Purpose of the General Data Protection Regulation (GDPR)
This data protection declaration informs you about the type, scope and purpose of the processing of personal data by the provider of this website in accordance with the legal requirements of data protection law (in particular in accordance with BDSG nF and the European General Data Protection Regulation “GDPR”). This data protection declaration also applies to the provider's social media profiles. With regard to the definition of terms such as "personal data" or "processing", reference is made to Art. 4 GDPR.
Types of data, purposes of processing and categories of data subjects
In the following you will be informed about the type, scope and purpose of the collection, processing and use of personal data.
Types of data that are processed
- Usage data (access times, websites visited, etc.)
- Contact details (telephone number, email, fax etc.)
- Content data (text input, videos, photos, etc.)
- Communication data (IP address etc.)
Purposes of processing according to Art. 13 Para. 1 c) GDPR
Optimize the website technically and economically, enable easy access to the website, contact in the event of legal complaints by third parties, fulfillment of legal storage obligations, optimization and statistical analysis of services, support commercial use of the website, improve user experience, design the website in a user-friendly manner, marketing / sales / advertising, creation of statistics, avoidance of SPAM and abuse, customer service and customer care, handling contact requests, providing websites with functions and content, uninterrupted, secure operation of the website.
Categories of data subjects according to Art. 13 Para. 1 e) GDPR
Visitors and users of the website, customers, interested parties, employees of customers or suppliers. The data subjects are collectively referred to as "users".
Forwarding of personal data to third parties and processors
In principle, no data will be passed on to third parties without your consent. If this is the case, the data will only be passed on for the purpose of criminal prosecution, to avert danger or to enforce intellectual property rights.
The provider uses contract processors (external service providers, e.g. for web hosting of the websites and databases) to process your data. If data is passed on to the processors within the framework of an agreement for order processing, this always takes place in accordance with Art. 28 GDPR. Processors must have taken suitable technical and organizational measures and comply with the data protection regulations in accordance with Comply with BDSG nF and DSGVO.
Data transfer to third countries
The adoption of the European General Data Protection Regulation (GDPR) created a uniform basis for data protection in Europe. Your data is therefore mainly processed by companies for which the GDPR applies. Should the processing by third party services take place outside the European Union or the European Economic Area, then these must meet the special requirements of Art. 44 ff. GDPR. This means that processing takes place on the basis of special guarantees, such as the establishment of a data protection level that is officially recognized by the EU Commission or compliance with officially recognized special contractual obligations, the so-called “standard contractual clauses”.
Deletion of data and storage duration
Unless expressly stated in this data protection declaration, your personal data will be deleted or blocked as soon as the purpose for storage no longer applies. Exceptions to this are data that are required for evidence purposes or that conflict with statutory retention requirements. This includes, for example, commercial law retention obligations for business letters in accordance with Section 257 (1) HGB (6 years) and tax retention obligations in accordance with Section 147 (1) AO of receipts (10 years). When the prescribed retention period expires, your data will be blocked or deleted, unless the storage is still necessary for the conclusion or fulfillment of a contract.
Provision of this website and creation of log files
If you use this website for information purposes (i.e. no transmission of information via the contact form), the following personal data will be collected:
- IP address,
- Internet service provider of the user,
- Date and time of access,
- Browser type,
- Language and browser version,
- Content of the request,
- Time zone,
- Access status / HTTP status code,
- Amount of data,
- Websites from which the request comes
- Operating system.
- This data serves the purpose of user-friendly, functional and secure delivery of this website to you with functions and content as well as their optimization and statistical evaluations.
- For security reasons, this data is stored in server log files. All personal data are automatically deleted as soon as the purpose for their collection has been fulfilled. The session data is therefore stored until you end your session (by leaving or closing the website).
Contact via contact form / e-mail / fax / post
- When you contact the provider via the contact form, fax, post or email, your details will be processed for the purpose of handling the contact request.
