certain requirements by law. This also includes documenting your declaration of consent. We therefore record the date and time when consent was given, the text of the declaration of consent, the fact that the checkbox was selected, your e-mail address and all other voluntarily provided information. We also log the date and time of the click on the confirmation link as well as the link in the confirmation e-mail. We only collect this information in order to comply with legal obligations.
You have the right to revoke your consent at any time. However, the revocation of consent does not affect the legality of the processing up to the revocation.
COSMO CONSULT informs its existing and prospective clients about its products and events on the basis of COSMO CONSULT’s legitimate interest. For this purpose, data stored by COSMO CONSULT are used insofar as they are required. You have the right to object to such use of your data at any time.
e) Measures for your security
The situations in which we use your personal data include:
This data processing is done on the basis of Article 6 (1) f GDPR.
f) On the basis of your consent
If you have granted consent for the processing of your personal data for one or more specified purposes, then it is permissible for us to process your data. You may revoke your consent with a view to the future at any time without incurring any cost other than the base rate for transmission (the cost of your Internet connection). However, the revocation of consent does not affect the legality of the processing up to the revocation.
The processing of this data for this purpose is done on the basis of Article 6 (1) a of the GDPR.
g) On the basis of legal requirements or in the public interest
As a company, we are subject to a wide variety of legal requirements (for example, arising from tax legislation). In order to comply with our legal obligations, we process only the personal data that is absolutely necessary for that purpose.
In accordance with applicable data protection regulations, we do not store your personal data longer than is necessary for the purpose of the processing concerned. When the data is no longer required for the fulfillment of contractual or legal obligations, we regularly delete it, unless it is necessary to store it temporarily. The following reasons may be grounds for retaining the data:
Web pages sometimes use so-called cookies. Cookies are small text files that allow specific device-related information to be saved on the device used by the user (PC, smartphone, or similar) to access the web page. On the one hand, they serve the user-friendliness of web pages and thereby the users (e.g. saving login data) and on the other hand they serve to gather statistical data on website use in order to analyse this to improve what is on offer.
You can configure your browser in such a way that you are informed of the placement of cookies and only allow them on a case-by-case basis, exclude the acceptance of cookies for specific cases or in general, and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.
To call attention to our services, we place Google AdWords ads and also use Google conversion tracking as a part of this.
With the help of cookie technology, Google and we as a customer are informed when a user clicks on an advertisement and is sent to our web pages. This information is used exclusively for advertisement optimization and for statistical evaluation. We do not receive any information that could allow the user to be personally identified. The statistics provided to us by Google contain only the overall number of users who have clicked on our advertisements, and whether they were sent to a page of our website provided with a conversion tag, if applicable.
If you do not want this to happen, you can prevent the cookie required for this technology from being saved, for example in your browser settings. In this case your visit is not included in the user statistics.
In addition to conversion tracking, we also use the remarketing function in Google AdWords. As a result, if you have already visited our web pages and shown interest in our services, advertising messages based on your interest will be shown the next time you use the Google search function or call up web pages belonging to the Google Display Network.
This website uses Google Analytics, a web analysis service from Google Inc. ("Google"). Google Analytics uses so-called "cookies", which are text files that are saved on your computer and allow use of the website to be analysed. The information generated by the cookie on the use of this website (including your IP address, which is however anonymised with the method _anonymizeIp() so that it can no longer be assigned a connection) is sent to a Google server in the USA and saved there.
Google uses this information to evaluate your user behaviour on the website, to compile reports on website activities for the website operator and to provide other services associated with website and Internet usage. Google may transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google. Google will never connect your IP address with other data from Google. You can prevent the installation of cookies by using the appropriate setting in your browser software. However, we would like to inform you that in this case you may no longer be able to use all of this website's functions to their full extent. By using this website you consent to the processing of the data recorded on you by Google in the previously described way and for the previously described purpose.
You can object to the future collecting of data by Google Analytics by installing a deactivation add-on for your browser (https://tools.google.com/dlpage/gaoptout?hl=en-GB). As an alternative to the browser add-on or for when browsing with mobile devices, please click on this link to prevent the gathering of data by Google Analytics from this website in future (the opt-out only functions in this browser and only for this domain). This will store an opt-out cookie on your device. If you delete the cookies in this browser, you must click on this link again.
Our website uses functions from the XING network. The provider is XING AG, Dammtorstrasse 29–32, 20354 Hamburg, Germany. Every time one of our pages is accessed that contains XING functions, a connection is made to XING servers. To our knowledge, no personal data is stored in the process. In particular, no IP addresses are stored and user behaviour is not evaluated.
Our website uses Social Plugins ("plugins") from the social network facebook.com, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA ("Facebook"). Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland is legally responsible for all users outside of the USA and Canada. The Facebook Social Plugins are characterised by one of the Facebook logos (white "f" on a blue tile, the term "like" or a "thumbs up" symbol) or are provided with the "Facebook Social Plugin" add-on. The list and the appearance of Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/.
