Personal data is information that can be used to identify a person, i.e. information that can be traced back to a person. This typically includes the name, the e-mail address or the telephone number. In addition, purely technical data that can be assigned to a person is also considered personal data.
Contact details of the responsible person:
Managing Director: Okay Güler
Phone: +49 (0)211 94251211
You have the right to acces to the personal data stored about you free of charge upon request. In addition, you have the right to request the rectification of incorrect data, the right to request the restriction of processing of data that has been processed too extensively and the right to request the erasure of personal data that has been processed unlawfully or stored for too long (insofar as this does not conflict with any legal obligation to retain data and no other reasons pursuant to Art. 17 (3) GDPR). In addition, you have the right to the transfer of all data you have provided to us in a common file format (right to data portability), insofar as you have provided the data to us within the scope of a declaration of consent or for the fulfilment of a contract.
Objection to our processing of your data, Art. 21 GDPR
In the case of processing of personal data for the performance of tasks in the public interest (Art. 6 para. 1 lit. e GDPR) or for the performance of legitimate interests (Art. 6 para. 1 lit. f GDPR), you have the right to object to the processing of your personal data at any time. The processing of the personal data will then no longer take place unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing is for the assertion, exercise or defence of legal claims.
Insofar as you also have a right to object to individual procedures, we point this out within the description of the individual procedures.
|Withdrawal of consent If you have given us consent to process your personal data, you can withdraw this consent at any time and without giving reasons with effect for the future. To do so, simply send an e-mail to the following e-mail address.|
To exercise your rights, simply send an e-mail to firstname.lastname@example.org.
In addition, you also have the right to lodge a complain with a supervisory authority. A list of the German and European data protection commissioners and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Recipients of personal data
As a matter of principle, we do not pass on personal data unless we explicitly mention this in this data protection declaration. However, the website is hosted by our service provider ALL-INKL.COM – Neue Medien Münnich GmbH, Hauptstraße 68, 02742 Friedersdorf, Germany. In this context, ALL-INKL.COM – Neue Medien Münnich GmbH will also automatically process the personal data mentioned above. This is done exclusively according to our instructions and on our behalf in accordance with a data processing agreement pursuant to Art. 28 GDPR.
The transfer of personal data to the above-mentioned service provider is based on Art. 6 (1) lit. f GDPR. This authorisation permits the processing of personal data in our “legitimate interest”, unless your fundamental rights, freedoms or interests in not having the data processed outweigh this. Our legitimate interest is to have recourse to specialised service providers who can implement appropriate hosting more efficiently than we can. You can nevertheless object to this data processing at any time if there are reasons relating to your particular situation that speak against the transfer of personal data to a server service provider. To do so, simply send an e-mail to email@example.com.
In the course of our business relationships, your personal data may be passed on or disclosed to third party companies. These may also be located outside the European Economic Area (EEA), i.e. in third countries. Such processing takes place exclusively for the fulfilment of contractual and business obligations and to maintain your business relationship with us. We will inform you about the respective details of the transfer in the following at the relevant points.
Some third countries are certified by the European Commission as having a level of data protection comparable to the EEA standard through so-called adequacy decisions (a list of these countries and a copy of the adequacy decisions can be found here: http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.html). However, in other third countries to which personal data may be transferred, there may not be a consistently high level of data protection due to a lack of legal provisions. If this is the case, we ensure that data protection is sufficiently guaranteed. This is possible through binding company regulations, standard contractual clauses of the European Commission for the protection of personal data, certificates or recognised codes of conduct.
Notes on cookies
Some cookies are automatically deleted from your end device as soon as you leave the website again (so-called session cookies). Other cookies are stored for a certain period of time, which does not exceed two years (so-called persistent cookies). In addition, we also use so-called third-party cookies, which are managed by third parties in order to offer certain services.
No obligation to provide personal data
We do not make the conclusion of contracts with us dependent on you providing us with personal data in advance. As a customer, you are under no legal or contractual obligation to provide us with your personal data; however, we may only be able to provide certain services to a limited extent or not at all if you do not provide the necessary data. If this should exceptionally be the case in the context of the products we offer presented below, you will be informed of this separately.
