We attach great importance to privacy. The collection and processing of your personal data takes place in compliance with the applicable data protection regulations, in particular the EU General Data Protection Regulation (GDPR). We collect and process your personal data in order to offer you the above-mentioned portal. This statement describes how and for what purpose your data is collected and used and what options you have in relation to personal information.
1 Responsible body
Responsible body for the collection, processing and use of your personal data within the meaning of the GDPR is:
Owner Michael Gillner
Phone:+49 42 41 / 93 32-60
2 General use of the website
2.1 Access data
We collect information about you when you use this Website. We automatically collect information about your usage and interaction with us and register information about your computer or mobile device. We collect, store and use data about every access to our online offer (so-called server log files). The access data includes name and URL of the retrieved file, date and time of retrieval, amount of data transferred, message about successful retrieval (HTTP response code), browser type and browser version, operating system, referrer URL (ie the previously visited page), IP address and the requesting provider.
We use these log data without assignment to you or other profiling for statistical evaluations for the purpose of operation, security and optimization of our online offer, but also for the anonymous recording of the number of visitors to our Website (traffic) and the extent and nature of use of our Website and services, as well as for billing purposes, to measure the number of clicks received from cooperation partners. Based on this information, we can provide personalized and location-based content, analyze traffic, troubleshoot and improve our services. We reserve the right to retrospectively review the log data if, on the basis of concrete evidence, there is a legitimate suspicion of unlawful use. We store IP addresses in the logfiles for a limited period of time, if this is necessary for security purposes or for the provision of services or the billing of a service, eg. if you use one of our offers. We store IP addresses even if we have a specific suspicion of a crime in connection with the use of our Website.
If a shop system is offered, the following rules apply: As part of your account, we save the date of your last visit (for example, when registering, logging in, clicking links etc.).
2.2 E-Mail contact
If you contact us (eg via contact form or e-mail), we will save your details for the processing of the request as well as in the event that follow-up questions arise. We store and use other personal data only if you consent to it or if this is permitted by law without special consent.
2.3 Legal bases and storage duration
The legal basis of the data processing in accordance with the preceding paragraphs is Article 6 (1) (f) GDPR. Our interests in data processing include, in particular, ensuring the operation and security of the Website, investigating the way users use the Website, and simplifying the use of the Website.
Unless specifically stated, we store personal data only as long as necessary to fulfill the purposes pursued.
3 Your rights
Under applicable law, you have various rights regarding your personal information. If you would like to assert these rights, please send your request by e-mail or by post with a clear identification of your person to the address specified in section 1. Below is an overview of your rights.
3.1 Right of confirmation and information
You have the right at any time to obtain confirmation from us as to whether personal data relating to you is being processed. If this is the case, you have the right to obtain free information from us about the personal data you have stored together with a copy of this data. Furthermore, there is a right to the following information:
- The processing purposes
- The categories of personal data being processed
- The recipients or categories of recipients to whom the personal data have been disclosed or are yet to be disclosed, in particular to recipients in third countries or to international organizations
- If possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining that duration
- The right of rectification or erasure of your personal data or restriction of processing by the controller or a right to object to such processing
- The existence of a right of appeal to a supervisory authority
- If the personal information is not collected from you, all available information about the source of the data
- The existence of automated decision-making, including profiling, in accordance with Article 22 (1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved and the implications and consequences of such processing for you
If personal data are transmitted to a third country or to an international organization, you have the right to be informed of the appropriate safeguards under Article 46 of the GDPR in connection with the transfer.
3.2 Right of correction
You have the right to demand immediate correction of incorrect personal data concerning you. Taking into account the purposes of this, you have the right to request the completion of incomplete personal data, including by means of a supplementary statement.
