Privacy Policy
1. Privacy summary
General information
The following points provide a simple overview of what happens to your personal information when you visit this website. Personal data is any data that can identify you personally. For detailed information on data protection, please refer to our privacy policy below.
Data collection on this website
Who is responsible for the data collection on this website?
The website operator is responsible for the data processing on this website. You can find their contact details in the section "Information on the body responsible" in this privacy policy.
How do we collect your data?
We collect your data when you share it with us, for example, any information you enter into contact forms. Our IT systems collect other data either automatically or with your consent when you visit the website. This data consists primarily of technical data (e.g. internet browser, operating system, or the time of your page view) and is collected automatically as soon as you enter this website.
How do we use your data?
A part of the collected data helps us to analyze user behaviors. Other data allows us to ensure the correct operation of this website.
What are your rights regarding your data?
You have the right to receive information about the origin, recipient, and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time in the future. Under certain circumstances, you also have the right to request that the processing of your data be restricted. Furthermore, you have the right to complain to the responsible supervisory authority. You can contact us anytime if you have further questions about data protection.
2. Hosting
We host the content of our website at the following provider:
Amazon Web Services (AWS)
The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg (henceforth referred to as AWS).
The AWS servers process your personal data once you visit our website. In this context, personal data can also be transmitted to the AWS parent company in the USA. The data transfer into the USA is based on the EU Standard Contractual Clauses. More details here.
For more information, please refer to AWS' privacy policy.
The usage of AWS is based on Article 6(1)(f) GDPR. We have a legitimate interest in the correct display of our website.
If related consent has been requested, the processing takes place exclusively based on Article 6(1)(a) GDPR and Article 25(1) TTDSG, insofar the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. You can revoke your consent at any time.
Data processing agreement
We concluded a data processing agreement (DPA) for the service above. This contract, which is required by data protection law, ensures that the personal data of our website visitors is only processed according to our instructions and in compliance with the GDPR.
Cloudflare
Supplier is Cloudflare, Inc., 101 Townsend St San Francisco, CA 94107.
We use the services of the provider to optimise the security of our website. In the process, the following personal data may be sent to the company: IP address, browser type and version, operating system, referrer URL, time of request, HTTP status code, number of bytes transferred, cookie information, device information.
Cloudflare processes the personal data on the basis of the following legal grounds: consent, performance of a contract, compliance with a legal obligation and protection of legitimate interests. Cloudflare has a legitimate interest in processing personal data to provide and improve Cloudflare's services. These include: Providing a secure and reliable service, improving the performance of the service, developing new features and services.
Cloudflare transfers personal data to third parties when necessary to provide Cloudflare's services. These include: Service providers that provide cloud computing services, storage services or other technical infrastructure services; Service providers that provide DDoS protection or other security services; Service providers that provide analytics services. Cloudflare also transfers personal data to public authorities when required by law.
Every data subject has the right of access, rectification, erasure, restriction of processing, objection to processing and the right to data portability. Furthermore, every data subject has the right to complain to a supervisory authority.
Amazon CloudFront CDN
We use a content delivery network called Amazon CloudFront CDN. Its provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855, Luxembourg (henceforth referred to as "Amazon"). Amazon CloudFront CDN is a globally distributed content delivery network that technically routes the information transfer between your browser and our website. It allows us to increase the global availability and performance of our website.
We base the usage of Amazon CloudFront CDN on our legitimate interest to provide the most flawless and secure website experience applicable (Article 6(1)(f) GDPR). The data transfer into the USA is based on the Standard Contractual Clauses of the EU Commission.
Matomo (web analyzis)
We use the open source web analytics service Matomo on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offering within the meaning of Art. 6 (1) lit. f. DSGVO). DSGVO), we use the open source web analytics service Matomo.
The web analytics service enables us to evaluate user movements on this website in a data protection-friendly manner for the purpose of improving our offering. The collected statistical data is pseudonymised so that no conclusions can be drawn about the identity of individual users of this website. If you wish to generally prevent the collection of your page visits, you have the option of activating the Do-Not-Track function in your browser. Diese Maßnahme ist dann auch für alle anderen von ihnen besuchten Seiten wirksam. Für unsere Website lässt sich zudem die Erfassung Ihrer Seitenbesuche durch die Opt-Out-Funktion unterbinden. To do this, open the cookie icon, which can be found at the bottom left of every page on the website, and deactivate the "Performance Cookies" setting. To the Matomo data protection declaration: https://matomo.org/privacy-policy
Cookie Consent Manager CCM19
Supplier is Papoo Software & Media GmbH, Auguststr. 4, 53229 Bonn, Germany
We use the system on the basis of the legal conditions within the meaning of Art. 6 para. 1 s. 1 lit. c DSGVO to manage cookies. The privacy policy of our partner is available at https://www.ccm19.de/datenschutzerklaerung.html
HubSpot
Our website includes the use of HubSpot (located at 2 Canal Park, Cambridge, MA 02141, United States) as a third-party provider for the provision of landing pages. HubSpot processes personal data of visitors to our landing pages when they register on them or perform a download. These are:
- name (if indicated)
- email-address
HubSpot processes this data to identify and segment visitors to our landing pages and conduct marketing campaigns. HubSpot only uses this data in accordance with its own privacy policy which you can view here: https://legal.hubspot.com/privacy-policy
With regard to personal data, you have the following rights: right of access, rectification, erasure, objection to processing and transfer of data. You can exercise these rights by sending an email to
3. General and mandatory information
Privacy
The operators of this website take the protection of your data very seriously. We treat your personal data confidentially according to legal data protection regulations and our privacy policy.
