1. An overview of data protection
Data collection on our website
Who is responsible for the collection of data on this website (i.e. who is the “controller”)?
Data processing in connection with this website is the responsibility of the operator of the website, whose contact information is available in the legal notice.
How do we collect your data?
We collect data that you share with us. This may, for instance, be information that you enter into our contact form.
Our IT systems automatically collect other data when you visit our website. These data primarily comprise technical information (e.g. your web browser or operating system or the time the site was accessed). This information is recorded automatically when you access our website.
What purposes do we use your data for?
Some data are collected in order to guarantee the error-free provision of this website. Other data may be used to analyse your user behaviour.
What rights do you have with regard to your information?
You have the right to receive information at any time, without having to pay a fee, about the source, recipients and intended use of your personal data which we store. You also have the right to have your data rectified, restricted or erased. Please do not hesitate to contact us at any time at the address given in the legal notice on this website if you have questions about this or any other data protection issues. You also have the right to lodge a complaint with the competent supervisory authority.
2. General information and mandatory information
We hereby advise you that the transmission of data via the Internet (i.e. through email communications) may not be absolutely secure. It is not possible to completely protect data against third-party access.
Information about the data controller
The data controller for this website is:
Tel.: +49 761 216 089 0
The controller is the natural person or legal entity that, single-handedly or jointly with others, makes decisions as to the purposes of the processing of personal data (e.g. names, email addresses) as well as the means of processing.
Withdrawal of your consent to the processing of data
A wide range of data processing operations are possible only with your express consent. You can at any time withdraw consent that you have already given us. To do so, all you are required to do is send us an informal notification via email. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your withdrawal of consent.
Right to object to the processing of data in special cases; right to object to direct marketing (Art. 21 GDPR)
If your personal data are being processed for the purposes of direct marketing, you have the right to object at any time to the processing of these personal data for the purposes of such marketing. This also applies to profiling to the extent that it is performed in connection with such marketing. If you object, your personal data will subsequently no longer be used for direct marketing purposes (objection pursuant to Art. 21 paragraph 2 GDPR).
Right to lodge a complaint with a supervisory authority
In the event of violations of the GDPR, data subjects are entitled to lodge a complaint with a supervisory authority, in particular in the member state where they usually maintain their domicile or place of work or in the place where the alleged violation occurred. The right to lodge a complaint applies regardless of any other administrative or court proceedings available by way of legal recourse.
Right to data portability
You have the right to have any data which we automatically process on the basis of your consent, or in order to fulfil a contract, handed over to you or a third party in a commonly used, machine-readable format. If you should demand the direct transfer of the data to another controller, this will be done only if it is technically feasible.
SSL and/or TLS encryption
For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption program. You can identify an encrypted connection by checking whether “https://” appears instead of “http://” in the address bar of the browser and whether the lock icon appears in the browser bar.
If SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.
Right of access, right to restriction, right to rectification and right to erasure of data
Within the scope of the applicable statutory provisions, you have the right to obtain information at any time about your personal data which we store, the source and recipients of these data and the purpose of the processing of these data. You may also have a right to have your data rectified, restricted or erased. If you have questions about this or any other matters relating to personal data, please do not hesitate to contact us at any time at the address provided in the legal notice on this website.
Right to restriction of processing
You have the right to have restrictions imposed on the processing of your personal data. To do so, you may contact us at any time at the address provided in the legal notice on this website. The right to restriction of processing applies in the following cases:
- In the event that you should dispute the correctness of your data which we store, we will usually need some time to verify this claim. During the time that this investigation is ongoing, you have the right to require that we restrict the processing of your personal data.
- If the processing of your personal data was/is conducted in an unlawful manner, you have the option to require the restriction of the processing of your data in lieu of requiring the erasure of these data.
- If we do not need your personal data any longer and you need them in order to exercise, defend or establish legal claims, you have the right to demand the restriction of the processing of your personal data instead of their erasure.
- If you have raised an objection pursuant to Art. 21 paragraph 1 GDPR, your rights and our rights will have to be weighed against each other. Until it has been determined whose interests prevail, you have the right to demand the restriction of the processing of your personal data.
If you have had the processing of your personal data restricted, these data may – with the exception of data storage – be processed only subject to your consent, in order to establish, exercise or defend legal claims, to protect the rights of other natural persons or legal entities, or for important reasons of public interest cited by the European Union or a member state of the EU.
3. Collection of data on our website
Server log files
The provider of this website and its pages automatically collects and stores information in server log files, which your browser communicates to us automatically. These contain the following information:
- The type and version of browser used
- The operating system used
- The Referring URL
- The hostname of the computer used
- The time of the server inquiry
- The IP address
- These data are not merged with other data sources.
These data are collected on the basis of Art. 6 paragraph 1(f) GDPR. The operator of the website has a legitimate interest in displaying the website without technical errors and in optimising the website. In order to achieve this, server log files must be recorded.
If you submit inquiries to us via our contact form, the information provided in the contact form as well as any contact information provided therein will be stored by us in order to handle your inquiry and in case we have further questions. We will not share this information without your consent.
Hence, the processing of the data entered into the contact form occurs exclusively based on your consent (Art. 6 paragraph 1(a) GDPR). You have the right to withdraw at any time any consent you have already given us. To do so, all you are required to do is send us an informal notification via email. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your withdrawal of consent.
The information you enter into the contact form shall remain with us until you ask us to erase the data or you withdraw your consent to the storage of said data, or until the purpose for which they are being stored no longer applies (e.g. after we have concluded our response to your inquiry). This shall be without prejudice to any legal requirements – in particular retention periods.
We use Calendly, a scheduling and organization tool, for our website. The service provider is the American company Calendly LCC, 271 17th St NW, Ste 1000, Atlanta, Georgia, 30363, USA.
Calendly also processes data in the USA, among other places. We would like to point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may be accompanied by various risks to the legality and security of data processing.
As a basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular the USA) or a data transfer there, Calendly uses standard contractual clauses approved by the EU Commission (= Art. 46. para. 2 and 3 DSGVO). These clauses oblige Calendly to comply with the EU level of data protection when processing relevant data also outside the EU. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the clauses, among others, here: https://germany.representation.ec.europa.eu/index_de