We will inform you below in accordance with the legal requirements of data protection law (in particular according to BDSG n.F. and the European General Data Protection Regulation (GDPR) on the type, scope and purpose of processing personal data by our company. This data protection declaration also applies to our websites, Web applications and social media profiles. Regarding the definition of terms such as “personal Data” or “processing” we refer to Art. 4 GDPR.
Name and contact details of the person responsible
Our responsible person (hereinafter “responsible person”) within the meaning of Art. 4 para. 7 GDPR is:
Im Brachmoos 12
Email address: firstname.lastname@example.org
Types of data, purposes of processing and categories of data subjects
We will inform you below about the type, scope and purpose of collection, processing and use personal data.
1. Types of data we process
Usage data (access times, websites visited, etc.), inventory data (name, address, etc.), contact details (telephone number, email, fax, etc.), payment data (bank details, account details, payment history, etc.), contract data (subject of the contract, term, etc.), content data (text entries, videos, photos, etc.), communication data (IP address etc.),
2. Purposes of processing according to Art. 13 Para. 1 c) GDPR
Processing contracts, optimizing the website technically and economically, easy access to the website enable fulfillment of contractual obligations, optimization and statistical evaluation of our services, support commercial use of the website, improve user experience, make the website user-friendly, economic operation of advertising and website, marketing/sales/advertising, creation of statistics, Process contact requests, provide websites with functions and content, more uninterrupted, more secure Operation of our website,
3. Categories of data subjects according to Art. 13 Para. 1 e) GDPR
Visitors/users of the website, the web application and customers. The affected persons are summarized referred to as “User”.
Legal basis for processing personal data
We will inform you below about the legal basis for processing personal data:
- If we have obtained your consent for the processing of personal data, Art. 6 Paragraph 1 S. 1 lit. a) GDPR legal basis.
- Is processing for the fulfillment of a contract or for the implementation of pre-contractual measures If necessary, which are made at your request, Art. 6 Paragraph 1 Sentence 1 Letter b) GDPR is the legal basis.
- Is the processing necessary for compliance with a legal obligation to which we are subject (e.g. legal retention obligations), Art. 6 Paragraph 1 Sentence 1 Letter c) GDPR is the legal basis.
- Is the processing necessary to protect the vital interests of the data subject or a person To protect other natural persons, Art. 6 Paragraph 1 Sentence 1 Letter d) GDPR is the legal basis.
- Is processing necessary to protect our legitimate interests or those of a third party and if your interests or fundamental rights and freedoms do not outweigh this, Art. 6 para. 1 S. 1 lit. f) GDPR legal basis.
Transfer of personal data to third parties and processors
We generally do not pass on any data to third parties without your consent. If this is the case, then the transfer takes place on the basis of the aforementioned legal bases, e.g. when transferring Data to online payment providers to fulfill the contract or due to a court order or because of a Legal obligation to release the data for the purposes of law enforcement, to avert danger or to Enforcement of intellectual property rights. We also use contract processors (external service providers, e.g. for web hosting of our websites and databases) to process your data. If as part of one If data is passed on to the data processor in the contract processing agreement, this always happens according to Art. 28 GDPR. We carefully select our processors and have the right to give instructions regarding the data. In addition, the processors must have suitable technical and have taken organizational measures and comply with the data protection regulations in accordance with the new version of the BDSG and the GDPR
Data transfer to third countries
The adoption of the European General Data Protection Regulation (GDPR) created a uniform Created the basis for data protection in Europe. Your data is therefore primarily used by companies processed for which GDPR applies. Should the processing be carried out by third-party services outside of the European Union or the European Economic Area, these must meet the special requirements Meet the requirements of Art. 44 ff. GDPR. This means that the processing takes place on the basis of special requirements Guarantees, such as the EU Commission's officially recognized determination of a conformity with the EU Data protection levels or compliance with officially recognized special contractual obligations, which is the case so-called “standard contractual clauses”. For US companies, submission to the so-called “Privacy Shield”, the data protection agreement between the EU and the USA, these requirements.
Deletion of data and storage period
Existence of automated decision making
We do not use automatic decision-making or profiling.
