As of: June 21, 2018
In the second section, you will find information about your rights, the relevant legal norms and general information about our processing of data.
The third section contains details of the individual processing operations. This section is divided into other areas, such as the core services, range measurement or marketing.
Section I - Data Controller and Surveyor
Contact Data Protection Supervisor:
Types of data processed:
Processing of special categories of data (Article 9 (1) GDPR):
Categories of data subjects :
Purpose of processing:
Automated decision on a case by case basis ( Art. 22 GDPR):
Section II - Data subjects , legal bases and general information
Rights of data subjects Right of
withdrawal Right of
Cookies and right of objection in direct marketing
Deletion of data and archiving obligations
Changes and updates to the data protection
declaration Relevant legal basis
Data processing security
Disclosure and transmission of data
Transfers to third countries
Section III - Processing Processes
Core Data Processing
Responding to Inquiries and Customer Care
Business Analytics and Market Research
External Online Presence
Online Social Media
Sites Web Server and Security
Own Global Single Sign-On Process
Embedded Content and Features
Google Services and Content
Features and Content of Facebook
Features and Content of Instagram
Features and Content of Pinterest
Newsletter Sending and Measuring Success
Communication via Post, Email, Fax or Phone
Sweepstakes and Contests
Reach Measurement, Online Marketing and Technology Partners
Google Tag Manager
Google Double Click
Section IV - Definitions
Section I - Responsible and overview of the data processing
ZWILLING JA Henckels AG
Grünewalder Strasse 14-22, 42657 Solingen
Represented by the Management Board: Dr. Ing . Erich Schiffers (Speaker / CEO), Klaus Kuhl, Dr. Ing. René Schmitz, Achim Wolfgarten
Phone: + 49 (0) 212 - 88 2 0
Fax: + 49 (0) 212 - 88 2 300
Complete imprint: https://www.zwilling.com /de/de/pages/impressum.html
Contact Data Protection Officer:
Types of processed data:
Processing of special categories of data (Article 9 (1) GDPR):
No special categories of data are processed.
Categories of data subjects:
In the following, we refer to those affected as "users".
Purpose of processing:
As of May 2018
Section II - Affected rights, legal bases and general advice
Rights of data subjects
You have the right to request a confirmation as to whether the data in question is being processed and for information about this data as well as for further information and a copy of the data in accordance with Art. 15 GDPR.
You have accordingly. Art. 16 DSGVO the right to demand the completion of the data concerning you or the correction of the incorrect data concerning you.
In accordance with Art. 17 GDPR, they have the right to demand that the relevant data be deleted without delay, or, alternatively, to require a restriction of the processing of data in accordance with Art. 18 GDPR.
You have the right to demand that the data relating to you, which you have provided to us, be obtained in accordance with Art. 20 GDPR and request their transmission to other responsible persons.
You have gem. Art. 77 DSGVO the right to file a complaint with the competent supervisory authority.
You have the right to consent according to. Art. 7 para. 3 DSGVO with effect for the future.
You may at any time object to the future processing of your data in accordance with Art. 21 GDPR. The objection may in particular be made against processing for direct marketing purposes.
Cookies and right of objection in direct marketing
Deletion of data and archiving obligations
The data processed by us are deleted or limited in their processing in accordance with Articles 17 and 18 GDPR. Unless explicitly stated in this privacy statement, the data stored by us will be deleted as soon as they are no longer necessary for their intended purpose and the deletion does not conflict with any statutory storage requirements. Unless the data is deleted because it is required for other and legally permitted purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be kept for commercial or tax reasons.
According to legal requirements in Germany, the storage takes place in particular for 10 years according to §§ 147 Abs. 1 AO, 257 Abs. 1 Nr. 1 and 4, Abs. 4 HGB (books, records, management reports, accounting documents, trading books, documents relevant for taxation , etc.) and 6 years in accordance with § 257 (1) Nos. 2 and 3, para. 4 HGB (commercial letters).
