Privacy Policy

Please note: This is only a translation in order to support you in understanding our Privacy Policy terms. The German version is solely decisive.

Our website can be visited without submission of personal data. Any personal data, e.g. name, address or e-mail address, received on the site are normally supplied voluntarily by the visitor. Such information will not be transmitted by us to third parties without the owner’s prior express consent. Data transmitted through the Internet, e.g. communications by e-mail, are exposed to security risks Total protection against access to such transmissions by unauthorized third parties is impossible.

We hereby deny permission to send advertising and information material not expressly required under the legal notice obligation to our website and reserve the right to institute legal proceedings against natural or legal persons addressing such unsolicited transmissions, e.g. spam, to our site.

1. Name and address of the controller

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the Member States, as well as other provisions of data protection law is:

Alexander Rühle
zapliance GmbH
Holzdamm 57
20099 Hamburg
Germany

Tel.: +49 (0) 40 5544 4490
E-Mail: kontakt(a)zapliance.com
Website: www.zapliance.com

The data protection officer of zapliance can be reached at the above address, for the attention of Mr. Olaf Mangliers, or here.

2. General information on data processing

1. Scope of the processing of personal data

We only process personal data of our users to the extent that it is necessary to do so to provide a functional website, as well as our content and services. The personal data of our users is processed on a regular basis only after the consent of the user has been obtained. An exception to this rule applies in those cases where prior consent cannot be obtained for real reasons and the processing of the data is permitted by law.

2. Legal basis for the processing of personal data

As we obtain the consent from the person concerned for the processing of personal data, Art. 6(1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis for processing.

Art. 6(1) (b) of the GDPR serves as the legal basis for the processing of personal data required for the performance of a contract to which the data subject is a party. This also applies to processing operations that are necessary in order to take steps at the request of the data subject prior to entering into a contract. Insofar as the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6(1) (c) of the GDPR serves as the legal basis for processing.

In the event that the vital interests of the data subject or another natural person require the processing of personal data, Art. 6(1) (d) of the GDPR serves as the legal basis for processing.

If processing is necessary for the purposes of the legitimate interests pursued by our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not override such interests, Art. 6(1) (f) of the GDPR serves as the legal basis for processing.

3. Erasure of data and storage period

The personal data of the data subject will be erased or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or erased if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data in order to enter into a contract or for the performance of a contract.

3. Provision of the website and creation of log files

1. Description and scope of data processing

  • Information about the browser type and version used
  • The user’s operating system
  • The Internet service provider of the user
  • The IP address of the user
  • Date and time of access
  • Websites from which the user’s system reaches our website
  • Websites accessed by the user’s system via our website
  • Data about the click stream
  • Access time of website contents

The log files contain IP addresses or other data that enable the data collected to be assigned to a user. This could be the case, for example, if the link to the website from which the user accesses the website or the link to the website to which the user is directed contains personal data.

The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.

2. Legal basis for data processing

The legal basis for the temporary storage of data and log files is Art. 6(1) (f) of the GDPR.

3. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this purpose, the IP address of the user must remain stored for the duration of the session.

The data is stored in log files to ensure the functionality of the website. In addition, the data is used by us to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

These purposes also lie in our legitimate interest in data processing pursuant to Art. 6(1) (f) of the GDPR.

4. Data storage period

The data will be erased as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

5. Right to object and request removal

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

4. Usage of cookies

This website uses cookies. We use cookies to personalize content and ads, provide social media features, and analyze traffic to our website. We also share information about your use of our website with our social media, advertising and analytics partners. Our partners may combine this information with other data that you have provided to them or that they have collected in the course of your use of the Services.
 
Cookies are small text files used by websites to make the user experience more efficient.

By law, we may store cookies on your device if they are strictly necessary for the operation of this site. For all other cookie types, we need your permission.

This site uses different types of cookies. Some cookies are placed by third parties that appear on our pages.

You can change or withdraw your consent at any time from the cookie statement on our site.

Learn more about who we are, how you can contact us and how we process personal data in our Privacy Policy.

Please provide your consent ID and the date when you contact us regarding your consent.

Your consent applies to the following domains: zapliance.com.

