Privacy Policy

The Zentrum für Europäischen Verbraucherschutz e. V. (Centre for European Consumer Protection in Europe- ZEV) takes the protection of your data seriously. Our non-profit organisation aims at raising awareness of and to promote consumers’ rights in Europe. Your data are exclusively collected, stored and used to respond to your inquiries and complaints and to defend your interests.

You will find information on how we handle your data.

The responsible body for the storage and processing of your data is the

Zentrum für Europäischen Verbraucherschutz e. V.
Bahnhofsplatz 3
77694 Kehl
Germany
Phone: +49 7851 99148-0
Fax: +49 7851 99148-11
E-mail: info@cec-zev.eu

You can also contact our data protection representatives at: datenschutz@cec-zev.eu.

It  hosts:

Mr. Peter Wagner
Schwabenmatten 15
79292 Pfaffenweiler
Germany
Phone: +49/ 7664 600085
E-mail: datenschutz@cec-zev.eu
Internet: www.wagner-datenschutz.de

The Centre for Consumer Protection in Europe (ZEV) processes your data in accordance with the General Data Protection Regulation (GDPR), Germany’s new Federal Data Protection Act (BDSG) and the Telemedia Act taking into account the principles of legitimacy, purpose limitation and data minimisation (Article 5(1) GDPR).

According to the General Data Protection Regulation and Germany’s Federal Data Protection Act all information related to your person is subject to special protection (OR: Your data). These can be your:

  • phone number
  • e-mail address
  • home address
  • IP-address
  • pictures
  • information in relation to the case and attached documents

This information can only be processed, if authorised by law or if the person concerned has given his consent (Article 4(1) GDPR).

Sensitive information related to you is subject to an even stronger protection. These can be information on your:

  • racial or ethnic origin
  • political opinions
  • religious or philosophical beliefs
  • trade union membership
  • health
  • sex life
  • sexual orientation

This data can only be processed with your explicit consent (Article 9 GDPR).

Any operation performed on your personal data, such as collection, recording, organisation, structuring, storage, adaption or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or making available otherwise, alignment or combination, restriction, erasure or destruction (Article 4(2) GDPR).

When you submit an information request or a complaint against a company, the submitted data is automatically transferred into the data processing tool (IT-Tool) of the European Commission: the ‘ECC-Net 2’.

For this transfer, we are working together with an external service provider based in the Netherlands. In addition to the automatic transfer, a backup of the data you have submitted is created. This backup is necessary as a safety measure in case that an error occurs during the automatic transfer of the data into the IT-Tool ‘ECC-Net 2’. The data is solely being stored on servers based in the Netherlands. All backups are furthermore deleted after no more than 14 days.

We store your data on the basis of Article 6(1)(b) GDPR. The storage is necessary to answer your information request or handle your complaint.

We protect your data against unauthorised access. For that, we implemented access controls, passwords, firewalls etc. In addition, our websites are all . Respecting the principle of data minimisation we only grant access to your data to those departments entrusted with your case (see ‘Responsible body’).

Prior to processing sensitive data, we ask for your explicit consent. The information is processed on the basis of Article 9(2) GDPR.

I. Information requests filed at the European Consumer Centres Germany/ France

If you submit an information request to the European Consumer Centres Germany or France, your data will also be stored (mostly anonymised) in a data processing tool (IT-Tool) of the European Commission: the ‘ECC-Net 2’. The European Commission provides us with this tool. Your data is stored so that we can analyse your query and answer it.

This storage is justified by Article 6(1)(b) GDPR. The use of this system is necessary, to handle your query effectively and to evaluate it statistically.

With the help of the IT-Tool: ‘ECC-Net 2’ we are able to transfer your information requests to other European Consumer Centres. Please find an interactive map with all centres. We only act in this way, if we need the expertise of our European colleagues to answer your request. Before that, we ask you for your consent. The legal basis for the transfer is, hence, Article 6(1)(a) GDPR.

How your data is processed and protected there, you can learn from the privacy statement of the EU-Commission on the IT-Tool ‘ECC-Net 2’.

