Data protection


DATA PROTECTION

Ben Weide Berlin GmbH takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

Our website can usually be used without providing personal data. Insofar as personal data (e.g. name, address or email address) is collected on our website, this is always done on a voluntary basis as far as possible. These data will not be passed on to third parties without your express consent.

We would like to point out that data transmission over the Internet (e.g. when communicating by email) can have security gaps. A complete protection of the data against access by third parties is not possible.

 

Cookies

 

Some of the websites use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called "session cookies". They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when you close the browser. If cookies are deactivated, the functionality of this website may be restricted.

 

Server log files

 

The website provider automatically collects and saves information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and browser version
  • operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request

These data cannot be assigned to specific persons. This data is not combined with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of illegal use.

 

Contact form

 

If you send us inquiries using the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the request and in case of follow-up questions. We do not pass on this data without your consent.

 

Newsletter data

 

If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter .

Further data is not collected. We use this data exclusively for sending the requested information and do not pass it on to third parties.

You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the "Unsubscribe" link in the newsletter.

 

Google Analytics

 

This website uses functions of the web analysis service Google Analytics. The provider is Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA.

Google Analytics uses so-called "cookies". These are text files that are saved on your computer and that enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.

 

Browser plugin

 

You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading the browser plug-in available under the following link to install: https://tools.google.com/dlpage/gaoptout?hl=de

 

Objection against data collection

 

You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie will be set which prevents the collection of your data on future visits to this website: Deactivate Google Analytics.

You can find more information on how Google Analytics handles user data in the

Google Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=de

 

Demographic characteristics in Google Analytics

 

This website uses the “demographic characteristics” function of Google Analytics. This allows reports to be created that contain information on the age, gender and interests of the site visitors.

This data comes from interest-based advertising from Google and visitor data from third-party providers. These data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or the recording.

Prohibit your data by Google Analytics as shown in the point “Objection to data collection”.

 

Facebook plugins (like button)

 

Plugins of the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, are integrated on our website. You can recognize the Facebook plugins by the Facebook logo or the "Like" button on our website. You can find an overview of the Facebook plugins here: https://developers.facebook.com/docs/plugins/ .

When you visit our website, a direct connection is established between your browser and the Facebook server via the plugin. Facebook receives the information about your IP address that has visited our site. If you click the Facebook "Like" button while you are logged into your Facebook account, you can view the content of our pages on your

Link to Facebook profile. This enables Facebook to assign your visit to our website to your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by Facebook. You can find more information on this in Facebook's data protection declaration at https://de-de.facebook.com/policy.php .

If you do not want Facebook to be able to assign your visit to our website to your Facebook user account, please log out of your Facebook user account.

 

Twitter

 

Functions of the Twitter service are integrated on our sites. These functions are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the "Retweet" function, the websites you visit are linked to your Twitter account and made known to other users. This data is also transmitted to Twitter. We would like to point out that, as the provider of the website, we have no knowledge of the content of the data transmitted or how it is used by Twitter. You can find more information on this in Twitter's data protection declaration at https://twitter.com/privacy.

You can change your data protection settings on Twitter in the account settings under: https://twitter.com/account/settings .

 

Google+

 

Our pages use Google+ functions. The provider is Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA.

Collection and dissemination of information: You can use the Google+ button to publish information worldwide. You and other users receive personalized content from Google and our partners via the Google+ button. Google saves both the information that you have given +1 for content and information about the page that you viewed when you clicked +1. Your +1 can be used as a reference along with your profile name and photo in Google services, such as in search results or in your Google profile, or elsewhere

Websites and advertisements are displayed on the Internet.

Google records information about your +1 activities in order to improve Google services for you and others. In order to be able to use the Google+ button, you need a globally visible, public Google profile that must contain at least the name chosen for the profile. This name is used in all Google services. In some cases, this name can also replace another name that you used when sharing content via your Google account. The identity of your Google profile can be shown to users who know your e-mail address or have other identifying information about you.

Use of the information collected: In addition to the purposes outlined above, the information you provide will be used in accordance with the applicable Google data protection regulations. Google may publish summarized statistics about the +1 activities of users, or pass them on to users and partners, such as publishers, advertisers or affiliate websites.

