Name and contact details of the person(s) responsible
Our responsible person(s) (hereinafter referred to as "Responsible Person") within the meaning of Art. 4 no. 7 DS-GVO is
Managing Director Dr. Hannes Junginger-Gestrich
Commercial register no.: HRB 721282
Register court: Local court Freiburg
fax: +49 761 - 55724999
e-mail address: email@example.com
Data types, purposes of processing and categories of data subjects
In the following we inform you about the type, scope and purpose of the collection, processing and use of personal data.
1. types of data we process
Usage data (access times, websites visited, etc.), inventory data (name, address, etc.), contact data (telephone number, e-mail, fax, etc.), payment data (bank data, account data, payment history, etc.), contract data (object of the contract, term, etc.), content data (text entries, videos, photos, etc.), communication data (IP address, etc.),
2. the purposes of the processing pursuant to Art. 13 (1) c) DS-GVO
Processing of contracts, evidence purposes / preservation of evidence, fulfillment of contractual obligations, contacting in case of legal complaints by third parties, fulfillment of legal obligations to preserve records, compilation of statistics, avoidance of SPAM and abuse, customer service and customer care, handling contact requests, providing websites with functions and content, security measures, uninterrupted, secure operation of our website,
3. categories of persons concerned under Article 13(1)(e) of the DS-GVO
Website visitors/users, customers, suppliers, prospects, employees, employees of customers or suppliers,
The data subjects are collectively referred to as "users".
Legal basis for the processing of personal data
In the following we inform you about the legal basis of the processing of personal data:
- If we have obtained your consent for the processing of personal data, Art. 6 para. 1 sentence 1 lit. a) DS-GVO is the legal basis.
- If the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures taken in response to your request, Article 6 (1) sentence 1 letter b) DS-GVO is the legal basis.
- If the processing is necessary for the fulfilment of a legal obligation to which we are subject (e.g. statutory storage obligations), Art. 6 Paragraph 1 Sentence 1 lit. c) DS-GVO is the legal basis.
- If the processing is necessary to protect the vital interests of the data subject or of another natural person, Art. 6 (1) sentence 1 lit. d) DS-GVO is the legal basis.
- If the processing is necessary to protect our interests or the legitimate interests of a third party and your interests or fundamental rights and freedoms do not prevail in this respect, Art. 6 (1) sentence 1 lit. f) DS-GVO is the legal basis.
Disclosure of personal data to third parties and processors
Without your consent, we will not pass on any data to third parties. Should this be the case, however, the transfer will be made on the basis of the aforementioned legal bases, e.g. when data is passed on to online payment providers for the purpose of fulfilling a contract or due to a court order or due to a legal obligation to surrender the data for the purpose of criminal prosecution, to avert danger or to enforce intellectual property rights.
We also use contract processors (external service providers e.g. for web hosting of our websites and databases) to process your data. If data is passed on to the processors as part of an agreement for order processing, this is always done in accordance with Art. 28 DS-GVO. We select our processors carefully, check them regularly and have been granted the right to issue instructions regarding the data. In addition, the processors must have taken suitable technical and organisational measures and comply with the data protection regulations according to BDSG n.F. and DS-GVO
Transfer of data to third countries
The adoption of the European Data Protection Basic Regulation (DS-GVO) has created a uniform basis for data protection in Europe. Your data is therefore processed primarily by companies to which the DS-GVO applies. If, however, processing is carried out by services of third parties outside the European Union or the European Economic Area, they must comply with the special requirements of Art. 44 ff. DS-GVO. This means that the processing is carried out on the basis of special guarantees, such as the EU Commission's officially recognised determination of a level of data protection corresponding to that of the EU or compliance with officially recognised special contractual obligations, the so-called "standard contractual clauses".
If, due to the invalidity of the so-called "Privacy Shield", according to Art. 49 para. 1 sentence 1 lit. a) DSGVO, we obtain your express consent to the transfer of data to the USA, we will point out the risk of secret access by US authorities and the use of the data for monitoring purposes, if necessary without any legal remedies for EU citizens.
