Privacy

We, Internationales Bankhaus Bodensee AG (IBB AG), welcome you to our website. We appreciate your interest and would like to make your stay on our website as pleasant as possible. For us, this also includes responsible handling of your data in accordance with legal requirements.
Insofar as we refer below to regulations of the General Data Protection Regulation (DSGVO), you can access them here (Download PDF “Amtsblatt der Europäischen Union” L119). The text of the Federal Data Protection Act (BDSG-new) can be found here.

For the processing of your personal data on this website, we are the “controller” within the meaning of Art. 4 No. 7 DSGVO.

 

You can reach us as follows

Internationales Bankhaus Bodensee AG
Otto-Lilienthal-Str. 8
88046 Friedrichshafen
Phone: +49 7541 304-0
Fax: +49 7541 304-199
E-mail: kontakt@ibb-ag.com

 

You can reach our data protection officer as follows

Internationales Bankhaus Bodensee AG
Aron Mildemann
Data Protection Officer
Otto-Lilienthal-Str. 8
88046 Friedrichshafen
E-mail: aron.mildemann@ibb-ag.com

This data protection notice applies to the Internet presence offered by IBB AG. If offers from other providers (“third-party offers”) are accessible from our website, our data protection information does not apply to these third-party offers. In this case, we are also not responsible for the processing of your personal data in the context of such third-party offers i.S.v. Art. 4 No. 7 DSGVO.

Privacy policy

1. processing of data with and without personal reference

 

1.1 Surfing our website

In principle, you can visit our website without telling us who you are. We then only learn

    • Your IP address,
    • the name of the website accessed or file retrieved and the time of access or retrieval,
    • the amount of data transferred and
    • whether the call-up or retrieval was successful.

The data is used exclusively for the administration and optimization of the Internet presence.

The IP address can be a personal data, because under certain conditions it is possible to find out the identity of the owner of the used internet access by information of the respective internet provider.

We only evaluate the IP address in the event of attacks on our Internet infrastructure. In this case we have a legitimate interest iSv. Art. 6 par. 1 f) GDPR to the processing of the IP address. This legitimate interest arises from the need to defend against the attack on the Internet infrastructure, to determine the origin of the attack in order to be able to take criminal and civil action against the person responsible, and to effectively prevent further attacks.

The IP address is deleted when we can exclude that no attack on our Internet infrastructure has occurred from it. This happens regularly after 7 days.

 

1.2 Use of cookies

Cookies are also used within our internet presence. Cookies are small data packages that are stored on your computer’s hard drive via the browser. They are used to control the Internet connection during your visit or during a subsequent visit to our websites and thus make the visit more comfortable.

Some browsers already allow cookies in the default setting. If you do not want them, you can change the setting of your browser. Please refer to the browser manufacturer’s specifications to find out how this is done. If you decide not to accept cookies, it may not be possible to use parts of our website.

 

1.3. Website analysis

We use Matomo Analytics to collect statistics about the website.

With the help of Matomo, we are able to collect and analyse data about the use of our website by website visitors. This enables us to find out, among other things, when which pages were accessed and from which region. We also record various log files (e.g. IP address, referrer, browser and operating system used) and can measure whether our website visitors perform certain actions. The use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

We use IP anonymisation for the analysis with Matomo. This means that your IP address is shortened before it is analysed so that it can no longer be clearly assigned to you.

We have configured Matomo so that it does not store any cookies in your browser.

We host Matomo exclusively on our own servers so that all analysis data remains with us and is not passed on.

 

1.4 Information applications from other providers

Furthermore, information applications provided by third parties (“partners”) (e.g. financing calculator, stock market information, real estate database) are integrated on our website. The applications are hosted on the partners’ servers and operated by these partners. Personal data is processed only to the extent necessary to perform the services offered with the respective information application. Please note that the use of such an application is subject to the privacy policy of the respective partner, who is the controller for this processing. of Art. 4 No. 7 DSGVO is. Insofar as we transfer your personal data to a partner in this context, this will only be done on the basis of your consent and is therefore permitted under Art. 6 para. 1 a) DSGVO permissible.

 

1.5 Google Maps

This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. With the help of this service, we can integrate map material on our website.

To use the functions of Google Maps, it is necessary to save your IP address. This
information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. If Google Maps is activated, Google may use Google Fonts for the purpose of standardising the display of fonts. When you call up Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. A GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here:

https://privacy.google.com/businesses/gdprcontrollerterms/ and

https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

You can find more information on the handling of user data in Google’s privacy policy:

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that guarantees compliance with
European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://policies.google.com/privacy?hl=de.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with
European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link:https://www.dataprivacyframework.gov/participant/578

1.6 Consent

Any further processing of your personal data will only be carried out if you have given us your consent to do so and we are thus able to process your personal data in accordance with the German Data Protection Act. Art. 6 par. 1 a) DSGVO are entitled to process your personal data. In some areas of our Internet presence, you have the option of giving such express consent. In each case, we will inform you of the purpose for which the data will be processed in the event of your consent and how long we will store this personal data.