 

Instagram

 

Functions of the Instagram service are integrated on our website. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the contents of our pages to your Instagram profile by clicking the Instagram button. This enables Instagram to assign your visit to our website to your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by Instagram.

You can find more information on this in Instagram's privacy policy: https://instagram.com/about/legal/privacy/

 

 

 

LinkedIn

 

Our website uses functions of the LinkedIn network. The provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time you visit one of our pages that contains LinkedIn functions, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our website with your IP address. If you click the "Recommend button"

If you click on LinkedIn from LinkedIn and are logged into your LinkedIn account, LinkedIn is able to assign your visit to our website to you and your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by LinkedIn.

For more information, see the LinkedIn privacy policy at: https://www.linkedin.com/legal/privacy-policy

 

Pinterest

 

On our site, we use social plugins from the social network Pinterest, which is operated by Pinterest Inc., 808 Brannan Street San Francisco, CA 94103-490, USA ("Pinterest"). When you call up a page that contains such a plugin, your browser establishes a direct connection to the Pinterest servers. The plugin transmits log data to the Pinterest server in the USA.

This log data may contain your IP address, the address of the websites visited, which also contain Pinterest functions, the type and settings of the browser, the date and time of the request, your use of Pinterest and cookies.

You can find more information on the purpose, scope and further processing and use of the data by Pinterest as well as your rights and options for protecting your privacy in the privacy policy of Pinterest: https://about.pinterest.com/de/privacy-policy

 

YouTube

 

Our website uses plugins from YouTube, operated by Google. The operator of the website is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers will be established.

The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

Further information on the handling of user data can be found in the privacy policy of YouTube at: https://www.google.de/intl/de/policies/privacy

 

SSL encryption

 

This site uses SSL encryption for reasons of security, and to protect the transmission of confidential content, such as the inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http: //" to "https: //" changes and the lock symbol in your browser line.

If the SSL encryption is activated, third parties cannot read the data you transmit to us.

 

Right to information, deletion, blocking

 

You have the right to free information about your stored personal data, their origin and recipient and the purpose of the data processing as well as the right to correct, block or delete this data at any time. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of personal data.

 

Contradiction advertising mails

 

We hereby object to the use of the contact data published as part of the imprint obligation for sending unsolicited advertising and information material. The operators of the website expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam e-mails.

 

Source: eRecht24

 

Data protection declaration according to DGSVO

 

  1. Name and address of the person responsible

The person responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

 

Ben Weide Berlin GmbH 

Alexander Weide-Viehl 

Rolandufer 18

10179 Berlin 

Deutschland

Tel.: 030-27576830

E-Mail: alexander@benweide.de 

Website: www.benweide.de

 

  1. Name and address of the data protection officer

The data protection officer of the person responsible is:

 

Alexander Weide-Viehl

Ben Weide Berlin GmbH

Rolandufer 18

10179 Berlin

Germany

 

  1. General information on data processing
    1. Scope of the processing of personal data

In principle, we only process personal data of our users insofar as this is necessary to provide a functional website and our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in those cases in which prior consent cannot be obtained for practical reasons and the processing of the data is permitted by law.

 

  1. Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 Para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Article 6 (1) lit. b GDPR as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

Insofar as the processing of personal data is required to fulfill a legal obligation to which our company is subject, Art. 6 Para. 1 lit. c GDPR as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR as the legal basis.

If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the person concerned do not outweigh the first-mentioned interest, Article 6 (1) lit. f GDPR as the legal basis for processing.

 

  1. Data deletion and storage duration

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data in order to conclude or fulfil a contract.

 

  1. Provision of the website and creation of log files
    1. Description and scope of the data processing

Every time our website is accessed, our system automatically collects data and information from the computer system of the calling computer.

The following data is collected:

This part must be adapted accordingly. Inapplicable data must be removed, missing data added.

  • Information about the browser type and the version used
  • The user's operating system
  • The user's internet service provider
  • The user's IP address
  • Date and time of access
  • Websites from which the user's system reached our website
  • Websites that are accessed by the user's system via our website

 

Option 1: The log files contain IP addresses or other data that enable assignment to a user. This could be the case, for example, if the link to the website from which the user came to the website or the link to the website to which the user switched contains personal data.

