Data Privacy Statement

§ 1 Information on the collection of personal data

(1) Please find below information on the personal data that is collected when our website is used. Personal data is all data related to you personally, e.g. name, address, email addresses, IP, user behavior.

(2) The controller in accordance with Article 4 (7) of the EU General Data Protection Regulation (GDPR) is

EasternGraphics GmbH
Albert-Einstein-Str. 1
98693 Ilmenau
email: info@easterngraphics.com (see our Contact section).

You can reach our data protection officer at datenschutz@easterngraphics.com or at our postal address adding the words „the data protection officer“ (“der Datenschutzbeauftragte”).

(3) If you contact us via email or a contact form, we will store the data provided by you (your email address, and, as the situation may be, your name and your telephone number) in order to answer your questions. We will delete any data collected in this context after their storage is no longer required, or we restrict their processing if any statutory storage obligations apply.

(4) If we use the service of service providers for individual functions of the services offered by us or if we wish to use your data for marketing purposes, we will inform you in detail about the related processes. We will also inform you about the criteria according to which the duration of the storage is determined.

§ 2 Your rights

(1) You have the following rights against us with regard to the personal data concerning you:

– right to obtain information,
– right to rectification or erasure,
– right to restriction of processing,
– right to object to processing,
– right to data portability.

(2) In addition you have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data by us.

§ 3 Collecting personal data when visiting our website

(1) If you use the website solely for information, i.e. if you do not register or otherwise transmit information to us, only the personal data transmitted by your browser to our server will be collected. If you want to view our website, we will collect the following data, which are required from a technical point of view to show you our website and to guarantee the stability and security (legal basis: Article 6 (1) sentence 1 point f of the GDPR):

- IP address
- Date and time of the query
- Time difference to Greenwich Mean Time (GMT)
- Contents of the request (individual site)
- Access status/http status code
- Transferred individual data volume
- Website from which the request was sent
- Browser
- Operating system and its interface
- Language and version of the browser software.

(2) In addition to the data mentioned above, cookies are placed on your computer when you use our website. Cookies are small text files that are stored on your hard drive and assigned to the browser you have used and through which the site placing the cookie (here: us) obtains certain information. Cookies are not able to execute programs or to place viruses on your computer. Their purpose is to enhance the overall user-friendliness and efficiency of the Internet services offered.

(3) Using cookies:

a) This website uses the following types of cookies with the following scope and functions:

- transient cookies (see b)
- persistent cookies (see c).

b) Transient cookies are automatically erased when you close your browser. This, in particular, includes session cookies. They store a so-called session ID which various queries of your browser can be assigned to one and the same session. Thus your computer can be recognized if you return to our website. The session cookies are erased, when you log out or close the browser.

c) Persistent cookies are erased automatically after a defined period of time which may vary from one cookie to another. You can erase the cookies with your browser’s security settings anytime.

d) You can configure your browser setting according to your needs, for example you can refuse to accept third party cookies or any cookies at all. Please note that, as a consequence, you may not be able to use all functions of the website.

e) We use cookies to be able to identify you during your subsequent visits if you have an account with us. Otherwise you will have to log in again for each visit.

f) The Flash-cookies used are not recorded by your browser records but by your flash plug-in. In addition we use HTML5 storage objects that are placed on your device. These objects store the required data regardless of which browser you use and have no automatic expiry date. If you do not wish the processing of the flash-cookies, you must install the appropriate browser add-on. You can avoid the use of HTML5 storage objects by setting your browser to private mode. We also recommend to regularly delete manually your cookies and your browsing history.

§ 4 Use of social media plugins

(1) We currently use the following social media plugins: [Facebook, Google+, Twitter, LinkedIn] applying the so-called two-click solution. This means that if you visit our website, no personal data will be passed on to the plugin provider in the first instance. You can view the plugin provider by selecting the box over the initial letter of its name or logo. We give you the opportunity to communicate directly with the plugin provider via the button. Only if you enable the selected field by clicking it will the plugin provider be informed that you have accessed the relevant page on our website. The data specified in § 3 hereof is also sent. In the case of Facebook and Xing, the providers have stated that in Germany the IP address is anonymized immediately upon its collection. If you enable the plugin, personal data concerning you will be sent to the plugin provider and stored by it (in the USA in the case of US providers). As plugin providers in particular use cookies to collect data, we recommend that you delete all cookies via your browser’s security settings before clicking on the grayed-out box.

