Thank you for visiting our website. Compliance with data protection regulations is of particular importance to us. The purpose of this privacy policy is to inform you, as a user of the website, about the nature, scope, and purpose of the processing of personal data, as well as the rights available to you, insofar as you qualify as a data subject within the meaning of Article 4(1) of the General Data Protection Regulation (GDPR).
Responsible Entity
This website and the services offered are operated by:
Promocean The Netherlands B.V.Zandzuigerstraat 105222 AH 's-HertogenboschNiederlandeE-Mail: info@promocean.com
1. Data Privacy Officer
Herold Unternehmensberatung GmbH
Herr Philipp Herold
Hafenstraße 1a
23568 Lübeck
Email:privacy@promocean.com
General Informations
We have designed the development of this website to collect as little data from you as possible. In doing so, we always ensure that your personal data is processed only in accordance with a legal basis or with your given consent. We comply with the provisions of the General Data Protection Regulation (GDPR), which has been in effect since May 25, 2018, as well as the applicable national regulations, such as the Federal Data Protection Act (BDSG), the Telecommunications-Telemedia Data Protection Act (TTDSG), or other specific data protection laws.
2. Purpose and Legal Basis for Processing Personal Data
We always process your personal data for specific purposes. In summary, we process your personal data for the following purposes:
a) To handle your inquiries when you contact us (e.g., email address, first name, last name);
b) For the technical operation of our website and to provide you with our information on this website (e.g., IP address, cookies, browser information);
Regarding the legal basis for processing your personal data:
We process personal data that is necessary for the establishment, execution, or termination of our service offerings (contract fulfillment) based on Article 6(1)(b) GDPR. If we obtain your consent for the processing of your personal data, the processing is based on Article 6(1)(a) GDPR. Data processing is also permissible if we process your data to protect our legitimate interests, provided that your interests or fundamental rights and freedoms concerning the processing of personal data do not outweigh our interests (Article 6(1)(f) GDPR). If we engage external service providers for data processing on our behalf, the processing is carried out based on Article 28 GDPR.
3. Collection of Personal Data When Visiting Our Website
When you use our website for informational purposes only, meaning you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which are technically necessary for us to display our website to you and to ensure its stability and security (the legal basis is Article 6(1) sentence 1 lit. f GDPR):
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request originates
- Browser
- Operating system and its interface
- Language and version of the browser software
This website is hosted by an external service provider (hosting provider). The personal data collected on this website is stored on the servers of the hosting provider.
The website operates on the Microsoft Azure infrastructure (USA), with the cloud server located in the United Kingdom.
Data Processing Agreement
We have entered into a Data Processing Agreement (DPA) with the aforementioned provider. This is a legally required contract under data protection law, ensuring that the provider processes the personal data of our website visitors solely in accordance with our instructions and in compliance with the GDPR.
Contacting us
You can contact us via email. In this case, we store the personal data you provide to process your request and to communicate with you regarding its resolution. Any voluntary information you provide helps us to better understand and handle your inquiry. The requested data is transmitted to us entirely on a voluntary basis.
Depending on the nature of your request, the legal basis for processing is:
- Article 6(1)(b) GDPR, if your inquiry is related to pre-contractual measures initiated by you.
- Article 6(1)(f) GDPR, if your inquiry is of a general nature. Our legitimate interest follows from the purposes outlined in Section 4 a.) of this privacy policy.
If we request personal data that is not required for contract fulfillment or to protect legitimate interests, the data will only be processed based on your explicit consent under Article 6(1)(a) GDPR.
4. Presence on Social Media
To best present our company, communicate with you as a user, customer, or interested party, and inform you about our services, we maintain a presence on social media networks.
When using social networks, data is processed outside the European Union (EU) and the European Economic Area (EEA). A level of data protection equivalent to that in the EU cannot be guaranteed in all countries outside the EU. This may pose risks to you as a user if your transmitted data is processed in so-called third countries that do not have an adequate level of data protection.
This can make it more difficult to enforce known user rights. Additionally, your data may be processed by the provider in the third country in a way that is not in your interest. We only transfer personal data to third countries where an adequate level of protection has been confirmed or where the transmission of personal data can be ensured through contractual agreements or other appropriate safeguards.
In addition to the respective provider of a social network, we also collect and process personal user data on so-called “fan pages”. This notice informs you about the data we collect from you on our social media platforms, how we use it, and how you can object to its use.
