ALBERTI CI Logo

Data Privacy Policy

Introduction – Data Privacy Policy

The use of the webpages of Carsten Alberti e.K. is possible without providing personal data.

However, if a data subject wants to use special company services via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the person concerned.

The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the applicable country-specific data protection regulations of Carsten Alberti e.K. .

By means of this data protection declaration our company would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed of their rights by means of this data protection declaration. Carsten Alberti e.K. has implemented numerous technical and organizational measures to ensure the most complete protection possible for the personal data processed via this website. Nevertheless, internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every person concerned is free to transmit personal data to us in alternative ways, for example by telephone.

1. Definitions
The data protection declaration of Carsten Alberti e.K. is based on the terms used by the European legislator for the adoption of the Data Protection Regulation (DSGVO). Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.

In this data protection declaration, we use the following terms, among others:

a) Personal data
Personal data is any information relating to an identified or identifiable natural person (hereinafter „data subject“). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) Data subject
Data subject means any identified or identifiable natural person whose personal data are processed by the data controller.

c) Processing
Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

e) Profiling
Profiling is any type of automated processing of personal data that consists in using such personal data to evaluate certain personal aspects relating to a natural person, in particular aspects concerning work performance, economic situation, health, personal analysis or prediction of preferences, interests, reliability, behavior, location or change of location of such natural person.

f) Pseudonymization
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

g) Person responsible or data controller
The controller or data processor is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for by Union or Member State law.

h) Processor
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

i) Recipient
Recipient means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigation mandate under Union or Member State law shall not be considered as recipients.

j) Third Party
Third party means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.

k) Consent
Consent is any expression of will that the data subject makes for the specific case voluntarily, in full knowledge of the facts and unambiguously in the form of a statement or otherwise.

 

 

Cookie and Tracker Policy

Our website uses cookies and similar tracking technologies to provide essential functionalities, enhance user experience, analyze performance, and deliver personalized content. This policy details the Data Processing Services we use, the data they collect, and how you can manage your preferences in compliance with the General Data Protection Regulation (GDPR).

1. What Are Cookies and Trackers?

Cookies are small text files stored on your device when you visit our website. Trackers, such as pixels, scripts, or fonts, may collect personal data, including IP addresses, browsing behavior, or device information, depending on the service and your consent.

 

2. Cookie and Tracker Management

We use Usercentrics CMP to manage cookies and trackers. Upon visiting our website, you can provide or withdraw consent for non-essential cookies via the cookie consent banner. You can update your preferences at any time by clicking the „Manage Consent“ link in the website footer.

 

3. Data Processing Services We Use

The following services are active on our website, as identified by the Usercentrics Cookiebot scan. Each service is categorized by its purpose and data collection practices.

 

Necessary Cookies and Services

These are essential for the website’s operation and cannot be disabled. They ensure basic functionality, security, and accessibility.

 

Usercentrics CMP:

Purpose: Manages user consent for cookies and trackers, ensuring GDPR-compliant data processing.

Data Collected: Consent preferences, IP address (for logging consent), device information.

Retention Period: 3 years for consent logs (as per Usercentrics default settings).

Provider: Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich, Germany.

Data Transfer: Data processed within the EU/EEA.

 

Google reCAPTCHA:

Purpose: Protects the website from bots and spam by verifying user interactions (e.g., form submissions).

Data Collected: IP address, mouse movements, browser data, device information.

Retention Period: Up to 6 months (as per Google’s privacy policy).

Provider: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Data Transfer: Data may be transferred to the USA under the EU-US Data Privacy Framework.

Consent: Considered necessary for security purposes; no prior consent required.

 

gstatic.com:

Purpose: Delivers static content (e.g., images, scripts, fonts) to improve website performance.

Data Collected: IP address, browser type, request metadata.

Retention Period: Session-based or short-term (as per Google’s caching policies).

Provider: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Data Transfer: Data may be transferred to the USA under the EU-US Data Privacy Framework.

Consent: Considered necessary for website functionality; no prior consent required.

Preferences Cookies and Services

These enhance usability by remembering user preferences.

 

Google Fonts:

Purpose: Loads custom fonts to ensure consistent website design and readability.

Data Collected: IP address, browser information (for font delivery).

Retention Period: Short-term (typically cached locally; Google logs may retain IP data briefly).

