Summary of Data Privacy
The following information will provide you with an easy to navigate overview of what will happen with your personal data when you visit this website. The term “personal data” comprises all data that can be used to personally identify you. For detailed information about the subject matter of data protection, please consult the Data Protection Declaration below on this page.
Who is the responsible party for the recording of data on this website (i.e. the “controller”)?
The data on this website is processed by the operator of the website, whose contact information is available under section “Information about the Responsible Party” below on this page.
How do we process your data?
We collect your data as a result of your sharing of your data with us. This may, for instance, be information you enter into our contact form.
Our IT systems automatically record other data when you visit our website. This data comprises primarily technical information (e.g. web browser, operating system or time the site was accessed). This information is recorded automatically when you access this website.
What are the purposes we use your data for?
A portion of the information is generated to guarantee the error-free provision of the website. Other data may be used to analyse your user patterns.
What rights do you have as far as your information is concerned?
You have the right to receive about the source, recipients and purposes of your archived personal data at any time without having to pay a fee for such disclosures. You also have the right to demand that your data are rectified or eradicated. Please do not hesitate to contact us at any time under the address disclosed in section “Information about the Responsible Party” below on this page if you have questions about this or any other data protection related issues. You also have the right to log a complaint with the competent supervising agency.
Moreover, under certain circumstances, you have the right to demand the restriction of the processing of your personal data. For details, please consult the below Data Protection Declaration under section “Right to Restriction of Data Processing”.
Hosting
We are hosting our website with the following external service provider (host):
webgo GmbH, Heidenkampsweg 81, 20097, Hamburg (hereinafter referred to as webgo)
Personal data collected on this website is stored on the host’s servers. If you visit our website, webgo collects server log files including your IP address, used browser and referrer. More information are described in the section “Server Log Files” below on this page.
Users can find details in webgo’s data protection declaration:
https://www.webgo.de/datenschutz
The use of webgo is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the most reliable presentation of our website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG (“Telekommunikation-Telemedien-Datenschutz-Gesetz” from Germany), insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.
We have concluded a contract on order processing with the above-mentioned hosting provider. This is a contract required by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
Mandatory Data Protection Information
The operators of this website and its pages take the protection of your personal data very seriously. Hence, we handle your personal data as confidential information and in compliance with the statutory data protection regulations and this Data Protection Declaration.
Whenever you use this website, a variety of personal data will be collected. Personal data comprises data that can be used to personally identify you. This Data Protection Declaration explains which data we collect as well as the purposes we use this data for. It also explains how, and for which purpose the information is collected.
We herewith advise you that the transmission of data via the internet (i.e. through email communication) may be prone to security gaps. It is not possible to completely protect data against third party access.
Information about the Responsible Party (referred to as the “controller” in the GDPR)
The data processing controller on this website is:
Contact form: Send message via contact form
Email:
The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g. names, email addresses, etc.).
General Information on the Legal Basis for Data Processing on this Website
If users have consented to data processing, we process their personal data on the basis of Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR if special categories of data are processed in accordance with Art. 9 para. 1 GDPR. In the event of express consent to the transfer of personal data to third countries, data processing is also based on Art. 49 (1) a GDPR. If users have consented to the storage of cookies or to the access to information in their terminal device (e.g. via device fingerprinting), the data processing is also carried out on the basis of Section 25 (1) TTDSG (“Telekommunikation-Telemedien-Datenschutz-Gesetz” from Germany). This consent can be revoked at any time. If user data is required for the fulfilment of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b GDPR. Furthermore, if their data is required for the fulfilment of a legal obligation, we process it on the basis of Art. 6 para. 1 lit. c GDPR. Furthermore, the data processing may be carried out on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. Information on the relevant legal basis in each individual case is provided in the following paragraphs of this data protection declaration.
Storage Duration
Unless a more specific storage period has been specified within this privacy policy, your personal data will remain with us until the purpose for processing the data no longer applies. If you assert a justified request for deletion or revoke consent for data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., storage periods under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer apply.
Information, Deletion and Correction
Within the framework of the applicable legal provisions, you have the right at any time to receive free information concerning your stored personal data, its origin and recipient, and the purpose of the data processing and, if applicable, a right to correction or deletion of this data. You can contact us at any time for this purpose and for further questions regarding personal data.
Right to Revoke Consent to Data Processing
Many data processing operations are only possible with your explicit consent. You can revoke/cancel the consent provided at any time. The legality of the data processing performed until cancelled remains unaffected by the cancellation.
Right to Object to Data Collection in Special Cases as well as against Direct Advertising (Art. 21 GDPR)
IF THE DATA PROCESSING IS BASED ON ART. 6 PARA. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS DATA PROTECTION DECLARATION. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR THE PROCESSING SERVES THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS (OBJECTION UNDER ARTICLE 21(1) OF THE DATA PROTECTION ACT).