Necessary (4)

Necessary cookies help make a website usable by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

NameAnbieterZweckAblaufTyp
#wp-admin/admin-ajax.php#zapliance.comPendingSessionHTML Local Storage
elementorzapliance.comPendingSessionHTML Local Storage
borlabs-cookieBorlabs CookieStores the user’s consent status for cookies on the current domain.182 daysHTTP Cookie
JSESSIONIDnewrelic.comMaintains the browser session for all page requests.SessionHTTP Cookie

Preferences (2)

Preference cookies allow a website to remember information that affects the way a website behaves or looks, such as your preferred language or the region you are in.

NameAnbieterZweckAblaufTyp
user_langzapliance.comDetermines the language settings and redirects to the correct page accordingly1 dayHTTP Cookie
wp-wpml_current_languagezapliance.comDenotes the country code calculated based on the user’s IP address. Used to determine which language to use for users.SessionHTTP Cookie

Statistics (6)

Statistics cookies help website owners understand how visitors interact with websites by collecting and reporting information anonymously.

NameAnbieterZweckAblaufTyp
__cf_bmHubspotThis cookie is used to distinguish between humans and bots. This is beneficial for the website to generate valid reports about the usage of its website.1 dayHTTP Cookie
__cfruidzapliance.comThis cookie is a part of Cloudflare’s services – including load balancing, providing website content, and providing a DNS connection for website operators. .SessionHTTP Cookie
embed/v3/counters.gifHubspotUsed to implement forms on the website.SessionPixel Tracker

Marketing (5)

Marketing cookies are used to follow visitors on websites. The intention is to show ads that are relevant and appealing to the individual user and therefore more valuable to publishers and advertising third parties.

NameAnbieterZweckAblaufTyp
__hsscHubspotCaptures statistical data about user website visits, such as the number of visits, average time spent on the website, and which pages were loaded. The purpose is to segment website users by factors such as demographics and geographic location so that media and marketing agencies can structure and understand their audiences to enable tailored online advertising.1 dayHTTP Cookie
__hssrcHubspotCaptures statistical data about user website visits, such as the number of visits, average time spent on the website, and which pages were loaded. The purpose is to segment website users by factors such as demographics and geographic location so that media and marketing agencies can structure and understand their audiences to enable tailored online advertising.SessionHTTP Cookie
__hstcHubspotCaptures statistical data about user website visits, such as the number of visits, average time spent on the website, and which pages were loaded. The purpose is to segment website users by factors such as demographics and geographic location so that media and marketing agencies can structure and understand their audiences to enable tailored online advertising.179 daysHTTP Cookie
__ptq.gifHubspotSends data to the marketing platform Hubspot about the visitor’s device and behaviour. Tracks the visitor across devices and marketing channels.SessionPixel Tracker
hubspotutkHubspotSets a unique ID for the session. This allows the website to obtain data about visitor behavior for statistical purposes.179 daysHTTP Cookie

Unclassified (4)

Unclassified cookies are cookies that we are currently trying to classify, along with providers of individual cookies.

NameAnbieterZweckAblaufTyp
currentUserSaves the current user data for the use of the web store PersistentHTML Local Storage
emailzapliance.comPending1 dayHTML Local Storage
refresh-tokenzapliance.comPending1 dayHTTP Cookie
uk-img.#zapliance.comPendingSessionHTML Local Storage

5. Newsletter

1. Description and scope of data processing

You can subscribe to a free newsletter on our website. When registering for the newsletter, the data from the form is transmitted to us.

  • E-Mail address
  • If necessary, further information provided on a voluntary basis in various forms

In addition, the following data is collected upon registration:

  • IP address of the computer submitting the request
  • Date and time of registration
  • Registration page
  • Websites from which the user’s system reaches our website

In the course of the registration process, your consent is obtained for the processing of the data and reference is made to this data protection declaration.

If you purchase goods, services or digital content on our website and enter your e-mail address, we may subsequently use this for sending you a newsletter. In such a case, the newsletter will only be used to send information that we believe may be of interest to the user or marketing communications relating to our goods, services or digital content.

In connection with data processing for the dispatch of newsletters, no data is passed on to third parties. The data will be used exclusively for sending the newsletter.

2. Legal basis for data processing

The legal basis for the processing of the data after registration for the newsletter by the user is Art. 6(1) (a) of the GDPR.