Data collection when providing our website
Server log files
- If you only use our website for informational purposes (no registration and no other transmission of information), we only collect the personal data that your browser transmitted to our server. When you view our website, we collect the following data: IP address, date and time of access, browser type, language and browser version, operating system, content of the request, time zone, access status/HTTP status code, amount of data, and the website from which the request was made comes (referrer URL). Storing this data together with other personal data about you does not take place.
- This data serves the purpose of user-friendly, functional and secure delivery of our Website to you with functions and content as well as their optimization and statistical evaluation.
- The legal basis for this is our legitimate interest in the above purposes Data processing in accordance with Article 6 Paragraph 1 Sentence 1 Letter f) GDPR.
- For security reasons, we store this data in server log files for a storage period of 14 days. After this period has expired, they will be automatically deleted unless we need them to be retained Evidence purposes in the event of attacks on the server infrastructure or other legal violations.
- Session cookies:
- We use so-called cookies to recognize multiple uses of an offer User (e.g. if you have logged in to determine your login status). If you use our When you visit the page again, these cookies provide information to automatically recognize you. The information obtained in this way serves to optimize our offers and make it easier for you To enable access to our site. When you log out, the session cookies deleted.
- Persistent cookies:
- These are automatically deleted after a specified period of time, which varies depending on the cookie can differentiate. You can disable cookies at any time in your browser's security settings delete.
- Third party cookies:
- According to your wishes, you can configure your browser settings, e.g Refuse to accept third-party cookies or all cookies. However, we would like to point this out to you at this point Please note that you may then not be able to use all of the functions of this website. Read For more information about these cookies, see the respective data protection declarations of the third-party providers.
- The legal basis for this processing is Article 6 Paragraph 1 Sentence b) GDPR, if the cookies are used for Contract initiation can be set, for example, when placing orders and otherwise we have a legitimate interest in this the effective functionality of the website, so that in this case Art. 6 Paragraph 1 Sentence 1 Letter f) GDPR The legal basis is.
- You can generally prevent cookies from being stored on your hard drive by going to your Select “do not accept cookies” in your browser settings. However, this may limit our functionality result in offers. You can opt out of the use of third-party cookies for advertising purposes so-called “opt-out” via this American website (https://optout.aboutads.info) or this European website (http://www.youronlinechoices.com/de/praferenzmanagement/) contradict.
Processing of contracts
- We process inventory data (e.g. company, title/academic degree, names and addresses as well Contact details of users, email), contract data (e.g. services used, names of Contact persons) and payment data (e.g. bank details, payment history) for the purpose of fulfilling our requirements contractual obligations (knowledge of who the contractual partner is; justification, content and execution of the contract; Checking the plausibility of the data) and services (e.g. Contacting customer service) in accordance with Article 6 Paragraph 1 Sentence 1 Letter b) GDPR. Those in online forms as Entries marked as mandatory are required for the conclusion of the contract.
- This data will generally not be passed on to third parties unless it is for tracking purposes our claims (e.g. handover to a lawyer for debt collection) or to fulfill the contract (e.g. handover the data to payment providers) is required or there is a legal obligation to do so in accordance with Art. 6 Paragraph 1 Sentence 1 Letter c) GDPR.
- We can also process the data you provide to inform you about other interesting products from our portfolio or send you emails with technical information.
- The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected required are. This is the case for the inventory and contract data if the data for the Implementation of the contract is no longer necessary and no claims from the contract are valid can be made because these are statute-barred (warranty: two years /standard statute of limitations: three years). Due to commercial and tax law requirements, we are obliged to provide your address, payment and To store order data for a period of ten years. However, we will take action if the contract is terminated a restriction on processing for three years, i.e. H. Your data will only be used to comply with the legal obligations are used. Information in the user account remains until it is deleted.
Contact us via contact form /email /fax /post
- When you contact us via contact form, fax, post or email, your details will be used Processed for the purpose of processing the contact request.
- The legal basis for processing the data, if you have given your consent, is Article 6 Paragraph 1 S. 1 lit. a) GDPR. Legal basis for the processing of data in the course of a contact request or email, letter or fax is Art. 6 Paragraph 1 Sentence 1 Letter f) GDPR. The The person responsible has a legitimate interest in processing and storing the data in order to respond to inquiries to be able to answer the user, to preserve evidence for liability reasons and, if necessary, to comply with legal requirements To be able to comply with storage obligations for business letters. If the contact is aimed at completing a contract, the additional legal basis for the processing is Art. 6 Paragraph 1 Sentence 1 Letter b) GDPR.
