Privacy policy
Table of contents
- Introduction and overview
- Scope of application
- Legal basis
- Storage period
- Rights under the General Data Protection Regulation
- Web Hosting Introduction
Introduction and overview
We have prepared this privacy statement (version 16.05.2022-312026290) in order to provide you with information in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws to explain which personal data (data for short) we as the controller - and the processors (e.g. providers) commissioned by us - process, will process in the future and what lawful options you have. The terms used are to be understood as gender-neutral.
In short: We inform you comprehensively about the data we process about you.
Data protection statements usually sound very technical and use legal terminology. This privacy statement, on the other hand, is intended to describe the most important things to you as simply and transparently as possible. Insofar as it is conducive to transparency, technical terms explained in a reader-friendly way, links to further information are provided, and graphs has been brought into use. With it, we inform in clear and simple language that we only process personal data in the course of our business activities if there is a corresponding legal basis. This is certainly not possible by providing the most concise, unclear and legalistic explanations possible, as is often standard practice on the internet when it comes to data protection. I hope you find the following explanations interesting and informative and perhaps there is one or two pieces of information you did not know yet.
If you still have questions, we would like to ask you to contact the responsible office mentioned below or in the imprint, to follow the existing links and to look at further information on third party sites. Our contact details can of course also be found in the imprint.
Scope of application
This data protection declaration applies to all personal data processed by us in the company and to all personal data processed by companies commissioned by us (order processors). By personal data, we mean information within the meaning of Art. 4 No. 1 DSGVO, such as a person's name, email address and postal address. The processing of personal data ensures that we can offer and invoice our services and products, whether online or offline. The scope of this privacy policy includes:
- all online presences (websites, online shops) that we operate
- social media presences and email communication
- mobile apps for smartphones and other devices
In short: The data protection declaration applies to all areas in which personal data is processed in a structured manner within the company via the aforementioned channels. If we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.
Legal basis
In the following data protection declaration, we provide you with transparent information on the legal principles and regulations, i.e. the legal bases of the General Data Protection Regulation, which enable us to process personal data.
As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. You can of course access this EU General Data Protection Regulation online on EUR-Lex, the access point to EU law, at https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=celex%3A32016R0679 nachlesen.
We only process your data if at least one of the following conditions applies:
- Consent (Article 6(1)(a) DSGVO): You have given us your consent to process data for a specific purpose. An example would be the storage of your entered data of a contact form.
- Contract (Article 6(1)(b) DSGVO): In order to fulfil a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a sales contract with you, we need personal information in advance.
- Rechtliche Verpflichtung (Article 6(1)(c) DSGVO): If we are subject to a legal obligation, we process your data. For example, we are legally obliged to keep invoices for accounting purposes. These usually contain personal data.
- Legitimate interests (Article 6(1)(f) DSGVO): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website in a secure and economically efficient manner. This processing is therefore a legitimate interest.
Further conditions such as the performance of recordings in the public interest and the exercise of public authority as well as the protection of vital interests do not generally occur with us. If such a legal basis should be relevant, it will be indicated at the appropriate place.
In addition to the EU regulation, national laws also apply:
- In Austria, this is the federal law for the protection of natural persons when processing personal data (Data Protection Act), in short DSG.
- In Germany, the Federal Data Protection Act, in short BDSG applies.
If other regional or national laws apply, we will inform you about them in the following sections.
Storage period
The fact that we only store personal data for as long as is absolutely necessary for the provision of our services and products applies as a general criterion with us. This means that we delete personal data as soon as the reason for processing the data no longer exists. In some cases, we are legally obliged to store certain data even after the original purpose has ceased to exist, for example for accounting purposes.
Should you wish your data to be deleted or revoke your consent to data processing, the data will be deleted as soon as possible and insofar as there is no obligation to store it.
We will inform you about the specific duration of the respective data processing below, provided we have further information on this.
Rights under the General Data Protection Regulation
In accordance with Articles 13, 14 of the GDPR, we inform you of the following rights you have to ensure that data is processed fairly and transparently:
- Sie haben laut Artikel 15 DSGVO ein Auskunftsrecht darüber, ob wir Daten von Ihnen verarbeiten. Sollte das zutreffen, haben Sie Recht darauf eine Kopie der Daten zu erhalten und die folgenden Informationen zu erfahren:
- zu welchem Zweck wir die Verarbeitung durchführen;
- die Kategorien, also die Arten von Daten, die verarbeitet werden;
- wer diese Daten erhält und wenn die Daten an Drittländer übermittelt werden, wie die Sicherheit garantiert werden kann;
- wie lange die Daten gespeichert werden;
- das Bestehen des Rechts auf Berichtigung, Löschung oder Einschränkung der Verarbeitung und dem Widerspruchsrecht gegen die Verarbeitung;
- dass Sie sich bei einer Aufsichtsbehörde beschweren können (Links zu diesen Behörden finden Sie weiter unten);
- die Herkunft der Daten, wenn wir sie nicht bei Ihnen erhoben haben;
- ob Profiling durchgeführt wird, ob also Daten automatisch ausgewertet werden, um zu einem persönlichen Profil von Ihnen zu gelangen.
- You have a right to rectify data under Article 16 of the GDPR, which means that we must correct data if you find errors.