The legal basis for sending the newsletter as a result of the sale of goods or services is Section 7 (3) of the German Act Against Unfair Competition (Gesetz gegen den unlauteren Wettbewerb – UWG).

3. Purpose of data processing

The purpose of collection of the user’s e-mail address is to send the user the newsletter.

The purpose of collection of other personal data as part of the registration process is to prevent misuse of the services or the e-mail address used.

4. Data storage period

The data will be erased as soon as it is no longer necessary to achieve the purpose for which it was collected. The user’s e-mail address will therefore be stored for as long as the subscription to the newsletter is active.

5. Possibility of objection and removal

The subscription to the newsletter can be cancelled by the user concerned at any time. For this purpose, there is a corresponding link in every newsletter.

This also allows the user to revoke consent to the storage of personal data collected during the registration process.

6. Contact form and e-mail contact

1. Description and scope of data processing

There is a contact form on our website which can be used for electronic contact. If a user takes advantage of this possibility, the data entered in the input mask will be transmitted to us and stored. This data is:

First name
Last name
E-Mail address
Phone number
Company name

At the time the message is sent, the following data is also stored:

The IP address of the user
Date and time of registration
Information about the contact page used

Your consent is obtained for the processing of the data within the scope of the sending process and reference is made to this data protection declaration.

Alternatively, you can contact us via the e-mail address provided. In this case, the user’s personal data transmitted by e-mail will be stored.

In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation.

2. Legal basis for data processing

The legal basis for the processing of data is Art. 6(1) (a) of the GDPR if the user has given his or her consent.

The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6(1) (f) of the GDPR. If the purpose of the e-mail contact is for the performance of a contract, Art. 6(1) (b) of the GDPR provides further legal basis for the processing.

3. Purpose of data processing

Personal data from the input mask is only processed by us for the purposes of handling the process of establishing contact. In the event of contact by e-mail, this also constitutes the necessary legitimate interest in the processing of the data.

The other personal data processed during the submission of the contact request serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

4. Data storage period

The data will be erased as soon as it is no longer necessary to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those that were sent by e-mail, this is the case when the respective conversation with the user is finished. The conversation is terminated when the circumstances indicate that the matter in question has been definitively clarified.

5. Possibility of objection and removal

The user has the possibility to revoke his or her consent to the processing of personal data at any time. If the user contacts us by e-mail, he or she can object to the storage of his or her personal data at any time. In such a case, the conversation cannot be continued.

The user has the option of sending an informal e-mail to info(a)monospark.com in order to lodge the objection, or to fill out the contact form.

All personal data stored in the course of contacting us will be deleted in this case.

7. External Tools

Use of Google Analytics

This website uses Google Analytics, a web analysis service of Google Inc. (“Google”). The use is based on Art. 6(1) sentence 1 (f) of the GDPR. Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website such as

  • Browser type/version,
  • Operating system used,
  • Referrer URL (the previously visited page),
  • Time of the server request,

are usually transferred to a Google server in the USA and stored there. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. We have also added the code “anonymizeIP” to Google Analytics on this website. This guarantees that your IP address is masked so that all data is collected anonymously. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activities and to provide the website operator with further services associated with website and Internet use. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en. As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking this link. An opt-out cookie is set to prevent future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.

We continue to use Google Analytics to evaluate data from double-click cookies and AdWords for statistical purposes. If you do not want this to happen, you can disable it using the Ads Preferences Manager (http://www.google.com/settings/ads/onweb/?hl=en).

Further information on data protection in connection with Google Analytics can be found in the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=en).

Use of HubSpot

Our website uses HubSpot, software from HubSpot Inc., USA. This software is used in the so-called area of inbound marketing and helps us to better coordinate and optimise our marketing strategy by means of statistical analyses and evaluation of logged user behaviour, among other things. Cookies (see above) are used. You can prevent the storage of cookies at any time by choosing the corresponding setting in your browser software or delete the cookies already stored. For more information on the type and scope of cookie use, please visit https://knowledge.hubspot.com/de/articles/kcs_article/reports/what-cookies-does-hubspot-set-in-a-visitor-s-browser. Please note that, if cookies are blocked, you may not be able to use the full range of services provided on our website. For more information, please refer to the HubSpot Inc. Terms of Use and Privacy Policy at http://www.hubspot.com/terms-of-service and http://www.hubspot.com/privacy-policy. If you do not wish the information about your visit to be used for the purposes described, you are welcome to inform us at any time by e-mail or by post. All information we collect is subject to this privacy policy. HubSpot is subject to the TRUSTe’s Privacy Seal and the U.S. – EU Safe Harbor Framework and the U.S. – Swiss Safe Harbor Framework. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, phone: +353 1 5187500.