(2) We have no influence over the data collected and the processing operations performed, nor do we have knowledge of the full scope of the data collection, the purposes of the processing, or storage periods. We also have no information regarding erasure of data collected by plugin providers.

(3) The plugin provider stores the information it collects about you as a user profile, which it uses for advertising and market research purposes and/or to tailor its website to the needs of users. In particular, this analysis is carried out (even for users who are not logged in) to serve relevant advertising and in order to inform other social network users of your activities on our website. You have the right to opt out of the creation of these user profiles, but to exercise this right you must refer to the plugin provider. We provide the plugins to enable you to interact with the social networks and other users so that we can improve our website and make it more interesting for you as a user. The legal basis for the use of plugins is Article 6(1) sentence 1 (f) of the GDPR.

(4) The data will be passed on regardless of whether or not you have an account with the plugin provider and are logged into that account. If you are logged in to an account with the plugin provider, the data collected on our website will be directly linked with that account. If the button is activated you click on it and e.g. link to the page, the plugin provider will also store this information in your user account and inform your contacts publicly. We recommend that you log out regularly after using social networks, especially before activating a button, as this will prevent your actions being linked to your profile with the plugin provider.

(5) For further information regarding the purpose and scope of the collection and processing of data by the plugin provider, please see the privacy statements of those providers as specified below. Here you will also find further information about your rights in this regard and settings you can use to protect your privacy.

(6) Addresses of the individual plug-in-providers and URL with their data privacy statements:

a) Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, U.S.A.; https://www.facebook.com/about/privacy
https://www.facebook.com/help/186325668085084

Facebook adheres to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

b) Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, U.S.A.; https://www.google.com/policies/privacy/partners/?hl=de. Google adheres to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

c) Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, U.S.A.; https://twitter.com/privacy. Twitter adheres to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

d) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, U.S.A.; https://www.linkedin.com/legal/privacy-policy. LinkedIn adheres to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

§ 5 Embedding of YouTube videos

(1) We have embedded YouTube videos into our online offer that are stored at https://www.YouTube.com and can be played directly from our website. These videos are embedded in „extended privacy mode“ which means that no data concerning you as a user are transmitted to YouTube if you do not play the videos. Only if you play the videos, the data specified in paragraph 2 hereof will be transmitted. We have no influence over this data transmission.

(2) When you visit the website, YouTube is notified that you have accessed the relevant the page of our website. In this case the data specified under § 3 of this Statement is also transmitted. This happens regardless of whether or not you have a YouTube account or are logged into such account. If you are logged into Google, your data will be directly linked with your account. If you do not want the data to be associated with your YouTube profile, you must log out before activating the button.

YouTube stores your data as a user profile, which it uses for advertising and market research purposes and/or to tailor its website to the needs of users. In particular, this analysis is carried out (even for users who are not logged in) to serve relevant advertising and in order to inform other social network users of your activities on our website. You have the right to opt out of the creation of these user profiles, but on order to exercise this right you must refer to YouTube.

(3) For further information regarding the purpose and scope of the collection and processing of data by YouTube, please see the privacy statement. Here you will also find further information about your rights and settings you can use to protect your privacy: https://www.google.de/intl/en/policies/privacy. Google processes your personal data in locations including the USA and adheres to the EU-US Privacy Shield Framework, https://www.privacyshield.gov/EU-US-Framework.

§ 6 Use of the blog functions

(1) You can make public commentaries in our blog, where we publish various posts regarding topics that are related tour activities. Your commentaries will be published together with the user name you have provided. We recommend you to use a pseudonym and not your real names. Providing a user name and an email address is required, any further information is optional. If you make a commentary, we will continue to store your IP address. We must store it in order to be able to defend ourselves against liability claims in the event of the publication of unlawful contents. We need your email address in order to contact you if a third party criticizes your commentary as being unlawful. The legal basis is Article 6 (1) sentence 1 point b and f of the GDPR. The comments are checked before publication and we reserve the right to delete commentaries that are criticized by third parties as being unlawful.

