I. Contact Information
The contact details of the company
Authorized Managing Director: Harald Mahlich
Telephone number: +49 (0) 611 20 49 6 70
E-Mail Address: firstname.lastname@example.org
The contact details of the internal data protection officer
Internal Data Protection Officer: Tabea Schmidt
Telephone number: +49 (0) 611 - 167 512 08
E-Mail address: email@example.com
The contact details of the data protection officer
External Data Protection Officer: Dominik Fünkner
Telephone number: +49 (0) 89 2500 392 22
E-Mail address: firstname.lastname@example.org
Company name: Datenschutzexperte.de (PROLIANCE GmbH)
Personal data is any information relating to an identified or identifiable natural person (hereinafter the "data subject"). A natural person is considered to be identifiable who, directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, expresses the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person can be identified.
Affected person is any identified or identifiable natural person whose personal data is processed by the controller.
Processing means any process or series of operations related to personal data, such as collecting, collecting, organizing, organizing, storing, adapting or modifying, reading, querying, using, with or without the aid of automated procedures; disclosure by submission, dissemination or other form of provision, reconciliation or association, restriction, erasure or destruction.
Restriction of processing
Restriction of the processing is the marking of stored personal data with the aim to limit their future processing.
Profiling is any kind of automated processing of personal data that consists in using that personal information to evaluate certain personal aspects relating to a natural person, in particular aspects relating to job performance, economic situation, health, personal To analyze or predict preferences, interests, reliability, behavior, whereabouts or relocation of that natural person.
Pseudonymisation is the processing of personal data in such a way that personal data can no longer be attributed to a specific data subject without the need for additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that the personal data not assigned to an identified or identifiable natural person.
Responsible or the controller
The controller or controller is the natural or legal person, public authority, body or body that, alone or in concert with others, decides on the purposes and means of processing personal data. Where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for his designation may be provided for under Union or national law.
The processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.
Recipient is a natural or legal person, agency, agency or other entity to whom Personal Data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union or national law in connection with a particular mission are not considered as beneficiaries.
Third parties are a natural or legal person, public authority, body or body other than the data subject, the controller, the processor and the persons authorized under the direct responsibility of the controller or the processor to process the personal data.
Consent is any voluntarily given and unambiguously expressed in the form of a statement or other unambiguous confirmatory act by the data subject for the particular case, by which the data subject indicates that they consent to the processing of the personal data concerning him / her is.
III. Collection of access data
When you visit our website, it is technically necessary for data to be transmitted to our web server via your internet browser. With your access to our website these so-called server log files are recorded by us or the provider of the web space. The following data is recorded during an ongoing connection for communication between your Internet browser and our web server:
• Date and time of the request
• Name of the requested file
• Page from which the file was requested
• Access status (file transfer, file not found, etc.)
• Web browser used and operating system used
• Full IP address of the requesting computer
• Transmitted amount of data
We collect the listed data in order to ensure a smooth connection of the website and to allow a comfortable use of our website by the users. The information supports the provision and constant improvement of our offer. In addition, the log file serves the evaluation of system security and stability as well as administrative purposes. The legal basis for the temporary storage of data or log files is Art. 6 para. 1 lit. f DS-GMO.
We also reserve the right to examine the data mentioned retroactively, should the suspicion of an illegal use of our offer exist. For reasons of technical security, in particular to ward off attacks on our web server, this data is stored by us for a short time. A conclusion to individual persons is not possible on the basis of this data. After seven days at the latest, the data is anonymized by shortening the IP address at the domain level, so that it is no longer possible to relate to the individual user. In anonymous form, the data is also processed for statistical purposes. A storage of this data together with other personal data of the user does not take place, a comparison with other data or a transfer to third parties does not take place. Only in the context of our server statistics, which we publish every two years in our activity report, a representation of the number of page views takes place.
Server log files
The server logfiles are anonymized data that are collected when you access our website. This information does not allow any conclusions to be drawn personally, but for technical reasons, it is indispensable for the delivery and presentation of our content. Furthermore, they serve our statistics and the constant optimization of our content. Typical log files are the date and time of the access, the amount of data, the browser used for access and its version, the operating system used, the domain name of the provider you have requested, the page from which you came to our offer (referrer). URL) and your IP address. Logfiles also allow for an accurate examination in case of suspected illegal use of our website.
V. Information about our offer
You can register for our newsletter on our website. We need your e-mail address for this. In addition, we must verify that you are the owner of the given e-mail address and wish to receive the newsletter, in compliance with the relevant legal regulations. We therefore collect information that makes such a review possible. The data collected in this context serve to send and receive the newsletter. They have no other purpose and will not be disclosed to third parties. Apart from the information required for sending out the newsletter, no further data will be collected from our site. Since the sending and receiving of the newsletter depends on your consent, you can revoke this consent to the collection and storage of your data at any time without stating reasons. Use the "unsubscribe link" provided in the newsletter.
