The controller within the meaning of Article 4 No. 7 DSGVO is the person who alone or jointly with others determines the purposes and means of the processing of personal data. With regard to this website, the responsible party is:
Provision of the website and creation of log files
Each time our website is accessed, our system automatically collects data and information from the retrieving device.
What personal data is collected and to what extent is it processed?
(1) Information about the browser type and the version used;
(2) The operating system of the retrieving device;
(3) Host name of the accessing computer;
(4) The IP address of the retrieval device;
(5) Date and time of access;
(6) Websites and resources (images, files, other page content) that were accessed on our website;
(7) Websites from which the user’s system accessed our Internet site (referrer tracking);
(8) Message as to whether the retrieval was successful;
(9) Volume of data transferred
After seven days at the latest, the data is anonymized by shortening the IP address at domain level, so that it is no longer possible to establish a reference to individual users.
Legal basis and purpose of data processing
The legal basis for data processing is Art. 6 (1) lit. f DSGVO (legitimate interest). The legitimate interest is to ensure the achievement of the purpose described below.
The temporary (automated) storage of data is necessary for the course of a website visit to enable delivery of the website. The storage and processing of personal data is also carried out to maintain the compatibility of the website for as many visitors as possible and to combat abuse and eliminate malfunctions. For this purpose, it is necessary to log the technical data of the accessing computer in order to be able to react as soon as possible to display errors, attacks on the IT systems and/or errors in the functionality of the website. In addition, the data is used to optimize the website and to generally ensure the security of our information technology systems.
Duration of storage
The deletion of the aforementioned technical data takes place as soon as they are no longer needed to ensure the compatibility of the website for all visitors, but no later than 3 months after the website has been accessed.
Integration of external providers
We use the Shynet analysis tool to evaluate user behavior in order to design our website in line with requirements. Shynet is an opensource tool hosted by CrowdInsights. The legal basis for the data processing is Art. 6 para. 1 lit. f DSGVO. The legitimate interest consists in an optimization of our online offer. The stored data is deleted after three months.
Google Web Fonts
a) Description and scope of data processing
This site uses web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to Google’s servers. Through this, Google obtains knowledge that this website was called up via your IP address.
b) Legal basis for data processing
The use of Google Web Fonts is based on Art. 6 (1) lit. f DSGVO. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.
c) Purpose of data processing
The website operator has a legitimate interest in the uniform presentation of the typeface on its website.
d) Further information
Data security and data protection, communication by e-mail
Your personal data is protected by technical and organizational measures during collection, storage and processing in such a way that it is not accessible to third parties. In the case of unencrypted communication by e-mail, complete data security cannot be guaranteed on the transmission path to the IT systems, so that encrypted communication or the postal route is recommended for information requiring a high level of confidentiality.
Archiving procedure of the mail system
It should be noted that the mail system may have an automated archiving procedure. All incoming and outgoing e-mails are digitally archived in an audit-proof manner.
Legal basis and purpose of data processing
The legal basis for data processing is Art. 6 para. 1 lit. c DSGVO (legal obligation). The legal obligation consists of compliance with tax and commercial law requirements (e.g. §§ 146, 147 AO, §§ 238, 257 HGB). The purpose of archiving is to comply with tax law requirements (e.g. §§ 146, 147 AO – obligation to retain e-mails of relevance to tax law) and commercial law requirements (e.g. §§ 238, 257 HGB – obligation to archive business correspondence).
Duration of storage
Mail communication is stored until the expiry of retention obligations under tax and commercial law. The storage period can be up to 10 years.
If you send inquiries by contact form or by e-mail, the information you provide in the inquiry form, including the contact data you provide there, will be processed by us for the purpose of processing the inquiry and in the event of follow-up questions.
The processing of this data is based on Art. 6 (1) lit. b DSGVO, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on the legitimate interest in the effective processing of the requests sent to us (Art. 6 (1) (f) DSGVO) or on your consent (Art. 6 (1) (a) DSGVO) if this was requested.
The data you entered in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions – in particular retention periods – remain unaffected.
Your claims and rights
Right to information
You have the right to request confirmation as to whether we are processing personal data about you. If this is the case, you have a right to information about the information named in Art. 15 (1) DSGVO, insofar as the rights and freedoms of other persons are not affected (cf. Art. 15 (4) DSGVO).
Right of rectification
Pursuant to Art. 16 DSGVO, you have the right to have any incorrectly stored personal data (such as address, name, etc.) corrected by us at any time. You can also request a completion of the data stored by us at any time. A corresponding adjustment – if possible – will be made immediately.
Right to deletion
Pursuant to Art. 17 (1) DSGVO, you have the right to demand that we delete the personal data we have collected about you if the data is either no longer required; the legal basis for processing has ceased to exist without substitution due to the revocation of your consent; you have objected to the processing and there are no legitimate grounds for processing; your data is being processed unlawfully; a legal obligation requires this or a collection pursuant to Art. 8 (1) DSGVO has taken place.
The right does not exist according to Art. 17 (3) DSGVO if the processing is necessary for the exercise of the right to freedom of expression and information; your data has been collected on the basis of a legal obligation; the processing is necessary for reasons of public interest; the data is necessary for the assertion, exercise or defense of legal claims.