The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.

Option 2: The log files do not contain any IP addresses or other data that could be assigned to a user.

The data is also stored in the log files of our system. This does not affect the user's IP addresses or other data that enable the data to be assigned to a user. This data is not stored together with other personal data of the user.

 

  1. Legal basis for data processing

If IP addresses are stored in log files:

The legal basis for the temporary storage of the data and the log files is Art. 6 Para. 1 lit. f GDPR.

 

  1. Purpose of the data processing

The storage in log files takes place in order to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

Our legitimate interest in data processing in accordance with Art. 6 Paragraph 1 lit. f GDPR.

 

  1. Duration of the storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected.

If the data is stored in log files, this is the case after seven days at the latest. Any further storage is possible. In this case, the IP addresses of the users will be deleted or alienated so that it is no longer possible to assign the accessing client.

 

  1. Possibility of objection and removal

The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no possibility of objection on the part of the user.

 

  1. Use of Cookies
    1. Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user's computer system. When a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string that enables the browser to be clearly identified when the website is accessed again.

 

If technically necessary cookies are used:

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can also be identified after changing pages.

The following data is stored and transmitted in the cookies:

A list of the stored data follows. Examples can be:

  • Language settings
  • Items in a shopping cart
  • Log-in information

 

If technically unnecessary cookies are also used:

We also use cookies on our website that enable an analysis of the surfing behavior of the users.

In this way, the following data can be transmitted:

The following is a list of the data collected. These can be, for example:

  • Entered search terms
  • Frequency of page views
  • Use of website functions

 

Up to now it was possible according to § 15 Abs. 3 TMG to pseudonymize the processed personal data for technically unnecessary cookies and to inform the user about the use of cookies and his right of objection and removal ("opt-out solution"). However, it is controversial in the legal literature whether this standard will continue to apply after the GDPR has come into force. In case of doubt, it must therefore be assumed that only the provisions of the GDPR now apply. In this case, Article 6 (1) GDPR is the sole reference. According to this standard, a continuation of the previous practice is conceivable if there is a “legitimate interest” of the processor according to Art. 6 Para. 1 lit. f GDPR is canceled. So if the user does not consent to the setting and retrieval of the technically unnecessary cookies:

The user data collected in this way is pseudonymised by technical precautions. It is therefore no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the user.

When you visit our website, an information banner informs you about the use of cookies for analysis purposes and refers you to this data protection declaration. In this context, there is also an indication of how the storage of cookies can be prevented in the browser settings.

Whether the previous practice of the “opt-out solution” meets the requirements of Art. 6 Para. 1 lit. f complies with the DGVO cannot currently be said with certainty. The planned e-privacy regulation could provide clarity in this regard. Until then, however, the most legally secure solution is to obtain prior consent from the user (“opt-in solution”). So if the consent of the user is obtained before the technically unnecessary cookies are set and retrieved:

When you visit our website, the user is informed about the use of cookies for analysis purposes and his consent to the processing of the personal data used in this context is obtained. In this context, there is also a reference to this data protection declaration.

 

  1. Legal basis for data processing

If only technically necessary cookies are used or technically necessary cookies and technically unnecessary cookies are used without the prior consent of the user:

The legal basis for the processing of personal data using cookies is Art. 6 Para. 1 lit. f GDPR.

If technically necessary and unnecessary cookies are used with the prior consent of the user:

The legal basis for processing personal data using technically necessary cookies is Article 6 Paragraph 1 lit. f GDPR.

The legal basis for the processing of personal data using cookies for analysis purposes is Article 6 (1) lit. a GDPR.

 

  1. Purpose of data processing

If technically necessary cookies are used:

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized even after changing pages.

We need cookies for the following applications.

A list of the applications follows. Examples can be:

  • shopping cart
  • Acceptance of language settings
  • Remembering search terms

The user data collected by technically necessary cookies are not used to create user profiles.

 

If technically unnecessary cookies are also used:

The analysis cookies are used for the purpose of improving the quality of our website and its content. The analysis cookies tell us how the website is used and so we can continuously optimize our offer.

The exact purpose of the analysis cookies should be described in more detail at this point.