- If you have given your consent, the legal basis for processing the data is Art. 6 Para. 1 S. 1 lit. a) GDPR. The legal basis for the processing of data transmitted in the course of a contact request or email, letter or fax is Art. 6 Para. 1 S. 1 lit. f) GDPR. The person responsible has a legitimate interest in the processing and storage of the data in order to be able to answer user inquiries, to preserve evidence for reasons of liability and, if necessary, to be able to comply with his statutory retention requirements for business letters. If the contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 Para. 1 S. 1 lit. b) GDPR.
- The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those that were sent by email, this is the case when the respective conversation with you has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been finally clarified. Inquiries from users who have an account or contract with the provider are stored for up to two years after the end of the contract. In the case of legal archiving obligations, the deletion takes place after their expiry: End of commercial law (6 years) and tax law (10 years) retention obligation.
- You have the option at any time to withdraw your consent in accordance with Art. 6 Para. 1 S. 1 lit. a) To revoke the GDPR for the processing of personal data. If you contact the provider via the contact form on the website or by e-mail, you can object to the storage of your personal data at any time.
Contact by phone
- When you contact the provider by phone, your telephone number will be processed to process and process the contact request and temporarily stored or displayed in the RAM / cache of the telephone device / display. The storage takes place for reasons of liability and security in order to be able to provide proof of the call and for economic reasons in order to enable a recall. In the event of unauthorized advertising calls, the phone numbers are blocked.
- The legal basis for processing the telephone number is Art. 6 Para. 1 S. 1 lit. f) GDPR. If the contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 Para. 1 lit. b) GDPR.
- The device cache saves the calls temporarily, but overwrites or deletes old data successively. When the device is disposed of, all data is deleted and the memory may be destroyed.
- You can prevent the phone number from being displayed by calling with the phone number suppressed.
Social media plug-ins
- Social media plug-ins are used by social networks on this website. When this website is accessed, no personal data is transmitted to the plug-in provider. Click on the logo or the brand of the social network to activate it. Upon activation, the provider of the social network receives the information that you have accessed our website and transmitted your personal data. So-called third party cookies are saved. With some providers, such as XING, your IP is anonymized immediately after it has been collected.
- The plug-in provider saves the data collected about the user as a usage profile. These are used for advertising, market research and / or the needs-based design of your own website. Such an evaluation takes place in particular (also for users who are not logged in) to display needs-based advertising and to inform other users of the social network about the user's activities on this website. The user has a right to object to the creation of these user profiles, whereby one must contact the respective plug-in provider to exercise this right.
- The legal basis for the use of the plug-ins is the legitimate interest in improving and optimizing this website by increasing awareness through social networks. Furthermore, there is the possibility of interacting with you and the users among themselves via social networks in accordance with Art. 6 Para. 1 S.1 lit. f) GDPR.
- The provider of this website has no influence on the data collected and the data processing operations. The provider also has no knowledge of the scope of data collection, the purpose of processing and the storage periods. There is also no information on the deletion of the data collected by the plug-in provider.
- The provider of this website refers to the respective data protection declarations of the social networks with regard to the purpose and scope of data collection and processing. There you will also find information about your rights and setting options for protecting your personal data.
Presence on social media
- The provider of this website maintains profiles in social media in order to communicate with the users connected and registered there and to inform them about products, offers or services. When you use and call up profiles of the provider in the respective network, the respective data protection information and terms of use of the respective network apply.
- Your data that you send to the provider of this website via these networks for the purpose of communication will be processed.
- The legal basis for the processing of personal data is the provider's legitimate interest in communication with users and its external image for the purpose of advertising in accordance with Art. 6 Para. 1 S. 1 lit. f) GDPR. Insofar as you have given the person responsible for the social network your consent to the processing of your personal data, the legal basis is Art. 6 Para. 1 S. 1 lit. a) and Art. 7 GDPR.
- You can find data protection information, information options and objection options (opt-out) for the respective networks here:
- XING (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany) - data protection declaration / opt-out: https://privacy.xing.com/de/datenschutzerklaerung.
- LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) - privacy policy: https://www.linkedin.com/legal/privacy-policy, cookie policy and opt-out: https: //www.linkedin. com / legal / cookie-policy, Privacy Shield of the US company LinkedIn Inc .: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.
Share buttons from XING and LinkedIn
- This informs you about the processing of personal data via the function of the XING share button. The “XING Share Button” is used on this website. When you access this website, your browser will briefly connect to the servers of XING AG (“XING”), Gänsemarkt 43, 20354 Hamburg, Germany, with which the “XING Share Button” functions (in particular the calculation / display of the Counter value). XING does not save any of your personal data when you access this website. In particular, XING does not save any IP addresses. There is also no evaluation of your usage behavior via the use of cookies in connection with the “XING Share Button”. The current data protection information on the “XING Share Button” and additional information can be found on this website: https://www.xing.com/app/share?op=data_protection.
- Plugins of the social network LinkedIn of the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter “LinkedIn”) are integrated on these pages. You can recognize the LinkedIn plugins by the LinkedIn logo or the “Recommend button” (“Recommend”). When using the plugin, a direct connection is established between your browser and the LinkedIn server. LinkedIn receives the information that you have visited this page with your IP address. If you click the LinkedIn “Recommend button” while you are logged into your LinkedIn account, you can link the content of these pages to your LinkedIn profile. This enables LinkedIn to assign your visit to these pages to your user account. The provider of these pages has no knowledge of the content of the data transmitted or their use by LinkedIn.
Details on data collection (purpose, scope, further processing, use) as well as your rights and setting options can be found in LinkedIn's data protection information. LinkedIn has this information available at http://www.linkedin.com/static?key=privacy_policy&trk=hb_ft_priv.
Data Subject Rights
- Objection or revocation against the processing of your data
Insofar as the processing is based on your consent in accordance with Art. 6 Para. 1 S. 1 lit. a), Art. 7 GDPR, you have the right to withdraw your consent at any time. This does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation.
Insofar as the provider of this website bases the processing of your personal data on the balancing of interests in accordance with Art. 6 Para. 1 S. 1 lit. f) GDPR, you can object to the processing. This is the case, in particular, if the processing is not necessary to fulfill a contract with you, which the provider describes in the following description of the functions. When exercising such an objection, the provider asks you to explain the reasons why your personal data should not be processed accordingly. In the event of your justified objection, the provider will review the situation and either stop or adjust the data processing or show you compelling reasons worthy of protection on the basis of which the processing will be continued.
You can object to the processing of your personal data for data analysis purposes at any time. The provider is responsible for the data protection of this website. You can exercise your right of objection free of charge. You can inform the provider of this website about your objection using the contact details provided. - Right to information
You have the right to request confirmation from the provider of this website as to whether personal data relating to you is being processed. If this is the case, you have the right to information about your stored personal data in accordance with Art. 15 GDPR. This includes, in particular, information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data, unless it was collected directly from you. - Right to rectification
You have the right to correct incorrect data or to complete correct data in accordance with Art. 16 GDPR. - Right to cancellation
You have the right to delete your data stored by the provider in accordance with Art. 17 GDPR, unless this is contrary to legal or contractual retention periods or other legal obligations or rights to further storage. - Right to restriction
You have the right to request a restriction on the processing of your personal data if one of the requirements in Art. 18 Para. 1 lit. a) to d) GDPR is fulfilled. If…
- You dispute the correctness of the personal data concerning you for a period of time that enables the person responsible to check the correctness of the personal data,
- the processing is unlawful and you reject the deletion of the personal data but instead request the restriction of the use of the personal data
- he person responsible no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
- You have lodged an objection to the processing in accordance with Art. 21 Paragraph 1 GDPR and it has not yet been determined whether the legitimate reasons of the person responsible outweigh your reasons. - Right to data portability
You have the right to data portability according to Art. 20 GDPR, which means that you can receive the personal data stored about you by the provider in a structured, common and machine-readable format or you can request the transfer to another person responsible. - Right to complain
You have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority in particular in the member state of your place of residence, your place of work or the location of the alleged violation.