- We can store your information and contact request in our customer relationship management system ("CRM System") or a comparable system.
- The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected required are. For the personal data from the input mask of the contact form and those that were sent by email, this is the case when the respective conversation with you ends is. The conversation ends when it can be seen from the circumstances that the person concerned The matter has been finally clarified. Inquiries from users who have an account or contract with us We store your data until two years after termination of the contract. In the case of legal Archiving obligations are deleted after their expiry: end of commercial law (6 years) and tax law (10 years) retention obligation.
- You have the option at any time to withdraw your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a) GDPR to revoke the processing of personal data. If you contact us by email, you can You object to the storage of your personal data at any time.
Presence on social media
- We process the data that you send to us over these networks in order to communicate with you and to answer your messages there.
- The legal basis for processing personal data is our legitimate interest in communication with users and our external presentation for advertising purposes in accordance with Art. 6 Para. 1 Sentence 1 lit. f) GDPR. If you give the person responsible for the social network your consent to the processing If you have provided your personal data, the legal basis is Article 6 Paragraph 1 Sentence 1 Letter a) and Article 7 GDPR.
- The data protection information, information options and objection options (opt-out) of the respective Networks can be found here:
- (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland)
Opt-Out: https://www.facebook.com/settings?tab=adsund http://www.youronlinechoices.com
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.
- (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA)
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
Analyse Tools und Werbung
Google Tag Manager
Google Tag Manager is a solution that allows us to manage so-called website tags via an interface (and so on e.g. integrate Google Analytics and other Google marketing services into our online offering). The day manager itself (which implements the tags) does not process users' personal data. With regard The processing of users' personal data is based on the following information on Google services referred. Usage guidelines: https://www.google.com/intl/de/tagmanager/use-policy. html.
- We have the website analysis tool “Google Analytics” (Google Ireland Limited, registration number: 368047, Gordon House, Barrow Street, Dublin 4, Ireland) integrated into our website.
- When you visit our website, Google places a cookie on your computer to enable you to use our website website to be analyzed by you. The data obtained will be transferred to the USA and there saved. If personal data should be transferred to the USA, the certification provides Google's Privacy Shield Agreement (https://www.privacyshield.gov/EU-US-Framework) the guarantee that European data protection law is complied with.
- We have activated the IP anonymization “anonymizeIP”, which only shortens the IP addresses be further processed. On this website, your IP address is therefore stored by Google within Member States of the European Union or in other contracting states to the Agreement on the European Union Economic area previously cut. Only in exceptional cases will the full IP address be sent to a Google server transferred to the USA and shortened there. On behalf of the operator of this website, Google will do this Use information to evaluate your use of the website and to provide reports on website activity to compile and to provide further information relating to the use of the website and the internet, to provide services to the person responsible. We also have the Cross-device analysis of website visitors is activated, which is carried out via a so-called user ID. The IP address transmitted by your browser as part of Google Analytics is not shared with other data merged by Google. The use of Google Analytics serves the purpose of analysis, optimization and Improving our website.
- The legal basis for this is our legitimate interest in the above purposes Data processing in accordance with Article 6 Paragraph 1 Sentence 1 Letter f) GDPR.
- Those sent by us and linked to cookies, user identifiers (e.g. user ID) or advertising IDs Data is automatically deleted after 14 months. The deletion of data whose retention period has been reached is done automatically once a month.
- Objection and “opt-out”: You can generally store cookies on your hard drive Prevent this by selecting “do not accept cookies” in your browser settings. But one can do this result in functional restrictions on our offerings. You can also record the data The data generated by the cookie and related to your use of the website are sent to Google and processed Prevent this data from being used by Google by using the browser plug-in available under the following link Download and install: http://tools.google.com/dlpage/gaoptout?hl=de
- As an alternative to the browser plugin above, you can prevent Google Analytics from collecting data, by clicking Deactivate Google Analytics. Clicking causes a “Opt-out” cookie is set, which prevents the collection of your data when you visit this website in the future. If you do not receive a confirmation message for setting the cookie, use an ad blocker prevents the cookie from being set. The ad blocker is probably already suppressing data collection through Google Analytics on this website. This cookie only applies to our website and your current one Browser and only lasts until you delete your cookies. In that case you would have to set the cookie again set.