II. Complaints against companies in other EU-countries, Island and Norway

If your complaint addresses a company based in another EU-country, Island or Norway, we will forward your data to the European Consumer Centre of this country. Regularly the centre will use your date to analyse your complaint and contact the company with the aim to solve your complaint amicably. Please find an interactive map with all centres.

To this end, your data will also be stored in a data processing tool (IT-Tool) of the EU-Commission: the ‘ECC-Net 2’. The use of this tool is necessary to transfer your complaint to another European Consumer Centre and to communicate with our European colleagues.

How your data is processed and protected there, you can learn from the privacy statement of the EU-Commission on the IT-Tool ‘ECC-Net 2’.

To handle your complaint effectively and free of charge, it can also be an advantage for you, that we forward your complaint to an European alternative dispute resolution body as set up by Directive 2013/11/EU or another out-of-court dispute resolution body that complies with high quality standards. You find an overview of all bodies on our website.

Finally, it can be an advantage for you, that we forward your complaint to an European authority responsible for enforcing EU consumer protection laws as set up under Regulation (EU) 2017/2394. These authorities are responsible to enforce consumer rights towards companies, when the collective interest of consumers was infringed.

In all three cases, we ask for your consent. Legal basis for the transfer of your data is, hence, Article 6(1)(a) GDPR.

III. Complaints against traders from Denmark, Finland, Norway and Sweden

In some countries ECC are obliged by law to make complaints accessible to the public upon demand. This is the case for all data shared with ECC Denmark, Finland, Norway and Sweden (information on the Swedish legislation is available on the website of the Swedish government).

IV. Complaint / information requests of consumers from other European countries

When we receive complaints via the IT-Tool ‚ECC-Net 2’ against a company based in Germany or France, we save your data also on our server and use them to contact the trader. Sometimes we also transfer your complaint to an alternative dispute resolution body or an authority responsible to enforce consumer rights.

We store your data also on our server, if another European consumer centre transfers it to use via the IT-Tool: ‘ECC-Net 2’ in the framework of an information request.

This IT-Tool is a data processing system provided by the EU-Commission. How your data is processed and protected while being stored in this tool, you can learn from the corresponding data protection declaration.

Legal basis for the data processing is Article 6(1)(a) GDPR. We are not authorised to store your data or take one of the abovementioned measures, if you did not consent to it towards the European consumer centre of your resident country.

If you file a complaint using the online complaint form on our website, we ask you to give your consent to the forwarding of your complaint to the European Consumer Centre of that country where the trader comes from and/ or to a competent alternative dispute resolution body. You give your active consent by ticking a box.

If you file your complaint via e-mail, phone, letter or personally, you will receive consecutively a document that asks you to give your consent to the abovementioned measures.

In all other cases, we will ask for your consent individually.

You have the right to withdraw your consent at any time (see the category ‘your rights’).

We do not store your personal data longer than three years on our server after the final answer to your query or the closure of your complaint procedure. The legal basis for the storage of the data is Article 6(1)(f) GDPR. We have a legitimate interest in storing your data. It enables us to document our performed services as long as claims may not be time-barred.

1. What you should know about cookies

The Zentrum für Europäischen Verbraucherschutz e. V. (Centre for Consumer Protection in Europe – ZEV) takes the protection of your personal data very seriously. This non-profit organisation aims at protecting and promoting consumer rights in Europe. We use cookies exclusively in order to ensure the functioning of our website (session-cookies) and constantly improve its content (analytics tool: Matomo). Here, we also inform you about the use of third-party cookies.

With questions relating our use of cookies you can contact us: Bahnhofsplatz 3, 77694 Kehl, Germany, Tel.: +49 7851 991 48 0; Fax: +49 7851 991 48 11;  mail: info@cec-zev.eu. You can also contact our external data protection officer at: datenschutz@cec-zev.eu. His complete contact information you find in our privacy statement.
 