Relevant legal bases
In accordance with Art. 13 GDPR, we inform you about the legal basis of our data processing. Unless the legal basis in the data protection declaration is mentioned, the following applies: The legal basis for obtaining consent is Article 6 (1) lit. a and Art. 7 GDPR, the legal basis for the processing for the performance of our services and the execution of contractual measures as well as the answer to inquiries is Art. 6 para. 1 lit. b DSGVO, the legal basis for processing in order to fulfill our legal obligations is Art. 6 (1) lit. c DSGVO, and the legal basis for processing in order to safeguard our legitimate interests is Article 6 (1) lit. f DSGVO. In the case, that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO as legal basis.
The basics for commercial communications outside of business relationships, in particular via post, telephone, fax and e-mail are included in § 7 UWG.
Security of data processing
We take appropriate technical measures in accordance with Art. 32 GDPR, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different likelihood and severity of the risk to the rights and freedoms of natural persons and organizational measures to ensure a level of protection commensurate with the risk; Measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as their access, input, disclosure, availability and disconnection. Furthermore, we have set up procedures to ensure the enjoyment of Ensure data erasure and data vulnerability. Furthermore, we consider the protection of personal data already in the development, or selection of hardware, software and procedures, according to the principle of data protection by technology design and by privacy-friendly default settings considered (Article 25 GDPR).
The security measures include in particular the encrypted transmission of data between your browser and our server.
Employees will be required to maintain confidentiality, to be instructed and instructed with regard to data protection, as well as to possible liability consequences.
Disclosure and transmission of data
If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit them to them or otherwise grant access to the data, this is done only on the basis of a legal permission (eg if the data is transmitted to third parties , as to payment service providers, in accordance with article 6 paragraph 1 letter b DSGVO is necessary for the fulfillment of the contract), you have consented to a legal obligation or on the basis of our legitimate interests (eg the use of agents, web hosts, etc.) ,
Insofar as we commission third parties to process data on the basis of a so-called "contract processing contract", this is done on the basis of Art. 28 GDPR.
If we disclose, transmit or otherwise grant access to data to other companies in our group of companies, this is done in particular for administrative purposes as a legitimate interest and, in addition, on the basis of a contract processing contract.
Transfers to third countries
If we process data in a third country (ie outside the European Union (EU) or the European Economic Area (EEA)) or in the context of the use of third party services or disclosure or transmission of data to third parties, this will only be done if it is to fulfill our (pre) contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only in the presence of the special requirements of Art. 44 et seq. DSGVO. This means that the processing takes place eg on the basis of special guarantees, such as the officially recognized statement of a data protection level corresponding to the EU (eg
Section III - Processing
The following presentation gives you an overview of our processing activities, which we have subdivided into other areas of activity. Please note that the activities are for guidance only and that the processing activities may overlap (eg the same data may be processed in multiple procedures).
Core area of data processing
In this section, you will receive information about our core services and tasks, such as answering inquiries and providing our contractual services as well as the related ancillary tasks.
Answering inquiries and customer care
The information in the requests, which we receive via our contact form and other ways, eg via e-mail, we process to answer the requests. For these purposes, requests may be stored in our Customer Relationship Management (CRM) system or similar procedures that serve us to manage requests. For the purposes of customer relationship management (CRM system) we use a so-called CRM software. With the help of the software we can answer the inquiries more effectively and faster.
Business analysis and market research
In order to operate our business economically, to recognize market trends, customer and user requirements, we analyze the data we have on business transactions, contracts, inquiries, etc. For this purpose, we collect the personal data of customers from applications and orders with the behavioral data of the Customers together.
As part of the business evaluation, we bring together the data of users regardless of the devices used (for example, if users use our online services on a mobile or stationary device).
External online presence
In this area you will receive information about our data processing in the context of the operation of external online sites, eg in social media.
Online presence in social media
We maintain online presence within social networks and platforms in order to communicate with customers, prospects and users active there and to inform them about our services.
We point out that data of the users outside the area of the European Union can be processed. This can result in risks for the users, because for example the enforcement of the rights of the users could be made more difficult. With respect to US providers certified under the Privacy Shield, we point out that they are committed to respecting EU privacy standards.
Furthermore, the data of the users are usually processed for market research and advertising purposes. For example, user profiles can be created from the user behavior and resulting user interests. The usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that are supposedly in line with the interests of the users. For these purposes, as a rule, permanent cookies are stored on the computers of the users, in which the user behavior and the interests of the users are stored. Furthermore, in the usage profiles, data can also be stored independently of the devices used by the users (in particular if the users are members of the respective platforms and logged in to them).