For details on data processing purposes and categories, please refer to the specific offers listed below. The social media activities we operate and describe below are carried out based on a legitimate interest pursuant to Article 6(1)(f) GDPR.
To achieve this, cookies are used to track user behavior and enable user profiling. A detailed list of the purposes for processing user data can be found in the privacy policies of the respective providers.
By adjusting the relevant settings in your user account, you can at least partially restrict profiling. For specific steps on how to do this, please refer to the privacy policies of the respective provider.
The relevant platforms are:
Service: LinkedIN
Responsible Entity: LinkedIn Ireland Unlimited CompanyWilton Place, Dublin 2, Ireland
Privacy Notices of Platform Operators: https://de.linkedin.com/legal/privacy-policy?
We operate profiles on the listed platforms to draw attention to products and service offerings and to interact with customers, interested parties, and other users of the platform.
The platform operators use certain data collected from platform users (e.g., whether a photo on a profile has been "liked" or commented on) to generate aggregated usage statistics and make them available to the respective profile operators (so-called "Insights" or "Analytics").
We, as profile operators, also receive such usage statistics. However, the information we receive does not allow any conclusions to be drawn about individual users. The profile operator does not have access to the personal data that the platform operators process to generate these usage statistics. The respective platform operator alone determines which data is processed and how it is processed for these purposes. As a profile operator, we have no legal or actual influence on the processing carried out by the platform operators.
For the processing in connection with the creation of usage statistics, we are considered joint controllers with the respective platform operator within the meaning of Article 26 GDPR.
Where possible, joint controller agreements exist with the respective platform operators.
Furthermore, data processing by us as a profile operator only takes place to a very limited extent:
- Processing of usernames and comments that are deleted due to violations of our netiquette. These may be retained as evidence in potential legal disputes within the applicable statute of limitations.
- Processing of usernames and individual messages when you contact us via messenger services.
For these purposes, we generally process only your name, message content, comment content, and the profile information you have made publicly available.
LinkedIn Ads
We also use the advertising service LinkedIn Ads. The service provider is the American company LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
LinkedIn processes your data, including in the USA. LinkedIn is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. More information on this can be found at:
https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.
Additionally, LinkedIn uses Standard Contractual Clauses (SCCs) as per Article 46(2) and (3) GDPR. SCCs are templates provided by the European Commission to ensure that your data complies with European data protection standards, even when transferred to and stored in third countries (such as the USA).
Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, LinkedIn commits to complying with the European data protection level when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the European Commission. You can find the decision and the corresponding SCCs here:
https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
More information about LinkedIn's Standard Contractual Clauses can be found at:
https://www.linkedin.com/legal/l/customer-sccs.
For details on data processing through the use of LinkedIn Ads, please refer to LinkedIn’s privacy policy:
https://www.linkedin.com/legal/privacy-policy.
Rights of the Data Subject
You have the right:
- pursuant to Article 15 GDPR to request information about your personal data processed by us. In particular, you can request information about the purposes of processing, the categories of personal data, the categories of recipients to whom your data has been disclosed or will be disclosed, the planned retention period, the existence of a right to rectification, erasure, restriction of processing, or objection, the existence of a right to lodge a complaint, the origin of your data, if it was not collected by us, as well as the existence of automated decision-making, including profiling, and, where applicable, meaningful information about its details;
- pursuant to Article 16 GDPR to request the immediate rectification of inaccurate or completion of incomplete personal data stored by us;
- pursuant to Article 17 GDPR to request the erasure of your personal data stored by us, unless processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;
- pursuant to Article 18 GDPR to request the restriction of processing of your personal data, if the accuracy of the data is contested by you, the processing is unlawful, but you oppose erasure, we no longer need the data, but you require it for the establishment, exercise, or defense of legal claims, or you have objected to processing pursuant to Article 21 GDPR;
- pursuant to Article 20 GDPR to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format, or to request the transfer of the data to another controller (data portability);
- pursuant to Article 7(3) GDPR to withdraw your consent at any time. This means that we may no longer continue processing based on this consent in the future;
- pursuant to Article 77 GDPR to lodge a complaint with a supervisory authority. In general, you can contact the supervisory authority of your usual place of residence, workplace, or our company headquarters.
Right to Object
If your personal data is processed on the basis of legitimate interests pursuant to Article 6(1) sentence 1 lit. f GDPR, you have the right, pursuant to Article 21 GDPR, to object to the processing of your personal data, provided that there are reasons for this arising from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us without requiring a specific reason.