2. Session-cookies

Our website uses session-cookies. When you, for example, enter information in our online complaint form or log in to our complaint management system, these data are stored (on your computer) and sent to us. Without these cookies this would not work; they are automatically deleted when you leave our website. Since the processing of your complaint is not possible without this function, the legal basis for the data processing is Article 6(1)(b) GDPR.
 

3. Analytics tool: Matomo

We employ the Open-Source Software: Matomo (more information on Matomo you find here) to learn how consumers use our website. However, we only use this tool when you gave use your explicit consent beforehand by clicking on our cookies-banner on our website (real opt-in). Legal basis is, hence, Article 6(1)(a) GDPR.

Matomo analyses and evaluates your surfing behaviour. For example, it  informs us of the topics most frequently clicked on our website and the information material most frequently downloaded by consumers. We configured Matomo in a way that your data is kept anonymous (the IP address is shortened).

If you want to disable Matomo, just deactivate it at the end of this page.
 

4. Disable our cookies

You can disable our cookies. To do so, click on the appropriate field. You will find it on our cookies-banner at the bottom of the screen each time you visit our website.
 

5. Third-party cookies

In addition, our website is linked to services of third parties, i.e. YouTube und Google-Maps. These companies also use cookies to collect personal data (IP address, surfing behaviour etc.). We are not to be held responsible for the information collected by these companies and how they protect your data. You can learn more about their cookies policies on their websites. You can disable third-party cookies in the settings of your browser.
 

a) YouTube

Our website uses plug-ins of the Website YouTube operated by Goolge. The website is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of our websites providing for a YouTube plug-in, a connection with the servers of YouTube will be established. The YouTube server is informed, which websites you visit (for example with the help of your IP-address).

We use YouTube to provide you with an appealing presentation of our information. That constitutes a legitimate interest and is, hence, justified by Article 6(1)(f) GDPR.
Information on how YouTube processes your data is available at YouTube under: https://policies.google.com/privacy?hl=en


b) Google-Maps

Via an API our website uses the service: google maps. Operator is the Google Inc., 1600 Amphitheatre Parkway, Montain View, CA 94043, USA.

To enable you to use google maps, it is necessary to store your IP address. Regularly, this information is forwarded to and stored on google servers in the USA. We cannot influence this data transfer.

We use YouTube to provide you with an appealing presentation of our information and to enable you to find locations in a simple way that are indicated on our website. That constitutes a legitimate interest and is, hence, justified by Article 6(1)(f) GDPR.


c) Social media plug-ins

We disabled in the default settings of our website social media plug-ins to share content through Facebook, Twitter and Google+.

This aims at preventing companies from accessing your data (IP address, surfing behaviour etc.). To ensure this, we use the freeware tool: c’t Shariff. In order to use these plug-ins you have to enable them first.

We are not to be held responsible for the information collected by these companies and how they protect your data. You can learn more about their cookies policies on their websites.

In this section we inform you about the data processing in connection with the third-party platforms on which we are present. We would like to point out that the Centre for Consumer protection in Europe (Zentrum für Europäischen Verbraucherschutz e.V.) is not aware of the data processing of third-party platforms and has no influence on it. We also do not have access to the personal data of users, as long as they do not make it public themselves.

Processing of personal data and purposes of the processing

If the European Consumer Centre (Zentrum für Europäischen Verbraucherschutz e.V.) opens an account on a third-party platform, the operator sets cookies as soon as the user visits the European Consumer Centre (Zentrum für Europäischen Verbraucherschutz e.V.) account. We expressly point out that the operators of third-party platforms collect personal data of users with the help of cookies for the purpose of statistical evaluation of their behavior. This applies in particular if you are already registered on these third-party platforms. You can find more detailed information in the data protection statements of these third-party platforms.

The Centre for Consumer protection in Europe (Zentrum für Europäischen Verbraucherschutz e.V.) only receives anonymous evaluations of account usage from third-party platforms. This anonymous data is used for the analysis of user behavior for statistical purposes, so that the Centre for Consumer protection in Europe (Zentrum für Europäischen Verbraucherschutz e.V.) can better adapt its offers of help and support to the needs and interests of consumers. This is necessary to fulfill the mission of the Centre for Consumer protection in Europe (Zentrum für Europäischen Verbraucherschutz e.V.) and to reach the largest possible number of users with its contents. The processing of anonymized data is accordingly carried out on the basis of our legitimate interest in accordance with Article 6(1)(e) of the GDPR.