HubSpot CRM

We use HubSpot in part to host our website, specifically our knowledge base in the Support section. HubSpot collects usage data, which includes both identifiable and non-identifiable data about website visits. This data is either provided to HubSpot or collected automatically through the use of HubSpot services.

Non-personal data does not allow HubSpot to track who owns the data. This includes browsing and click behavior, session heatmaps and scrolls, and non-identifiable data about device, operating system, browser, screen resolution, language and keyboard settings, ISPs, referral/exit pages, date, etc.

HubSpot also collects data that can be identified and thus become personal data. This is all data received on the occasion of the website visit, such as contact data, billing data, browser or usage session data, data regarding related third-party accounts, etc.

This is where HubSpot takes physical, electronic, and procedural safeguards to protect your personal information. For more information, click here.

HubSpot Forms

We use the HubSpot Forms service on our website on the basis of our legitimate interest pursuant to Art. 6 (1) lit. f DSGVO), whereby our legitimate interest lies in the provision of contact forms and simplified communication with interested parties. When using HubSpot Forms, no personal tracking takes place as with HubSpot itself.

Via HubSpot Forms, data entered in forms is stored when contact is made via contact form. This data is in turn stored in the above-mentioned HubSpot CRM and used to contact you.

HubSpot Analytics

As part of our legitimate interest in a technically flawless online offering and its economically efficient design and optimization, we also use HubSpot to analyze our website.

HubSpot uses technologies for this, in particular cookies, which are stored on your computer. These store information about the use of our site, so that we can improve our offer based on these results. HubSpot collects the data pseudonymously and does not combine it with other personal data. This means that we cannot identify you as a website visitor.

New Relic

Since we embed HubSpot Appointment Calendar on our website, New Relic is automatically included by the Java Script for the function. New Relic is a website optimization platform. The service provider is the American company New Relic Inc., San Francisco,CA, 188 Spear St, San Francisco, USA.

New Relic also processes your data in the USA, among other places. Therefore, we point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may entail various risks for the legality and security of the data processing.

As a basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there, New Relic uses so-called standard contractual clauses (= Art. 46. para. 2and 3 DSGVO).

Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that data complies with European data protection standards even if it is transferred to and stored in third countries. Through these clauses, New Relic undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the United States. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The data processing terms and conditions (Data ProcessingAddendum), which correspond to the standard contractual clauses, can be found at
https://newrelic.com/termsandconditions/dataprotectionfaq

To learn more about the data processed through the use of NewRelic, please see the privacy policy at
https://newrelic.com/termsandconditions/privacy

Friendly Captcha

We use the Friendly Captcha service on our website, especially in the license activation area. This checks whether the request is made by a real user or by machine or automated programs (bots).

For this purpose, the provider of Friendly Captcha, Friendly Captcha GmbH (Am Anger 5, 82237 Wörthsee, Germany), collects your IP address, technical details about the browser and, if applicable, the operating system, the requested website, as well as the date and time of the request and your entries, which Friendly Captcha prompts you to make. No cookies are set or used for this purpose. Friendly Captcha only receives your data when you click on the button to start the verification. The provider has summarized details about this processing here: https://friendlycaptcha.com/de/legal/privacy-end-users/

Insofar as we receive data in this context, we only process it for as long as is necessary to check your request and then delete it. We use the tool exclusively to prevent misuse of our website or use designed to cause technical damage. We use the processes on the basis of Art. 6 para. 1 subpara. 1 letter e, DSGVO.

Font Awesome

We use Font Awesome from the American company Fonticons (307 S. Main St., Suite 202, Bentonville, AR 72712, USA). When the website is accessed, the web font (especially icons) is loaded via the Font Awesome content delivery network (CDN) and displayed in an adapted manner on end devices.