If you access a website that contains such a plugin, your browser will establish a direct connection with Facebook's servers. The content of the plugin is transmitted from Facebook directly to your browser and embedded in the website by the browser. As a website provider, we have no influence on the scope of the data that Facebook gathers using this plugin and therefore inform you of the following, according to our present knowledge:
The embedded Facebook Social Plugins transmit to Facebook the information that a user accessed the corresponding website. If the user is logged in to Facebook at the time, Facebook can assign the visit to the user's Facebook account. If an interaction occurs between the user and the plugin, for example if the user presses the "Like" button or writes a comment, the corresponding information will be sent from the browser directly to Facebook and will be stored there. Even if a user is not a member of Facebook, there is the possibility that Facebook will find out the user's IP address and store it. According to Facebook, in Germany only anonymised IP addresses are saved.
To find out more about the purpose and scope of data gathering and the further processing and use of the data by Facebook, and your rights and configuration options for the protection of your privacy in this respect, please see Facebook's data policy: https://www.facebook.com/about/privacy/.
If you are a member of Facebook and do not want Facebook to collect information about you via our web pages and to link with your member data saved on Facebook, you must log out of Facebook before visiting our website. Additional settings and objections to the use of data for advertising purposes are available within the Facebook profile settings: www.facebook.com/settings.
On our website we use so-called social plugins ("plugins") from the social network Google+, which is operated by Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA ("Google"). Google+ plugins are characterised, for example, by buttons with the "+1" symbol on a white or coloured background. You can find an overview of Google+ plugins and their appearance here: https://developers.google.com/+/plugins.
If you access a page from our website that contains such a plugin, your browser will establish a direct connection with Google's servers. The content of the plugin is transmitted from Google directly to your browser and embedded in the page. As a result of this embedding, Google obtains the information that your browser accessed the corresponding page of our website, even if you do not have a profile with Google+ or are not currently logged in to Google+. This information (including your IP address) is sent from your browser directly to a Google server in the USA and is saved there.
If you are logged in to Google+, Google may immediately assign the visit to our website to your Google+ profile. If you interact with the plugins, for example by pressing the "+1" button, the corresponding information is also sent directly to a Google server and is saved there. The information will also be published to Google+ and displayed there to your contacts.
If you do not want Google to immediately assign the data collected via our website to your Google profile, you must log out of Google+ before visiting our website. You can also completely prevent Google plugins from loading by using add-ons for your browser, for example with the "NoScript" script blocker (http://noscript.net/).
On our website we use so-called social plugins ("plugins") from the microblogging service Twitter, which is operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA ("Twitter"). The plugins are characterised by a Twitter logo, for example in the form of a blue "Twitter bird". You can find an overview of Twitter plugins and their appearance here: twitter.com/about/resources/Buttons.
If you access a page from our website that contains such a plugin, your browser will establish a direct connection with Twitter's servers. The content of the plugin is transmitted from Twitter directly to your browser and embedded in the page. As a result of this embedding, Twitter obtains the information that your browser accessed the corresponding page of our website, even if you do not have a profile with Twitter or are not currently logged in to Twitter. This information (including your IP address) is sent from your browser directly to a Twitter server in the USA and is saved there.
If you are logged in to Twitter, Twitter may immediately assign the visit to our website to your Twitter account. If you interact with the plugins, for example by pressing the "Tweet" button, the corresponding information is also sent directly to a Twitter server and is saved there. The information will also be published to your Twitter account and displayed there to your contacts.
You can change your privacy settings on Twitter in the account settings at twitter.com/account/settings.
If you do not want Twitter to immediately assign the data collected via our website to your Twitter account, you must log out of Twitter before you visit our website. You can also completely prevent Twitter plugins from loading by using add-ons for your browser, for example with the "NoScript" script blocker (http://noscript.net/).
On our website we use so-called social plugins ("plugins") from the social network LinkedIn, which is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA ("LinkedIn"). You can recognise LinkedIn plugins on our website by the LinkedIn logo or the "recommend" button.
If you access a page from our website that contains such a plugin, your browser will establish a direct connection with LinkedIn's servers. The content of the plugin is transmitted from LinkedIn directly to your browser and embedded in the page. As a result of this embedding, LinkedIn obtains the information that your browser accessed the corresponding page of our website, even if you do not have a profile with LinkedIn or are not currently logged in to LinkedIn. This information (including your IP address) is sent from your browser directly to a LinkedIn server in the USA and is saved there.
If you are logged in to LinkedIn, LinkedIn may immediately assign the visit to our website to your LinkedIn account. If you interact with the plugins, for example by pressing the "LinkedIn" button, the corresponding information is also sent directly to a LinkedIn server and is saved there. The information will also be published to your LinkedIn account and displayed there to your contacts.
Some pages on our website offer you the option of contacting us. We will only use information transmitted in this way to process your request. Data collected in this way will not be passed on to third parties or reconciled with data that may have been collected by other components of our website.
