Data Protection Notices

CombiTrade GmbH, Caffamacherreihe 7, 20355 Hamburg (Germany), which can be reached at +49 (40)  8080 110 – 600 and at E-Mail: combitrade [at], takes the protection of personal data very seriously. In the following, we would like to provide an explanation about the data that we process when visiting our websites and using our online services and about the entities with which we share these data. In addition, you will find information about your rights as a data subject.

Personal data within the meaning of the EU General Data Protection Regulation (GDPR) means all information relating to a person that can be used to identify that person, such as the name or email address of the data subject. Processing within the meaning of the GDPR means any action taken with respect to personal data, such as the collection, storage, transmission, or deletion of personal data.

1. Usage data

When visiting our website, we record personal data that your browser transmits to our server (so-called log files). These log files, which are stored on our server, are necessary both in technical terms so that you can access our website as well as for our legitimate interest in displaying our websites to you and ensuring their stability and security. The legal basis for this processing is Article 6(1)(b) and (f) GDPR. The log files that we process involve, in particular, the following data:

  • your IP address;
  • the date and time of your query;
  • the content of your request (which specific sub-websites you are visiting);
  • the website that you came from to reach our website;
  • the access status/HTTP status code;
  • the amount of data transferred in each case;
  • your browser;
  • your operating system and its interface; and
  • the language and version of your browser Software.

2. Disclosure of personal data to third parties

Your personal data are transmitted by us to the following recipients:

  • domainfactory GmbH, Oskar-Messter-Str. 33, D-85737 Ismaning, as hosting provider. The legal basis for the disclosure is Article 28 GDPR.

If we use service providers to process your personal data on our behalf (processors), we have concluded processing contracts with them that obligate them to process your personal data only in accordance with our instructions and to the extent permitted by statute.

3. Cookies

In addition to processing the aforementioned personal data, we also use cookies on our websites. Cookies are small text files that are stored on your hard drive assigned to the browser that you use and that send certain information to us as the entity setting the cookie. A cookie normally contains the name of the domain from which the cookie data were sent, as well as information about the age of the cookie and an alphanumeric identifier. Cookies do not launch any programs or infect your computer with viruses. We use them to make our website more user-friendly and effective for you.

We set cookies that are deleted when you close your browser (transient cookies) as well as cookies that are stored on your computer for a specific period of time, which can differ from cookie to cookie (persistent cookies). A common type of transient cookies are session cookies, which store a so-called session ID that enables various requests from your browser to be assigned to a common session. That allows your computer to be recognised when you return to our websites. Session cookies are deleted when you log out or close your browser. You can delete persistent cookies at any time using your browser’s security settings.

The use of cookies is designed, in particular, to make it easier for you to enter data into forms and to enable us to perform a statistical analysis of how our website is accessed. You can configure your browser in such a way that it notifies you about the setting of cookies and, e.g. refuses to allow third-party cookies or any cookies whatsoever. This makes their use transparent for you. Please be aware that the use of some parts of our websites will be limited if you configure your browser to refuse cookies.

4. Use of web analytics tools

On our website, we use Matomo (former Piwik), an open-source software for statistically analysing visitor accesses. Matomo uses cookies that enable us to analyse how you use our websites. The information generated by the cookies about your use of our websites is stored on the provider’s server in Germany and France. The IP address of your computer is not recorded, meaning that you remain anonymous in this respect. The installation of cookies can be prevented through your browser software. If you turn off cookies, however, you may not be able to use all functions of our websites to the full extent. Data processing is based on Article 6(1)(f) GDPR, because we have a legitimate interest in analysing the traffic on our website in order to optimise use as well as our websites in general. Matomo collects such data as:

  • your IP address;
  • the date and time of your query;
  • the content of your request (which specific sub-website you are visiting);
  • the website that you came from to reach our website;
  • the access status/HTTP status code;
  • the amount of data transferred in each case;
  • your browser;
  • your operating system and its interface; and
  • the language and version of your browser software.

5. Standard periods for deletion of data

Personal data that we receive from you when visiting our websites are, subject to compliance with statutory retention duties, promptly deleted after completion of the contractual service or after their purpose has been fulfilled.

6. Data security

CombiTrade GmbH takes state-of-the-art technical and organisational security measures in order to protect your data as comprehensively as possible against loss, destruction, falsification, or unwanted accessing.

If you contact us by email, please be aware that data are not encrypted when they are transmitted. If you would like to send us confidential information, you should not do this by email but instead, e.g. by sending a letter in the mail.

Your personal data are protected by COMBITRADE GmbH and the providers carefully selected by us pursuant to Article 28 GDPR in application of the relevant statutory provisions through technical and organisational measures.

7. Links to other websites

Our website contains links to other websites. We have no influence over whether their operators comply with data protection provisions. Despite carefully reviewing content, we also cannot assume any liability for external links to outside content. Please refer to the data protection notices on the respective websites for information about data processing operations on those sites.

8. Voluntary provision of data

Provision of your personal data on our websites is always done on a voluntary basis. You have neither a legal nor contractual obligation to do so.

9. Your rights

Depending on the circumstances in the specific case, you have the following data protection rights:

  • to request access to your personal data and/or copy of such data. That includes information about the purpose of use, the category of the used data, their recipients and persons authorised to access them, and, where possible, the planned duration of data storage or, if this is not possible, the criteria for establishing this duration;
  • to request that your personal data be corrected, deleted, or restricted in terms of processing if their use is impermissible under data protection law, particularly because (i) the data are incomplete or inaccurate, (ii) they are no longer needed for the purposes for which they were collected, (iii) the consent to processing was revoked, or (iv) you successfully made use of a right of revocation concerning data processing; in cases where the data are processed by third parties, we will forward your applications for correction, deletion, or restriction in terms of processing to such third parties unless this proves to be impossible or is associated with unreasonable effort;
  • to refuse to consent or – without affecting the lawfulness of the data processing that took place prior to revocation – to revoke you consent at any time to the processing of your personal data;
  • not to be subjected to a decision based exclusively on automated processing that is legally effective against you or substantially interferes with you in a similar fashion;
  • to request that you be provided with the personal data concerning you that you provided to us in a structured, common, and machine-readable format and to transmit such data to another data controller without interference by us; you may also have the right to request that we transmit the personal data directly to another data controller, if this is technically feasible;
  • to take legal steps or to request the involvement of the responsible supervisory authorities if you believe that your rights were infringed as a result of your personal data being processed in a manner that is not in conformity with the requirements of data protection law.

In addition to the foregoing, you have the right to object at any time to the processing of your personal data:

  • if we process your personal data for purposes of direct marketing; or
  • if we process your personal data for the purposes of pursuing our legitimate interests and reasons exist that result from your special situation.

Please contact CombiTrade GmbH if you have any questions, suggestions, or comments about the issue of data protection.

CombiTrade GmbH
Caffamacherreihe 7
D-20355 Hamburg
E-Mail: combitrade [at]
Hamburg, Mai 2020