3.3 Right to delete („Right to be forgotten“)
You have the right to ask us to delete your personal information without delay, and we are required to delete your personal information immediately if one of the following is true:
- The personal data are no longer necessary for the purposes for which they were collected or otherwise processed
- They revoke their consent on which the processing was based in accordance with Article 6 (1) GDPR (a) or Article 9 (2) (a) GDPR and there is no need for any other legal basis for the processing
- In accordance with Article 21 (1) of the GDPR, they object to the processing and there are no legitimate reasons for the processing, or they object to the processing in accordance with Article 21 (2) GDPR
- The personal data were processed unlawfully
- The deletion of personal data is required to fulfill a legal obligation under Union or national law to which we are subject
- The personal data were collected in relation to information society services offered pursuant to Article 8 (1) of the GDPR
If we have made the personal data public and we are required to delete it, we shall take appropriate measures, including technical means, to inform data controllers who process the personal data, taking into account available technology and implementation costs, that you have requested that you delete any links to such personal information or copies or replications of such personal information.
3.4 Right to limit the processing
You have the right to require us to restrict processing if any of the following conditions apply:
- The accuracy of your personal information is contested by you for a period of time that allows us to verify the accuracy of your personal information
- The processing is unlawful and you refuse the deletion of the personal data and instead requires the restriction of the use of personal data
- We no longer need your personal information for the purposes of processing, but you need the information to assert, exercise or defend your rights, or
- You have objected to the processing under Article 21 (1) of the GDPR, as long as it is not certain that the legitimate reasons of our company outweigh yours.
3.5 Right to data transferability
You have the right to receive the personal information that you have provided us in a structured, common and machine-readable format, and you have the right to transfer that information to another person without hindrance, provided that
- The processing is based on a consent pursuant to Article 6 (1) (a) GDPR or Article 9 (2) (a) GDPR or to a contract pursuant to Article 6 (1) (b) GDPR, and
- the processing is done using automated procedures. In exercising your right to data portability in accordance with paragraph 1, you have the right to obtain that the personal data are transmitted directly by us to another party, as far as technically feasible.
3.6 Opposition right
You have the right, for reasons of your own particular situation, to object at any time to the processing of personal data relating to you pursuant to Article 6 (1) (e) or (f) of the GDPR; this also applies to profiling based on these provisions. We no longer process personal information, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purposes of asserting, exercising or defending legal claims.
If personal data are processed by us in order to operate direct mail, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct mail. You have the right, for reasons of your own particular situation, to object to the processing of personal data concerning you for scientific or historical research purposes or for statistical purposes under Article 89 (1) of the GDPR, unless processing is necessary to fulfill a public interest task.
3.7 Automated decisions including profiling
You have the right not to be subjected to a decision based solely on automated processing – including profiling – that will have legal effect or similarly affect you in a similar manner.
3.8 Right to withdraw data protection consent
Each data subject shall have the right granted by the European legislator to withdraw his or her consent to processing of his or her personal data at any time.
3.9 Right to complaint with a supervisory authority
You have the right to complain to a supervisory authority, in particular in the Member State of your residence, employment or the place of the alleged breach, that you consider that the processing of your personal data is unlawful.
4 Data security
We make every effort to ensure the security of your data within the framework of applicable data protection laws and technical possibilities. Your personal data will be transmitted encrypted with us. We use the SSL (Secure Socket Layer) coding system, but point out that data transmission over the Internet (for example, when communicating by e-mail) may have security vulnerabilities. A complete protection of the data from access by third parties is not possible. To safeguard your data, we maintain technical and organizational security measures that we always adapt to state-of-the-art technology. We also do not warrant that our offer will be available at specific times; Disturbances, interruptions or failures can not be excluded. The servers we use are regularly backed up carefully.
If a shop system is offered, the following rules apply: Your data for orders and your login will be transmitted encrypted via SSL.
5 Automated decision-making
There is no automated decision-making based on personal data collected.
6 Disclosure of data to third parties,
no data transfer to non-EU countries
Basically, we only use your personal data within our company. If and to the extent that we engage third parties in the performance of contracts (such as logistics service providers), these personal data will only be received to the extent that the transmission is required for the corresponding service. In the event that we outsource certain parts of the data processing („order processing“), we contractually obligate processors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the data subject’s rights. Data transmission to agencies or persons outside the EU does not take place and is not planned.
7 Data Protection Officer
If you have any questions or concerns about data protection, please contact our data protection officer at firstname.lastname@example.org.