Many thanks for your interest in our Internet presence. We attach great importance to the protection of your personal data. As a matter of course, we observe the statutory provisions of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act, the German Telemedia Act and other data protection laws. Therefore, we would like to inform you below about data protection at CBR.
The “controller” in relation to the collection and processing of data set out below is CBR Service GmbH, Imkerstraße 4, D-30916 Isernhagen (additional information is available at: www.cbr.de/en/imprint/).
1. Subject matter of data protection
The subject matter of data protection is personal data. “Personal data” include inventory data such as your name, postal address, email address and phone number, as well as your account details, but also user data such as information regarding your visit to our websites, the browser used by you, and other data generated at your visit to our websites. In addition, they also include other personal details and inquiries.
2. Scope of the collection, storage and use of data
We collect, store and use your personal data only for the purpose of processing your inquiries, for the service requested by you, on the basis of statutory permissions, as well as within the scope of a consent (if any) given by you separately.
If we require your consent, this will be highlighted below. You can at any time revoke any consent given with effect for the future. The resultant consequences are set out below in the respective declaration of consent.
2.1 Collection, storage and use of data during visits to the websites
The mere visit to our websites does not require that you provide us with personal data. We will only store and use access data without a personal reference (browser type and version used, as well as the operating system, a shortened IP address and the date and time of the visit). Those data will be analysed to improve our offer and for reasons of IT security and do not include any personally identifiable information.
2.2 Collection, storage and use of data in the case of general inquiries and requests for information material
If you request information material or submit individual inquiries regarding our enterprise. we will only collect, store and use your personal data required therefor to the extent that this is necessary to process the inquiry, on the basis of a statutory permission, or on the basis of your express consent to a further use of your data. In order to reply to general inquiries, we will require your name and email address. You can, but are not obliged to, provide additional details. The legal basis for the processing is Article 6(1)(b) GDPR. Your data will only be processed in order to answer your inquiry and will be deleted, unless there exist statutory retention periods (for example, under commercial law and tax law), or if the data are necessary to perform a contract between you and us, or if a legitimate interest in the processing no longer exists.
2.3 Collection, storage and use of data in the case of a registration in the press portal
In the press portal of our website, we offer you to register for the transmission of press materials. If you register, we will store and use the data required therefor on the basis of Article 6(1)(a) GDPR.
When registering in our press portal, you will give the following consent: “Yes, I would like to regularly receive current image materials and product information in relation to the brands, CECIl and Street One. I may at any time revoke this consent with effect for the future.” and/or “Yes, I would like to receive press information of CBR Fashion Group. I may at any time revoke this consent with effect for the future.“
You may revoke the consent at any time, without this affecting the lawfulness of the data processing activities made before. If the consent is revoked, we will stop the related data processing, and you will no longer receive any press information. You can send the revocation, for example, by email to email@example.com or through the link for an unsubscription which you will find in each email which includes press information.
2.4 Collection, storage and use of data in the case of a registration in the applicant portal
We offer you the option to apply for a job with us and the affiliated enterprises of CBR Fashion Holding GmbH through our applicant portal.
This data privacy statement and the specific data privacy statement regarding the applicant portal, which you can find in the applicant portal, apply to the applicant portal.
We use the following cookies:
PHPSESSID //: serves the identification of the browser during the current session
resolution //: contains the screen size and serves the purpose of various displays according to the size
Therefore, the cookies used by us serve the purpose of safeguarding our legitimate interest in the best possible functionality of the website in accordance with Article 6(1)(f) GDPR.
4. Data security
You can trust us in relation to your personal data. We protect our website and your data against damage, destruction, alteration or an access by unauthorised persons by technical and organisational measures. Despite constant monitoring, full protection against any and all dangers is, however, not possible. We also attach great importance to our own data protection internally. We have obliged our employees and the service providers instructed by us to maintain secrecy and to comply with data protection law.
5. Disclosure of personal data
Your personal data will only be disclosed to third parties on the basis of your express consent or if this is necessary to process your inquiries such as, for example, in the event of the disclosure of the personal data to our service providers which is necessary from time to time. Our service providers are strictly subject to our instructions and have been contractually obliged in that respect. We use the following service providers: hosting services providers and IT services providers. Those enterprises may only use your data to process the job, and for no other purpose. Any disclosure to governmental bodies and public authorities entitled to receive information will only be made within the scope of the statutory duties to provide information.
6. Your rights as a user
In the processing of your personal data, the GDPR grants you certain rights as a website user:
Right to information (Article 15 GDPR)
You have the right to request a confirmation as to whether personal data relating to you are processed; if this is the case, you have a right to be provided with information regarding those personal data and the information specified in detail in Article 15 GDPR.
Right to rectification and deletion (Articles 16 and 17 GDPR)
You have the right to request the rectification, without undue delay, of inaccurate personal data relating to you and, if applicable, the completion of any incomplete personal data.
You also have the right to request the deletion, without undue delay, of personal data relating to you if any of the reasons specified in detail in Article 17 GDPR applies such as, for example, if the data are no longer necessary for the pursued purposes.
Right to restricted processing (Article 18 GDPR)
You have the right to request restricted processing if any of the requirements specified in Article 18 GDPR are met such as, for example, if you object to the processing, for the duration of a review (if any).
Right to data portability (Article 20 GDPR)
In specific cases, which are specified in Article 20 GDPR, you have the right to request the transmission of the personal data relating to you in a structured, commonly used and machine-readable format, or the transmission of those data to a third party.
Right to object (Article 21 GDPR)
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is made on the basis of Article 6(1)(f) GDPR. We will then will no longer process the personal data, unless we are able to demonstrate compelling legitimate grounds which override your interests, rights and freedoms, or the processing serves the establishment, exercise of defence of legal claims.
Right to lodge a compliant with a supervisory authority
Pursuant to Article 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of the data relating to you infringes data protection law. The right to lodge a complaint may be exercised, in particular, with a supervisory authority in the Member State of your habitual residence or place of work, or the place of the alleged infringement.
7. Contact details of the data protection officer
You have the right to contact our data protection officer, who is obliged to maintain secrecy in relation to your inquiry, at any time. The contact details of our data protection officer are as follows:
Dr. Uwe Schläger
Datenschutz nord GmbH
Phone: +49 421 696632-0
CBR Service GmbH
As of July 2021