If you wish to exercise your right of withdrawal or objection, simply send an email to info@promocean.com
Disclosure of Your Personal Data
The disclosure of your personal data takes place as described below.
Furthermore, data may be disclosed if we are legally authorized or obligated to do so based on legal provisions and/or official or judicial orders. This may include, in particular, providing information for law enforcement purposes, averting danger, or enforcing intellectual property rights.
If your data is transferred to service providers as necessary, they will only have access to your personal data to the extent required for fulfilling their tasks. These service providers are required to handle your personal data in compliance with applicable data protection laws, especially the GDPR.
If your personal data is processed on our behalf based on data processing agreements pursuant to Article 28 GDPR, we ensure that the processing is carried out in compliance with the General Data Protection Regulation (GDPR).
We prioritize processing your data within the EU/EEA. However, in some cases, we may use service providers that process data outside the EU/EEA. In such cases, we ensure that before transferring your personal data, an adequate level of data protection comparable to EU standards is established at the recipient. This can be achieved, for example, through EU Standard Contractual Clauses (SCCs), Binding Corporate Rules (BCRs), or special agreements to which the company has committed itself.
Data Security
We protect our website with technical and organizational measures to prevent loss, destruction, unauthorized access, modification, or distribution of your data by unauthorized persons.
In particular, your personal data is transmitted in encrypted form. We use the SSL/TLS (Secure Sockets Layer/Transport Layer Security) encryption protocol to ensure secure data transmission.
Our security measures are continuously improved in line with technological advancements.
Retention Period for Personal Data
We delete personal data as soon as its storage is no longer necessary for fulfilling the original purpose and no legal retention periods apply.
The legal retention periods determine the final duration of data storage. After these periods expire, the corresponding data is routinely deleted. If retention periods apply, processing is restricted, meaning the data is locked and no longer actively used.
5. References and Links
When accessing third-party websites linked from our website, you may be asked to provide information such as your name, address, email address, browser properties, etc.
This privacy policy does not govern the collection, processing, or handling of personal data by third parties.
Third-party service providers may have different and independent policies regarding the collection, processing, and use of personal data. Therefore, we recommend that you review the privacy policies of third-party websites before entering any personal data.
Last Update: 01.2025
Responsible Entity
This website and the services offered are operated by:
Promocean The Netherlands B.V.Zandzuigerstraat 105222 AH 's-HertogenboschNiederlandeE-Mail: info@promocean.com
1. Data Privacy Officer
Herold Unternehmensberatung GmbH
Herr Philipp Herold
Hafenstraße 1a
23568 Lübeck
Email:privacy@promocean.com
General Informations
We have designed the development of this website to collect as little data from you as possible. In doing so, we always ensure that your personal data is processed only in accordance with a legal basis or with your given consent. We comply with the provisions of the General Data Protection Regulation (GDPR), which has been in effect since May 25, 2018, as well as the applicable national regulations, such as the Federal Data Protection Act (BDSG), the Telecommunications-Telemedia Data Protection Act (TTDSG), or other specific data protection laws.
2. Purpose and Legal Basis for Processing Personal Data
We always process your personal data for specific purposes. In summary, we process your personal data for the following purposes:
a) To handle your inquiries when you contact us (e.g., email address, first name, last name);
b) For the technical operation of our website and to provide you with our information on this website (e.g., IP address, cookies, browser information);
Regarding the legal basis for processing your personal data:
We process personal data that is necessary for the establishment, execution, or termination of our service offerings (contract fulfillment) based on Article 6(1)(b) GDPR. If we obtain your consent for the processing of your personal data, the processing is based on Article 6(1)(a) GDPR. Data processing is also permissible if we process your data to protect our legitimate interests, provided that your interests or fundamental rights and freedoms concerning the processing of personal data do not outweigh our interests (Article 6(1)(f) GDPR). If we engage external service providers for data processing on our behalf, the processing is carried out based on Article 28 GDPR.
3. Collection of Personal Data When Visiting Our Website
When you use our website for informational purposes only, meaning you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which are technically necessary for us to display our website to you and to ensure its stability and security (the legal basis is Article 6(1) sentence 1 lit. f GDPR):
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request originates
- Browser
- Operating system and its interface
- Language and version of the browser software
This website is hosted by an external service provider (hosting provider). The personal data collected on this website is stored on the servers of the hosting provider.
