1. Personal Data
Personal data means any information relating to an identified or identifiable natural person (hereinafter: ‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
2. Data Subject
A data subject is any identified or identifiable natural person, whose personal data is processed by the controller.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
4. Restriction of Processing
Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.
Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
7. Third Party
Third party means a natural or legal person, public authority, agency or body other than the data subject, Controller, processor and persons who, under the direct authority of the Controller or processor, are authorized to process personal data.
Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
Please address us as the Controller responsible for your personal data or our data protection officer in case of inquiries regarding the processing of your personal data and the enforcement of your data subject rights further described under Fig. V.
Contact Details of the Controller
Am Wall 128 - 134
phone.: +49 (0) 421 - 33 61 66 90
fax: +49 (0) 421 - 33 61 66 95
III. Processing of Personal Data
1. Visiting our website
Visiting our website, our webservers will store information provided to us by the browser used on your terminal device by default. This information will be stored temporarily in a so-called logfile. In this connection, the following information will be stored:
- IP-address of the accessing terminal device
- date and time of the access
- content of the request (precise site/page)
- website from which our site was accessed (Referrer-URL)
- browser used
- the system software of your terminal device
- Referrer (previously visited website)
- Device type used
Legal basis for the processing of your IP address is art. 6 para. 1 sentence 1 letter f) GDPR. The purpose of the processing as well as our legitimate interest result from guaranteeing a trouble-free connection buildup, an agreeable use of our website and for reasons of system security and stability. The above-mentioned data will be erased automatically after 8 weeks as soon as the purposes mentioned have been fulfilled.
Cookies are small text files, which your browser generates automatically and which are filed and stored on your terminal device visiting our website. Cookies do not do harm to your terminal device, do not contain viruses, trojans or other malware.
Information resulting from the specific use of the terminal device is filed in the cookie. This does not mean though, that we are hereby immediately informed about your identity.
This website uses the following cookies, whose extent and functionality are outlined hereafter:
a) Transient cookies will be deleted automatized, when you close the browser. Especially session cookies number among these. Session cookies store a so-called session ID, with which various requests of your browser may be assigned to the joint session. As a result, we are able to recognize that you visited individual pages on our website. Session cookies will be deleted as soon as you logout or close the browser.
b) Persistent cookies will be deleted automatized after a given period of time which may differ from cookie to cookie. You may also delete the cookies in the security settings of your browser at any time. The cookies enable us to recognize you automatically at your next visit to our website. Furthermore, you do not have to re-enter data or settings once entered due to these cookies. We use persistent cookies to collect statistics about the use of our website and to optimize our offer to you.
You may certainly look at our website without cookies. Most browsers accept cookies automatically. You may prevent the storage of cookies on your terminal device by choosing “do not accept cookies” in your browser settings. Detailed instructions may be gathered from the manual of your browser. You may delete cookies already set on your terminal device at any time. Not accepting cookies, may lead to a restricted function of our offers.
The data processed by the cookies is required for the listed purposes to preserve our legitimate interests according to art. 6 para. 1 sentence 1 letter f) GDPR.
3. Data processing in the context of the initiation or the performance of contracts
In the context of the initiation or the performance of contracts concluded between us, we process the personal data hereby provided by you. To execute orders, we process your personal data by transferring the data to third party companies. Provided that it is necessary, we transfer your address data, email address or your phone number to the company charged with the delivery to fix a delivery date.
The processing of this data is effected for the purposes of the performance and initiation of a contract. Legal basis is art. 6 para. 1 sentence 1 letter b) DSGVO.
4. Data Processing in connection with the Job Application Procedure
We process personal data of applicants for the purpose of conducting the application procedure. The processing may be executed by electronic means. This is the case, especially if an applicant transmits application documents by electronic means to us, e.g. by email, or if postal applications have been
filed in our computing systems later on. Open vacancies can be found on our website under "Vacancies". Please send your application to firstname.lastname@example.org. In the event an employment contract is concluded with an applicant, the transmitted personal data will be stored for the purpose of conducting the employment relationship with respect to legal regulations. If no employment contract is concluded, the application documents will be deleted after the disclosure of the refusal if and when no other legitimate interest of the Controller bars the erasure. In this sense, legitimate interest is e.g. a burden of proof in proceedings according to the German General Act on Equal Treatment.
Legal basis for this data processing is art. 6 para. 1 sentence 1 letter b) GDPR.
