Data protection
Data privacy policy
COGNOS International GmbH
Privacy Policy
Which personal data do we store, when, where and how? Here are the answers: An overview of the Hochschule Fresenius data protection policy.
We are very pleased that you have visited our website and are interested in what we are offering. The protection of your personal data is of particular importance to our management. As a matter of principle, it is possible to visit our websites without providing your personal data. However, it may be necessary to process your personal data if you make use of a special service via the website. In this case, we always obtain your consent.
We always process your personal data confidentially and in accordance with the legal regulations, in particular the General Data Protection Regulation, as well as the applicable national data protection regulations and this privacy policy.
We want you to feel confident at all times when visiting our websites, which is why we assure you that we have taken technical and organizational measures to ensure the highest possible protection of your rights and are constantly working to ensure that the legal regulations are observed by both our employees and external service providers. Nevertheless, web-based services can always have security gaps, so absolute protection cannot be guaranteed. You are also welcome to provide us with your personal data using other communication channels (for example: by mail, telephone or fax).
1. Name and address of the Data Controller lefax
The responsible party for data processing on this website is:
COGNOS International GmbH
Kronengasse 21
50667 cologne Germany
Phone: 0221 921512 801
E-Mail: info@cognos-international.de
The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g., names, e-mail addresses, etc.).
2. Name and address of the data protection officer
We have appointed a data protection officer for our company.
Carl Remigius Fresenius Education AG
administrative center
Im Media Park 4e
50670 cologne Germany
Phone: +49 221 921512-782
E-Mail: datenschutz@crf-education.com
3. Rights of the data subjects
a) Information about, rectification and eradication of data
Within the scope of the applicable statutory provisions, you have the right to at any time demand information about your archived personal data, their source and recipients as well as the purpose of the processing of your data. You may also have a right to have your data rectified or eradicated. If you have questions about this subject matter or any other questions about personal data, please do not hesitate to contact us at any time.
b) Right to data portability
You have the right to demand that we hand over any data we automatically process based on your consent or in order to fulfil a contract be handed over to you or a third party in a commonly used, machine readable format. If you should demand the direct transfer of the data to another controller, this will be done only if it is technically feasible.
c) Right to demand processing restrictions
You have the right to demand the imposition of restrictions as far as the processing of your personal data is concerned. To do so, you may contact us at any time. The right to demand restriction of processing applies in the following cases:
In the event that you should dispute the correctness of your data archived by us, we will usually need some time to verify this claim. During the time that this investigation is ongoing, you have the right to demand that we restrict the processing of your personal data.
If the processing of your personal data was/is conducted in an unlawful manner, you have the option to demand the restriction of the processing of your data in lieu of demanding the eradication of this data. If we do not need your personal data any longer and you need it to exercise, defend or claim legal entitlements, you have the right to demand the restriction of the processing of your personal data instead of its eradication.
If you have raised an objection pursuant to Art. 21 Sect. 1 GDPR, your rights and our rights will have to be weighed against each other. As long as it has not been determined whose interests prevail, you have the right to demand a restriction of the processing of your personal data.
If you have restricted the processing of your personal data, these data – with the exception of their archiving – may be processed only subject to your consent or to claim, exercise or defend legal entitlements or to protect the rights of other natural persons or legal entities or for important public interest reasons cited by the European Union or a member state of the EU.
d) Revocation of your consent to the processing of data
A wide range of data processing transactions are possible only subject to your express consent. You can also revoke at any time any consent you have already given us. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your revocation.
e) Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)
In the event that data are processed on the basis of Art. 6 sect. 1 lit. e or f GDPR, you have the right to at any time object to the processing of your personal data based on grounds arising from your unique situation. This also applies to any profiling based on these provisions. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21 SECT. 1 GDPR).
IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21 SECT. 2 GDPR).
f) Right to log a complaint with the competent supervisory agency
In the event of violations of the GDPR, data subjects are entitled to log a complaint with a supervisory agency, in particular in the member state where they usually maintain their domicile, place of work or at the place where the alleged violation occurred. The right to log a complaint is in effect regardless of any other administrative or court proceedings available as legal recourses.
4. Legal basis of the processing
For most of the processing activities, we collect consent to them from you. Then Art. 6 I lit. a and Art. 7 GDPR are the basis for processing activities. Some of the processing may also be necessary for the performance of the contract or for the initiation of the contractual relationship; this applies in particular to the delivery of the information requested by you and the application for a training position. In this case, the legal basis for the processing is Art. 6 I lit. b GDPR. If the processing of data is necessary due to legal obligations, for example in the case of tax information requests, the processing is based on Art. 6 I lit. c GDPR. Under certain circumstances, data processing may also be necessary to protect the vital interests of the data subject or other natural persons, in which case the legal basis would be Art. 6 I lit. d GDPR. If none of these permissible circumstances is fulfilled, the processing can also be based on Art. 6 I lit. f GDPR. This may come into consideration if the processing is necessary to protect a legitimate interest of our company or of third parties and provided that the interests, fundamental rights and freedoms of us as the controller are not overridden. A legitimate interest is, for example, the performance of our company’s business activities to protect the interests of our employees and shareholders.