With Font Awesome, icons can be scaled and colored as you like using CSS stylesheet language, replacing old image icons. With the help of the icons, the content of our website can be better presented, helps orientation and easy acquisition. With Font Awesome we also improve the loading speed, because they are only HTML elements and not images. This way we can make our website even clearer, fresher and faster.

Font Awesome CDN is used to load the icons. This is a network of servers distributed around the world, making it possible to quickly load files from nearby. This is how our used icons are provided.

In order for this to happen, your browser connects to the servers of Fonticons, Inc. and recognizes your IP address. Font Awesome also collects data about which icons are downloaded and when, as well as technical data, such as your browser version, screen resolution, or the time of the page you viewed.

The data is collected to

  • optimize the CDN
  • detect and fix technical errors
  • protect CDNs from abuse and attacks
  • be able to charge Font Awesome Pro customers
  • know popularity of icons
  • know what computer and software you are using

Font Awesome stores the data on servers in the USA as well. However, these are located worldwide and store it where you are. In identifiable form, these are only stored for a few weeks, but aggregated statistics about usage may be stored for longer. No personal data is included here.

If you consent to the use of Font Awesome, consent is the legal basis. According to Art. 6 para. 1 lit. a DSGVO (consent), this constitutes the legal basis for the processing of personal data.

From our side, there is a legitimate interest in the use to optimize our online service. The corresponding legal basis for this is Art. 6 para. 1 lit. f DSGVO (Legitimate Interests). Nevertheless, we only use Font Awesome if you have given your consent.

If you want to learn more about Font Awesome and how they handle data, we recommend reading their privacy policy at www.fontawesome.com/privacy.

LinkedIn

The LinkedIn content on our website is blocked by a content blocker and only becomes visible once you consent to the content being displayed. Only then will everything that follows take effect.

On our website, we use content from the LinkedIn network, which is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (“LinkedIn”). As soon as you release the content blocker with consent, a connection is established between your browser and the LinkedIn servers. LinkedIn is informed that our website was visited with your IP address.

For more details on data collection and legal options, visit LinkedIn at: https://www.linkedin.com/legal/privacy-policy

Instagram

The Instagram content on our website is blocked by a content blocker and only becomes visible once you consent to the content being displayed. Only then will everything that follows take effect.

We integrate content from the Instagram service on our website. These are offered by Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

When you visit web pages of our website that have an Instagram function integrated, data is transmitted to Instagram, stored and processed. Instagram uses the same systems and technologies as Facebook. Your data is thus processed across all Facebook companies.

The storage and analysis of the data is based on Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in ensuring the greatest possible visibility in social media. If a corresponding consent has been requested, the processing is based exclusively on Art. 6 (1) a DSGVO; the consent can be revoked at any time.

Insofar as personal data is collected on our website and forwarded to Facebook or Instagram, we and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook or Instagram. The processing by Facebook or Instagram that takes place after the forwarding is no longer part of this. The obligations incumbent on us jointly have been set out in a joint processing agreement. You can find the text of the agreement at: https://www.facebook.com/legal/controller_addendum

According to the agreement, we are responsible for providing the privacy information when using the Facebook or Instagram tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of the Facebook or Instagram products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook or Instagram directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendumhttps://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/56699466033338

For more information, please see Instagram’s privacy policy: https://instagram.com/about/legal/privacy/

8. Rights of the data subject

1. Right of access to personal data

You can request confirmation from the controller as to whether or not personal data concerning you are being processed by us.

If such processing has taken place, you can request access to the personal data and the following information from the controller:

(1) the purposes for which the personal data are processed;

(2) the categories of personal data concerned;

(3) the recipients or categories of recipient to whom the personal data concerning you have been or will be disclosed;

(4) the envisaged period for which the personal data concerning you will be stored, or, if it is not possible to provide specific information on this, the criteria used to determine that storage period;

(5) the existence of the right to request from the controller rectification or erasure of personal data and of the right to restrict processing of personal data concerning you or to object to such processing;

(6) the right to lodge a complaint with a supervisory authority;

(7) where the personal data are not collected from the data subject, any available information as to their source ;

(8) the existence of automated decision-making, including profiling, referred to in Art. 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

You have the right to request information as to whether personal data concerning you are being transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 of the GDPR relating to the transfer.