Overview of the procedures
On this website, personal data is processed within the framework of the following procedures:
- Server log files
- Embedding Google Maps
1. Automatic collection of access data/server log files
We automatically collect a range of technical data, which is personal data, each time you access the Website. These are:
- IP address of the user
- Name of the accessed website or file
- Date and time of access
- data volume transferred
- Message about successful retrieval
- Browser type and version
- Operating system of the user
- End device used by the user, including MAC address
- Referrer URL (the previously visited page)
This data is not merged with other personal data that you actively provide within the framework of the website. We collect server log files for the purpose of administering the Website and being able to detect and prevent unauthorised access.
The personal data in log files are processed on the basis of Art. 6 para. 1 lit. f GDPR. This authorisation allows the processing of personal data within the scope of the “legitimate interest” of the controller, insofar as your fundamental rights, freedoms or interests do not prevail. Our legitimate interest is to facilitate administration and the ability to detect and prosecute hacking. You can object to this data processing at any time if there are reasons that exist in your particular situation and that speak against the data processing. To do so, simply send an e-mail to firstname.lastname@example.org.
What are IP addresses?
IP addresses are assigned to every device (e.g. smartphone, tablet, PC) that is connected to the internet. Which IP address this is depends on which internet access your end device is currently connected to the internet via. It can be the IP address assigned to you by your Internet provider, for example if you are connected to the Internet at home via your W-LAN. It can also be an IP address assigned to you by your mobile phone provider or the IP address of a provider of a public or private W-LAN or other Internet access. In its most common form (IPv4), the IP address consists of four blocks of digits. In most cases, you as a private user will not use a constant IP address, as this is only temporarily assigned to you by your provider (so-called “dynamic IP address”). With a permanently assigned IP address (so-called “static IP address”), a clear assignment of user data is in principle easier. Except for the purpose of tracking unauthorised access to our website, we do not use this data in a personalised manner, but only evaluate on an anonymous basis which of our websites are favoured, how many accesses are made daily and the like.
Our website already supports the new IPv6 addresses. If you already have an IPv6 address, you should also know the following: The IPv6 address consists of eight blocks of four. The first four blocks, as with the entire IPv4 address, are typically assigned dynamically for private users. However, the last four blocks of an IPv6 address (so-called “interface identifiers”) are determined by the terminal device you use to browse the website. Unless otherwise set in your operating system, the so-called MAC address is used for this purpose. The MAC address is a kind of serial number that is assigned once worldwide for each IP-capable device. We therefore do not store the last four blocks of your IPv6 address. In general, we recommend that you activate the so-called “Privacy Extensions” on your end device in order to better anonymise the last four blocks of your IPv6 address. Most common operating systems have a “Privacy Extensions” function, but in some cases this is not preset by default.
Duration of data storage
The server log files with the above data are automatically deleted after 7 days. We reserve the right to store the server log files for longer if facts exist that suggest the assumption of unauthorised access (such as an attempt at hacking or a so-called DDOS attack).
2. Data collection when contacting us
When you contact us by e-mail or telephone, the data you provide (your e-mail address, name and telephone number, if applicable) will be stored by us in order to answer your questions.
The personal data from contacts are processed on the basis of Art. 6 (1) lit. b GDPR. This authorisation permits the processing of personal data if this is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures which are carried out at the request of the data subject.
Duration of data storage
We delete the data arising in connection with a contact after the storage is no longer required to process your request, or restrict the processing if there are statutory retention obligations.
- PolyLang; to save your language preference.
If you do not accept cookies, the functionality of our website may be limited.
The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 lit. a GDPR if the user has consented to this.
Duration of data storage
Session cookies are automatically deleted when you close the browser. The duration of the storage of persistent cookies can be found in the overview in the cookie settings of your web browser.
4. Embedding Google Maps
Via Google Maps, a data transfer to the USA may take place for which there is no adequacy decision by the Commission within the meaning of Article 45 of the GDPR. Instead, the data transfer is based on appropriate safeguards in the form of standard data protection clauses embedded in a data processing agreement pursuant to Art. 28 DSGVO between us and Google.
The legal basis for the processing of personal data in the context of embedding Google Maps on our website is Art. 6 para. 1 lit. a GDPR if the user has consented to this.
Duration of data storage
5. Online presence in social media
We maintain online presences within social networks and platforms to which we link within the framework of our website in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.