§ 7 Use of our forum

(1) If you wish to read or actively participate in our forum, you must register by providing your email address, a password selected by you and a user name that you may freely select. You are not obliged to give your real name, using a pseudonym is possible. We verify the registration manually and confirm the successful registration (Only registered manufacturers can access the forum).

If the registration is not successful, we will automatically delete any and all data entered.

(2) If you register a forum account, we will store, in addition to your registration data, all information in the forum provided by you, such as public statements, contributions to the message board, friendships, private messages etc until your deregistration, so as to be able to operate the Forum. The legal basis is Article 6 Abs. 1 sentence 1 point f of the GDPR.

(3) If you delete your account, your public statements, in particular forum postings, will remain visible to all readers. Your account, however, can no longer be accessed. Any other data will be deleted.

§ 8 Newsletter

(1) With your consent, you can also be subscribed to our newsletter, in which we provide information about our current offers.

(2) We use the “double opt-in” procedure for subscriptions to our newsletter. This means that after you sign up, we send an email to the email address provided by you asking you to confirm that you wish to receive the newsletter. We also store the IP addresses from which you sign up and confirm, and the date of subscription and confirmation. The purpose hereof is to verify your subscription and to enable us to clarify any misuse of your personal data.

(3) The only obligatory information in order to receive the newsletter is your email address. After you have confirmed, we store your email address so that we can send you the newsletter. The legal basis for this is Article 6(1) sentence 1 (a) of the GDPR.

(4) You may withdraw your consent at any time and unsubscribe from the newsletter. You may declare your withdrawal by clicking on the link you find in every newsletter email, via this form on the website, via email to [info@easterngraphics.com] or by sending a notification to the contact date provided in the “Contact” section.

§ 9 Google Analytics

We use Google Analytics, a web analysis service provided by Google Inc. („Google“). Google uses cookies. The information generated by the cookie about the users’ use of the online services offered will generally be transmitted to and stored by Google on servers in the U.S.A.

Google will use this information on our behalf for the purpose of evaluating the users’ use of our online services offered, compiling reports on the activities within these online services offered and for providing to us further services in connection with the use of these online services offered and the internet usage. In this process, pseudonymized use profiles of the users may be generated on the basis of the processed data.

We use Google Analytics only with activated IP anonymization. This means that Google masks the IP address of the users within the Member States of the European Union or in other contracting parties to the Agreement of the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. Google will not associate the IP address transmitted by the users’ browsers with any other data held by Google.

The users may refuse the storage of cookies by selecting the appropriate settings on their browser software. Furthermore the users can prevent Google’s collection and processing of data generated by the cookie and that are related to their use of the online services offered as well as their processing by Google by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en-GB.

Further information on the use of data for marketing purposes by Google, settings and options to objection can be found on the following Google websites:

https://www.google.com/intl/en/policies/privacy/partners („How Google uses information from sites or apps that use Google’s services“), https://www.google.com/policies/technologies/ads („How Google uses data in advertising“), https://www.google.de/settings/ads („Managing information used by Google for displaying ads“) and https://www.google.com/ads/preferences („Control the ads you see“).

§ 10 Use of Matomo

(1) This website uses the web analysis service Matomo. Matomo serves to analyze and regularly improve the use of our website. The resulting statistics allow us to improve our services and make it more interesting for you as a user. The legal basis for the use of Matomo is Art. 6 Para. 1 S. 1 lit. f DS-GVO.

(2) For the evaluation process, cookies (more on cookies in $3 (2) and (3)) are stored on your computer. The information collected in this way is exclusively stored on a server run by the controller in Germany. You can avoid the evaluation by deleting existing cookies and preventing the storage of cookies. In case you prevent the storage of cookies, we would like to point out to you that you might not be able to use the website to its fullest. You avoid the storage of cookies by means of your browser settings.

(3) This website uses Matomo together with the ‘AnonymizeIP’ extension. It shortens IP addresses so that direct personal references are not possible when IP addresses are processed. The IP address that Matomo submits from your browser is not merged with other data collected by us.

(4) Matomo is open source. Information on data protection from the third party provider can be found at http://matomo.org/privacy/policy.