2. Right to rectification

You have a right of rectification and/or completion vis-à-vis the data controller if the personal data processed concerning you are incorrect or incomplete. The controller shall make the rectification without undue delay.

3. Right to restriction of processing

Under the following conditions, you can obtain restriction of processing of personal data concerning you from the controller:

if you contest the accuracy of the personal data, for a period enabling the controller to verify the accuracy of the personal data;
the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
the controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims, or
if you have objected to processing pursuant to Art. 21(1) of the GDPR pending the verification whether the legitimate grounds of the controller override your grounds for objection.

Where processing of personal data concerning you has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

Where limits are to be placed on a restriction of processing obtained under the conditions set out above, you shall be informed by the controller before the restriction of processing is lifted.

4. Right to erasure

Obligation of erasure

You may request that the controller erase the personal data concerning you without undue delay and the controller shall be obliged to erase personal data without undue delay where one of the following grounds applies:

(1) The personal data concerning you are no longer necessary in relation to the purposes for which they were collected or otherwise processed.

(2) You withdraw your consent on which the processing is based according to point (a) of Art. 6(1), or point (a) of Art. 9(2) of the GDPR, and where there is no other legal ground for the processing.

(3) You object to the processing pursuant to Art. 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21(2) of the GDPR.

(4) The personal data concerning you have been unlawfully processed.

(5) The personal data concerning you have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.

(6) The personal data concerning you have been collected in relation to the offer of information society services referred to in Art. 8(1) of the GDPR.

Information to third parties

Where the controller has made the personal data public and is obliged pursuant to Art. 17(1) of the GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

Exceptions

The right to erasure does not exist to the extent that processing is necessary:

(1) for exercising the right of freedom of expression and information;

(2) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

(3) for reasons of public interest in the area of public health in accordance with points (h) and (i) of Art. 9(2) as well as Art. 9(3) of the GDPR;

(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) of the GDPR in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing; or

(5) for the establishment, exercise or defence of legal claims.

5. Right of information

If you have exercised your right to have the data controller rectify, erase or restrict the processing of personal data concerning you, the controller is obliged to communicate any rectification or erasure of data or restriction of processing to each recipient to whom the personal data concerning you have been disclosed, unless this proves impossible or involves disproportionate effort.

You have the right to request the controller to inform you about those recipients.

6. Right to data portability

You have the right to receive the personal data concerning you, which you have provided to a controller, in a structured, commonly used and machine-readable format. In addition, you have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where

(1) the processing is based on consent pursuant to point (a) of Art. 6(1) of the GDPR or point (a) of Art. 9(2) of the GDPR or on a contract pursuant to point (b) of Art. 6(1) of the GDPR; and

(2) the processing is carried out by automated means.

In exercising this right, you also have the right to have the personal data transmitted directly from one controller to another, where technically feasible. The freedoms and rights of others shall not be adversely affected thereby.

The right to data portability shall not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

7. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) of the GDPR, including profiling based on those provisions.

The controller shall no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

Where personal data concerning you are processed for direct marketing purposes, you shall have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

Where you object to processing for direct marketing purposes, the personal data concerning you shall no longer be processed for such purposes.

In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

8. Right to withdraw declaration of consent under data protection law

You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

9. Automated individual decision-making, including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This shall not apply if the decision

(1) is necessary for entering into, or performance of, a contract between you and a data controller;

(2) is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or

(3) is based on your explicit consent.

However, these decisions shall not be based on special categories of personal data referred to in Art. 9(1) of the GDPR, unless point (a) or (g) of Art. 9(2) of the GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.

In the cases referred to in points (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.

10. Right of appeal to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 of the GDPR.

11. Data security

Within the website visit, we use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is encrypted by the closed key or lock symbol in the lower status bar of your browser.

We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. In the case of collection and processing of personal data, the information is transmitted in encrypted form to prevent misuse of the data by third parties. Our security measures are continuously improved in line with technological developments.”

12. Actuality and change of this privacy policy

This privacy policy is currently valid and has the status 12th April 2022.

Due to the further development of our website and offers on it or due to changed legal or regulatory requirements, it may become necessary to change this privacy policy. The current data protection declaration can be called up and printed out by you at any time on our website.