Our legitimate interest in processing personal data in accordance with Art. 6 Paragraph 1 lit. f GDPR.

 

  1. Duration of storage, possibility of objection and removal

Cookies are stored on the user's computer and transmitted to our website from there. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transfer of cookies by changing the settings in your internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that not all functions of the website can be used in full.

If Flash cookies are also used:

The transmission of Flash cookies cannot be prevented via the settings of the browser, but by changing the settings of the Flash Player.

 

  1. Newsletter
    1. Description and scope of the data processing

The newsletter is sent based on the user's registration on the website:

You can subscribe to a free newsletter on our website. When registering for the newsletter, the data from the input mask is transmitted to us.

At this point, the collected data should be specifically named. At a minimum, this affects the user's email address.

In addition, the following data is collected when you register:

The additional data actually collected must be given. This can be, for example IP address of the calling computer or date and time of registration.

For the processing of the data, your consent is obtained during the registration process and reference is made to this data protection declaration.

 

The newsletter is sent due to the sale of goods or services:

If you purchase goods or services on our website and enter your email address, we can use it to send you a newsletter. In such a case, only direct advertising for our own similar goods or services will be sent via the newsletter.

In connection with data processing for sending newsletters, the data is not passed on to third parties. The data will only be used to send the newsletter.

 

  1. Legal basis for data processing

The newsletter is sent based on the user's registration on the website:

The legal basis for the processing of the data after the user has registered for the newsletter is Article 6 (1) lit. a GDPR.

The newsletter is sent due to the sale of goods or services:

The legal basis for sending the newsletter as a result of the sale of goods or services is Section 7 (3) UWG.

 

  1. Purpose of the data processing

The collection of the user's email address is used to deliver the newsletter.

The newsletter is sent based on the user's registration on the website:

The collection of other personal data during the registration process serves to prevent misuse of the services or the e-mail address used.

 

  1. Duration of the storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. The user's email address is therefore stored as long as the subscription to the newsletter is active.

The newsletter is sent based on the user's registration on the website:

The other personal data collected during the registration process are usually deleted after a period of seven days.

 

  1. Possibility of objection and removal

The user concerned can cancel the subscription to the newsletter at any time. There is a corresponding link in every newsletter for this purpose.

The newsletter is sent based on the user's registration on the website:

This also enables you to revoke your consent to the storage of the personal data collected during the registration process.

 

  1. Registration
    1. Description and scope of the data processing

On our website, we offer users the opportunity to register by providing personal data. The data is entered in an input mask and transmitted to us and stored. A transfer of data to third parties does not take place. The following data is collected during the registration process:

The relevant data should be listed at this point.

At the time of registration, the following data is also stored:

At this point the data must be listed accordingly. Examples can be:

  • The user's IP address
  • Date and time of registration

As part of the registration process, the user's consent to the processing of this data is obtained.

 

  1. Legal basis for data processing

The legal basis for processing the data is Art. 6 Para. 1 lit. a GDPR.

If the registration serves to fulfil a contract to which the data subject is a party or to carry out pre-contractual measures.

If the registration serves to fulfil a contract to which the user is a party or to carry out pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 Para. 1 lit. b GDPR.

 

  1. Purpose of the data processing

The registration does not serve to conclude a contract with the user:

A registration of the user is necessary for the availability of certain content and services on our website.

A more detailed description of the content and services follows. Why is it necessary to identify the user for availability in individual cases?

The registration serves to conclude a contract with the user:

Registration of the user is required to fulfill a contract with the user or to carry out pre-contractual measures.

A more detailed description of the contract offered on the website follows. Why are the collected data necessary for these contracts? 

If the processing of the personal data of the contractual partner is required by law for the contracts offered by you when the contract is concluded, the respective standards from which the obligation arises must be named.

 

  1. Duration of the storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected.

The registration does not serve to conclude a contract with the user:

This is the case for the data collected during the registration process if the registration on our website is cancelled or changed.

The registration serves to conclude a contract with the user:

This is the case during the registration process to fulfil a contract or to carry out pre-contractual measures when the data is no longer required for the execution of the contract. Even after the contract has been concluded, it may be necessary to save personal data of the contractual partner in order to meet contractual or legal obligations.

