Data protection is of great importance to us. Personal data such as e.g. name, address, email address or phone number shall always be processed in line with the legal provisions of the General Data Protection Regulation (GDPR) and in accordance with the legal, state-specific data protection regulations applying to us. By means of this data privacy statement, we inform you about type, scope and purpose of the personal data collected, used and processed by us.
We point out that despite taking strict safety precautions there can always be safety gaps during an internet-based data transmission. We cannot guarantee full protection either.
1. Name and contact of the person who is responsible for processing
The person responsible within the meaning of the General Data Protection Regulation is
Managing Director: Michael Rabinowicz
Phone: +49-6007 / 93 06 43
2. Collection of general data, transfer of data
Once you visit our website, general data and information are collected. These general data and information are stored in the log files of the server. The collection can include
- the browser type and version used,
- the operation system used by the accessing system,
- the website where an accessing system from reaches our website,
- data and time of an access to our website,
- IP address,
- Internet service provider of the accessing system
- other data and information that serve as emergency response in case of attacks against our IT systems.
When using these general data and information we will not draw any conclusions about the person concerned. This information is rather needed to deliver the contents of our website correctly, to optimise its contents as well as advertising for the same, to ensure durable functionality of our IT systems and technology of our website and to provide those information that are necessary for prosecution in case of a cyberattack to the law-enforcement authorities.
These data and information collected anonymously will be evaluated by us statistically and furthermore with the aim to increase data protection and data security at our company so that an optimum level of protection for the personal data processed by us is eventually ensured. Anonymous data of the server log files will be stored separately from all personal data indicated by an affected person.
Any transmission of their personal data to third parties for any other purpose than the one mentioned in the following will not take place.
We will transfer your personal data to third parties only if:
- you have granted your explicit approval to this (cf. Art. 6 para 1 S. 1 lit. a GDPR),
- the transfer is necessary for assertion, exercise or defence of legal claims and if there is no reason to suspect that you have a preceding legitimate interest in not having your data transferred (cf. Art. 6 para. 1 S. 1 lit. f GDPR),
- the transfer is subject to a legal obligation (cf. Art. 6 para. 1 S. 1 lit. c GDPR),
- the transfer is legally admissible and required for the fulfilment of your contractual obligations (cf. Art. 6 para. 1 S. 1 lit. b GDPR).
By means of a cookie, the information and offers on our website can be optimised with the user in mind. At the same time, cookies make it possible for us to recognise the users of our website. Such recognition serves to facilitate the use of our website to the users. The user of a website with cookies saves for example on the re-entry of its access data at a later visit because this is done by the website and the cookie stored on the user’s computer system.
You may prevent at any time that cookies are placed by our website using a corresponding setting of the internet browser used by you and thus contradict permanently that cookies are placed. Furthermore, you can delete cookies already placed using the internet browser or other software programs whenever you want. If the person concerned deactivates the setting of cookies in the internet browser used, it may happen that certain functions of our website are possibly not fully usable.
4. Routine erasure and blocking of personal data
We shall process and store personal data only for the period that is required for reaching the pursued purpose or insofar as this is prescribed by the legislator in the relevant laws or regulations.
If the storage purpose is deleted or a mandatory storage period expires, the personal data will be blocked or deleted in accordance with the legal regulations.
5. Rights of the persons concerned
Persons concerned in the meaning of the data protection regulation have the right to
• request information about the personal data processed by us in accordance with Art. 15 GDPR. In particular, you may ask for information about the processing purposes, category of the personal data, categories of the recipients whom your data were or are disclosed to, the envisaged period of storage, the existence of the right to request rectification, erasure, restriction of processing, or objection, the existence of the right to lodge a complaint, the origin of your data, unless these have been collected by us, and the existence of any automated decision-making including profiling, and if necessary meaningful information about their details;
• request immediate rectification of inaccurate data or completion of personal data stored with us in accordance with Art. 16 GDPR;
• request erasure (right to be forgotten) of your personal data stored with us unless processing for the exercise of the right of free expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims is required in accordance with Art. 17 GDPR;
• request the restriction of processing of personal data insofar as the accuracy of the data is contested by you, processing is unlawful, but you oppose their erasure, and we will not need the data any more, you however need the same for establishment, exercise or defence of legal claims in accordance with Art. 18 GDPR, or you objected to processing in accordance with Art. 21 GDPR;
• obtain your personal data you provided us in a structured, commonly used and machine-readable format or to request transfer to another responsible person in accordance with Art. 20 GDPR;
• withdraw your consent given to us at any time in accordance with Art. 7 para. 3 GDPR. As a result, we will not continue data processing based on this consent in the future;
• file an objection against processing of your personal data in accordance with Art. 21 GDPR on grounds relating to your particular situation insofar as your personal data is processed on the basis of justified interests in accordance with Art. 6 para. 1 S. 1 lit. f GDPR or the objection is filed against direct marketing purposes. In the latter case, you shall be entitled to general opposition, which shall be implemented by us without indicating any particular situation. For this, it shall be sufficient to send an email to the address indicated at Number 1 of this statement;
• lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR without prejudice to any other administrative or judicial remedy. As a rule, you can contact the supervisory authority of your usual residence in this respect.
6. Data security
We shall use the widespread SSL procedure (Secure Socket Layer) in connection with the respectively highest coding level supported by your browser. Whether an individual page of our website is transmitted in encrypted form or not, you will recognise by the closed representation of the key and/or lock symbol in the lower status bar of your browser.
Moreover, we take appropriate technical and organisational security measures in order to protect your data against manipulation, misuse, partial or complete loss, or against unauthorised access of third parties. Our security measures are constantly updated in line with the technological development.
7. Legal basis of processing
Art. 6 I lit. a GDPR serves us as legal basis for processing operations where we are given consent for a certain processing purpose.
If processing of personal data is required for the performance of a contract the contracting party of which is the person concerned where this is, for example, the case for processing operations that are necessary for the execution of an order for goods, processing shall be based on Art. 6 I lit. b GDPR. The same applies to such processing operations that are required for taking measures for example in cases of inquiries of potential customers on our products, offers or services.
If we are subject to a legal obligation which requires processing of personal data such as e.g. for the fulfilment of tax duties, such processing shall be based on Art. 6 I lit. c GDPR.
Finally, processing operations could be based on Art. 6 I lit. f GDPR. This legal basis applies to processing operations that are not covered by any other legal basis mentioned above if processing is required for safeguarding a justified interest of our company or a third party unless these interests outweigh your basic rights and basic freedom. We are particularly entitled to such processing operations because they have been especially mentioned by the European legislator. It considered that a justified interest could be assumed if the person concerned is a customer of the responsible person (cf. for this recital 47 S. 2 GDPR).
8. Duration of data retention
The criterion for the period of storage of personal data is always the retention period prescribed by law. Upon expiry of this period, such personal data shall be erased on a routine basis provided that they are no longer required for contract fulfilment or contract initiation.
9. Changes to this data privacy statement
Due to current circumstances as e.g. changes to relevant provisions of data protection laws or jurisdiction, we will update our data privacy statement as required.
Issue of this statement: May 2018