The processing of personal data of users is based on our legitimate interests in an effective information of users and communication with users in accordance with. Art. 6 para. 1 lit. f. DSGVO. If the users are asked by the respective providers for a consent in the data processing (ie their agreement eg by ticking a check box or confirmation of a button explain) is the legal basis of the processing Art. 6 para. 1 lit. a., Art. 7 GDPR.
For a detailed description of the respective processing and the possibilities of contradiction (opt-out), we refer to the following linked information of the provider.
Also in the case of requests for information and the assertion of user rights, we point out that these can be claimed most effectively from the providers. Only the providers have access to the data of the users and can directly take appropriate measures and provide information. If you still need help, then you can contact us.
The links / buttons to social networks and platforms (hereinafter referred to as "social media") used within our online offer fundamentally only establish contact between social networks and the users when users click on the links / buttons and select the respective networks or networks whose websites are called up. This function corresponds to the operation of a regular online link.
Web server and security
The server on which this online offer is located, collects with each access to the online offer so-called. Log files in which users' data is stored. The data serve on the one hand for statistical analysis to maintain and optimize server operation and on the other hand for security purposes, eg to detect potential unauthorized access attempts.
Own global single sign-on procedure
We use our own "single sign-on" method, which allows our users to log in with a user account within the online presence of our group of companies.
Embedded content and features
Features and content of Facebook
Within our on-line offer functions and contents of the service Facebook can be integrated. This may include, for example, content such as images, videos or text and buttons, with which users can announce their favor regarding the content, the authors of the content or our contributions can subscribe.
Features and content of Instagram
Within our online offer functions and contents of the service Instagram can be integrated. This may include, for example, content such as images, videos or text and buttons, with which users can announce their favor regarding the content, the authors of the content or our contributions can subscribe.
Features and content of Pinterest
Within our online offer functions and contents of the service Pinterest can be integrated. This may include, for example, content such as images, videos or text and buttons, with which users can tell their favor regarding the content, the authors of the content or subscribe to our contributions.
This section contains information about the data processing we conduct for the purpose of optimizing our marketing and market research activities.
Newsletter delivery and success measurement
We send newsletters, e-mails and other electronic notifications with advertising information (hereinafter "newsletter") only with the consent of the recipient or a legal permission. The data of the subscribers are logged because we are obliged to prove registrations. We also keep track of whether newsletters have been opened and links have been clicked. This information is stored per user for technical reasons, but not used to observe individual users, but to adapt content and offers to the users. Information that we should collect in addition to the e-mail address (eg name), serve the personal address of the users or adaptation of the contents of the newsletter to the users.
Communication via mail, e-mail, fax or telephone
Delivery of information material, telephone contact.
Raffles and competitions
In the context of competitions and competitions (short "competitions") we processed the data of the participants for the realization of the competitions. Further information on the processing of your data in the context of the individual prize draws as well as any consent to the publication of their names or sweepstakes will be given to the users within the terms and conditions of the respective sweepstakes.
Reach measurement, online marketing and technology partners
Google Tag Manager
Google Tag Manager is a solution that allows us to manage so-called website tags through a single interface (including integrating Google Analytics and other Google marketing services into our online offering). The tag manager itself (which implements the tags) does not process users' personal data. With regard to the processing of users' personal data, reference is made to the following information about the Google services. Usage Policy: https://www.google.com/intl/en/tagmanager/use-policy.html .
We use Google Analytics for purposes of measuring reach and targeting.
We use Google AdWords to serve ads on Google and Google partners' websites and measure their success.
Google Display Network
Google's Double-Click technology allows us to target visitors to our website through targeted advertising campaigns through our product marketing campaigns.
Facebook Pixel and Facebook Customer Audience Pixel
We use the Facebook pixel for target group formation and success measurement of the ads we have placed on Facebook.
Processed data: usage data, metadata; If users are registered on Facebook, the data will be linked to their Facebook profiles and their associated data (especially inventory data).
We use the services of Justuno to optimize the interaction of users with our online offer and, for example, to promote the registration for our newsletter or the purchase of our products through optimized interaction elements, such as input forms.