Continuing obligations require the storage of personal data during the term of the contract. In addition, warranty periods must be observed and the storage of data for tax purposes. Which storage periods are to be adhered to cannot be specified in general terms, but must be determined in each individual case for the respective contracts and contract parties.

 

  1. Possibility of objection and removal

As a user, you can cancel your registration at any time. You can have the data stored about you changed at any time.

The following is a more detailed description of how the account can be deleted and data can be changed.

The registration serves to conclude a contract with the user:

If the data is required to fulfill a contract or to carry out pre-contractual measures, premature deletion of the data is only possible if there are no contractual or legal obligations to prevent deletion.

 

  1. Contact form and email contact
    1. Description and scope of the data processing

A contact form is available on our website that can be used to contact us electronically. If a user makes use of this option, the data entered in the input mask will be transmitted to us and saved. These data are:

A list of the data in the input mask follows

At the time the message is sent, the following data is also stored:

A list of the relevant data follows. Examples can be:

  • The user's IP address
  • Date and time of registration

Your consent is obtained for the processing of the data during the sending process and reference is made to this data protection declaration.

Alternatively, you can contact us using the email address provided. In this case, the user's personal data transmitted with the email will be saved.

In this context, the data will not be passed on to third parties. The data will only be used to process the conversation.

 

  1. Legal basis for data processing

The legal basis for processing the data is Art. 6 Para. 1 lit. a GDPR.

The legal basis for the processing of the data that is transmitted in the course of sending an email is Art. 6 Para. 1 lit. f GDPR. If the aim of the email contact is to conclude a contract, the additional legal basis for processing is Art. 6 Para. 1 lit. b GDPR.

 

  1. Purpose of the data processing

We only process the personal data from the input mask to process the contact. If you contact us by e-mail, there is also the necessary legitimate interest in processing the data.

The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

 

  1. Duration of the storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those that were sent by email, this is the case when the respective conversation with the user has ended. The conversation is over when it can be inferred from the circumstances that the matter in question has been finally clarified.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

 

  1. Possibility of objection and removal

The user has the option of revoking his consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

The following is a description of the way in which the withdrawal of consent and the objection to storage are made possible.

In this case, all personal data that was stored in the course of making contact will be deleted.

 

  1. Web analysis by Matomo (formerly PIWIK)
    1. Description and scope of the data processing

We use the open source software tool Matomo (formerly PIWIK) on our website to analyze the surfing behavior of our users. The software places a cookie on the user's computer (see above for cookies). If individual pages of our website are called up, the following data is stored:

  • Two bytes of the IP address of the calling system of the user
  • The accessed website
  • The website from which the user came to the accessed website (referrer)
  • The subpages that are accessed from the accessed website
  • The time spent on the website
  • The frequency with which the website is accessed

The software runs exclusively on the servers of our website. The user's personal data is only stored there. The data will not be passed on to third parties.

Note: As there is no consent from the user, the "Automatically Anonymize Visitor IPs" function should be activated. It is assumed here that the IP address is shortened to 2 bytes. More information can be found here: https://matomo.org/docs/privacy/ .

The software is set in such a way that the IP addresses are not saved in full, but rather 2 bytes of the IP address are masked (e.g. 192.168.xxx.xxx). In this way, it is no longer possible to assign the shortened IP address to the calling computer.

 

  1. Legal basis for data processing

The legal basis for processing users' personal data is Art. 6 Para. 1 lit. f GDPR.

 

  1. Purpose of the data processing

The processing of the personal data of the users enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness. For these purposes, our legitimate interest lies in the processing of the data according to Art. 6 Para. 1 lit. f GDPR. By anonymizing the IP address, the interests of users in protecting their personal data are adequately taken into account.

 

  1. Duration of the storage

The data will be deleted as soon as they are no longer required for our recording purposes.

The exact time of deletion must be specified here. This can be set in the software (see: https://matomo.org/docs/privacy/ ).

In our case this is the case after xx.

 

  1. Possibility of objection and removal

Cookies are stored on the user's computer and transmitted to our website from there. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transfer of cookies by changing the settings in your internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that not all functions of the website can be used in full.