5. Information on data transfer to Third Countries
On our website, tools from companies based in third countries, are integrated. When these tools are active, your personal data may be transferred to the servers of the applicable companies. In this case we have signed additional contracts to be compliant to the European data protection legislation.
6. Collaboration with processors and third parties
We collect, process, and use personal data only to the extent necessary for the establishment, content organization or change of the legal relationship (data inventory). These actions are taken on the basis of Art. 6 Sect. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual actions. We collect, process and use personal data concerning the use of this website (usage data) only to the extent that this is necessary to make it possible for users to utilize the services and to bill for them.
The collected customer data shall be eradicated upon completion of the order or the termination of the business relationship. This shall be without prejudice to any statutory retention mandates.
7. Data transfer upon closing of contracts for services and digital content
We share personal data with third parties only if this is necessary in conjunction with the handling of the contract; for instance, with the financial institution tasked with the processing of payments.
Any further transfer of data shall not occur or shall only occur if you have expressly consented to the transfer. Any sharing of your data with third parties in the absence of your express consent, for instance for advertising purposes, shall not occur.
The basis for the processing of data is Art. 6 Sect. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or for pre-contractual actions.
8. SSL and/or TLS encryption
For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption program. You can recognize an encrypted connection by checking whether the address line of the browser switches from “http://” to “https://” and also by the appearance of the lock icon in the browser line.
If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.
9. Cookies
Our websites and pages use what the industry refers to as “cookies.” Cookies are small text files that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain archived on your device until you actively delete them, or they are automatically eradicated by your web browser.
In some cases, it is possible that third-party cookies are stored on your device once you enter our site (thirdparty cookies). These cookies enable you or us to take advantage of certain services offered by the third party (e.g., cookies for the processing of payment services).
Cookies have a variety of functions. Many cookies are technically essential since certain website functions would not work in the absence of the cookies (e.g., the shopping cart function or the display of videos). The purpose of other cookies may be the analysis of user patterns or the display of promotional messages.
Cookies, which are required for the performance of electronic communication transactions (required cookies) or for the provision of certain functions you want to use (functional cookies, e.g., for the shopping cart function) or those that are necessary for the optimization of the website (e.g., cookies that provide measurable insights into the web audience), shall be stored on the basis of Art. 6 Sect. 1 lit. f GDPR, unless a different legal basis is cited. The operator of the website has a legitimate interest in the storage of cookies to ensure the technically error free and optimized provision of the operator’s services. If your consent to the storage of the cookies has been requested, the respective cookies are stored exclusively on the basis of the consent obtained (Art. 6 Sect. 1 lit. a GDPR); this consent may be revoked at any time.
You have the option to set up your browser in such a manner that you will be notified any time cookies are placed and to permit the acceptance of cookies only in specific cases. You may also exclude the acceptance of cookies in certain cases or in general or activate the delete function for the automatic eradication of cookies when the browser closes. If cookies are deactivated, the functions of this website may be limited.
In the event that third-party cookies are used or if cookies are used for analytical purposes, we will separately notify you in conjunction with this Data Protection Policy and, if applicable, ask for your consent.
10. cookie consent banner with devowl.io
Our website uses the cookie consent technology of “Real Cookie Banner” to obtain your consent to store certain cookies and similar technologies (tracking pixels, web beacons, etc.) in your browser and to document this in a privacy-compliant manner. The provider of this technology is devowl.io GmbH, Tannet 12, 94539 Grafling, Germany (hereinafter devowl.io).
When you enter the website, the following personal data is transferred to Real Cookie Banner:
(1) Your consent(s) or the revocation of your consent(s)
(2) Information about your browser
(3) Information about your device
(4) Time of your visit to the website
Furthermore, Real Cookie Banner stores a cookie in your browser in order to be able to allocate the given consent or its revocation to you. The data collected in this way is stored until you request us to delete it, the Real Cookie Banner cookie deletes it itself, or the purpose for storing the data no longer applies. Mandatory statutory retention requirements remain unaffected.
Details on how “Real Cookie Banner” works can be found at https://devowl.io/de/rcb/datenverarbeitung/.
The use of devowl.io takes place in order to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c DSGVO.
11. Server log files
The provider of this website and its pages automatically collects and stores information in so-called server log files, which your browser communicates to us automatically. The information comprises:
- The type and version of browser used
- The used operating system
- Referrer URL
- The hostname of the accessing computer
- The time of the server inquiry The IP address
This data is not merged with other data sources.