Contradiction advertising emails
Within the framework of the legal imprint obligation we have to publish our contact data. These are sometimes used by third parties to send unwanted advertising and information. We hereby object to any unsolicited transmission of advertising material of any kind. We also expressly reserve the right to take legal action against the undesired and unsolicited sending of advertising material. This applies in particular to so-called spam e-mails, spam letters and spam faxes. Please note that the unauthorized transmission of advertising material may affect both antitrust, civil and criminal matters. Especially spam e-mails and spam faxes can lead to high claims for damages if they disrupt business operations by overflowing mailboxes or fax machines.
VI. Web analytics and advertising tracking
Use of Google AdSense
We include ads from Google AdSense on our website. Google AdSense is a remarketing feature of Google Inc. It allows us to offer matched, interest-based ads to visitors to our pages. Cookies are used. These text files stored on your computer generate information that makes you recognizable as a visitor by, for example, identifying your IP address. In addition, web beacons are also used. These are invisible graphics that analyze the flow of visitors on a web page. All of this information is provided by Google to its servers in the United States. Google denies in this context the storage of personal data and the merger of IP addresses with other Google services. However, Google Inc. is not prevented from disclosing the information to third parties. You have the option to stop this remarketing feature. The necessary settings can be found on the following website: http://www.google.com/settings/ads. You are already blocking the storage of cookies via the page http://www.networkadvertising.org/managing/opt_out.asp. The same result can be achieved through the corresponding settings in your browser, which are explained to you via its help function. Without cookies, the presentation and function of our website may be restricted. By using our web site, you periodically agree that Google collects and processes the designated data in remarketing in the manner described above.
Use of Google Analytics
Google Analytics Remarketing
Google Maps Plugin
VII. Social media plug-ins
We also integrate functions of the online service Instagram on our website. Provider of these features is the Instagram Inc. It is located in the US, CA 94025, 1601 Willow Road, Menlo Park. The Instagram button allows you to visit our pages linking to your Instagram account, if you are logged in to Instagram. Instagram receives the information about your visit to our website and can assign this visit to your Instagram profile. We are not aware of the content of the transmitted information or its use by Instagram. You can find more information about Instagram data collection and use in the Instagram privacy statement at http://instagram.com/about/legal/privacy/.
IX. Third-party content and services
X. SSL encryption
Our website uses SSL encryption when it comes to the transmission of confidential or personal content of our users. This encryption is activated, for example, in the processing of payments and requests that you make to us through our website. Please make sure that the SSL-encryption is activated by your side during activities. The use of encryption is easy to recognize: The display in your browser line changes from "http: //" to "https: //". SSL encrypted data is not readable by third parties. Submit your confidential information only with activated SSL encryption and contact us in case of doubt.
XI. Encrypted payment transactions
We secure your data in payment transactions. Therefore, for security reasons and to protect your confidential and personal content, our site uses SSL encryption for payment transfers. You can determine if SSL encryption is enabled or not. You recognize the use of encryption at the address bar of the browser. Only when the regular display changes from "http: //" to "https: //", data transfer is encrypted. The browser line "https: //" indicates the use of SSL encryption, payment transactions are now encrypted. Enabling SSL encryption makes it impossible for third parties to read your confidential information. Therefore, transfer your data only with activated SSL encryption.
XII. Rights of the person concerned
Right of confirmation
Each data subject has the right, as granted by the European Regulators and Regulators, to require the controller to confirm whether personal data relating to him / her is being processed. If an affected person wishes to make use of this right of confirmation, they can contact an employee of the controller at any time.
Right to information
Any person concerned by the processing of personal data shall have the right, granted by the European Di- rective and Regulatory Authority, at any time to obtain from the data controller information free of charge on the personal data stored about him and a copy of that information. Furthermore, the European legislator and regulator has provided the data subject with the following information:
• the processing purposes
• the categories of personal data being processed
• the recipients or categories of recipients to whom the personal data have been disclosed or are still being disclosed, in particular to recipients in third countries or to international organizations
• if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining that duration
• the right of rectification or erasure of the personal data concerning them, or the limitation of the controller's processing or the right to object to such processing
• the existence of a right of appeal to a supervisory authority
• if the personal data are not collected from the data subject: all available information about the origin of the data
• the existence of automated decision-making, including profiling, in accordance with Article 22 (1) and (4) of the BER, and - at least in these cases - meaningful information about the logic involved and the scope and intended impact of such processing on the data subject
In addition, the data subject has a right of access as to whether personal data has been transmitted to a third country or to an international organization. If that is the case, then the data subject has the right to obtain information about the appropriate guarantees in connection with the transfer.