If the opt-out option is offered on the website:

We offer our users the option of opting out of the analysis process on our website. To do this, you must follow the corresponding link. In this way, another cookie is set on your system, which signals our system not to save the user's data. If the user deletes the corresponding cookie from his own system in the meantime, he must set the opt-out cookie again.

You can find more information on the privacy settings of the Matomo software under the following link: https://matomo.org/docs/privacy/ .

  1. Rights of the affected person

The following list includes all rights of the data subjects under the GDPR. Rights that are not relevant for your own website do not have to be mentioned. The list can be shortened to this extent.

 

If your personal data is processed, you are the person concerned within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:

 

  1. Right to information

You can request confirmation from the person responsible as to whether personal data relating to you is being processed by us.

If such processing has taken place, you can request the following information from the person responsible:

  • the purposes for which the personal data are processed;
  • the categories of personal data that are processed;
  • the recipients or the categories of recipients to whom the personal data relating to you have been disclosed or are still being disclosed;
  • the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the storage duration;
  • the existence of a right to correction or deletion of your personal data, a right to restrict processing by the person responsible or a right to object to this processing;
  • the right to lodge a complaint with a supervisory authority;
  • all available information on the origin of the data if the personal data are not collected from the data subject;
  • The existence of automated decision-making including profiling in accordance with Art. 22 Paragraphs 1 and 4 GDPR and - at least in these cases - meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.

You have the right to request information about whether your personal data is being transmitted to a third country or to an international organization. In this context, you can request to be informed about the appropriate guarantees in accordance with. Art. 46 GDPR to be informed in connection with the transfer.

In the case of data processing for scientific, historical or statistical research purposes:

This right to information can be restricted to the extent that it is likely to make the realization of the research or statistical purposes impossible or seriously impaired and the restriction is necessary for the fulfilment of the research or statistical purposes.

 

  1. Right to correction

You have a right to correction and / or completion vis-à-vis the person responsible, provided that the processed personal data concerning you is incorrect or incomplete. The person responsible must make the correction immediately.

When processing data for scientific, historical or statistical research purposes:

Your right to correction can be limited to the extent that it is likely to make the realization of the research or statistical purposes impossible or seriously impaired and the restriction is necessary for the fulfilment of the research or statistical purposes.

 

  1. Right to restriction of processing

Under the following conditions, you can request that the processing of your personal data be restricted:

  • if you dispute the correctness of the personal data concerning you for a period of time that enables the person responsible to check the correctness of the personal data;
  • the processing is unlawful and you refuse to delete the personal data and instead request the restriction of the use of the personal data;
  • the person responsible no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
  • if you have lodged an objection to the processing in accordance with Art. 21 Para. 1 GDPR and it has not yet been determined whether the legitimate reasons of the person responsible outweigh your reasons.

If the processing of your personal data has been restricted, this data - apart from its storage - may only be used with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest processed by the Union or a Member State.

Has the processing been restricted according to the above? Restricted requirements, you will be informed by the person responsible before the restriction is lifted.

When processing data for scientific, historical or statistical research purposes:

Your right to restriction of processing can be restricted to the extent that it is likely to make the implementation of the research or statistical purposes impossible or seriously impaired and the restriction is necessary for the fulfilment of the research or statistical purposes.

 

  1. Right to deletion

A) DELETION OBLIGATION

You can demand that the person responsible delete the personal data concerning you immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:

  • The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
  • You revoke your consent on which the processing was based in accordance with. Art. 6 para. 1 lit. a or Art. 9 Para. 2 lit. a GDPR, and there is no other legal basis for the processing.
  • According to 21 Para. 1 GDPR you object to the processing and there are no overriding legitimate reasons for the processing, or you object in accordance with. Art. 21 para. 2 GDPR objection to the processing.
  • The personal data concerning you have been processed unlawfully.
  • The deletion of your personal data is necessary to fulfill a legal obligation under Union law or the law of the member states to which the person responsible is subject.
  • The personal data relating to you were collected in relation to information society services offered in accordance with Art. 8 Para. 1 GDPR.