Deletion of data and storage period
Unless expressly stated in this data protection declaration, your personal data will be deleted or blocked as soon as the consent granted for processing is revoked by you or the purpose for storing the data no longer applies or the data is no longer required for the purpose, unless its further storage is required for evidence purposes or this is opposed by statutory storage obligations. This includes, for example, commercial storage obligations for business letters according to § 257 para. 1 HGB (6 years) as well as tax storage obligations according to § 147 para. 1 AO of receipts (10 years). When the prescribed retention period expires, your data will be blocked or deleted, unless the storage is still necessary for the conclusion or fulfilment of a contract.
Existence of an automated decision making process
We do not use automatic decision making or profiling.
Provision of our website and creation of log files
1. If you use our website for informational purposes only (i.e. no registration or other transmission of information), we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data:
- IP address;
- Internet service provider of the user;
- date and time of access;
- browser type;
- language and browser version;
- content of the request;
- time zone;
- access status/HTTP status code;
- amount of data;
- websites from which the request comes;
- operating system.
This data will not be stored together with other personal data of yours.
2. These data serve the purpose of user-friendly, functional and secure delivery of our website to you with functions and contents as well as their optimization and statistical evaluation.
3. The legal basis for this is our justified interest in data processing in accordance with Art. 6 Para. 1 S.1 lit. f) DS-GVO, which is also contained in the above-mentioned purposes.
4. For security reasons, we store this data in server log files for a storage period of 365 days. After this period has expired, they are automatically deleted, unless we require their storage for evidence purposes in the event of attacks on the server infrastructure or other legal infringements.
The following types of cookies are distinguished:
Necessary, essential cookies: Essential cookies are cookies that are absolutely necessary for the operation of the website in order to store certain website functions such as logins, shopping cart or user entries, e.g. regarding the language of the website.
Session-Cookies: Session-Cookies are needed to recognize multiple use of an offer by the same user (e.g. if you have logged in to determine your login status). When you visit our site again, these cookies provide information to automatically recognize you. The information obtained in this way is used to improve our offers and to make it easier for you to access our site. When you close the browser or log out, the session cookies are deleted.
Persistent cookies: These cookies remain stored even after closing the browser. They are used to store the login, to measure reach and for marketing purposes. They are automatically deleted after a specified period of time, which may vary depending on the cookie. You can delete the cookies at any time in the security settings of your browser.
Third-party cookies (third-party cookies, especially from advertisers): You can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies. However, we would like to point out at this point that you may not be able to use all functions of this website. Please read more about these cookies in the respective third-party privacy statements.
2. Data categories: User data, cookie, user ID (including pages visited, device information, access times and IP addresses).
3. Purposes of processing: The information obtained in this way serves the purpose of optimising our web offers both technically and economically and of enabling you to access our website more easily and securely.
4. Legal basis: If we process your personal data with the aid of cookies on the basis of your consent ("opt-in"), then Art. 6 para. 1 sentence 1 lit. a) DSGVO is the legal basis. Otherwise we have a legitimate interest in the effective functionality, improvement and economic operation of the website, so that in this case Art. 6 para. 1 sentence 1 lit. f) DS-GVO is the legal basis. The legal basis is also Art. 6 Para. 1 sentence 1 lit. b) DS-GVO, if the cookies are set to initiate a contract, e.g. when orders are placed.
5. Duration of storage/deletion: The data is deleted as soon as it is no longer required for the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session is ended.
Here you will find information about the deletion of cookies by browser:
Firefox: https://support.mozilla.org/de/kb/cookies-und-website-daten-in-fi refox-delete
Internet Explorer: https://support.microsoft.com/de-at/help/17442/windows-internet-e xplorer-delete-manage-cookies
Microsoft Edge: https://support.microsoft.com/de-at/help/4027947/windows-delete-c ookies
6. Objection and "Opt-Out": You can generally prevent cookies from being stored on your hard drive, regardless of consent or legal permission, by selecting "do not accept cookies" in your browser settings. However, this can result in a functional restriction of our offers. You can object to the use of third-party cookies for advertising purposes by means of a so-called "opt-out" via this American website (https://optout.aboutads.info) or this European website (http://www.youronlinechoices.com/de/praferenzmanagement/).