IF YOUR PERSONAL DATA ARE PROCESSED FOR THE PURPOSE OF DIRECT ADVERSTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS CONNECTED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE SUBSEQUENTLY USED FOR THE PURPOSE OF DIRECT ADVERTISING (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR).
Right of Appeal to the Responsible Supervisory Authority
In the event of breaches of the GDPR, data subjects shall have a right of appeal to a supervisory authority, in particular in the Member State of their habitual residence, their place of employment, or the place of the alleged breach. The right to lodge a complaint exists without prejudice to other
administrative or legal remedies.
Right of Data Portability
You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be performed as technically feasible.
Right to Restriction of Data Processing
You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time. The right to the restriction of processing exists in the following cases:
- If you dispute the accuracy of your personal data stored by us, time is usually required on our behalf for reviewing/verification. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
- If the processing of your personal data occurred/is occurring unlawfully, you can request the restriction of data processing instead of deletion.
- If we no longer require your personal data but you require it to exercise, defend, or enforce legal claims, you have the right to request restriction of the processing of your personal data instead of deletion.
- If you have lodged an objection pursuant to Art. 21 (1) GDPR, a balancing of your interests in addition to our own must be performed. As long as it has not yet been determined whose interests prevail, you have the right to demand the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
SSL and/or TLS Encryption
For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection in that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Note on Data Transfer to the USA and other Third Countries
Tools from companies based in the USA or other third countries that are not secure from a data protection perspective are integrated on our website. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action. Therefore, it can not be excluded that US authorities (e.g., intelligence services) may use your data located on US servers for the purpose of
processing, evaluating, and permanently storing data for monitoring purposes. We have no influence on these processing activities.
Data Processing on this Website
Cookies
Our website use what the industry refers to as “cookies.” Cookies are small text files that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain archived on your device until you actively delete them or they are automatically eradicated by your web browser.
In some cases it is possible that third party cookies are stored on your device once you enter our site (third party cookies). These cookies enable you or us to take advantage of certain services offered by the third party (e.g. cookies for the processing of payment services).
Cookies have a variety of functions. Many cookies are technically essential since certain website functions would not work in the absence of the cookies (e.g. the shopping cart function or the display of videos). The purpose of other cookies may be the analysis of user patterns or the display of promotional messages.
Cookies that are required for the performance of the electronic communications transaction or to provide certain functions you want to use (e.g. the shopping cart function), are stored on the basis of Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in storing cookies to ensure the technically error free and optimised provision of the operator’s services. If a corresponding agreement has been requested (e.g. an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the agreement can be revoked at any time.
You have the option to set up your browser in such a manner that you will be notified any time cookies are placed and to permit the acceptance of cookies only in specific cases. You may also exclude the acceptance of cookies in certain cases or in general or activate the delete function for the automatic eradication of cookies when the browser closes. If cookies are deactivated, the functions of this website may be limited.
In the event that third party cookies are used or if cookies are used for analytical purposes, we will separately notify you in conjunction with this Data Protection Policy and, if applicable, ask for your consent.
Server Log Files
The hosting provider of this website automatically collects and stores information in so-called server log files, which your browser communicates to us automatically. The information comprises:
- The time of the server inquiry
- The IP address
- The type and version of browser used
- The used operating system
- The referrer URL
- The hostname of the accessing computer
This data is not merged with other data sources.
This data is recorded on the basis of Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in the technically error-free depiction and the optimization of the operator’s website. In order to achieve this, server log files must be recorded.
Contact Form
If you submit inquiries to us via our contact form, the information provided in the contact form as well as any contact information provided therein will be stored by us in order to handle your inquiry and in the event that we have further questions. We will not share this information without your consent.
The processing of these data is based on Art. 6 para. 1 lit. b GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your agreement (Art. 6 Para. 1 lit. a GDPR) if this has been requested.
The information you have entered into the contact form shall remain with us until you ask us to eradicate the data, revoke your consent to the archiving of data or if the purpose for which the information is being archived no longer exists (e.g. after we have concluded our response to your inquiry). This shall be without prejudice to any mandatory legal provisions – in particular retention periods.
Request by Email, Telephone or Fax
If you contact us by email, telephone or fax, your request, including all resulting personal data (name, email, request message) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.
The processing of these data is based on Art. 6 para. 1 lit. b GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases, the processing is based on your consent (Article 6 (1) a GDPR) and/or on our legitimate interests (Article 6 (1) (f) GDPR), since we have a legitimate interest in the effective processing of requests addressed to us.
The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.
Comment Functionality
If you use the comment function on this website, the time at which you created the comment and your email address will be stored along with your comment, as well as your username, unless you are posting anonymously.
Storage of the IP Address
Our comment function stores the IP addresses of those users who post comments. Since we do not check comments on our site before they go live, we need this information to be able to pursue action for illegal or slanderous content.
Storage Duration
The comments and the associated data (e.g. IP address) are stored and remain on our website until the content commented upon has been completely deleted or the comments are required to be removed for legal reasons (slander, etc.).