The website operates on the Microsoft Azure infrastructure (USA), with the cloud server located in the United Kingdom.
Data Processing Agreement
We have entered into a Data Processing Agreement (DPA) with the aforementioned provider. This is a legally required contract under data protection law, ensuring that the provider processes the personal data of our website visitors solely in accordance with our instructions and in compliance with the GDPR.
Contacting us
You can contact us via email. In this case, we store the personal data you provide to process your request and to communicate with you regarding its resolution. Any voluntary information you provide helps us to better understand and handle your inquiry. The requested data is transmitted to us entirely on a voluntary basis.
Depending on the nature of your request, the legal basis for processing is:
- Article 6(1)(b) GDPR, if your inquiry is related to pre-contractual measures initiated by you.
- Article 6(1)(f) GDPR, if your inquiry is of a general nature. Our legitimate interest follows from the purposes outlined in Section 4 a.) of this privacy policy.
If we request personal data that is not required for contract fulfillment or to protect legitimate interests, the data will only be processed based on your explicit consent under Article 6(1)(a) GDPR.
4. Presence on Social Media
To best present our company, communicate with you as a user, customer, or interested party, and inform you about our services, we maintain a presence on social media networks.
When using social networks, data is processed outside the European Union (EU) and the European Economic Area (EEA). A level of data protection equivalent to that in the EU cannot be guaranteed in all countries outside the EU. This may pose risks to you as a user if your transmitted data is processed in so-called third countries that do not have an adequate level of data protection.
This can make it more difficult to enforce known user rights. Additionally, your data may be processed by the provider in the third country in a way that is not in your interest. We only transfer personal data to third countries where an adequate level of protection has been confirmed or where the transmission of personal data can be ensured through contractual agreements or other appropriate safeguards.
In addition to the respective provider of a social network, we also collect and process personal user data on so-called “fan pages”. This notice informs you about the data we collect from you on our social media platforms, how we use it, and how you can object to its use.
For details on data processing purposes and categories, please refer to the specific offers listed below. The social media activities we operate and describe below are carried out based on a legitimate interest pursuant to Article 6(1)(f) GDPR.
To achieve this, cookies are used to track user behavior and enable user profiling. A detailed list of the purposes for processing user data can be found in the privacy policies of the respective providers.
By adjusting the relevant settings in your user account, you can at least partially restrict profiling. For specific steps on how to do this, please refer to the privacy policies of the respective provider.
The relevant platforms are:
Service: LinkedIN
Responsible Entity: LinkedIn Ireland Unlimited CompanyWilton Place, Dublin 2, Ireland
Privacy Notices of Platform Operators: https://de.linkedin.com/legal/privacy-policy?
We operate profiles on the listed platforms to draw attention to products and service offerings and to interact with customers, interested parties, and other users of the platform.
The platform operators use certain data collected from platform users (e.g., whether a photo on a profile has been "liked" or commented on) to generate aggregated usage statistics and make them available to the respective profile operators (so-called "Insights" or "Analytics").
We, as profile operators, also receive such usage statistics. However, the information we receive does not allow any conclusions to be drawn about individual users. The profile operator does not have access to the personal data that the platform operators process to generate these usage statistics. The respective platform operator alone determines which data is processed and how it is processed for these purposes. As a profile operator, we have no legal or actual influence on the processing carried out by the platform operators.
For the processing in connection with the creation of usage statistics, we are considered joint controllers with the respective platform operator within the meaning of Article 26 GDPR.
Where possible, joint controller agreements exist with the respective platform operators.
Furthermore, data processing by us as a profile operator only takes place to a very limited extent:
- Processing of usernames and comments that are deleted due to violations of our netiquette. These may be retained as evidence in potential legal disputes within the applicable statute of limitations.
- Processing of usernames and individual messages when you contact us via messenger services.
For these purposes, we generally process only your name, message content, comment content, and the profile information you have made publicly available.
LinkedIn Ads
We also use the advertising service LinkedIn Ads. The service provider is the American company LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
LinkedIn processes your data, including in the USA. LinkedIn is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. More information on this can be found at:
https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.
Additionally, LinkedIn uses Standard Contractual Clauses (SCCs) as per Article 46(2) and (3) GDPR. SCCs are templates provided by the European Commission to ensure that your data complies with European data protection standards, even when transferred to and stored in third countries (such as the USA).
Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, LinkedIn commits to complying with the European data protection level when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the European Commission. You can find the decision and the corresponding SCCs here:
https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
More information about LinkedIn's Standard Contractual Clauses can be found at:
https://www.linkedin.com/legal/l/customer-sccs.
For details on data processing through the use of LinkedIn Ads, please refer to LinkedIn’s privacy policy:
https://www.linkedin.com/legal/privacy-policy.
Rights of the Data Subject
You have the right:
- pursuant to Article 15 GDPR to request information about your personal data processed by us. In particular, you can request information about the purposes of processing, the categories of personal data, the categories of recipients to whom your data has been disclosed or will be disclosed, the planned retention period, the existence of a right to rectification, erasure, restriction of processing, or objection, the existence of a right to lodge a complaint, the origin of your data, if it was not collected by us, as well as the existence of automated decision-making, including profiling, and, where applicable, meaningful information about its details;
- pursuant to Article 16 GDPR to request the immediate rectification of inaccurate or completion of incomplete personal data stored by us;
- pursuant to Article 17 GDPR to request the erasure of your personal data stored by us, unless processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;
- pursuant to Article 18 GDPR to request the restriction of processing of your personal data, if the accuracy of the data is contested by you, the processing is unlawful, but you oppose erasure, we no longer need the data, but you require it for the establishment, exercise, or defense of legal claims, or you have objected to processing pursuant to Article 21 GDPR;
- pursuant to Article 20 GDPR to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format, or to request the transfer of the data to another controller (data portability);
- pursuant to Article 7(3) GDPR to withdraw your consent at any time. This means that we may no longer continue processing based on this consent in the future;
- pursuant to Article 77 GDPR to lodge a complaint with a supervisory authority. In general, you can contact the supervisory authority of your usual place of residence, workplace, or our company headquarters.
Right to Object
If your personal data is processed on the basis of legitimate interests pursuant to Article 6(1) sentence 1 lit. f GDPR, you have the right, pursuant to Article 21 GDPR, to object to the processing of your personal data, provided that there are reasons for this arising from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us without requiring a specific reason.
If you wish to exercise your right of withdrawal or objection, simply send an email to info@promocean.com
Disclosure of Your Personal Data
The disclosure of your personal data takes place as described below.
Furthermore, data may be disclosed if we are legally authorized or obligated to do so based on legal provisions and/or official or judicial orders. This may include, in particular, providing information for law enforcement purposes, averting danger, or enforcing intellectual property rights.
If your data is transferred to service providers as necessary, they will only have access to your personal data to the extent required for fulfilling their tasks. These service providers are required to handle your personal data in compliance with applicable data protection laws, especially the GDPR.
If your personal data is processed on our behalf based on data processing agreements pursuant to Article 28 GDPR, we ensure that the processing is carried out in compliance with the General Data Protection Regulation (GDPR).
We prioritize processing your data within the EU/EEA. However, in some cases, we may use service providers that process data outside the EU/EEA. In such cases, we ensure that before transferring your personal data, an adequate level of data protection comparable to EU standards is established at the recipient. This can be achieved, for example, through EU Standard Contractual Clauses (SCCs), Binding Corporate Rules (BCRs), or special agreements to which the company has committed itself.
Data Security
We protect our website with technical and organizational measures to prevent loss, destruction, unauthorized access, modification, or distribution of your data by unauthorized persons.
In particular, your personal data is transmitted in encrypted form. We use the SSL/TLS (Secure Sockets Layer/Transport Layer Security) encryption protocol to ensure secure data transmission.
Our security measures are continuously improved in line with technological advancements.
Retention Period for Personal Data
We delete personal data as soon as its storage is no longer necessary for fulfilling the original purpose and no legal retention periods apply.
The legal retention periods determine the final duration of data storage. After these periods expire, the corresponding data is routinely deleted. If retention periods apply, processing is restricted, meaning the data is locked and no longer actively used.
5. References and Links
When accessing third-party websites linked from our website, you may be asked to provide information such as your name, address, email address, browser properties, etc.
This privacy policy does not govern the collection, processing, or handling of personal data by third parties.
Third-party service providers may have different and independent policies regarding the collection, processing, and use of personal data. Therefore, we recommend that you review the privacy policies of third-party websites before entering any personal data.
Last Update: 01.2025
Privacy Policy
The Netherlands B.V., Zandzuigerstraat 10, 5222AH, ‘s-Hertogenbosch KvK- 33230865 | VAT ID NL008073533B01 | Privacy Policy | info@promocean.com