Processing of contracts
1. We process inventory data (e.g. company, title/academic degree, names and addresses as well as contact data of users, e-mail), contract data (e.g. services used, names of contact persons) and payment data (e.g. bank details, payment history) for the purpose of fulfilling our contractual obligations (knowing who is the contractual partner; justification, content and processing of the contract; checking the plausibility of the data) and services (e.g. contacting customer service) in accordance with Art. 6 Para. 1 S. 1 lit b) DS-GVO. The entries marked as obligatory in online forms are required for the conclusion of the contract.
2. In principle, this data is not passed on to third parties, unless it is necessary to pursue our claims (e.g. transfer to a lawyer for collection) or to fulfil the contract (e.g. transfer of the data to payment providers) or if there is a legal obligation to do so in accordance with Art. 6 Para. 1 S. 1 lit. c) DS-GVO.
3. We may also process the data you provide in order to inform you about other interesting products from our portfolio or to send you e-mails with technical information.
4. The data will be deleted as soon as they are no longer required for the purpose for which they were collected. This is the case for the portfolio and contract data when the data is no longer necessary for the execution of the contract and no more claims can be asserted under the contract because they are time-barred (warranty: two years / standard limitation period: three years). We are obliged by commercial and tax law to store your address, payment and order data for a period of ten years. However, if the contract is terminated after three years, we will restrict processing, i.e. your data will only be used to comply with legal obligations. Details in the user account remain until it is deleted.
Online payment provider
1. Billing is carried out when paying by "Paypal" via PayPal (Europe) S.àr.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg, Web: paypal.de, https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Hereinafter referred to as "online calculator". The online calculators collect, store and process your usage and billing data for the purpose of determining and billing the service you have used. The data entered into the online calculators is only processed by them and stored with them. If the online calculators cannot collect the usage fees or can only collect them in part, or if the online calculators fail to do so due to a complaint from you, the usage data will be passed on by the online calculators to the person responsible and, if necessary, blocked by the person responsible. The same applies if, for example, a credit card company reverses a transaction from you at the expense of the person responsible.
2. The legal basis is Art. 6 para. 1 lit. b) DSGVO, as the processing is necessary for the fulfilment of a contract by the responsible party. In addition, external online calculators are used on the basis of Art. 6 para. 1 sentence 1 lit. f) DSGVO for the legitimate interests of the responsible party, in order to be able to offer you the most secure, simple and diverse payment options possible.
3. With regard to the storage period, revocation, information and data subject rights, we refer to the above data protection declarations of the online calculators.
Contact via contact form / e-mail / fax / post
1. When contacting us by contact form, fax, post or e-mail, your data will be processed for the purpose of handling the contact request.
2. The legal basis for the processing of the data is Art. 6 Paragraph 1 S. 1 lit. a) DS-GVO if you have given your consent. The legal basis for the processing of data transmitted in the course of a contact inquiry or e-mail, letter or fax is Art. 6 Paragraph 1 S. 1 lit. f) DS-GVO. The person responsible has a legitimate interest in the processing and storage of the data in order to be able to respond to user enquiries, to secure evidence on liability grounds and, where appropriate, to be able to comply with his or her statutory obligations to retain business letters. If the contact aims at the conclusion of a contract, an additional legal basis for the processing is Art. 6 Paragraph 1 S. 1 lit. b) DS-GVO.
3. We may store your details and contact request in our customer relationship management system ("CRM system") or a comparable system.
4. The data will be deleted as soon as they are no longer required for the purpose for which they were collected. For personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with you has ended. The conversation is finished when it can be concluded from the circumstances that the matter in question has been finally clarified. Inquiries from users who have an account or a contract with us will be stored for a period of two years after termination of the contract. In the case of legal archiving obligations, deletion takes place after the end of the following periods: End of commercial law (6 years) and tax law (10 years) retention obligation.