 

1.7 Other processing based on a legitimate interest

Insofar as necessary, we process your data beyond the actual fulfillment of a contract concluded with you or a consent granted by you in order to protect legitimate interests of us or third parties, unless a weighing of individual cases shows that your legitimate fundamental rights and freedoms, which require the protection of personal data, prevail (cf. Art. 6 (1f) DSGVO). These may include:

  • Testing and optimization of procedures for needs analysis and direct customer contact;
  • advertising or market and opinion research, unless you have objected to the use of your data;
  • Assertion of legal claims and defense in legal disputes;
  • Ensure IT security and operations of the Bank;
  • Prevention and detection of crime;
  • Measures for business management and further development of services and products.

 

1.8 Our social media presence

We maintain a publicly accessible profile on social networks. Social networks can generally analyse your user behaviour comprehensively when you visit their website. If you are logged in to your social media account and visit our social media presence
the operator of the social media portal can assign this visit to your user account.
to your user account. However, your personal data may also be collected under certain circumstances even if you are not logged in or do not have an account with the respective social media portal.  In this case, this data is collected via cookies, for example, stored on your end device or by recording your IP address.

With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are logged in or were logged in.

Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

LinkedIn

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited
Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies. If you wish to deactivate LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. based. You can find details here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.

Details on how they handle your personal data can be found in the privacy policy of LinkedIn: https://www.linkedin.com/legal/privacy-policy.
The company is certified in accordance with the EU-US Data Privacy Framework
Framework” (DPF). The DPF is an agreement between the European Union and the USA , which is intended to ensure compliance with European data protection standards in in the USA. Every company certified in accordance with the DPF
to comply with these data protection standards. You can obtain further information on thisfrom provider at the following link: https://www.dataprivacyframework.gov/participant/5448

XING

We have a profile on XING. The provider is New Work SE, Am Strandkai 1, 20457 Hamburg, Germany. Details on how they handle your personal data can be found in XING’s privacy policy: https://privacy.xing.com/de/datenschutzerklaerung.

2. your rights as a user of our website

 

2.1 Every data subject has the right to information under Article 15 of the GDPR, the right to rectification under Article 16 of the GDPR, the right to erasure under Article 17 of the GDPR, the right to restriction of processing under Article 18 of the GDPR and the right to data portability under Article 20 of the GDPR.

With regard to the right to information and the right of deletion, the restrictions pursuant to Sections 34 and 35 BDSG apply. In addition, there is a right of appeal to a data protection supervisory authority (Art. 77 DS-GVO in conjunction with § 19 BDSG).

 

2.1.1 Revocation of consent given

You may revoke any express or implied consent given to us at any time with effect for the future.

 

2.1.2 Information about your right to object according to Art. 21 of the General Data Protection Regulation (GDPR)

a) You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) of the GDPR (data processing in the public interest) and Article 6(1)(f) of the GDPR (data processing on the basis of a balance of interests); this also applies to profiling based on this provision within the meaning of Article 4 No. 4 of the GDPR which we use for credit assessment or advertising purposes.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.

b) In individual cases, we process your personal data in order to conduct direct advertising. You have the right to object at any time to the processing of personal data concerning you for the purposes of such advertising; this also applies to profiling, insofar as it is associated with such direct advertising. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

The objection can be made form-free and should preferably be addressed to:

Internationales Bankhaus Bodensee AG
Otto-Lilienthal-Str. 8
88046 Friedrichshafen
E-mail address: contact(at)ibb-ag.com

 

2.2 The assertion of all rights mentioned in section 2.1 shall be free of charge for you.

However, in the case of manifestly unfounded or – especially in the case of frequent repetition – excessive requests, we may, in accordance with Art. 12 para. 5 DSGVO either

(a) charge a reasonable fee that takes into account the administrative costs of providing the information or notice or carrying out the requested action; or

b) refuse to act on the request.

To exercise your rights, please contact our data protection officer named above. There you will also receive further information on data protection.

 

3. updating this privacy notice

From time to time, it may be necessary to update this privacy policy, for example, due to new legal or regulatory requirements or new offers on our website. We will then inform you here. In general, we recommend that you check this privacy statement regularly to see if there have been any changes. You can tell if changes have been made, among other things, by the fact that the status indicated at the very bottom of this document has been updated.

 

4. print and save this privacy notice

You can print out and save this data protection notice immediately, for example using the print or save function in your browser.

As of: January 2024

In addition to this website-specific data protection notice, you can access further information about the processing of your personal data via the following link: Data protection notice