Privacy Policy

back

Status: 11. Oktober 2023

Table of contents

Person in charge

Johann Holm

Bennet Witzcak

Alexandra Deaconu

Processing overview

The following overview summarizes the types of data processed and the purposes for which they are processed and refers to the data subjects.

Types of data processed

Categories of affected persons

Processing purposes

Relevant legal bases

Relevant legal bases according to the DSGVO: Below you will find an overview of the legal basis of the GDPR on the basis of which we process personal data. Please note, that, in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or domicile. may apply. Furthermore, should more specific legal bases be relevant in individual cases, we will inform you of these in the privacy policy.

National data protection regulations in Germany: In addition to the data protection regulations of the GDPR national regulations on data protection apply in Germany. These include, in particular, the Act for the Protection against Misuse of Personal Data in Data Processing (Federal Data Protection Act - BDSG). The BDSG contains special regulations on the right to information, the right to deletion, the right to object, the processing of processing of special categories of personal data, processing for other purposes, and the transmission and as well as automated decision-making in individual cases, including profiling. Furthermore State data protection laws of the individual federal states may also apply.

Reference to validity of DSGVO and Swiss DSG: This data protection notice serves both to information according to the Swiss Federal Law on Data Protection (Schweizer DSG) as well as according to the General Data Protection Regulation (GDPR). For this reason, we ask you to note that due to the broader spatial application and comprehensibility, the terms of the GDPR are used. In particular, instead of the terms used in the Instead of the Swiss DPA terms "processing" of "personal data", "overriding interest" and "particularly personal data" used in the GDPR, the terms "processing" of "personal data" and "legitimate data" as well as "legitimate interest" and "special categories of data" are used. The legal meaning of the terms will, however, continue to be determined in accordance with the Swiss DPA within the scope of its applicability.

Security measures

We make decisions in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the different the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons. appropriate technical and organizational measures to ensure a level of protection appropriate to the risk. ensure.

Measures include, in particular, ensuring the confidentiality, integrity and availability of data through controlling physical and electronic access to data, as well as the access, input, transfer, availability and segregation of data. access, input, disclosure, availability, and segregation. Furthermore, we have established procedures procedures in place to ensure the exercise of data subjects' rights, the deletion of data, and the response to data of the data. Furthermore, we already take the protection of personal data into account during the development and selection of hardware, software and processes in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.

Transmission of personal data

In the course of our processing of personal data, it happens that the data is transmitted to other entities, companies, legally independent organizational units or persons or disclosed to them. disclosed to them. The recipients of this data may include, for example, service providers commissioned with IT tasks or Providers of services and content that are integrated into a website. In such cases we observe legal requirements and, in particular, conclude appropriate contracts or agreements that serve to protect your data. protection of your data with the recipients of your data.

International data transfers

Data processing in third countries: If we process data in a third country (i.e., outside the European Union (EU), European Economic Area (EEA)) or the processing takes place in the context of the use of third services of third parties or the disclosure or transfer of data to other persons, entities or companies, this will only be takes place, this will only be done in accordance with the legal requirements. If the level of data protection in the third country has been recognized by means of an adequacy decision (Art. 45 DSGVO), this serves as the basis for the data transfer. Otherwise, data transfers will only take place if the level of data protection is otherwise ensured, in particular through standard contractual clauses (Art. 46(2)(c) DSGVO), explicit consent or in the case of contractual or legally required transfer (Art. 49 (1) DSGVO). For the rest, we will inform you of the bases of the third country transfer in the case of the individual providers from the third country, whereby the Adequacy Decisions take precedence as bases. Information on third country transfers and available adequacy decisions can be found in the information provided by the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de.

EU-US Trans-Atlantic Data Privacy Framework: Within the framework of the so-called "Data Privacy Framework" (DPF), the EU Commission has also recognized the level of data protection for certain companies from the USA as part of the Adequacy Decision of July 10, 2023 as secure. The list of certified companies as well as further information on the DPF can be found on the website of the U.S. Department of Commerce at https://www.dataprivacyframework.gov/ Within the scope of the data privacy notice, we inform you which of our service providers we use are certified under the Data Privacy Framework.

Rights of the data subjects

Data subjects' rights under the DSGVO: As a data subject, you are entitled to various rights under the GDPR which result in particular from Art. 15 to 21 of the DSGVO:

Cookies usage

Cookies are small text files, or other memory tags, that store information on end devices and read information from the end devices. read information from the end devices. E.g. to store the login status in a user account, a shopping cart content in an an e-shop, the contents called up or functions used of an online offer. Cookies can be used for various purposes, e.g. for purposes of the functionality, security and convenience of online offers comfort of online offers as well as the creation of analyses of visitor flows.

Consent Notes:We use cookies in accordance with the law. Therefore, we obtain prior consent from users, except where this is not required by law is required by law. In particular, consent is not required if the storage and reading of the information, i.e. cookies, are absolutely necessary in order to provide the user with a telemedia service that he or she has expressly requested. telemedia service (i.e. our online offer) that they expressly request. Among the absolutely necessary cookies generally include cookies with functions that are necessary for the display and operability of the online offer, for load load balancing, security, the storage of the preferences and choices of users or similar purposes related to the provision of the main and secondary functions of the online offer requested by the users. purposes related to the provision of the online offer requested by the users. The revocable consent will be clearly communicated to users and contains the information on the respective cookie use.

Notes on the legal basis for data protection:The legal basis under data protection law legal basis we process users' personal data with the help of cookies depends on whether we ask Ask users for consent. If the users consent, the legal basis for the processing of your data is the declared consent. Otherwise, the data processed with the help of cookies is processed on the basis of of our legitimate interests (e.g. in the business operation of our online offering and the improvement of its usability) or, if this is done in the context of the fulfillment of our contractual obligations, if the use of cookies is required. if the use of cookies is necessary to fulfill our contractual obligations. To which purposes the cookies are processed by us, we clarify this in the course of this data protection declaration or in the context of our consent and processing procedures.

Storage duration: With regard to the storage period, the following types of cookies are distinguished distinguished:

General information on revocation and objection (so-called "opt-out"):Users can revoke the consent they consent at any time and object to the processing in accordance with the legal requirements. object to the processing. For this purpose, users can, among other things, restrict the use of cookies in the settings of their browsers. (whereby this may also restrict the functionality of our online offer). An objection to the use of cookies for online marketing purposes can also be made via the websites https://optout.aboutads.info und https://www.youronlinechoices.com/ be explained.

Further guidance on processing operations, procedures and services:

Provision of the online offer and web hosting

We process users' data in order to provide them with our online services. For this purpose we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's to transmit the contents and functions of our online services to the user's browser or terminal device..

Further guidance on processing operations, procedures and services:

Contact and request management

When contacting us (e.g. by mail, contact form, e-mail, telephone or via social media) as well as in the context of existing user and business relationships, the information of the inquiring persons is processed insofar as this is this is necessary to respond to the contact requests and any requested measures.

Created with free Datenschutz-Generator.de by Dr. Thomas Schwenke