5. You have the possibility at any time to revoke your consent pursuant to Art. 6 para. 1 sentence 1 lit. a) DS-GVO to the processing of personal data. If you contact us by e-mail, you can object to the storage of your personal data at any time.
Contact by telephone
1. When contacting us by telephone, your telephone number is processed and temporarily stored or displayed in the RAM / cache of the telephone set / display for the purpose of processing the contact request and its handling. The storage is done for liability and security reasons, in order to be able to prove the call, and for economic reasons, in order to enable a call back. In case of unauthorized advertising calls, we block the phone numbers.
2. The legal basis for the processing of the telephone number is Art. 6 para. 1 sentence 1 lit. f) DS-GVO. If the purpose of the contact is to conclude a contract, the additional legal basis for processing is Art. 6 (1) lit. b) DS-GVO.
3. The device cache stores the calls 365 days and successively overwrites or deletes old data; when the device is disposed of, all data is deleted and the memory destroyed if necessary. Blocked telephone numbers are checked annually for the necessity of blocking.
4. You can prevent the telephone number from being displayed by calling with the telephone number suppressed.
1. We have installed on our website the anti-spam function "reCAPTCHA" from "Google" (provider: Google Ireland Limited, Register No.: 368047, Gordon House, Barrow Street, Dublin 4, Ireland).
2. Category of data and description of data processing: usage data (e.g. website accessed, IP). By using "reCAPTCHA" in our forms we can determine whether the input was made by a machine (robot) or a human being. When using the service, your IP address and any other data required for this purpose may be transmitted to Google servers in the USA.
3. Purpose of the processing: Avoidance of spam and abuse as well as our economic interest in the optimization of our website.
4. Legal basis: If you have given your consent ("opt-in") for the processing of your personal data by means of "reCaptcha" from the third party provider, Art. 6 para. 1 sentence 1 lit. a) DS-GVO is the legal basis. The legal basis is also our legitimate interest in data processing for the above purposes in accordance with Art. 6 Paragraph 1 S.1 lit. f) DS-GVO.
5. Data transmission/recipient category: Third party providers in the USA.
6. Storage period: until the cookies are deleted by you as a user.
1. We have on our website maps from "Google Maps" (provider: Google Ireland Limited, Register No.: 368047, Gordon House, Barrow Street, Dublin 4, Ireland).
2. Data category and description of data processing: usage data (e.g. IP, location, page accessed). Google Maps allows us to display the location of addresses and directions directly on our website in interactive maps and to enable you to use this tool. When you call up our website, where Google Maps is integrated, a connection to the Google servers in the USA is established. Your IP and location can be transmitted to Google. Google also receives information that you have called up the corresponding page. This is also done without a user account with Google. If you are logged into your Google account, Google can assign the above data to your account. If you do not wish to do so, you must log out of your Google account. Google creates user profiles from such data and uses these data for the purpose of advertising, market research or optimization of its websites.
3. Purpose of processing: To provide a user-friendly, economical and optimized website.
4. Legal basis: If you have given your consent ("opt-in") to the processing of your personal data using "Google Maps" by the third party provider, Art. 6 (1) sentence 1 lit. a) DS-GVO is the legal basis. The legal basis is also our legitimate interest in data processing in accordance with Art. 6 (1) sentence 1 lit. f) DS-GVO for the above purposes.
5. Data transmission/recipient category: Third party providers in the USA.
6. Storage period: Cookies for up to 6 months or until you delete them. Otherwise as soon as they are no longer required for processing purposes.