§ 11 pCon.login

(1) If you wish to use pCon.login, you must register by providing your title, name, e-mail address and a password. We use the so-called double opt-in procedure for registration, i.e. your registration is not completed until you have confirmed your registration by calling up a link contained in a confirmation e-mail sent to you. If you do not confirm your registration within 30 days, your registration will be automatically deleted. Depending on the functions and services to be used with pCon.login, further information may be required. In order to minimise the data to be collected, only those fields that are required for the functions and services you use are treated as mandatory fields. The mandatory fields are marked in the respective places. If you do not provide mandatory fields, you will not be able to use the corresponding functions and services, e.g. manufacturers will not be able to check your authorization to use OFML data and will reject your release request. All other information is voluntary.

(2) We will store your data required to provide the service until you permanently delete your access and the data is no longer required (e.g. for billing purposes). You can delete your access at any time and revoke your consent to data processing with effect for the future by calling up the function for deleting your user account in the user interface. You can view and correct your personal data at any time on the pCon.login website.

(3) If you use several employee user accounts within an organizational account at pCon.login, your user data will be shared within your organization as follows: Administrators in your organization have read and write access to the personal data of all employees. Standard users have read access to the names, email addresses and phone numbers of the administrators in your organization. All administrators have write access and all standard users have, at most, read access to the organization-related details (name, address, settings such as manufacturer catalogues). The purpose of this data sharing is to make it easier for you to use our services, in particular by requiring various administrative tasks to be performed only once for your organization instead of individually for each employee (e.g. requesting manufacturer catalogues). It is also intended to allow organizations to control the authorizations of their members, in particular, in the case of members leaving.

(4) If you use your pCon.login to log in to connected services (e.g. pCon.update, pCon.facts), the connected services have read access to all your personal data recorded in your user account. This also applies to third-party services. The purpose of this data sharing is to make it easier for you to use our services by requiring only one registration for all services and performing certain administrative tasks (e.g. obtaining manufacturer authorizations) only once. The third party service providers have been obligated by us to use your data in compliance with data protection provisions and for the intended purpose.

(5) If you use your pCon.login to subscribe or unsubscribe manufacturer catalogues or to suggest new manufacturers, details of your organization and the contact details of the initiating user are transmitted to the respective manufacturer. The manufacturer needs these details to check your authorization to use the OFML data and to contact you if they have any queries. The manufacturers have been obligated by us to use your data in compliance with data protection provisions and for the intended purpose.

(6) The information about your person, your organization, your manufacturer authorizations as well as information about the services you use connected to pCon.login (service name and date of use) are transmitted to the responsible EasternGraphics sales partner. The sales partners use this information to support you in case of technical problems, to assign you to user agreements (e.g. pCon.update user agreement) and to activate the corresponding functions and licences, to contact you in case of queries and for market analysis. The sales partners have been obligated by us to use your data in accordance with data protection provisions and for the intended purpose.

(7) We use your data stored at pCon.login for the following purposes:
- Checking eligibility for the pCon community
- Provision of pCon applications
- Provision of licences
- Sending information e-mails in case of new manufacturers and important changes at pCon.login
- Support in case of technical problems
- Monitoring and further development of the software systems
- Market analyses

If you have any queries in this regard, we can contact you via any of the specified contact channels.

(8) When you use pCon.login to register with connected services, we collect the following usage data: name of the service, user concerned and date. This data is used within the framework of paragraphs 6, 7.

(9) If you use pCon.login and make certain settings (e.g. language, definition of table columns, login status), these settings are stored either in your user account or in your browser in the form of cookies or HTML 5 web storage. This data is used exclusively by you and serves to make it easier for you to use our services.

(10) When using pCon.login, usage data is generated in the form of the standard logs of the server software, e.g. log files of the web server (including IP address, time stamp), log files of the e-mail software (including destination address, time stamp). This data is used for monitoring and troubleshooting the respective software.

(11) Your data stored at pCon.login will also be transmitted to third countries within the framework of paragraphs 3, 4, 5 and 6 if the data recipients concerned are based in third countries.

(12) To prevent unauthorised access to your personal data by third parties, all connections are encrypted using TLS technology.