This data is recorded on the basis of Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in the technically error free depiction and the optimization of the operator’s website. In order to achieve this, server log files must be recorded.
12. Collection of inventory data
When using some areas of our website, we ask you as a user to collect some data that can be clearly assigned to your person. This is done for example when you order information.
In doing so, we only collect the inventory data necessary for the respective purpose, such as:
– Name,
– telephone number,
– e-mail address
Which information is specifically required can be seen from the respective input mask.
13. Hosting
This website is hosted by an external service provider (host). Personal data collected on this website are stored on the servers of the host. These may include, but are not limited to, IP addresses, contact requests, metadata and communications, contract information, contact information, names, web page access, and other data generated through a web site.
The host is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of secure, fast, and efficient provision of our online services by a professional provider (Art. 6 para. 1 lit. f GDPR).
Our host will only process your data to the extent necessary to fulfil its performance obligations and to follow our instructions with respect to such data.
We are using the following host:
IONOS SE
Elgendorfer Str. 57
56410 Montabaur
Execution of a contract data processing agreement In order to guarantee processing in compliance with data protection regulations, we have concluded an order processing contract with our host.
14. Analysis, Brand and Opinion Research
We analyze our database of business transactions, contracts, inquiries in order to be able to recognize market trends, customer and user preferences and to design our operation economically. In doing so, we process inventory, contact, usage, contract, meta and communication data of interested parties, applicants, students and visitors to our website on the basis of our legitimate interest in maintaining and optimizing our business operations pursuant to Art. 6 (1) lit. f GDPR. Such analyses are carried out for the purpose of business evaluations, marketing and sales, as well as market research. These analyses serve to optimize our offer, to increase user-friendliness and to optimize our business operations. The analyses and profiles are carried out anonymously wherever possible and are not disclosed to third parties.
15. Contact options via internet, e-mail, telephone, fax,
a) Contact form
If you submit inquiries to us via our contact form, the information provided in the contact form as well as any contact information provided therein will be stored by us in order to handle your inquiry and in the event that we have further questions. We will not share this information without your consent.
The processing of these data is based on Art. 6 para. 1 lit. b GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your agreement (Art. 6 Para. 1 lit. a GDPR) if this has been requested.
The information you have entered into the contact form shall remain with us until you ask us to eradicate the data, revoke your consent to the archiving of data or if the purpose for which the information is being archived no longer exists (e.g., after we have concluded our response to your inquiry). This shall be without prejudice to any mandatory legal provisions – in particular retention periods.
b) Request by e-mail, telephone, or fax
If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.
These data are processed on the basis of Art. 6 Sect. 1 lit. b GDPR if your inquiry is related to the fulfillment of a contract or is required for the performance of pre-contractual measures. In all other cases, the data are processed on the basis of our legitimate interest in the effective handling of inquiries submitted to us (Art. 6 Sect. 1 lit. f GDPR) or on the basis of your consent (Art. 6 Sect. 1 lit. a GDPR) if it has been obtained.
The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.
16. Storage duration
Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for which it was collected no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, the deletion will take place after these reasons cease to apply.
17. Google Web Fonts (local use)
On our website we use Google Fonts from Google Inc. The company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for the European area. We have integrated the Google fonts locally, i.e. on our web server – not on the Google servers. As a result, there is no connection to Google servers and therefore no data transmission or storage. This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display text and fonts correctly.
Google Fonts service provider: Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA Registered office in the EU: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland Website: https://fonts.google.com/ Privacy Policy: https://policies.google.com/privacy
18. OpenStreetMaps
We use the open source map service “OpenStreetMaps” (also called “OSM”) from the company OpenStreetMap Foundation, 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom to display geo-data. OSM serves to offer an interactive map on our website that shows you where we have our projects worldwide.
This service enables us to present our website in an appealing way by loading map material from an external server. The following data is transmitted to the OSM servers during display: Our website that you visited and the IP address of your end device. The legal basis for the processing of your data in relation to the “OSM” service is Article 6 Paragraph 1 Sentence 1 Letter f) GDPR (legitimate interest in data processing).
The legitimate interest results from our need for an appealing presentation of our projects. More information on handling user data can be found in OSM’s data protection declaration: https://wiki.osmfoundation.org/wiki/Privacy_Policy
19. LinkedIn Insight Tag
This website uses the Insight tag from LinkedIn. This service is provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
Data processing by LinkedIn Insight tag
We use the LinkedIn Insight tag to obtain information about visitors to our website. Once a website visitor is registered with LinkedIn, we can analyze the key occupational data (e.g., career level, company size, country, location, industry, job title) of our website visitors to help us better target our site to the relevant audience. We can also use LinkedIn Insight tags to measure whether visitors to our websites make a purchase or perform other actions (conversion measurement). Conversion measurement can also be carried out across devices (e.g. from PC to tablet). LinkedIn Insight Tag also features a retargeting function that allows us to display targeted advertising to visitors to our website outside of the website. According to LinkedIn, no identification of the advertising addressee takes place.