Section IV - Definitions
A / B Testing - A / B testing is designed to improve the usability and performance of online offerings. For example, users are presented with different versions of a website or its elements, such as input forms, on which the placement of the content or labels of the navigation elements may differ. Subsequently, based on the behavior of the users, eg prolonged lingering on the website or more frequent interaction with the elements, it can be determined which of these websites or elements correspond more to the needs of the users.
Affiliate links - "Affiliate links" are links with the help of which the linking websites direct users to websites with product or other offers. The operators of the respective linking websites can receive a commission if users follow the affiliate links and then take advantage of the offers. For this, it is necessary that the providers can track whether users who are interested in certain offers, then perceive this on the occasion of the affiliate links. Therefore, the functionality of affiliate links requires that they be supplemented with certain values that become part of the link or otherwise stored, eg in a cookie. The values include in particular the source website (Referrer), time,
After-Sales - "After Sales" are marketing processes in which, for example, customers of an online shop are presented with advertising offers from other providers (which are generally based on the services or products purchased in the online shop). Incidentally, the way in which after-sales work works is the same as how affiliate links work.
Aggregated Data - Aggregated data is aggregated data that does not allow for inference to a person and is therefore not personally identifiable. For example, visit times can be stored on a website as averages.
Anonymous data - Anonymity occurs when a person is at least not identifiable by means of a date by the person responsible with the means at his disposal. In particular, aggregated data may be anonymous.
Order Processor / Contractor - "Contractor" means a natural or legal person, public authority, body or body that processes personal data on behalf of the controller.
Specific categories of personal data - data identifying racial and ethnic origin, political opinions, religious or ideological beliefs or trade union membership, as well as genetic data, biometric data for the unambiguous identification of a natural person, health or sex life data, or the sexual orientation of a natural person.
Affected person (s) - See "Personal Date".
Clicktracking - "Clicktracking" allows to survey the movements of the users within an entire online offer. Since the results of these tests are more accurate, if users 'interaction can be tracked over a period of time (eg, if a user likes to return), cookies are usually stored on users' computers for these purposes.
Conversion - "Conversion" or "Conversion Measurement" refers to a process by which the effectiveness of marketing measures can be determined. As a rule, a cookie is stored on users' devices within the websites where the marketing activities are carried out and then called up again on the target website (eg we can see if the advertisements we have posted on other websites have been successful).
Cookies - "Cookies" are small files that are stored on users' computers. Different information can be stored within the cookies. A cookie serves primarily to store the information about a user (or the device on which the cookie is stored) during or after his visit to an online offer. Temporary cookies, or "session cookies" or "transient cookies", are cookies that are deleted after a user leaves an online service and closes his browser. In such a cookie, for example, the content of a shopping cart in an online shop or a login jam within a community can be saved. "Persistent" or "persistent" refers to cookies that remain stored even after the browser has been closed. So can eg the login status will be stored in a community when users visit it after several days. Likewise, in such a cookie the interests of the users can be stored, which are used for range measurement or marketing purposes (eg Remarketing). As a "third-party cookie", cookies will be offered by providers other than the person responsible for the online offer (otherwise, if only their cookies are called "first-party cookies").
Cross-Device Tracking - Cookies and fingerprints are device-related. In order to evaluate the interests of the users in the context of smartphone use for ads on desktop PCs, cross-device tracking is required. For example, logins can serve in social networks such as Facebook. Alternatively, location data, IP addresses, and user behavior are used to achieve up to 98% more accurate user confinement. For purposes of cross-device tracking, cookies and web beacons are generally used.
Custom Audiences - "Custom Audiences" (or "custom audiences") is when audiences are targeted for promotional purposes, such as insertion of advertisements. For example, based on a user's interest in certain products or topics on the Internet, it can be concluded that this user is interested in advertising for similar products or the online store where he or she viewed the products. Again, "lookalike audiences" (or similar audiences) are referred to as content deemed appropriate to users whose profiles or interests are believed to correspond to the users to whom the profiles were made. For the purposes of creating custom audiences and lookalike audiences, cookies and web beacons are typically used. "Custom Audiences from Website" means that the target groups are formed on the basis of the visitors of their own website. "Custom Audiences from File" means that, for example, a list of email addresses are uploaded to the respective ad network or platform to form the target groups.