5. Disclosure of your Personal Data
Your personal data will only be disclosed to third parties,
- if you have given your express consent pursuant to art. 6 para. 1 sentence 1 letter a) GDPR,
- if the disclosure is necessary to assert, exercise or defend legal claims pursuant to art. 6 para. 1 sentence 1 letter f) GDPR and there is no reason to assume that you have an overriding interest worth of protection in not disclosing your data,
- in the event that a legal obligation exists for the transfer pursuant to art. 6 para. 1 sentence 1 letter c) GDPR, and
- this is legally permissible and is required by art. 6 para. 1 sentence 1 letter b) GDPR for the processing of contractual relationships with you.
6. Use of Google Web Fonts
We use so-called web fonts provided by Google LLC. (hereinafter referred to as „Google“), 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, on our website for the uniform display of types. For this purpose, the browser used by you will have to contact the Google servers. Hereby, Google gains knowledge of the use of your IP address to view our website. The use of Google Web Fonts is effected in the interest of a uniform and appealing display of our online offers. This represents a legitimate interest in terms of art. 6 para. 1 sentence 1 letter f) GDPR.
If your browser does not support Web Fonts, a standard type of your terminal device will be used.
IV. Erasure of Personal Data
Your personal data will only be stored as long as they are needed for the purposes for which they were collected initially. Erasure only takes place, as far as no legal storage obligations are opposed. In all other respects you have a right of erasure at any time in accordance with fig. V. 4., provided that the legal requirements for this are met.
V. Data Subject Rights
If the legal prerequisites in question apply, please address us as controller or our data protection officer using the contact means mentioned under fig. II in order to assert your data subject rights.
1. Right of Access
According to art. 15 para. 1 GDPR, you have the right of access to the personal data processed by us. Upon request, we notify you in writing as promptly as possible if and which of your personal data is stored by us. In particular, you may demand information on the purposes of the processing, the category of the personal data, the categories of recipients to which your data was or will be disclosed, the planned duration of the storage, the existence of a right of rectification, erasure or to object, the existence of a right of complaint, the origin of your data as long as they have not been gathered by us as well as on the existence of automated individual decision-making including profiling and p.r.n. significant information on details.
2. Right to Obtain a Copy
According to art. 15 para. 3 GDPR, you have the right to request a free copy of all processed personal data concerning your person Further copies may be reasonably charged. The right to obtain a copy shall not impair the liberties of other persons. Commercial secrets and intellectual property rights of third persons may bar the right to obtain a copy.
3. Right of Rectification
According to art. 16 GDPR, you have the right to demand the immediate rectification of incorrect personal data or the completion of the data stored.
4. Right of Erasure
According to art. 17 GDPR, you have the right to demand the erasure of your personal data stored as long as the processing is not essential for the assertion of the right to freedom of speech and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exertion or defense of legitimate claims.
5. Right to Restriction of Processing
According to art. 18 GDPR, you have the right to demand the restriction of the processing of your personal data provided that the correctness of the data is impugned by you, the processing is unlawful, you refuse the erasure of the data which we do not need any more but which you need to assert, execute or defend legal claims or provided that you have lodged an objection against the processing acc. to art. 21 GDPR.
6. Right to Data Portability
According to art. 20 GDPR, you have the right to receive the personal data concerning yourself and disclosed by you in a structured, commonly used and machine-readable format or to demand the disclosure to another person responsible.
7. Right to Withdrawal of Consent
According to art. 7 para. 3 GDPR, you have the right to withdraw your consent at any time. As a consequence, the processing based on this consent shall not be continued.
8. Right to lodge a complaint with a Supervisory Authority
According to art. 77 GDPR you have the right to lodge a complaint with a supervisory authority, if you consider, that the processing of your personal data infringes applicable provisions. You may contact the supervisory authority located at your usual place of residence or work.
9. Right to Object
If the processing of your personal data is based on legitimate interests in accordance with art. 6 para. 1 sentence 1 letter f) GDPR, you have the right to file an objection against the processing of your personal data in accordance with art. 21 GDPR, provided that there are reasons for this arising from
your particular situation or the objection is directed against direct mailing. In the latter case, you have a general right to object, which will be implemented by us without specifying any particular situation.
In order to assert your right to object, please send an email email@example.com.
We implement technical and organizational security measures to protect your personal data processed by us against manipulation, loss, destruction and the access by unauthorized persons. Our security measures are continuously enhanced according to technological development. Internet- based data transfers may in principle show security gaps, though, we cannot guarantee absolute protection. Therefore, you are free to transmit your personal data by alternative means, e.g. telephonically or by mail.
VII. Automated Individual Decision-Making including Profiling
Using our website and the services offered on the same, you will not solely be subject to a decision made by automated individual decision making – including profiling; which takes legal effect or affects you considerably in a similar way.