Last Updated: Tuesday, 18 December 2018 13:46
As the data controller we have prepared this privacy notice to inform you in accordance with the requirements of the Regulation (EU) 2016/679 (General Data Protection Regulation- GDPR) about the nature, scope and purpose of the processing of personal data in relation to the services we offer on our web site.
„Personal data“ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
„Processing“ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
„Controller“ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
„Recipient“ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;
Global Standard gemeinnützige GmbH
Augustenstrasse 84 A
Telephone: 0711 / 4605025-40
Telefax: 0711 / 4605025-49
We process personal data based on at least one of the following legal basis:
We forward personal data to recipients (data processors or other third parties) only to the extent required and only if one of the subsequent conditions are met:
The transfer of personal data to a third country or an international organisation outside the European Union (EU) or the European Economic Area (EEA) is subject to legal or contractual permission only in accordance with the provisions under Art. 44 et seq. GDPR. It means that pursuant to Art. 45 GDPR an adequacy decision of the EU commission must be present for the respective country, appropriate safeguards for data privacy under Art. 46 GDPR, or Binding Corporate Rules under Art. 47 GDPR do exist.
As a data subject you have the following rights:
If you wish to assert the data subject rights mentioned above, you can contact us or our data protection officer at any time using the contact details above.
Unless otherwise provided for in this privacy notice, personal data will be deleted, if these data are no longer necessary in relation to the purposes for which they were collected or otherwise processed and the deletion does not conflict with statutory retention requirements. In addition, we will erase the personal data processed by us in accordance with Art. 17 GDPR on your request, if the conditions provided therein are met. If personal data are required for other lawful purposes, they will not be erased, but their processing will be restricted in accordance with Art. 18 GDPR.
In case of restriction, the data will not be processed for other purposes. This applies, for example, to personal data that must be retained by us for commercial or tax law reasons. For example, data must be kept for 6 years pursuant to Section 257 (1) Nos. 2 and 3 German Commercial Code (HGB) and Section 147 (1) Nos. 2, 3, 5 German Tax Code (AO); data must be kept for 10 years pursuant to Section 257 (1) Nos. 1 and 4 HGB and Section 147 Abs. 1 No. 1, 4, 4a AO.
We use session cookies to recognize that you have already visited individual pages of our website. These cookies also support certain features and functionalities on our website. Session cookies are deleted after you have left our website.
In order to optimize our website, to statistically evaluate the use of our website, and to enhance usability, we use temporary cookies that are stored on your device for a specific period of time. If you visit our site again to use our services, we will automatically recognize that you have visited us earlier, and what inputs and settings you made so that you do not need to enter them again. These cookies will be deleted or lose their validity after max. PERIOD.
The data processed by cookies are required for the purposes mentioned above in order to protect our legitimate interests which result thereof, as well as those of third parties according to Art. 6 para. 1 lit. f GDPR.
In order to make available our website, we use services provided by hosting companies, such as: Provision of web servers, disk space, database services, and security or maintenance services. Here we, or our hosting providers, process personal data of the website visitors on the basis of our legitimate interests in providing efficient and secure access to our website in accordance with Art. 6 para. 1 lit. f GDPR.
By visiting our website or its individual pages, your device’s internet browsers automatically sends information to the server of our website. This information is stored in so-called log files by us or our hosting provider and will be deleted after 6 months at the latest.
The following information is stored:
This data will be used for the following purposes:
The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes mentioned above. Under no circumstance will we use the personal data collected for the purpose of drawing conclusions about a person.
If you use the contact form, you will be asked to provide your name and your e-mail address and any other contact details, so that we can get in personal contact with you. Further information can be provided voluntarily. The data processing for the purpose of contacting us and answering your request takes place in accordance with Art. 6 para. 1 lit. a GDPR on the basis of your voluntary consent. All personal data collected in connection with the contact form will be deleted after your request has been processed, unless further storage is required for the documentation of other transactions (for example, subsequent conclusion of a contract).
If you contact us using the contact information published on our website (for example, by e-mail) and herewith provide us with personal data, we will use this information solely for the purpose of processing your request and then delete it afterwards.
If you would like to receive our newsletter, we need your e-mail address. The data processing for the purpose of sending the newsletter takes place in accordance with Art. 6 para. 1 lit. a GDPR on the basis of your voluntary consent by means of the so-called double-opt-in procedure. The e-mail address will be used and stored for this purpose until you withdraw your consent or unsubscribe from receiving the newsletter. You can unsubscribe at any time, for example by using the link at the bottom of each newsletter. You can also send your withdrawal/unsubscribe request at any time to the e-mail address given under Clause II.
5. GOTS Monitor
6. GOTS Database
We will store your first name, last name, telephone number and e-mail address in the GOTS database for the purpose of publishing this information as commercial contact details representing a certified company on this website. The legal basis for processing is your voluntary consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR. Your personal data will be deleted after the company profile has been removed from the database or you withdraw your consent for publishing the information.
Our website uses Piwik, a so-called website analysis service. Piwik collects data about user visits to our website. These data are used to ensure that our website is well designed and continuously optimised to meet the needs of our website visitors, to measure the success of marketing activities, and to create statistical evaluations. The legal basis is our legitimate interests under Art. 6 para. 1 lit. f GDPR. The information will not be disclosed to third parties and under no circumstance will the IP address be associated with other user data. IP addresses are anonymized, so that any assignment is impossible.
If you do not want Piwik to process visitor data from you, you can prevent this by setting an opt-out cookie from Piwik. This cookie will prevent Piwik from collecting and storing any future visitor data from your browser when you visit this website:
Attention: If you delete your cookies, this will also result in the opt-out cookie being deleted. You must then reactivate the Piwik opt-out cookie.
In the context of our website services we partially use third party content, which is loaded directly from servers of the content providers, as named below. The purpose of integrating this content is to make our website more attractive. The purpose of making our website more attractive is also our legitimate interest in using such external content. The legal basis is for the use of such plugins are our legitimate interests under Art. 6 para. 1 lit f GDPR.
This website uses external fonts provided by Bootstrap, so-called “fonts”. Provider is StackPath, LLC, 2021 McKinney Avenue, Suite 1100 Dallas, Texas 75201, USA (hereinafter “StackPath”). In order to do this, your browser loads the required fonts into the browser cache when you access our web page. If your browser does not support this function, your computer will use a standard font instead to display the website. This service collects your IP address, which of our web pages you have visited and, if necessary, other data required for the provision of the fonts. The information collected about your use of this website is stored on a server in the USA. StackPath has entered the EU/U.S. Privacy Shield and therefore complies with the requirements of the European Union to legitimize the transfer of personal data to the United States. You will find Information about the guarantees provided by the EU/U.S. Privacy Shield on: https://www.privacyshield.gov/participant?id=a2zt0000000CbahAAC&status=Active.