- According to Article 17 of the GDPR, you have the right to erasure ("right to be forgotten"), which specifically means that you may request the deletion of your data.
- According to Article 18 of the GDPR, you have the right to restriction of processing, which means that we may only store the data but not use it any further.
- According to Article 19 of the GDPR, you have the right to data portability, which means that we will provide you with your data in a common format upon request.
- Sie haben laut Artikel 21 DSGVO ein Widerspruchsrecht, welches nach Durchsetzung eine Änderung der Verarbeitung mit sich bringt.
- Wenn die Verarbeitung Ihrer Daten auf Artikel 6 Abs. 1 lit. e (öffentliches Interesse, Ausübung öffentlicher Gewalt) oder Artikel 6 Abs. 1 lit. f (berechtigtes Interesse) basiert, können Sie gegen die Verarbeitung Widerspruch einlegen. Wir prüfen danach so rasch wie möglich, ob wir diesem Widerspruch rechtlich nachkommen können.
- Werden Daten verwendet, um Direktwerbung zu betreiben, können Sie jederzeit gegen diese Art der Datenverarbeitung widersprechen. Wir dürfen Ihre Daten danach nicht mehr für Direktmarketing verwenden.
- Werden Daten verwendet, um Profiling zu betreiben, können Sie jederzeit gegen diese Art der Datenverarbeitung widersprechen. Wir dürfen Ihre Daten danach nicht mehr für Profiling verwenden.
- You may have the right under Article 22 of the GDPR not to be subject to a decision based solely on automated processing (for example profiling).
- According to Article 77 of the GDPR, you have the right to lodge a complaint. This means that you can complain to the data protection authority at any time if you believe that the data processing of personal data violates the GDPR.
In short: You have rights - do not hesitate to contact the responsible body listed above!
If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can complain to the supervisory authority. For Austria, this is the data protection authority, whose website can be found at https://www .dsb.gv.at/. In Germany there is a data protection officer for each federal state. For more information, you can contact the Federal Commissioner for Data Protection and the Freedom of Information (BfDI) contact. The following local data protection authority is responsible for our company:
Baden-Württemberg data protection authority
State Commissioner for Data Protection: Dr. Stefan Brink
Address: Königstraße 10a, 70173 Stuttgart
Telephone: 07 11/61 55 41-0
E-mail address: poststelle@lfdi.bwl.de
Website: https://www.baden-wuerttemberg.datenschutz.de/
Web Hosting Introduction
Was ist Webhosting?
When you visit websites nowadays, certain information - including personal data - is automatically created and stored, including on this website. This data should be processed as sparingly as possible and only with justification. By website, by the way, we mean the totality of all web pages on a domain, i.e. everything from the home page (homepage) to the very last subpage (like this one). By domain, we mean, for example, example.de or example.com.
If you want to view a website on a computer, tablet or smartphone, you use a programme called a web browser to do so. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox and Apple Safari. We call them browsers or web browsers for short.
If you want to view a website on a computer, tablet or smartphone, you use a programme called a web browser to do so. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox and Apple Safari. We call them browsers or web browsers for short.
When the browser on your computer (desktop, laptop, tablet or smartphone) connects and during data transfer to and from the web server, personal data may be processed. On the one hand, your computer stores data, on the other hand, the web server must also store data for a while to ensure proper operation.
Why do we process personal data?
Why do we process personal data?
- Professional hosting of the website and safeguarding of the operation
- to maintain operational and IT security
- Anonymous evaluation of access behaviour to improve our offer and, if necessary, for criminal prosecution or the pursuit of claims.
What data is processed?
Even while you are visiting our website right now, our web server, which is the computer on which this website is stored, usually automatically stores data such as
- the complete internet address (URL) of the accessed website
- Browser and browser version (e.g. Chrome 87)
- the operating system used (e.g. Windows 10)
- the address (URL) of the previously visited page (referrer URL) (e.g. https: //www.beispielquellsite.de/vondabinich)
- the host name and IP address of the device being accessed (e.g. COMPUTERNAME and 194.23.43.121).
- Date and time
- in files, the so-called web server log files
How long is data stored?
As a rule, the above data is stored for a fortnight and then automatically deleted. We do not pass on this data, but we cannot rule out the possibility that this data may be viewed by the authorities in the event of unlawful conduct.
In short: Your visit is logged by our provider (company that runs our website on special computers (servers)), but we do not share your data without consent!
Legal basis
The lawfulness of the processing of personal data in the context of web hosting results from Art. 6 para. 1 lit. f DSGVO (protection of legitimate interests), because the use of professional hosting with a provider is necessary to present the company on the Internet in a secure and user-friendly manner and to be able to pursue attacks and claims from this if necessary.
As a rule, there is a contract on commissioned processing between us and the hosting provider in accordance with Art. 28 f. DSGVO, which ensures compliance with data protection and guarantees data security.
raidboxes Privacy Policy
We use the web hosting provider raidboxes for our website. The service provider is the German company Raidboxes GmbH, Hafenstraße 32, 48153 Münster, Germany.
You can find out more about the data processed through the use of raidboxes in the privacy statement on https://raidboxes.io/legal/privacy/.
All texts are protected by copyright.
Source: Created with the Privacy Generator from AdSimple