Privacy Policy
I. CONTROLLER
The controller within the meaning of the GDPR (General Data Protection Regulation) is the company specified in the legal notice, including its managing directors.
II. DATA PROTECTION OFFICER
The data protection officer of the controller is:
IBS data protection services and consulting GmbH
Zirkusweg 1
20359 Hamburg
Email: dsb@ibs-data-protection.de
Tel: +49 40 540 90 97 80
III. GENERAL INFORMATION ON DATA PROCESSING
1. Scope of Processing of Personal Data
The use of our website is generally possible without providing personal data. If personal data (such as name, address, or email addresses) is collected on our pages, this is done voluntarily. These data will not be passed on to third parties without your explicit consent.
If your personal data is necessarily processed in connection with the use of the website, this is done to ensure the functionality of the website. Further processing of personal data will only take place with your consent. An exception applies in cases where obtaining prior consent is not possible for factual reasons and data processing is permitted by legal regulations.
2. Legal Basis for Processing Personal Data
If we obtain your consent for processing personal data, this is done in accordance with Article 6 of the GDPR as the legal basis.
3. Data Deletion and Storage Duration
Personal data is deleted or blocked as soon as the purpose of storage no longer applies. Storage may also occur in cases provided for by law. Data is also blocked or deleted when a legally required retention period expires, unless further storage is necessary for contract conclusion or performance.
IV. HOSTING
The hosting services we use provide the following: infrastructure and platform services, computing capacity, storage space and database services, security services, and technical maintenance services necessary for operating the website.
In this context, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta, and communication data of customers, interested parties, and visitors to this website based on our legitimate interest in the efficient and secure provision of our website in accordance with Article 6(1)(f) GDPR in conjunction with Article 28 GDPR.
1.1 Access Data
We collect information about you when you use this website. We automatically collect information about your usage behavior and interactions with us and record data about your computer or mobile device. We collect, store, and use data about every access to our website (so-called server log files). The access data includes:
Name and URL of the accessed file
Date and time of access
Transferred data volume
Notification of successful retrieval (HTTP response code)
Browser type and version
Operating system
Referrer URL (previously visited page)
Websites accessed from the user’s system via our website
Internet service provider of the user
IP address and requesting provider
We use these log data without assigning them to your person or profiling for statistical evaluations for the purpose of operating, securing, and optimizing our website. We also use them for anonymous visitor traffic analysis and to measure the effectiveness of our services. This is also our legitimate interest pursuant to Article 6(1)(f) GDPR.
We reserve the right to subsequently review log data if there is a concrete indication of unlawful use. IP addresses are stored for a limited period if necessary for security purposes or for providing or billing a service.
V. USE OF COOKIES
1. Description and Scope of Data Processing
We use so-called session cookies to optimize our website. A session cookie is a small text file sent by our servers to your hard drive when you visit a webpage and stored temporarily. This file contains a session ID, allowing different browser requests to be assigned to a single session. These cookies are deleted when you close your browser.
We also use persistent cookies, which remain on your device and allow us to recognize your browser on your next visit. These cookies are stored for a predefined period (from one month to ten years). Their purpose is to provide a more user-friendly, effective, and secure website experience.
Our legitimate interest in using cookies under Article 6(1)(f) GDPR is to make our website more user-friendly and efficient.
You can configure your browser to inform you about the placement of cookies and decide on their acceptance individually, exclude them in certain cases, or disable them entirely. This may restrict website functionality.
VI. CONTACT FORM AND EMAIL CONTACT
1. Description and Scope of Data Processing
Our website provides a contact form for electronic communication. When a user submits a request via the form, the entered data is transmitted and stored. Alternatively, users can contact us via email, in which case the personal data transmitted via email is stored. The data is not shared with third parties and is used solely for processing the inquiry.
2. Purpose of Data Processing
The processing of personal data from the input form serves only to process the contact request. If contact is made via email, the legitimate interest in data processing lies in responding to the inquiry.
3. Duration of Storage
Data is deleted once the purpose of its collection is fulfilled. For contact form data and emails, this is when the conversation with the user is deemed completed.
VII. RIGHTS AS A DATA SUBJECT
If your personal data is processed, you are considered a data subject under GDPR and have the following rights:
1. Right to Information
You have the right to request confirmation from the controller as to whether personal data concerning you is being processed. If such processing occurs, you may request the following information:
The purposes of processing
The categories of processed personal data
The recipients of disclosed data
The planned storage duration or criteria for its determination
The existence of rights to rectification, deletion, restriction, or objection
The existence of a right to lodge a complaint with a supervisory authority
The source of the data if not collected from you
2. Right to Rectification
You have the right to request the correction or completion of incorrect or incomplete personal data.
3. Right to Restriction of Processing
You may request the restriction of processing under specific conditions, e.g., if you dispute data accuracy or object to processing.
4. Right to Deletion
You can request the deletion of your personal data under certain conditions, e.g., if it is no longer needed for its original purpose, if you withdraw consent, or if processing is unlawful.
5. Right to Notification
If you have asserted the right to rectification, deletion, or restriction of processing, the controller must inform all recipients of your data accordingly.
6. Right to Data Portability
You have the right to receive your personal data in a structured, commonly used, and machine-readable format and request its transfer to another controller.
7. Right to Object
You have the right to object at any time to processing based on Article 6(1)(e) or (f) GDPR.
8. Right to Withdraw Consent
You can withdraw your consent at any time, and it will not affect the lawfulness of processing before the withdrawal.
9. Right to Lodge a Complaint with a Supervisory Authority
You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates GDPR.