Demographic Data - Demographic data is general information about groups of people or persons, such as age, gender, place of residence and social characteristics such as occupation, marital status or income. Demographic data are collected in the scope of reach measurement and in online marketing for the purposes of interest-based marketing or for business analysis, which are used eg to determine the target groups.
Third party - "Third party" means a natural or legal person, public authority, body or body other than the data subject, the controller, the processor and the persons authorized under the direct responsibility of the controller or processor to process personal data.
Third country - Third countries are states in which the GDPR is not a directly applicable law, ie in principle states that do not belong to the European Union (EU) or the European Economic Area (EEA).
Consent - A "consent" of the data subject is any expression of intent, in an informed and unequivocal manner, in the form of a statement or other unambiguous confirmatory act, which indicates to the data subject that he / she is involved in the processing of the data personal data concerning them.
Embedding - See "Embedding".
Embedding - When embedding (also "embedding") foreign content or software functions (see plugins) are integrated into their own online presence so that they are displayed on this online presence or executed. No copy of the content is created because it is called from the original server (eg videos, pictures, posts on social networks, widgets with ratings). When embedding, it is technically necessary that the provider of the content collects the IP address of the users to output the embedded content in the user's browser. Furthermore, cookies may be stored on users' devices by the content provider.
Enhanced Matching - "Enhanced Matching" is an option on the Facebook Pixel, meaning that users' inventory data, such as phone numbers, email addresses, or Facebook IDs, are encrypted to Facebook for targeting Facebook Ads, and only to that Purpose to be used.
Error tracking - Error tracking, for example, identifies incorrectly executed program code in order to eliminate it and thus ensure the functionality and security of online offers.
Fingerprints and other online identifiers - "Fingerprints" correspond in their function to the cookies, whereby the storage of a file on the device of the user is waived. These digital fingerprints can be created individually as cross-checks of individual factors of devices, such as computing power or browser plug-ins for devices, and thus be used for range measurement, profiling, remarketing, interest and behavioral advertising.
First-Party Cookies - See "Cookies".
Heatmaps - "Heatmaps" are mouse movements of the users, which are combined to form an overall picture, with the help of which it can be recognized, for example, which web page elements are preferentially accessed and which web page elements users prefer less.
IP Address - The IP address ("IP" stands for Internet Protocol) is a sequence of numbers that can be identified by the devices connected to the Internet. When a user calls a Web site on a server, it tells the server its IP address. The server then knows that it has to send the data packets containing the content of the website to this address.
IP masking - "IP masking" refers to a method in which the last octet, ie the last two digits of an IP address are deleted, so that the IP address can no longer be used to uniquely identify a person. Therefore, IP masking is a means of pseudonymizing processing techniques, especially in online marketing.
Interest-based Marketing and Behavioral Advertising - Interesting and / or behavioral advertising is when profiling is used to determine the potential interest of users in advertisements ("Online Behavioral Advertising", OBA for short). As a rule, cookies and web beacons are used for these purposes.
Lookalike Audiences - See Custom Audiences.
Opt-in - The term "opt-in" means much like registration or consent, depending on the context. If an application (eg by entering an e-mail address in an online form field) is confirmed by sending a confirmation e-mail to the owner of the e-mail address, this is called a Double-Opt-In (DOI).
Opt-Out - The term opt-out means as much as cancellation and can, for example, a contradiction (eg against tracking) or a termination (eg newsletter subscriptions) represent.
Opt-Out Cookie - An "opt-out cookie" is a small file (see "Cookies") that is stored in your browser and that states that, for example, a tracking service should not process your data. The "opt-out cookie" only applies to the browser in which it was stored, ie where you clicked the opt-out link. If cookies are deleted in this browser, then you have to click the opt-out link again. Furthermore, an opt-out link can only be restricted to the domain on which the opt-out link was clicked.
Permanent Cookies - See "Cookies".
Personal Date / Personal Reference - "Personal Data" means any information relating to an identified or identifiable natural person (hereinafter the "Data Subject"); a natural person is considered as identifiable, which can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, to an identification number, to location data, to an online identifier (eg cookie) or to one or more special features, are the expression of the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.
Plugins / Social Plugins - Plugins (or "social plugins" in the case of social functions) are third-party software functions that are integrated into the online offer. You can, for example, serve the output of interaction elements (eg, a "Like" button) or content (eg external commenting function or posts in social networks).