In order to evaluate the account activities, insofar as the data has been provided by the user or has been collected, the operators provide the Centre for Consumer protection in Europe (Zentrum für Europäischen Verbraucherschutz e.V.) with the following criteria or categories in an anonymous manner:

  • Age group
  • Gender
  • Place of residence (city and country)
  • Language
  • Mobile and stationary page views (and device type for YouTube)
  • Interactions on posts (e.g., reactions, comments, shares, clicks, views, length of time the video was used)
  • Time of use

We do not know what personal data is collected in total by the operators of third-party platforms and for what other purposes they process user data. We can therefore only inform you about what we know about the data processing by these platforms. We thank you for your understanding.

The Centre for Consumer protection in Europe (Zentrum für Europäischen Verbraucherschutz e.V.) draws your attention to the fact that the operators of the platforms are usually American companies and that their data may therefore be processed outside the European Union. This may result in risks, as it could make it more difficult to enforce users' rights.

Further information on data processing can be found in the data protection declaration of the operators themselves:

Facebook
Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2, Ireland
Privacy on Facebook
Opt-out advertising preferences

 

YouTube
YouTube LLC
901 Cherry Ave.
San Bruno, CA 94066, USA
YouTube Privacy

 

Twitter
Twitter, Inc.
1355 Market Street, Suite 900
San Francisco, CA 94103, USA
Privacy on Twitter

 

LinkedIn Ireland Unlimited Company
Attn: Legal Dept (Privacy Policy and User Agreement)
Wilton Plaza
Wilton Place, Dublin 2
Ireland
Privacy on LinkedIn

 

Netiquette: 

On our social media channels and in the comments section, we would like to promote exchange with the community and dialogue between members. The comments are public, praise and constructive criticism are always welcome.

Discussing with friends and other fans is best done in a friendly and respectful tone. Be nice to each other and don't call each other names!

Everyone has the right to a free opinion - within the limits of what is legally permissible.

Not welcome, however, are:

  • Insults, threats and slurs of any kind.
  • incitement to violence
  • Election and party advertising
  • Radical, especially right-wing radical ideas, racism and hate propaganda
  • pornography and obscenity
  • Violations of the rights of third parties
  • Calls for campaigns, rallies or donations
  • Comments that are not related to the topic of the post in question
  • Links to external websites unrelated to the original post
  • The publication of forum/blog posts, private correspondence and private data (addresses, e-mail addresses or telephone numbers)
  • Misuse of the comment function for advertising purposes

No spam.

No trolling.

No bashing.

If you want to report a personal case and need help, please contact us personally only - either via FB messenger or better via our official contact form, which you can find here.

It is not allowed to mention names and other personal (contact) data in the comments.

We reserve the right to delete comments and to block people who do not adhere to our netiquette despite repeated warnings. Each user is responsible for the contributions he/she publishes. ZEV accepts no liability for this. We reserve the right to update the netiquette at a future date.

Have fun on our pages!

You can order our newsletter by including your e-mail address in the mailing list on our website. You will receive a confirmation e-mail. Only if you confirm your order, we will send you a newsletter. Legal basis is, hence, Article 6(1)(a) GDP.

Each newsletter contains a link with the help of which you can cancel it. After the cancelation, your e-mail address will be immediately erased.

Data protection information ZOOM according to Art. 13 DSGVO

In this privacy notice, we explain our use of the video communication software "Zoom". In particular, we point out that we do not record any data of the communication and use "Zoom" with end-to-end encryption. This ensures the confidentiality of the communication content. You can recognize the activation of end-to-end encryption in the current meeting by a green sign with a locked padlock in the upper left corner.

Responsible

The  Zentrum für Europäischen Verbraucherschutz e. V. (Centre for European Consumer Protection in Europe - ZEV) is responsible for processing your personal data in connection with the use of Zoom.

