Data Privacy protection
Legal basis of data processing are for consents Art. 6 para. 1 a) and Art. 7 EU-GDPR, for the performance of services and performance of contractual obligations Art. 6 para. 1 b) EU-GDPR, for the fulfillment of legal obligations Art 6 para. 1 c) EU GDPR and for the protection of legitimate interests Art. 6 para. 1 f) EU GDPR.
I. Name and contact details of the responsible person
The person responsible within the meaning of Art. 4 EU-GDPR for the processing of personal data is:
Lilian Güntsche Hilgendag
+49 1525 363 7810
II. What data is collected?
Server log files
We collect data, so-called server log files, via every access to the server on which our website is located. These access data include e.g. Name of the retrieved website, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider. The legal basis for data processing is Art. 6 para. 1 lit. f) EU GDPR.
If you contact us at the e-mail address provided on the website, we will process the personal data you provided – e-mail address and other contact information and your name – for the purpose of responding to the request.
The legal basis for data processing is Art. 6 para. 1 lit. b) and Art. 6 para. 1 lit. f) EU GDPR.
We offer a newsletter that requires your e-mail address to be obtained. Before sending the newsletter, you must explicitly confirm that you wish to receive our newsletter as part of the so-called double opt-in procedure. You will then receive a confirmation and authorization e-mail with a link. By clicking on this link, you confirm that you wish to receive the newsletter. This application is logged in order to legally prove the registration process.
You can terminate the subscription to the newsletter at any time. The corresponding link is in every newsletter sent. Alternatively, you can revoke your consent by contacting us at email@example.com.
The legal basis for data processing is Art. 6 para. 1 lit. a) EU GDPR.
You can set your browser so that you are informed about the setting of cookies and individually decide on their acceptance or can exclude the acceptance of cookies for certain cases or in general, such as cookies from third-party providers. Failure to accept cookies may limit the functionality of our website.
The legal basis for data processing is Art. 6 para. 1 lit. f) EU GDPR.
III. For what purposes is the data used?
Personal data are only collected, stored and processed as far as it is necessary for the provision of the service, the execution of the contract or the answering of the request.
We process your personal data only in strict compliance with data protection regulations. In particular, such data will only be processed if there is a legal license.
Server log files
The data mentioned will be processed by us to connect to our website. The processing is necessary to ensure the safety and stability of the system. We use the log data only for statistical evaluations, for the purpose of business operations, the security of the service and the optimization of the offer. We reserve the right to check the log data retrospectively if there is a suspicion of unlawful use of the service provided on the basis of concrete indications.
The processing of your e-mail address is essential to be able to answer your request. If, in addition, data is processed, such as name, address or the like, a processing is used to individualize the respective user and thus to be able to respond to his concerns in the best possible way.
The newsletter fulfills the purpose of informing you about our offers and current developments. The collection of the e-mail address serves to send you the newsletter.
IV. Will data be shared with third parties and if so, which ones?
Basically, the data transmitted by you will not be made available to third parties.
However, in some cases, the execution of the contract may require you to share your personal information with companies that we provide for the purpose of providing individual services (such as newsletters). For their part, third parties are obliged to comply with legal regulations when handling and processing this data. A transfer to authorities and state institutions entitled to receive information only takes place in the context of the statutory information obligations and in the case of a binding court decision. In these cases, we can provide the information, e.g. to assert, exercise and defend legal claims, enforce existing contracts, in the context of fraud allegations, security measures or generally applicable law.
A transfer of personal data outside the frame described here does not take place without an explicit consent. In no case will we sell or rent personal data to third parties.
V. How long is the data stored?
Your data will be stored for as long as necessary to fulfill the above purposes. Once this is no longer the case, e.g. after full execution of the contract, they will be deleted or blocked if required by commercial or tax law. From the point in time when the statutory retention requirements no longer conflict, the data will be deleted unless you have expressly consented to further use.
VI. Your rights as a victim
You, as a party to the processing of personal data, are entitled to the rights listed below. These rights result from the provisions of the Data Protection Basic Regulation and are reproduced here in some simplified form.
1. Right to information
According to Art. 15 EU-GDPR, you have the right to ask us for confirmation of the processing of your personal data. If this is the case, you have a right to information about these personal data and the information referred to in Art. 15 (1) Hs. 2 EU-DSGVO. These include, in particular, the purpose of the processing, the categories of data processed, the recipients to whom data have been or are being exposed, where possible, the planned duration of storage or the criteria for the duration of the storage.
2. Right to rectification
In accordance with Art. 16 EU-GDPR, you have the right to demand that we correct your incorrect personal data without delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data, including by means of a supplementary statement.
3. Right to cancellation
In accordance with Art. 17 EU-GDPR you have the right to demand that you delete your personal data without delay. We are obliged to delete personal data immediately, provided that one of the provisions of Article 17 (1) of the EU GDPR applies. One of these reasons is that the data are no longer necessary for the purposes for which they are collected or otherwise processed.
4. Right to restriction of processing
In accordance with Art. 18 EU-GDPR you have the right to demand that we restrict the processing if one of the conditions specified in Art. 18 EU-GDPR exists. This includes, for example, that you deny the accuracy of your personal data. Then we may process the data only as limited as it takes to verify the accuracy of the personal data.