Profiling - "Profiling" refers to any type of automated processing of personal data that involves the use of such personal information to identify certain personal aspects pertaining to a natural person (depending on the nature of the profiling, this includes information relating to that person) Age, gender, location data and activity data, interaction with websites and their content, shopping behavior, social interactions with other people), to analyze, to evaluate or to predict (eg interests in certain content or products, click behavior on a website or the whereabouts). For profiling purposes, cookies and web beacons are often used.
Privacy Shield - The EU-US Privacy Shield is an informal agreement in the field of data protection law negotiated between the European Union and the United States of America. It consists of a series of assurances from the US government and a decision by the European Commission. Companies that are certified under the Privacy Shield are guaranteed to comply with European privacy legislation (https://www.privacyshield.gov).
Pseudonymisation / Pseudonyms - "Pseudonymisation" is the processing of personal data in such a way that the personal data can not be assigned to a specific data subject without additional information being provided, provided that this additional information is stored separately not assigned to an identified or identifiable natural person; This means that if an exact interest profile of the computer user is saved in a cookie (quasi a "marketing avatar"), but not the name of the user, then the data is processed as a pseudonym. If his name is saved, eg as part of his e-mail address or his IP address, the processing is basically no longer pseudonymous.
Reach measurement - Reach measurement is used to evaluate the flow of visitors to an online offer and can include their behavior, interests or demographic information, such as age or gender. With the help of the range analysis, website owners can for example identify which types of people visit their website at what time and which content they are interested in. As a result, they can, for example, better optimize the contents of the website for the needs of their visitors. For purposes of reach analysis, cookies and web beacons are often used.
Remarketing / Retargeting - "Remarketing" or "retargeting" is when, for example, it is noted for advertising purposes, which products a user has been interested in on a website, the user on other websites to these products, eg in advertisements , to remember. For the purposes of profiling, cookies are generally used.
Session Cookies - See "Cookies".
Single sign-on - A single-sign-on or single-sign-on authentication is a process that allows users to sign up for an online offer using a user account, as well as other online offers. The prerequisite for single sign-on authentication is that users are registered with the respective single sign-on provider and enter the required access data on the web form provided for this purpose. Authentication takes place directly with the respective single sign-on provider. In the context of such an authentication, we receive a user ID with the information that the user is logged in under this user ID with the respective single sign-on provider and an ID which we can not continue to use (so-called "user handle"). Whether we receive further data, Depends solely on the single sign-on method used, the selected data releases in the context of authentication and also what data users have released in the privacy or other settings of the user account at the single sign-on provider. Depending on the single sign-on provider and the choice of users, it can be different data, usually the email address and the username. The password entered as part of the single sign-on process is neither visible to us nor stored by us. Users are kindly requested to note that their information stored with us can be automatically reconciled with their user account with the single sign-on provider, but this is not always possible or actually occurs. Change eg the e-mail addresses of the users, Users must manually change them in your user account with us. If users decide to stop linking their user account to the single sign-on provider for the single sign-on process, they will need to unlink that user from their single sign-on provider account. If users want to delete their data from us, they must cancel their registration with us.
Third-party cookies - See "Cookies".
Tracking - "Tracking" is when the behavior of users across multiple online offers can be traced, for example, for purposes of remarketing. The behavioral and interest information collected with regard to the online offers used are stored as user profiles in cookies or on servers of marketing service providers (eg Google or Facebook).
Universal Analytics - "Universal Analytics" means a process of Google Analytics, in which the user analysis is based on a pseudonymous user ID and thus a pseudonymous profile of the user is created with information from the use of different devices ("cross-device tracking ").
Responsible - "Responsible" means the natural or legal person, public authority, body or body that alone or jointly with others decides on the purposes and means of processing personal data.
Processing - Processing "means any process performed with or without the aid of automated procedures or any such process associated with personal data. The term goes far and includes virtually every handling of data.
Web beacons - "Web beacons" (or "pixels", "measuring pixels" or "counting pixels") are small, pixel-sized graphics called, which are incorporated into web pages or HTML emails. For example, they allow you to determine if an e-mail has been opened (at least if the image display in e-mails is activated) or how often a website is called up by a user.
Widgets - See Embedding.
Count pixels - See web beacons.