(13) The legal bases for data processing at pCon.login and the affiliated services are: provision of software and product data within the framework of licence and usage agreements: Art. 6 1. sentence 1 (b) GDPR. Verification of authorizations Art. 6 1. sentence 1 (f) GDPR. Technical monitoring, troubleshooting and further development of the software systems Art. 6 1. sentence 1 (f) GDPR. All other processing: Art. 6 1. sentence 1 (a) GDPR.

§ 11a pCon.update

(1) A pCon.login is required to use pCon.update. pCon.update is a service connected to pCon.login for the purpose of §11 para. 4.

(2) When you download installation packages (e.g. manufacturer catalogues) with pCon.update, we collect the following usage data: organization, channel, data package, package version, date, time, error code. This information is used for billing, error analysis, monitoring and further development of the software system and market analysis. In the case of manufacturer catalogues, this information plus the contact details of the respective channel administrators is provided to the manufacturer concerned. The manufacturers receive this data in order to be able to check the correctness of the billing, to be able to check the current distribution status of their data and for support in the event of technical problems.

(3) If you use the installation status notification in pCon.update DataClient PRO or DataPool (in DataClient/DataPool under Settings/Autom. installation/Email notification), the following information is stored on our server: specified computer name, unique ID of the computer, notification e-mail address, the notification options, result of the last update as well as the next due date of the next update for your computer. This information is used to send the desired notification e-mails. Furthermore, the data is used for error analysis and for monitoring and further development of the software system.

(4) To prevent unauthorised access to your personal data by third parties, all connections are encrypted using TLS technology.

§ 11b Use of additional product information

(1) In some pCon applications, additional product information (e.g. inspiration images, product brochures, operating instructions) can be used. If you are not logged in when using this information, no personal data is collected other than the usual web server logs. If you are logged in when using it, the product information service is to be regarded as a service connected to pCon. for the purpose of §11 para. 4.

(2) If you use an application that provides the additional product information and you are logged in, we collect the following usage data: date, time, user ID, pCon application, manufacturer, article number, information category, query duration. This information is used for error analysis, for monitoring and further development of the software system and for market analysis.

(3) To prevent unauthorised access to your personal data by third parties, all connections are encrypted using TLS technology.

§ 12 Contact requests

You can contact us via the contact form or directly by sending us an email. During your first contact, we will store the data provided by you (your email address, and, as the case may be, your name and your telephone number) in order to answer your questions. We may pass on your request to our competent distribution partner who is obliged to keep your personal data secret and we who will then contact you directly.

We erase the data collected in this context after the storage is no longer required, or we restrict the processing if there are any statutory storage obligations.

§ 13 Embedding of Google Maps

(1) We use Google Maps on this website. This enables us to present interactive maps directly on the website and allows you to make convenient use of the map functions.

(2) When you visit the website, Google is notified that you have accessed the relevant page on our website. The data specified in section 3 of this statement will also be sent. This happens regardless of whether or not you have a Google account or are logged into such account. If you are logged into Google, your data will be directly linked with your account. If you do not want the data to be associated with your Google profile, you must log out before activating the button. Google stores your data as a user profile, which it uses for advertising and market research purposes and/or to tailor its website to the needs of users. In particular, this analysis is carried out (even for users who are not logged in) to serve relevant advertising and in order to inform other social network users of your activities on our website. You have the right to opt out of the creation of these user profiles, but to exercise this right you must refer to Google.

(3) For further information regarding the purpose and scope of the collection and processing of data by Google, please see Google’s privacy statement. Here you will also find further information about your rights in this regard and settings you can use to protect your privacy: https://policies.google.com/privacy?hl=en. Google processes your personal data in locations including the USA and adheres to the EU-US Privacy Shield Framework, https://www.privacyshield.gov/EU-US-Framework.

§ 14 Embedding of Google Fonts

We use the external fonts of Google Fonts. When you visit our website, the required fonts will be loaded on your browser cache so that the texts and fonts are displayed correctly on our website.

When you visit our website, the usual information, in particular your IP address and the referrer URL, is transmitted to a server of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043. For further information visit

https://developers.google.com/fonts/faq and Google’s data privacy statement at https://www.google.de/intl/en/policies/privacy

We will not pass on the personal data to any further third party without your written consent unless this is required by legal regulations.