- You can access cross-device user analysis in your Google account under “My data - deactivate personal data.
Inclusion of third-party services and content
We use our online offering based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offering within the meaning of Art. 6 Para. 1 lit. f. GDPR) content or service offers from third parties in order to use their content and services, such as videos or Integrate fonts (hereinafter referred to as “content”).
This always assumes that the third party providers of this content are aware of the user's IP address, as they Without the IP address, the content could not be sent to their browser. The IP address is therefore for the Representation of this content required. We strive to only use content that is relevant to them The provider only uses the IP address to deliver the content. Third-party providers can also do this so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or Use for marketing purposes. The “pixel tags” can provide information such as visitor traffic on the pages evaluated on this website. The pseudonymous information can also be stored in cookies on the device Users are stored and, among other things, technical information about the browser and operating system Websites, visiting times and other information about the use of our online offer are included, as well as with such Information from other sources can be connected.
Rights of the data subject
- Objection or revocation against the processing of your data: As far as the processing Based on your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a), Article 7 GDPR, you have the right To revoke your consent at any time. The legality of the consent until revoked This does not affect the processing carried out. As far as we process your personal data Based on the balancing of interests in accordance with Article 6 Paragraph 1 Sentence 1 Letter f) GDPR, you can object to this Insert processing. This is the case if the processing is not necessary to fulfill a specific purpose Contract with you is required, which we provide in the following description of the functions is pictured. If you exercise such an objection, we ask you to explain the reasons why We should not process your personal data as we do. In the case of your reasoned If you object, we will examine the situation and will either stop or adjust data processing or Show you our compelling legitimate reasons on the basis of which we continue processing. She You can process your personal data for advertising and data analysis purposes at any time contradict. You can exercise your right to object free of charge. You can object to your advertising objection Inform us using the following contact details: Olaf Kortlüke Im Brachmoos 12 88149 Nonnenhorn E-mail address: email@example.com
- Right to information You have the right to request confirmation from us that whether personal data concerning you is being processed. If this is the case, you have a right for information about your personal data stored by us in accordance with Art. 15 GDPR. this includes in particular information about the processing purposes, the category of personal data Categories of recipients to whom your data has been or will be disclosed, the intended Storage period, the origin of your data, if it was not collected directly from you.
- Right to correction You have the right to correct incorrect or incorrect information Completion of correct data in accordance with Art. 16 GDPR.
- Right to deletion You have the right to have your data stored by us deleted according to Art. 17 GDPR, unless there are statutory or contractual retention periods or other legal requirements Obligations or rights to further storage conflict with this.
- Right to restriction You have the right to restrict processing to request your personal data if one of the requirements in Art. 18 paragraph 1 lit. a) to d) GDPR is met: • If you guarantee the accuracy of the personal data concerning you for a period of time dispute, which enables the controller to verify the accuracy of the personal data verify;• the processing is unlawful and you refuse the deletion of the personal data and instead request that the use of the personal data be restricted; • the person responsible Personal data is no longer needed for the purposes of processing, but you can use it To assert, exercise or defend legal claims, or • if you object to have lodged the processing in accordance with Article 21 Para. 1 GDPR and it is not yet clear whether the authorized persons are The reasons of the person responsible outweigh your reasons.
- Right to data portability You have a right to data portability in accordance with Art. 20 GDPR, which means that you have the information you provided and that we store about you can receive personal data in a structured, common and machine-readable format or can request transmission to another person responsible.
- Right to complain You have the right to complain to a supervisory authority. In As a rule, you can contact the supervisory authority, particularly in your member state your whereabouts, your place of work or the place of the alleged violation.
To protect all personal data transmitted to us and to ensure that the We have complied with data protection regulations, but also our external service providers appropriate technical and organizational security measures have been taken. That's why, among other things, everyone will Data is transmitted encrypted between your browser and our server via a secure SSL connection.
As of: December 28, 2019
Adapted based on the Sample data protection declaration from JuraForum.de and the datenschutz-generator.de by Attorney Dr. Thomas Schwenke