If an interested party wishes to exercise this right to information, they may at any time contact an employee of the controller.
Right to rectification
Any person affected by the processing of personal data has the right granted by the European directive and regulatory authority to demand the immediate correction of inaccurate personal data concerning him / her. Furthermore, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration, taking into account the purposes of the processing.
If an affected person wishes to exercise this right of rectification, they may, at any time, contact an employee of the controller.
Right to cancellation (right to be forgotten)
Any person affected by the processing of personal data shall have the right granted by the European Directives and Regulators to require the controller to immediately delete the personal data concerning him, provided that one of the following reasons is satisfied and the processing is not required:
• The personal data has been collected for such purposes or otherwise processed for which they are no longer necessary.
• The data subject revokes their consent, on which the processing was based in accordance with Article 6 (1) (a) of the GDPR or Article 9 (2) (a) GDPR, and lacks any other legal basis for the processing.
• The data subject submits an objection to the processing pursuant to Art. 21 (1) DS-GVO, and there are no legitimate reasons for the processing, or the data subject appeals pursuant to Art. 21 (2) DS-BER the processing.
• The personal data were processed unlawfully.
• The deletion of personal data is required to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
• The personal data were collected in relation to information society services offered pursuant to Art. 8 para. 1 DS-GVO.
• If one of the above reasons is correct and an affected person wishes to arrange for the deletion of personal data stored at SOURCE GmbH, they may at any time contact an employee of the controller. The employee of the SOURCE GmbH will arrange that the deletion request be fulfilled immediately.
Right to restriction of processing
Any person affected by the processing of personal data has the right, granted by the European directive and regulatory authority, to require the controller to restrict the processing if one of the following conditions applies:
• The accuracy of the personal data is contested by the data subject for a period of time that enables the person responsible to verify the accuracy of the personal data.
• The processing is unlawful, the data subject refuses to delete the personal data and instead requests the restriction of the use of personal data.
• The data controller no longer needs the personal data for the purposes of processing, but the data subject requires them to assert, exercise or defend their rights.
• The data subject has objection to the processing acc. Art. 21 para. 1 DS-GVO and it is not yet clear whether the legitimate reasons of the person responsible outweigh those of the person concerned.
If one of the above-mentioned conditions exists and an affected person wishes to request the restriction of personal data stored by SOURCE GmbH, he may at any time contact an employee of the controller. The employee of SOURCE GmbH will initiate the restriction of the processing.
Right to data portability
Any person affected by the processing of personal data shall have the right conferred by the European Directives and Regulations to obtain the personal data concerning him / her provided to a controller by the data subject in a structured, common and machine-readable format. It also has the right to transfer this data to another person responsible without hindrance by the controller to whom the personal data was provided, provided that the processing is based on the consent pursuant to Article 6 (1) (a) of the GDPR or Article 9 (1) (b) 2 (a) of the GDPR or on a contract pursuant to Article 6 (1) (b) of the GDPR and processing by means of automated processes, unless the processing is necessary for the performance of a task of public interest or in the exercise of public authority, which has been assigned to the responsible person.
Furthermore, in exercising their right to data portability under Article 20 (1) of the GDPR, the data subject has the right to obtain that the personal data are transmitted directly from one controller to another, insofar as this is technically feasible and if so this does not affect the rights and freedoms of others.
In order to assert the right of data transferability, the data subject can contact an employee of SOURCE GmbH at any time.
Right to objection
Any person concerned by the processing of personal data shall have the right conferred by the European directive and regulatory authority at any time, for reasons arising from its particular situation, against the processing of personal data relating to it pursuant to Article 6 (1) (e) or f DS-GVO takes an objection. This also applies to profiling based on these provisions.
SOURCE GmbH will no longer process your personal data in the event of an objection, unless we can prove compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the data subject, or the processing is for assertion, exercise or defense of legal claims.
If SOURCE GmbH processes personal data in order to operate direct mail, the data subject has the right to object at any time to the processing of personal data for the purpose of such advertising. This also applies to the profiling, as far as it is associated with such direct mail. If the data subject objects to SOURCE GmbH for the purposes of direct marketing, SOURCE GmbH will no longer process the personal data for these purposes.
In addition, the data subject has the right, for reasons arising from his / her particular situation, against the processing of personal data relating to him or her, for scientific or historical research purposes or for statistical purposes pursuant to Art. 89 para. GMOs are invited to submit an objection unless such processing is necessary to fulfill a task of public interest.
In order to exercise the right to object, the person concerned may directly contact any employee of SOURCE GmbH or another employee. The data subject is also free, in the context of the use of information society services, notwithstanding Directive 2002/58 / EC, to exercise his right of opposition by means of automated procedures using technical specifications.
Information, cancellation, blocking