If you use this website, various personal data will be collected. Personal data is any data that can identify you personally. This privacy policy explains which data we collect and how we use it.
We point out that data transmission on the Internet (for example by email communication) can have security gaps. It is not possible to completely protect data from access by third parties.
Information on the body responsible
The responsible body for data processing on this website is:
Ralf Emanuel
Heide 82
41564 Kaarst
Phone: +49 (0) 2131 3 66 60 82
The responsible body is the natural or legal person who decides on the purpose of the data processing (e.g. names, e-mail addresses, etc.) either alone or together with others.
Storage duration
Unless a specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your data (e.g. tax or commercial law retention periods); in the latter case, the data will be deleted after these reasons no longer apply.
General information on the legal foundations of data processing on this website
If you have consented to data processing, we process your personal data based on Article 6(1)(a) GDPR or Article 9(2)(a) GDPR if special data categories are processed pursuant to Article 9(1) GDPR.
In the case of explicit consent to the transfer of personal data to third countries, the data processing is also conducted based on Article 49(1)(a) GDPR. If you have consented to the storage of cookies or access of your information in your device (e.g. via device fingerprinting), the data processing also occurs based on Article 25(1) TTDSG. The consent may be revoked at any time. If your data is required for the fulfillment of a contract or implementation of pre-contractual measures, we process your data based on Article 6(1)(b) GDPR.
Furthermore, we also process your data if it is necessary for fulfilling legal obligations based on Article 6(1)(c) GDPR. Likewise, the data processing may be based on our legitimate interest according to Article 6(1)(f) GDPR. Information on the relevant legal foundations in each individual case is provided in the following paragraphs of this privacy policy.
Information on data transfer to the USA and other third countries
Some of our tools are from companies based in the USA or other third countries that are not considered secure by the data protection law. When these tools are active, your personal data may be transferred to and processed in these third countries. For these countries, we cannot guarantee the same level of data protection comparable to the EU. For example, U.S. companies are obligated to release personal data to security authorities without you, the data subject, being able to take legal action against it. Therefore it cannot be ruled out that U.S. authorities (e.g. intelligence agencies) process, evaluate, and permanently store your data on U.S. servers for surveillance purposes. We do not influence these processing activities.
Withdrawal of your consent to data processing
Most data processing operations are only permitted with your express consent. You can revoke an already granted consent anytime. The legal validity of the data processing conducted until your revocation remains unaffected by the revocation.
Rights of objection to data collection in special cases and direct marketing (Art. 21 GDPR)
IF THE DATA PROCESSING IS CONDUCTED BASED ON ARTICLE 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA ANYTIME DEPENDING ON YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE REGULATIONS. THE PROCESSING IS BASED ON THE RESPECTIVE LEGAL FOUNDATION WHICH CAN BE DERIVED FROM THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR DATA UNLESS WE CAN PRESENT A COMPELLING LEGITIMATE JUSTIFICATION WHICH OVERRIDES YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR THE PROCESSING IS TO ASSERT, EXERCISE, OR DEFEND LEGAL CLAIMS (OBJECTION UNDER ARTICLE 21(1) GDPR). IF YOUR DATA IS PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT TO SUCH PROCESSING FOR THE ABOVE PURPOSE AT ANY TIME; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS ASSOCIATED WITH SUCH DIRECT MARKETING.
IF YOU OBJECT, YOUR PERSONAL DATA WILL THEREAFTER NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ARTICLE 21(2) GDPR).
Right to appeal to the relevant supervisory authority
In the event of infringements against the GDPR, data subjects shall have the right to appeal to a supervisory authority, especially in the Member State of their habitual residence, their place of work, or alleged infringement. The right to appeal is without prejudice to other administrative or judicial remedies.
Data transfer rights
You have the right to request the transfer of your data processed by us based on consent or in fulfillment of an automated contract to you or a third party in a common, machine-readable format. It is possible to request the direct transfer of your data to another person, only if technically feasible.
Disclosure, deletion, and revision
Within the limits of the applicable legal regulations, you have the right to inquire about your stored personal data, its origin, and recipient, and the purpose of the data processing at all times and free of charge. If applicable, you also have the right to request the correction or deletion of this data. You can contact us regarding your personal data and other related inquiries anytime.