Legal Basis
The comments are stored based on your consent per Art. 6 (1) (a) GDPR. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
Plugins and Tools
Github
On our website, we may provide hyperlinks to or we may embed source codes, which are hosted on third party servers of Github Inc., 88 Colin P Kelly Jr St, San Francisco, CA 94107, USA.
We do not have any influence on the processing of personal data performed by Github. Instead, please consult the Github privacy policy:
https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement
Real Cookie Banner
To manage the cookies and similar technologies used and related consents, we use the consent tool “Real Cookie Banner”. Details on how “Real Cookie Banner” works can be found at https://devowl.io/rcb/data-processing/.The legal basis for the processing of personal data in this context are Art. 6 (1) lit. c GDPR and Art. 6 (1) lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consents.
Real Cookie Banner asks website visitors for consent to set cookies and process personal data. For this purpose, each website visitor is assigned a UUID (pseudonymous identification of the user), which is valid until the expiration of the cookie to store consent. Cookies are used to test whether cookies can be set, to store reference to documented consent, to store which services from which service groups the visitor has consented to, and, if consent is obtained under the Transparency & Consent Framework (TCF), to store consent in TCF partners, purposes, special purposes, functions and special functions. Within the scope of the duty of disclosure according to the GDPR, the collected consent is fully documented. This includes, in addition to the services and service groups to which the visitor has consented, and if consent is obtained according to the TCF standard, to which TCF partners, purposes and functions the visitor has consented, all cookie banner settings at the time of consent as well as the technical circumstances (e.g. size of the viewing area at the time of consent) and the user interactions (e.g. clicking on buttons) that led to consent. Consent is collected once per language.
Real Cookie Banner is one of the essential services and is required for the basic functionality of the website. They contain only technically necessary services. These services can not be contradicted.
Wordfence
Wordfence has been integrated on this website. The provider is Defiant Inc, Defiant, Inc, 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter Wordfence).
Wordfence is used to protect our website from unwanted access or malicious cyberattacks. Cookies are used to check the permissions of the user before accessing the website, to notify administrators when a user signs in with a new device or location, and to bypass defined country restrictions through specially prepared links.
To ensure an adequate level of security, the Wordfence plugin needs to store your IP address on our servers. For the protection of your personal data and according to our configuration, this information is not transmitted to the Defiant servers located in the USA.
The use of Wordfence is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website as effectively as possible against cyberattacks. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a GDPR; the consent can be revoked at any time.
We have concluded a contract on order processing with Wordfence. This is a contract required by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
For more information, please consult:
https://www.wordfence.com/help/general-data-protection-regulation/ and https://www.wordfence.com/privacy-policy/
Social Media Appearances
Data Processing through Social Networks
We maintain publicly available profiles in social networks. The individual social networks we use can be found below.
Social networks such as Twitter, Mastodon etc. can generally analyze your user behavior comprehensively if you visit their website or a website with integrated social media content (e.g. like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail:
If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.
Using the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. This way you can see interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have logged in to.
Please also note that we cannot retrace all processing operations on the social media portals. Depending on the provider, additional processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and privacy policy of the respective social media portals.
Legal Basis
Our social media appearances should ensure the widest possible presence on the internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) (a) GDPR).
Responsibility and Assertion of Rights
If you visit one of our social media sites (e.g., Twitter), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g. Twitter).
Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.
Storage Duration
The data collected directly from us via the social media presence will be deleted from our systems as soon as you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory provisions – in particular, retention periods – remain unaffected.
We have no control over the storage duration of your data that are stored by the social network operators for their own purposes. For details, please contact the social network operators directly (e.g. in their privacy policy, see below).
Individual Social Networks
Mastodon
We have a profile on Mastodon. The provider is Mastodon gGmbH, Mühlenstraße 8a, 14167 Berlin, Germany.
You can adjust your Mastodon privacy settings independently in your user account. To do so, click on the following link and log in:
https://mastodon.social/settings/profile
For details, see the Mastodon privacy policy:
https://infosec.exchange/privacy-policy and https://mastodon.social/terms
We have a profile on Reddit. The provider is Reddit, Inc., 1455 Market Street, Suite 1600, San Francisco, CA 94103, United States.
You can customize your Reddit privacy settings in your user account. Click on the following link and log in:
https://www.reddit.com/settings/privacy
For details, see the Reddit privacy policy:
https://www.reddit.com/policies/privacy-policy
We use the short message service Twitter. The provider is Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.
You can customize your Twitter privacy settings in your user account. Click on the following link and log in:
https://twitter.com/personalization
Data transmission to the US is based on the Standard Contractual Clauses of the European Commission. Details can be found here:
https://gdpr.twitter.com/en/controller-to-controller-transfers.html
For details, see the Twitter privacy policy:
https://twitter.com/privacy
Source:
https://www.e-recht24.de/