Description of data processing, purposes and types of data

To conduct online meetings, video conferences and webinars (hereinafter: "Online Meetings"), we use the tool "Zoom".

Depending on the type and scope of the use of "Zoom", different types of data are collected or processed. These include in particular:

- Personal data (e.g. first and last name, email address, profile picture).

- Meeting metadata (e.g. date, time and duration of communication, name of the meeting, participant IP address)

- Device/hardware data

- Text, audio, and video data

- Connection data (e.g., phone numbers, country names, start and end times, IP addresses)

Below we would like to inform you in more detail about the scope of data processing.

Required data and functions

If you participate in an online meeting as an external participant, you will receive an access link from the host by e-mail. When you register for the online meeting, you must then enter your name and, if applicable, your e-mail address.

In addition, the tool collects user data that is required for the provision of the service. This includes in particular technical data about your devices, network and Internet connection, such as IP address, device type, operating system type and version, client version, camera type, microphone or speaker, type of connection.

Voluntary information and functions

You can provide additional information about yourself, but you do not have to. You are also free to use the chat function during the online meeting. You can also switch your camera and microphone on, off or mute yourself. By default, the camera and microphone are disabled at the beginning of a meeting.

When you use the chat function, the text entries you make are processed to display them in the "online meeting". There is no logging of the chat. If you turn on your camera or microphone, data from your end device's microphone and any end device video camera will be processed for the duration of the meeting.

Please note that any information you or others upload, provide, or create during an online meeting will be processed at least for the duration of the meeting. This includes, but is not limited to, chat/instant messages, files, whiteboards, and other information shared while using the service. Recordings will not be made.

Other functions

For more information on the processing of your data when using "Zoom", a detailed list of the data collected and processed by "Zoom", and the "Zoom" privacy notice, please visit: https://zoom.us/privacy

Legal basis for data processing

If you participate in an online meeting as an external participant, the processing of your data is based on Art. 6 para. 1 p. lit. b. DSGVO, provided that your participation in the online meeting is necessary for the performance of a contract concluded with you. The same applies if the implementation of the online meeting is necessary for the implementation of pre-contractual measures, which are carried out at your request.

If data processing in connection with the use of "Zoom" is not necessary for the fulfillment of a contract concluded with you or for the implementation of pre-contractual measures, it is carried out on the basis of Art. 6 (1) sentence 1 lit. f DSGVO. Our legitimate interest here is the maintenance of location-independent communication, the maintenance of business contacts and the provision of services owed.

If you also voluntarily provide personal information when using the tool or voluntarily use functions that are not mandatory, the associated data processing is based on your revocable consent pursuant to Art. 6 (1) sentence 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future. Please note that processing that took place before the revocation is not affected by this.

Disclosure of your data

As a matter of principle, we do not pass on your data to third parties. Data will only be passed on if it is intended to be passed on, if you have expressly consented to the transfer in advance or if we are obliged or entitled to do so by law.

When processing your data, Zoom Video Communications Inc. supports us as an external service provider and processor within the meaning of Art. 28 DSGVO. As a processor, Zoom Video Communications Inc. processes your data strictly in accordance with instructions and on the basis of a separately concluded order processing agreement. In this context, the data processing may also take place outside the EU or the EEA. With regard to Zoom Video Communications Inc., an adequate level of data protection pursuant to Art. 46 (2) lit. c DSGVO can be assumed through the use of EU standard contractual clauses as well as other appropriate measures (establishment of end-to-end encryption and through the use of the data routing function; This is understood to mean the ability to determine for yourself through which data centers the data should flow during meetings and webinars.). We will gladly provide the concluded EU standard contractual clauses upon request.

Deletion of your data

As a matter of principle, we process your data only as long as it is necessary for the purposes for which it was collected. We do not record anything. Therefore, your data will not be stored.