Right to restrict processing
You have the right to request the restriction of processing your data. You may contact us for this purpose anytime. The right to restrict data processing applies in the following cases:
- If you dispute the accuracy of your data we are storing, we verify your claim within a certain time range. You have the right to request the restriction of your data processing for the duration of the verification.
- If the data processing occurred/is occurring unlawfully, you can request for the data processing to be restricted instead of deleted.
- If we no longer need your personal data but require it to exercise, defend or enforce legal claims, you have the right to request the restriction of data processing instead of deletion.
- It is mandatory to determine whether your or our interests prevail if you have filed an objection pursuant to Art. 21 (1) GDPR. As long as it has not yet been determined whose interests prevail, you have the right to demand restriction of your data processing.
If you have requested the restriction of your data, apart from storage, it may only be processed with either your consent or for the assertion, exercise, or defense of legal claims, for the protection of the rights of another natural or legal person, or reasons of an important public interest of the European Union or a Member State.
SSL or TLS encryption
This site uses SSL or TLS encryption for security purposes and protection of transferring confidential content, such as orders or inquiries that you send to us as the site operator. The lock symbol and the change from "HTTP://" to "HTTPS://" in your browser address bar indicate an encrypted connection. Your transmitted data is not visible to third parties while the SSL or TLS encryption is activated.
Objection to promotional e-mails
Contact details published within this obligatory imprint are hereby prohibited from being used to send advertising and information material that has not been expressly requested. The operator of this website expressly reserves the right to take legal action in the event of unsolicited receipt of advertising information, such as spam e-mails.
Credit assessments
We reserve the right to carry out a credit check based on mathematical-statistical methods to meet our legitimate interest in determining the creditworthiness of our customers. We transmit the personal data required for credit assessments in accordance with Article 6(1)(f) GDPR to the following service provider:
SCHUFA Holding AG
Kormoranweg 5
65201 Wiesbaden
The credit check may contain probability values (so-called score values). If the results include score values, they are based on a scientifically recognized mathematical-statistical method. The calculation of the score values includes, but is not limited to, address data. We use the assessment's result regarding the statistical probability of non-payment to decide on the establishment, fulfillment, or termination of a contractual agreement.
You may object to the processing of your data anytime by messaging the data controller or the aforementioned credit agency. However, we may still be authorized to process your personal data if necessary to fulfill contractual payments.
4. Data collection on this website
Request by e-mail, phone or fax
If you contact us by e-mail, phone, or fax, your inquiry including all derived personal data (name, inquiry) will be stored and processed by us to fulfill your request. We do not share this data without your consent.
The processing of your data is based on Article 6(1)(b) GDPR, if your request is either related to the fulfillment of a contract or necessary to implement pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the efficient handling of the inquiries addressed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR) if requested; the consent is revocable anytime.
Any data sent to us via contact requests will remain with us until you either request deletion or revocation of your storage consent, or the purpose for storage no longer applies (e.g. after we have completed handling your request).
Mandatory legal regulations - in particular legal retention periods - remain unaffected.
5. Plugins and tools
Google Fonts (local hosting)
This website uses so-called Google Fonts which are provided by Google for the purpose of consistent font display. They are installed locally. A connection to Google servers does not occur. Learn more about Google Fonts here and in Google's privacy policy.
6. Usage of Cookies
Description and scope of data processing
Our website uses cookies. Cookies are text data that are stored in the internet browser or by the internet browser on the user's computer system. When a user accesses a website, the website may cause the internet browser to store cookies on the user's computer system. On subsequent visits to the website, these cookies can be sent again from the user's computer system to the website. Cookies are only sent back to the originating domain, not to other domains. Cookies can be used to store the user's decisions regarding the website over a certain period of time, to uniquely identify the user's specific internet browser, or to statistically record the user's characteristics or behaviour on the internet.
The following data is stored and transmitted in the cookies:
User session: When entering the website, a random code is used by the website in a session cookie in order to be able to assign subsequent page views to exactly the same internet browser. We also use cookies on our website that enable an analysis of the user's surfing behaviour. In addition to cookies, the type of browser and operating system is transmitted to us, provided this is transmitted to us by the browser. These data, which are processed exclusively in the user's Internet browser, serve the purpose of not displaying messages again that the user has confirmed. These include: the notice about the use of cookies and the notice when using an unsupported browser. When calling up our website, the user is informed about the use of cookies for analysis purposes and his consent to the processing of personal data used in this context is obtained. In this context, a reference to this data protection declaration is also made.
Legal basis for the processing of data
The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f DSGVO. The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 lit. a DSGVO if the user has given his or her consent in this regard.
.
Purpose of the data processing
The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognised even after a page change. The user data collected through technically necessary cookies are not used to create user profiles. Analysis cookies are used for the purpose of improving the quality of our website and its content. These purposes are also our legitimate interest in processing the personal data according to Art. 6 para. 1 lit. f DSGVO.
Duration of storage, possibility of objection and removal
Cookies are stored on the user's computer and transmitted from it to our site. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.
Last modified: 12.09.2023
Source:
eRecht24