Provider: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Data Transfer: Data may be transferred to the USA under the EU-US Data Privacy Framework.

Consent: Requires prior consent for external font loading, managed via Usercentrics CMP.

Statistics Cookies and Services

These collect anonymized data to analyze website usage.

 

Google Tag Manager:

Purpose: Manages and deploys tracking scripts (e.g., for analytics or marketing) to streamline website operations.

Data Collected: IP address, browser data, event triggers (depends on configured tags).

Retention Period: No direct data storage; retention depends on linked services (e.g., Google Analytics).

Provider: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Data Transfer: Data may be transferred to the USA under the EU-US Data Privacy Framework.

Consent: Requires prior consent for non-essential tags, managed via Usercentrics CMP.

 

Marketing Cookies and Services

These enable personalized advertising and marketing campaigns.

DoubleClick Ad (Google Marketing Platform):

Purpose: Delivers targeted advertisements based on user behavior and interests.

Data Collected: IP address, browsing history, ad interactions, device information, cookie IDs.

Retention Period: Up to 18 months (as per Google’s advertising policies).

Provider: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Data Transfer: Data may be transferred to the USA under the EU-US Data Privacy Framework.

Consent: Requires prior consent, managed via Usercentrics CMP.

 

HubSpot:

Purpose: Tracks user interactions for marketing, lead generation, and customer relationship management.

Data Collected: IP address, browsing behavior, form submissions, email address (if provided), device information.

Retention Period: Up to 13 months for tracking cookies; form data retained per HubSpot’s privacy policy.

Provider: HubSpot, Inc., 25 First Street, Cambridge, MA 02141, USA.

Data Transfer: Data may be transferred to the USA under the EU-US Data Privacy Framework.

Consent: Requires prior consent, managed via Usercentrics CMP.

 

4. Legal Basis for Processing

We process personal data via these services based on:

Consent (GDPR Art. 6(1)(a)): For non-essential services (Preferences, Statistics, Marketing), we obtain explicit consent via the Usercentrics CMP.

Legitimate Interests (GDPR Art. 6(1)(f)): For necessary services (e.g., Usercentrics CMP, reCAPTCHA, gstatic.com), we rely on our legitimate interest to ensure functionality, security, and performance.

 

5. Your Rights Under GDPR

As a visitor, you have the following rights regarding your personal data:

Right to Access: Request details about the data we collect.

Right to Rectification: Correct inaccurate data.

Right to Erasure: Request deletion of your data, where applicable.

Right to Restrict Processing: Limit how your data is processed.

Right to Object: Object to processing based on legitimate interests.

Right to Data Portability: Receive your data in a structured format.

Right to Withdraw Consent: Revoke consent for non-essential services at any time via the „Manage Consent“ link.

Right to Lodge a Complaint: Contact a supervisory authority (e.g., your local Data Protection Authority).

To exercise these rights, contact our Data Protection Officer (DPO) at the details below.

 

6. Contact Information

For queries about this policy or to exercise your GDPR rights, please contact:

 

Data Controller: Carsten Alberti e.K.
Address: D-18209 Steffenshagen, Dorfstrasse 1

Email: privacy@albertigroup.com
Phone: +49 38203 747120

Data Protection Officer: XXX
DPO Email: dpo@albertigroup.com

 

7. How to Manage Cookies

You can manage cookies through:

Usercentrics CMP: Adjust preferences via the „Manage Consent“ link in the website footer.

Browser Settings: Block or delete cookies in your browser (note: blocking necessary cookies may impair functionality).

 

Do Not Track: Our website respects „Do Not Track“ signals, if enabled in your browser.

Do Not Sell or Share My Personal Information: For CCPA/CPRA compliance, opt out of marketing cookies via the „Manage Consent“ link.

 

8. Updates to This Policy

This policy is automatically updated based on Usercentrics Cookiebot scans to reflect changes in our Data Processing Services. For the latest details, view the cookie declaration by clicking „Manage Consent“ in the website footer.

 

9. Cookie Declaration

For a detailed list of all cookies and trackers, including providers, purposes, and retention periods, refer to the dynamic cookie declaration provided by Usercentrics CMP. Access it via the „Manage Consent“ link or embed it on this page using the Cookiebot script.

 

If you have further questions, please contact us at privacy@albertigroup.com .