Thank you very much for your interest in Cosaco GmbH. The protection of your personal data is a matter of great importance to us. This Privacy Policy explains which personal data are collected and processed when you visit our website and use the services offered. Please read the following Privacy Policy carefully.
Our privacy policy is structured as follows:
I. Information about us as controllers of your data
II. General information on data processing
III. The rights of users and data subjects
IV. Information about the data processing
I. Information about us as controllers of your data
1. NAME AND ADDRESS OF THE CONTROLLER:
The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection regulations is:
Cosaco GmbH, Singapurstrasse 1, 20457 Hamburg, Deutschland
Tel: + 49 40 23652 0, E-Mail: mail@cosaco.com, Website: www.cosaco.com
2. NAME AND ADDRESS OF THE DATA PROTECTION OFFICER:
Cosaco GmbH, Attn. Mr. Andreas Jahnke (Data Privacy), Singapurstrasse 1, 20457 Hamburg
Germany, E-Mail: dataprivacy@cosaco.com
II. General information on data processing
1. SCOPE OF PERSONAL DATA PROCESSING
We only process the personal data of our users if this is necessary in order to provide a fully operational website together with the contents and services. In general we only process personal data of our users when they have given their consent. An exception may be made in cases where prior consent cannot be obtained for practical reasons and the processing of the data is permitted by law.
2. THE LEGAL BASIS ON WHICH WE PROCESS PERSONAL DATA
Where we obtain the consent of the data subject for the processing of personal data, Art. 6 (1) lit. a of the EU-General Data Protection Regulation (GDPR) serves as the legal basis. Where processing of personal data is necessary for the fulfilment of contractual obligations with the data subject, Art. 6 (1) lit. b GDPR serves as the legal basis. This also applies to processing required in order to take steps prior to entering into a contract. Where processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 (1) lit. c GDPR serves as the legal basis. Where processing of personal data is necessary in order to protect the vital interests of the data subject or of another natural person, Art. 6 (1) lit. d GDPR serves as the legal basis. Where processing is necessary to protect the legitimate interests of our company or a third party and these interests override the interests, fundamental rights and freedom of the data subject, Art. 6 (1) lit. f GDPR serves as the legal basis.
3. ERASURE OF DATA AND STORAGE PERIODS
The personal data of the data subject will be erased or blocked as soon as the purpose of storage ceases to apply. Data may be stored after this period if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or erased if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.
4. SECURITY
Cosaco GmbH and Cosaco LLC use technical and organisational security measures to protect your data against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Where personal data are collected and processed, the information is transmitted in encrypted form to prevent misuse of the data by third parties. Our security measures are continuously improved in line with technological developments.
5. COOKIES
We only use technically necessary cookies.
6. SERVER DATA
For technical reasons, the following data sent by your internet browser to us or to our server provider will be collected, especially to ensure a secure and stable website: These server log files record the type and version of your browser, operating system, the website from which you came (referrer URL), the webpages on our site visited, the date and time of your visit, as well as the IP address from which you visited our site.
The data thus collected will be temporarily stored, but not in association with any other of your data.
The basis for this storage is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the improvement, stability, functionality, and security of our website.
The data will be deleted within no more than seven days, unless continued storage is required for evidentiary purposes. In which case, all or part of the data will be excluded from deletion until the investigation of the relevant incident is finally resolved.
III. The rights of users and data subjects
With regard to the data processing to be described in more detail below, users and data subjects have the right
In addition, the controller is obliged to inform all recipients to whom it discloses data of any such corrections, deletions, or restrictions placed on processing the same per Art. 16, 17 Para. 1, 18 GDPR. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Nevertheless, users have a right to information about these recipients.
Likewise, under Art. 21 GDPR, users and data subjects have the right to object to the controller’s future processing of their data pursuant to Art. 6 Para. 1 lit. f) GDPR. In particular, an objection to data processing for the purpose of direct advertising is permissible.
IV. Information about the data processing
1. Contact form and e-mail contact
1.1 DESCRIPTION AND SCOPE OF DATA PROCESSING
There is a contact form on our website which can be used for electronic contact. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored.
These data include:
At the time the message is sent, the following data is also stored:
If you contact us via email or the contact form, the data you provide will be used for the purpose of processing your request. We must have this data in order to process and answer your inquiry; otherwise, we will not be able to answer it in full or at all.
The same applies to inquiries by telephone.
The legal basis for this data processing is Art. 6 Para. 1 lit. b) GDPR. Your data will be deleted once we have fully answered your inquiry and there is no further legal obligation to store your data, such as if an order or contract resulted therefrom.
No data will be forwarded to third parties in this connection. The data are used exclusively for processing the conversation.
1.2. LEGAL BASIS FOR DATA PROCESSING
Where we obtain the consent of the data subject, data is processed pursuant to Art. 6 (1) lit. a GDPR. Where data is sent by e-mail, data is processed pursuant to Art. 6 (1) lit. f GDPR. If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is Art. 6 (1) lit. b GDPR.
1.3. PURPOSE OF THE DATA PROCESSING
Data entered in the input mask are processed solely in order to establish contact. In the event of contact by e-mail, this also constitutes the necessary legitimate interest in the processing of the data. The other personal data processed during the dispatch process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
1.4. LENGTH OF STORAGE
The data will be erased as soon as they are no longer necessary for the purpose for which they were collected. Personal data collected in the input mask of the contact form and data sent by e-mail are erased when the conversation with the user has terminated. The conversation is terminated when it can be inferred from the circumstances that the facts in question have been finally clarified. The additional personal data collected during the dispatch process will be erased after a period of seven days at the latest.
1.5. OBJECTIONS OR REMOVAL
The user has the possibility to revoke his consent to the processing of personal data at any time. Where users contact us by e-mail, they may object to the storage of personal data at any time. In such a case, the conversation cannot be continued.
2.Youtube
We use YouTube to give you a clear picture of our products and services. For this purpose, we have placed a link on our website so that you can view this content. Please note: You leave our platform and are completely on YouTube, which processes your personal data independently without our involvement. If you have any questions regarding the processing of your personal data on YouTube, please ask the responsible office there.
Status: 03/2025