Your rights as a data subject

In accordance with Art. 15 of the GDPR, you have the right to obtain information from the controller about the personal data concerning you, as well as the right to have inaccurate data corrected in accordance with Art. 16 of the GDPR, or to have it deleted if one of the reasons listed in Art. 17 of the GDPR applies, e.g. if the data is no longer required for the purposes pursued. You also have the right to restriction of processing if one of the conditions set out in Art. 18 DSGVO applies and, in cases covered by Art. 20 DSGVO, the right to data portability.

In cases where we process your personal data on the legal basis of Art. 6 (1) p. 1 lit. f DSGVO, you also have the right to object at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

You also have the right to lodge a complaint with a supervisory authority if you believe that the processing of the data concerning you violates data protection regulations. The right to lodge a complaint may in particular be asserted before a supervisory authority in the Member State of the data subject's place of residence or the place of the alleged infringement.

Contact details of the data protection officer

In fulfilling our obligations under data protection law, we are supported by our data protection officer. The contact details of our data protection officer are:

Peter Wagner
Schwabenmatten 15
79292 Pfaffenweiler
Phone: +49 (0) 7664 / 60 00 85
E-Mail: datenschutz@cec-zev.eu
Web: www.wagner-datenschutz.de

I.    Access, deletion, rectification, restriction of processing, portability, withdrawal of consent

On demand, we will inform you of personal data we store. You can also ask us to erase or rectify your data. At the same time, you can require us to process your data for certain purposes only. Finally, we will provide you with the data set received from you in a machine-readable format.

At any time, you can contact us and withdraw your given consents with effect for the future.

To make use of your rights, you can turn to the Zentrum für Europäischen Verbraucherschutz e.V. (info@cec-zev.eu) or our external data protection officer (datenschutz@cec-zev.eu). The complete contact information you find in the categories: ‘Responsible body’ and ‘External data protection officer’.


II.    Supervisory authority

If you have the opinion that we did not protect your data sufficiently, you have the right to turn to the competent data protection authority, the Landesbeauftragten für Datenschutz und Informationsfreiheit in Baden-Württemberg (regional data protection authority of Baden-Württemberg). You find the contact information on his website.

If you apply for a position offered by us or send an unsolicited application to bewerbung@cec-zev.eu or to our postal address, the following personal data, among others, will be required from you and processed accordingly:

  • Master data such as title, first name, last name, etc.
  • Contact data such as private address with postal code, city, street, house number, e-mail addresses, telephone numbers (landline and/or mobile), etc.
  • Application documents such as cover letter, curriculum vitae, application photo, school and work certificates and other proof of qualifications.

If information is missing to carry out the application process, we may request it separately from you, if necessary, to the extent that it is required for our decision-making process.

 

Purpose and legal basis of processing

The data you provide will be processed internally for the purpose of carrying out the application procedure, checking your application prospects and selecting applicants.

The legal basis for this data processing is primarily Art. 88 GDPR in conjunction with Section 26 FDPA (new) (data processing for the purposes of the employment relationship) as well as Art. 6, Para. 1 lit. b GDPR (contract performance as well as pre-contractual measures).

 

Note on data use and storage

It is of particular concern to us to handle your personal data in a trustworthy manner already during the application process. The data you provide will be processed exclusively for the above-mentioned purposes. Only the Human Resources department, as well as the Executive Board and, if applicable, other managers involved in the application process, have access to the personal data of applicants at ZEV e.V. The Executive Board organizes and manages the application process. Your data will not be passed on to unauthorized third parties.

 

Storage period

We will delete your data 6 months after the decision to award the job, unless a claim is made on your part in accordance with the Equal Treatment Act (AGG) on the basis of the decision. In this case, the deletion will take place after the conclusion of the proceedings regarding your claim. In the event that we wish to store your data for a longer period of time, we will ask you for your consent beforehand.

You have the option of withdrawing your application in whole or in part at any time. You can also request at any time that all or some of your transmitted data and files be deleted or modified. Likewise, you have the right to revoke your granted consent to the processing of the personal data you submitted as part of your application at any time with effect for the future. To do so, simply send an e-mail to bewerbung@cec-zev.eu.