 

B) INFORMATION TO THIRD PARTIES

If the person responsible has made the personal data concerning you public and is acc. Art. 17 (1) GDPR is obliged to delete them, he shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform those responsible for data processing who process the personal data that you are the data subject You have requested that you delete all links to this personal data or copies or replications of this personal data.

 

C) EXCEPTIONS

The right to deletion does not exist if processing is necessary

  • to exercise the right to freedom of expression and information;
  • To fulfil a legal obligation that requires processing under the law of the Union or of the Member States to which the person responsible is subject, or to perform a task that is in the public interest or in the exercise of official authority that is transferred to the person responsible has been;
  • for reasons of public interest in the area of ​​public health in accordance with Art. 9 Para. 2 lit. h and i as well as Art. 9 Para. 3 GDPR;
  • for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes acc. Art. 89 para. 1 GDPR, insofar as the right mentioned under section a) is likely to make the realization of the objectives of this processing impossible or seriously impair it, or
  • for the establishment, exercise or defence of legal claims.

 

  1. Right to education

If you have asserted the right to correction, deletion or restriction of processing against the person responsible, the person responsible is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction of processing, unless this turns out to be impossible or involves a disproportionate effort.

You have the right to be informed about these recipients by the person responsible.

 

  1. Right to data portability

You have the right to receive the personal data concerning you that you have provided to the person responsible in a structured, common and machine-readable format. In addition, you have the right to transfer this data to another person responsible without hindrance from the person responsible to whom the personal data was provided, provided that

  • the processing is based on consent in accordance with. Art. 6 para. 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR or on a contract according to. Art. 6 para. 1 lit. b GDPR is based and
  • the processing is carried out using automated procedures.
  • In exercising this right, you also have the right to have your personal data transmitted directly from one person responsible to another, insofar as this is technically feasible. This must not impair the freedoms and rights of other people.

The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task that is in the public interest or takes place in the exercise of official authority that has been transferred to the person responsible.

 

  1. Right to object

You have the right, for reasons that arise from your particular situation, to object at any time to the processing of your personal data, which is based on Art. 6 Para. 1 lit. e or f DSGVO takes place to object; this also applies to profiling based on these provisions.

The person responsible will no longer process the personal data concerning you unless he can prove compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If the personal data concerning you are processed in order to operate direct mail, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.

If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.

In connection with the use of information society services - regardless of Directive 2002/58 / EC - you have the option of exercising your right of objection by means of automated procedures that use technical specifications.

When processing data for scientific, historical or statistical research purposes:

You also have the right, for reasons that arise from your particular situation, to object to the processing of personal data concerning you for scientific or historical research purposes or for statistical purposes in accordance with. Art. 89 Para. 1 GDPR takes place to contradict this.

Your right of objection can be limited to the extent that it is likely to make the realization of the research or statistical purposes impossible or seriously impair it and the restriction is necessary for the fulfilment of the research or statistical purposes.

 

  1. Right to revocate the data protection declaration of consent

You have the right to withdraw your declaration of consent under data protection law at any time. Revoking your consent does not affect the legality of the processing carried out based on your consent up to the point of revocation.

                                                                         

  1. Automated decisions in individual cases including profiling

You have the right not to be subjected to a decision based solely on automated processing - including profiling - which has legal effects on you or which significantly affects you in a similar manner. This does not apply if the decision

  • is necessary for the conclusion or performance of a contract between you and the person responsible,
  • is permissible on the basis of legal provisions of the Union or of the member states to which the person responsible is subject and these legal provisions contain appropriate measures to safeguard your rights and freedoms and your legitimate interests or
  • takes place with your express consent.

However, these decisions may not be based on special categories of personal data according to Art. 9 Para. 1 GDPR, unless Art. 9 Para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests.

With regard to the cases mentioned in (1) and (3), the person responsible shall take appropriate measures to safeguard the rights and freedoms and your legitimate interests, including at least the right to obtain intervention by a person on the part of the person responsible, to express their own point of view and heard on contesting the decision.

 

  1. Right to complain with a regulatory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged infringement, if you are of the opinion that the processing of your personal data is against violates the GDPR.

The supervisory authority to which the complaint was lodged informs the complainant about the status and results of the complaint, including the possibility of a judicial remedy according to Art. 78 GDPR.