With the following data protection declaration we would like to inform you about the types of your personal data (hereinafter also referred to as “data”) which we process, for what purposes and to what extent. The data protection declaration applies to all processing of personal data carried out by us, both in the context of providing our services and, in particular, on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter also referred to collectively as “online offer”).
The terms used are not gender-specific.
Status: February 27, 2020
E-mail address: firstname.lastname@example.org
Overview of the processing operations
The following overview summarises the types of data processed and the purposes of their processing, and refers to the data subjects.
Types of data processed:
Content data (e.g. text entries, photographs, videos). Meta/communication data (e.g. device information, IP addresses). Usage data (e.g. websites visited, interest in content, access times).
Categories of data subjects
Users (e.g. website visitors, users of online services).
Cookies are text files that contain data from websites or domains visited and are stored by a browser on the user’s computer. A cookie is primarily used to store information about a user during or after his visit within an online offer. The stored information may include, for example, the language settings on a website, the login status, a shopping cart or the location where a video was viewed. The term “cookies” also includes other technologies that perform the same functions as cookies (e.g., when user information is stored using pseudonymous online identifiers, also known as “user IDs”).
The following cookie types and functions are distinguished:
Processed types of data: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses). Persons concerned: Users (e.g. website visitors, users of online services). Legal basis: Consent (GDPR), legitimate interests (GDPR).
Provision of the online offer and web hosting
In order to provide our online services securely and efficiently, we use the services of one or more web hosting providers from whose servers (or servers managed by them) the online services can be accessed. For these purposes we may use infrastructure and platform services, computing capacity, storage space and database services, as well as security and technical maintenance services.
The data processed within the scope of providing the hosting offer may include all data concerning the users of our online offer, which are generated within the scope of use and communication. This regularly includes the IP address, which is necessary to be able to deliver the contents of online offers to browsers, and all entries made within our online offer or from websites.
E-mail dispatch and hosting: The web hosting services we use also include the dispatch, receipt and storage of e-mails. For these purposes, the addresses of the recipients and senders as well as further information regarding the e-mail dispatch (e.g. the providers involved) and the contents of the respective e-mails are processed. The aforementioned data may also be processed for the purpose of SPAM detection. Please note that e-mails on the Internet are generally not sent in encrypted form. As a rule, e-mails are encrypted in transit, but (unless a so-called end-to-end encryption method is used) not on the servers from which they are sent and received. We can therefore not assume any responsibility for the transmission path of the e-mails between the sender and the reception on our server.
Processed data types: Content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses). Persons concerned: Users (e.g. website visitors, users of online services). Legal basis: legitimate interests (GDPR).
Deletion of data
The data processed by us will be deleted in accordance with the legal requirements as soon as their consent permitted for processing is revoked or other permissions cease to apply (e.g. if the purpose for processing these data ceases to apply or if they are not necessary for the purpose).
Unless the data are deleted because they are required for other and legally permissible purposes, their processing is limited to these purposes. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or whose retention is necessary for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person.
Further information on the deletion of personal data can also be provided in the individual data protection notes of this data protection declaration.
Amendment and updating of the data protection declaration
We ask you to inform yourself regularly about the content of our data protection declaration. We will adapt the data protection declaration as soon as changes in the data processing carried out by us make this necessary. We will inform you as soon as the changes make it necessary for you to cooperate (e.g. consent) or to receive other individual notification.
Rights of data subjects
As data subjects, they are entitled to various rights under the GDPR
Right of objection: You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data relating to you; this also applies to profiling based on these provisions. If the personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing, including profiling, insofar as it is linked to such direct marketing. Right to withdraw consent: You have the right to withdraw any consent given at any time. Right of access: You have the right to request confirmation as to whether data in question is being processed and to obtain information about such data and to obtain further information and a copy of the data in accordance with legal requirements. Right of rectification: You have the right to request the completion of data concerning you or the rectification of inaccurate data concerning you in accordance with the law. Right to erasure and restriction of processing: You have the right to request that data concerning you be erased immediately or, alternatively, to request a restriction of processing of the data in accordance with the law. Right to data transferability: You have the right to receive data concerning you that you have provided to us in a structured, common and machine-readable format in accordance with the legal requirements or to request that it be transferred to another responsible party. Complaints to the supervisory authority: You also have the right, in accordance with the statutory provisions, to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, if you believe that the processing of personal data relating to you is in breach of the DPA.
Definitions of terms
Personal data: "Personal data" means any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. a cookie) or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Controller: "Controller" shall mean the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data. Processing: "processing" shall mean any operation or set of operations which is performed upon personal data, whether or not by automatic means. The term is broad and covers virtually all processing of data, whether it be collection, analysis, storage, communication or deletion.
Created with free data protection generator.de by Dr. Thomas Schwenke