If you leave comments on the blog or contribute to our website in any other way, your IP addresses will be saved. This measure serves to protect us if illegal content (offensive comments, forbidden political propaganda etc.) is present in comments and/or other contributions. In this case, we as the website operator can be prosecuted for the illegal comment or contribution and are therefore interested in the author's identity.
We will inform you of what we offer via a newsletter. To subscribe to our newsletter you need a valid email address, which you must also confirm. To do this, we will send a confirmation email to the email address you have provided. You will receive the information you have requested from us only after confirming this email. The "Name" field is declared as an obligatory field in the newsletter as it makes it possible for us to address you personally.
When you register for our newsletter, we will save your IP address and the date and time of your registration. This helps to protect us if a third party misuses your email address and subscribes to our newsletter without your knowledge. The data collected in this way will be used exclusively for the delivery of our newsletter. We will not collect additional data or pass your data on to third parties. There will also not be any reconciliation of data collected in this way with data that may have been collected by other components of our website.
You may revoke your consent to the saving and using of this data at any time. The revocation can be initiated via a link in the newsletter or by sending a message to the address provided in the imprint.
The use of contact data published in compliance with German legislation on providing company information for sending advertisements and informational material that is not expressly requested is hereby rejected. The operators of the web pages expressly reserve the right to take legal action in the event of unsolicited advertising information being sent, for example via spam emails.
We reserve the right to amend this data protection declaration from time to time based on updates of this website. We therefore recommend that you visit this website regularly to make sure that you agree with the amendments.
You have the right to access the information on your stored personal data, its origin and recipients, and the purpose of data processing free-of-charge and at any time, and you also have the right to correct, block or delete this data. For this purpose and in case of additional questions on the topic of personal data, you may contact us at any time at the address provided in the imprint.
If you have questions regarding the processing of your personal data or require additional information on the topic of data protection, please do not hesitate to contact our data protection manager.
Mr Marco Schröder
2b Advice GmbH
As the joint controllership body, COSMO CONSULT Group, the companies listed here have entered into a data protection agreement in accordance with Article 26 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter: GDPR) as amended.
COSMO CONSULT has concluded data processing agreements with strategic partners and other service providers in accordance with Article 28 GDPR with effect for all companies of the group. COSMO CONSULT uses the service providers listed as approved subcontractors.Here you can find the Overview of all Contractors and Partners.
Article 28 ff. EU-GDPR lays out detailed statutory rules on the processing of personal data by service providers. If you pass on personal data of your company, business partners or customers, it is important that you do so in a manner that is legally compliant and in accordance with the new EU Regulation.
If you have your customer data processed directly or remotely by COSMO CONSULT or if you make it available to us for the purpose of processing service requests, we are now offering the opportunity for you to conclude an EU-GDPR-compliant contract agreement with us that guarantees you complete legal certainty. In order to make the necessary processes as convenient and transparent as possible for you, an application form is available under the following link:SharePoint Link
Simply log in here with your YourCOSMO user account.
In the online form you can then enter the specific details about the type and scope of the data to be processed. On the basis of this, we will create a processor contract tailored to your needs. Please note: No additional costs arise for you in connection with the application or preparing or concluding the contract!
COSMO CONSULT has taken measures in the areas of construction, personnel, organization and technology that ensure the security of objects and data, as well as uninterrupted operations.
The technical and organizational data-protection measures deal with the following:
As a general principle, the technical and organizational measures of COSMO CONSULT are affected by technological progress and continuing development. COSMO CONSULT will take all measures necessary to increase security. You can download the current documentation of the technical and organizational measures "Data Protection and Data Security at COSMO CONSULT" here.
You always have the right to receive information about your stored personal data, its origin, the recipients of that data as well as the the purpose of the data processing free of charge at any time. If the data is not correct, you are entitled to require us to correct it or, if it is incomplete, to remedy that. If we have given your data to third parties with your consent, we will inform them of this action in certain legal circumstances.
If the data processing is done in the public interest or on the basis of a balance of interests, you have the right to object to the data processing for reasons arising from your particular situation.
If your data is no longer needed for the original purpose, you have revoked your consent and there is no other legal basis for processing the data, or if your data is being processed unlawfully, you are entitled to require us to delete your data. This also applies if your objection to the processing is legally effective or your data must be deleted to fulfill a legal obligation.
Please note that before deleting your data, we must confirm that there is no legitimate reason or legal obligation to process your personal data.
You are entitled to demand that the processing of your data be restricted if you dispute the accuracy of the data, we still need the data in order to assert legal claims, the data is being processed unlawfully or you have objected to the processing and the review of your case is still pending.
If you provide us with personal data, you have the right to receive that data on request in a transferable and machine-readable format or to have that data provided to another person named by you.
Of course, you also have the right to lodge a complaint with the competent authority at any time if our conduct in relation to your personal data gives you grounds to do so.