5. Right to Data Portability
In accordance with Art. 20 EU-GDPR, you have the right to receive the personal data relating to you provided to us in a structured, common and machine-readable format. You have the right to transfer this data to another person in charge, ie. another body that processes data without giving any hindrance, provided that the original processing was based on consent or was necessary to carry out a contract.
6. Right to object
In accordance with Art. 21 EU-GDPR you have the right to object at any time to the processing of personal data concerning you, if these data are filed on the basis of Art. 6 (1) lit. e) or f) EU-GDPR and reasons that arise from your personal situation. Objections may be raised at any time against the processing of data for the purpose of operating direct mail. Personal data is then no longer processed for this purpose. The right of objection can be exercised by an informal declaration. A written declaration or alternatively an e-mail to the above-mentioned contact address is sufficient.
7. Right of revocation of the declaration of consent
In accordance with Art. 7 (3) EU GDPR, they have the right to revoke their consent to processing at any time. The lawfulness of the processing on the basis of the consent until the revocation is not affected. The right of withdrawal can be exercised by an informal declaration. A written declaration or alternatively an e-mail to the above-mentioned contact address is sufficient.
8. Automated decision on an individual basis including profiling
In accordance with Art. 22 EU-GDPR you have the right not to be subject to a decision based solely on automated processing – including profiling – which has a legal effect on you or, in a similar manner, significantly affects you. Of these, Art. 22 (1) of the EU GDPR provides for exceptions, with Art. 22 (4) of the EU GDPR again being partially exempted.
9. Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, employment or the place of the alleged infringement, if you consider that the processing of the goods is in compliance with Art. 77 EU-GDPR Personal data in breach of this Regulation. In the present case, the competent supervisory authority is:
Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstrasse 219, 10969 Berlin, Germany
Telephone: 004930/13 889-0
Fax: 004930 / 215-5050
VII. Online presences / company profile in social media
Our company has online presence on various social media and platforms.
This makes it easier for those interested to search for our services and provides an additional channel of communication.
The purpose of processing the user data through the respective social media and platforms is typically user-specific advertising,
i. Individualized advertisements can be placed which correspond to the alleged interests of the user or result from his previous usage behavior. For this purpose, cookies are stored on users’ devices. These cookies can save the user behavior and thus map the areas of interest.
It may be the location of a social media or platform in a third country, i. in a country where the GDPR has no direct legal effect. In this case, the transfer of data occurs only if you have given your consent, if there is an adequate level of data protection or if you have obtained another legal permission. US providers may operate under the Privacy Shield Agreement, which means that the Privacy Shield Agreement’s requirements are similar to those of the European Union and that the data will be treated accordingly.
We would like to make it clear that in the case of requests for information and / or the assertion of other data subject rights, users should directly contact the respective third party providers. These have access to and access to the data stored and processed there of the users and can give corresponding information and / or take action. If you contact us directly, we will try to support your request in the best possible way. However, since we have no insight and no access to the data stored with third-party providers, our options are limited.
Please inform yourself about the principles of data processing of the respective companies by means of the corresponding data protection statements.
VIII. Third Party Services
We use the following third-party services:
- Google Inc, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”)
- Youtube, LLC, of Google Inc., 901 Cherry Avenue, San Bruno, CA 94066, USA (“Youtube”)
- MailChimp (The Rocket Science Group, LLC, 675 Ponce de Leon, Avenue NE, Atlanta, GA 30308, USA (“MailChimp”)
The seat of a third party may be located in a third country, i. in a country where the GDPR has no direct legal effect. In this case, the transfer of data occurs only if you have given your consent, if there is an adequate level of data protection or if you have obtained another legal permission.
Google, Facebook / Instagram, Twitter, LinkedIn and MailChimp operate under the Privacy Shield Agreement, which means that the Privacy Shield Agreement is similar to the level of protection afforded by the European Union and that the data is appropriately matched be treated.
1. Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that allow an analysis of the use of the website by you. Information is collected, such as Operating system, browser, IP address, referrer URL. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, your IP address will be truncated by Google beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.
Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address provided by Google Analytics within the framework of Google Analytics will not be merged with other data provided by Google.
You can prevent the storage of cookies by a corresponding setting of your browser software; however, we point out that in this case you may not be able to fully use all features of this website.
In addition, you can prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading the browser plug-in available under the following link and install: Browser Add On to disable Google Analytics.
Our e-mail newsletter is sent via the service provider MailChimp. MailChimp offers statistical evaluation possibilities of usage data, whereby the evaluation is basically group-related and not individual.
The usage data generated by MailChimp are generally not evaluated individually. As far as possible, a tracking offered by MailChimp will be discontinued. However, call e.g. a newsletter for the correct representation over the link indicated in the E-Mail in a Browser, then on the indicated Internet side the analysis tool Google Analytics is used. Only data generated by MailChimp is accessible to the generated data. However, with the use of certain browser plugins, you can prevent tracking by Google Analytics.
IX. Technical and organizational measures
We take technical and organizational measures to ensure that the security and protection requirements of the EU GDPR are met and that personal data are protected against loss, destruction, manipulation or access by unauthorized persons. The measures are adapted to the current state of the art.
As of September 2018
Disclaimer: In order to offer the Data Privacy Protection in English language, the translation services of Google Translate have been used. A liability for any errors is not accepted. For further questions, please refer to the German website and German Data protection.