7. Right of objection and removal: You have the right to object to the creation of user profiles by Google. Therefore, please contact Google directly via the data protection declaration mentioned below. An opt-out objection regarding advertising cookies can be made here in your Google Account:
Presence in social media
2. Data categories and description of data processing: usage data, contact data, content data, inventory data. Furthermore, user data within social networks is usually processed for market research and advertising purposes. Thus, for example, user profiles can be created based on the usage behaviour and the resulting interests of the users. The user profiles can in turn be used, for example, to place advertisements within and outside the networks that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users' computers, in which the usage behaviour and interests of the users are stored. Furthermore, data may also be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them). For a detailed description of the respective forms of processing and the possibilities of objection (opt-out), we refer to the data protection declarations and information provided by the operators of the respective networks. Also in the case of requests for information and the assertion of data subject rights, we point out that these can be most effectively asserted with the providers. Only the providers have access to the data of the users in each case and can directly take appropriate measures and provide information. Should you nevertheless require assistance, you can contact us.
3. Purpose of the processing: Communication with the users connected and registered on the social networks; information and advertising for our products, offers and services; presentation and image cultivation; evaluation and analysis of the users and contents of our presence in the social media.
4. Legal basis: The legal basis for the processing of personal data is our legitimate interest in the above-mentioned purposes in accordance with Art. 6 para. 1 sentence 1 letter f) DS-GVO. If you have given us or the person responsible for the social network your consent to the processing of your personal data, the legal basis is Art. 6 para. 1 sentence 1 lit. a) in conjunction with Art. 7 DS-GVO.
5. Data transmission/recipient category: social network.
6. You can find the data protection information, information options and opt-out options of the respective networks / service providers here:
Rights of the data subject
1. Objection or revocation against the processing of your data
Insofar as the processing is based on your consent pursuant to Art. 6 para. 1 sentence 1 lit. a), Art. 7 DS-GVO, you have the right to revoke your consent at any time. This does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.
Insofar as we base the processing of your personal data on the balancing of interests in accordance with Art. 6 (1) sentence 1 lit. f) DS-GVO, you may object to the processing. This is the case if the processing is not necessary, in particular, for the fulfilment of a contract with you, which is described by us in the following description of the functions. In the event of such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the facts of the case and will either stop or adapt the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue the processing.
You can object to the processing of your personal data for the purposes of advertising and data analysis at any time. You can exercise the right of objection free of charge. You can inform us about your objection to advertising by using the following contact details:
Managing Director Dr. Hannes Junginger-Gestrich
Commercial register no.: HRB 721282
Register court: Local court Freiburg
fax: +49 761 - 55724999
e-mail address: firstname.lastname@example.org
2. Right to information
You have a right to information about your personal data stored with us in accordance with Art. 15 DS-GVO. This includes, in particular, information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data, unless it was collected directly from you.
3. Right of rectification
You have a right to correct incorrect data or to complete correct data in accordance with Art. 16 DS-GVO.
4. Right to deletion
You have the right to have your data stored by us deleted in accordance with Art. 17 DS-GVO, unless legal or contractual retention periods or other legal obligations or rights to further storage conflict with this.
5. Right to restriction
You have the right to request a restriction on the processing of your personal data if one of the conditions in Art. 18 (1) lit. a) to d) DS-GVO is fulfilled:
If you dispute the accuracy of the personal data concerning you for a period of time which enables the controller to verify the accuracy of the personal data;
the processing is unlawful and you refuse to delete the personal data and instead demand that the use of the personal data be restricted;
the controller no longer needs the personal data for the purposes of the processing, but you need the personal data in order to assert, exercise or defend legal claims; or
if you have lodged an objection to the processing in accordance with Article 21 (1) of the DPA and it has not yet been established whether the legitimate reasons given by the controller outweigh your reasons.
6. Right to data transferability
You have a right to data transferability in accordance with Art. 20 DS-GVO, which means that you can receive the personal data stored by us about you in a structured, common and machine-readable format or request that it be transferred to another person responsible.
7. Right of complaint
You have a right to complain to a regulatory body. As a general rule, you may do so by contacting the supervisory authority, in particular in the Member State in which you are resident, in your place of work or in the place where the suspected infringement is committed.
In order to protect all personal data transmitted to us and to ensure that the data protection regulations are observed by us and our external service providers, we have taken suitable technical and organisational security measures. Therefore, among other things, all data between your browser and our server is transmitted in encrypted form via a secure SSL connection.