LinkedIn itself also collects log files (URL, referrer URL, IP address, device and browser characteristics and time of access). The IP addresses are shortened or (if they are used to reach LinkedIn members across devices) hashed (pseudonymized). The direct identifiers of LinkedIn members are deleted by LinkedIn after seven days. The remaining pseudonymized data will then be deleted within 180 days.
The data collected by LinkedIn cannot be assigned by us as a website operator to specific individuals. LinkedIn will store the personal data collected from website visitors on its servers in the USA and use it for its own promotional activities. For details, please see LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy#choices-oblig.
Legal basis
The use of LinkedIn Insight is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in effective advertising measures, including social media. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR; the consent can be revoked at any time.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here:
https://www.linkedin.com/legal/l/dpa und https://www.linkedin.com/legal/l/eu-sccs.
Objection to the use of LinkedIn Insight Tag
You can object to LinkedIn’s analysis of user behavior and targeted advertising at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
In addition, LinkedIn members can control the use of their personal information for promotional purposes in the account settings. To prevent LinkedIn from linking information collected on our site to your LinkedIn account, you must log out of your LinkedIn account before you visit our site.
Execution of a contract data processing agreement
We have entered into a contract data processing agreement with LinkedIn
20. Plugins and Tools
a) Vimeo
This website uses plug-ins of the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
If you visit one of the pages on our website into which a Vimeo video has been integrated, a connection to Vimeo’s servers will be established. As a consequence, the Vimeo server will receive information as to which of our pages you have visited. Moreover, Vimeo will receive your IP address. This will also happen if you are not logged into Vimeo or do not have an account with Vimeo. The information recorded by Vimeo will be transmitted to Vimeo’s server in the United States.
If you are logged into your Vimeo account, you enable Vimeo to directly allocate your browsing patterns to your personal profile. You can prevent this by logging out of your Vimeo account.
Vimeo uses cookies or comparable recognition technologies (e.g. device fingerprinting) to recognize website visitors.
The use of Vimeo is based on our interest in presenting our online content in an appealing manner. Pursuant to Art. 6 Sect. 1 lit. f GDPR, this is a legitimate interest. If a corresponding agreement has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the agreement can be revoked at any time.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission and, according to Vimeo, on “legitimate business interests”. Details can be found here: https://vimeo.com/privacy.
For more information on how Vimeo handles user data, please consult the Vimeo Data Privacy Policy under: https://vimeo.com/privacy.
21. Social Media
To be able to communicate with active customers, prospects and users and to keep them up to date with news and services in a modern way, we maintain social media presences. We have linked to these on our website. Here, visitors’ data may also be processed in countries outside the European Union. Different data protection standards apply in these countries. We would therefore like to inform you that this may give raise for risks; for example, data processing is subject to other regulations with regard to transparency or law enforcement. User data may also be used for market research and advertising purposes. Usage profiles can also be created from the collected data, in particular from the behavior during the use of certain offers and the interests determined in the process. These may also be used to place advertisements within social media, but also on other channels. Often, this information is collected with the assistance of cookies on the end devices of the users and evaluated according to certain criteria. The data stored in the social networks on the individual profiles can also be linked to the data stored with the help of the cookies. The providers that have certification to comply with European data protection standards.
The maintenance of social media websites and the resulting processing of personal data takes place on the basis of our legitimate interests in effective and timely information and communication of users and interested parties pursuant to Art. 6 para. 1 lit. f. GDPR takes place. If consent to data processing is obtained, the processing is based on Art. 6 para. 1 lit. a, Art. 7 GDPR. We would like to ask you to pay attention to the individual details of the providers regarding the details of the individual processing and objection options. For the assertion of user rights and requests for information, we would like to inform you that these are most effectively submitted to the providers. Only they have the necessary database and the technical-organizational options for the measures required for this purpose. We will be happy to assist you in any way we can.
- Facebook, -pages, -groups (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland), on the basis of an agreement on joint processing of personal data – Privacy Policy: https://www.facebook.com/about/privacy/,
Opt-Out: https://www.facebook.com/settings?tab=ads und http://www.youronlinechoices.com - Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA), Privacy Policy and
Opt-Out: http://instagram.com/about/legal/privacy/. - X (formerly Twitter) (Twitter International Unlimited Company, One Cumberland Place, Fenian Street Dublin 2, D02 AX07, Irland), Privacy policy: https://twitter.com/de/privacy,
Opt-Out: https://twitter.com/personalization,. - LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Irland) – Privacy policy: https://www.linkedin.com/legal/privacy-policy ,
Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Status: 09.2023