1) INFORMATION ON THE COLLECTION OF PERSONAL DATA AND CONTACT DETAILS OF THE RESPONSIBLE
1.1We are pleased that you are visiting our website and thank you for your interest. In the following we will inform you about how we handle your personal data when you use our website. Personal data are all data with which you can be personally identified.
1.2The person responsible for data processing on this website in terms of the Data Protection Basic Regulation (DSGVO) is Mia Shinda, Haydnstr. 11, 86842 Türkheim, Germany, Tel.: 0174-8020402, E-Mail: [email protected] The person responsible for the processing of personal data is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data.
1.3For security reasons and to protect the transmission of personal data and other confidential contents (e.g. orders or inquiries to the responsible person), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the character string "https://" and the lock symbol in your browser line.
2) DATA COLLECTION WHEN VISITING OUR WEBSITE
When using our website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the data that your browser sends to our server (so-called "server log files"). When you call up our website, we collect the following data, which are technically necessary for us to display the website:
- Our visited website
- Date and time of access
- Amount of data sent in bytes
- Source/reference from which you reached the site
- Used Browser
- Operating system in use
- IP address used (if necessary: in anonymised form)
Processing is carried out in accordance with Art. 6 Para. 1 letter f DSGVO on the basis of our justified interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files subsequently if there are concrete indications of illegal use.
3) Content Delivery Network
On our website we use a so-called Content Delivery Network ("CDN") of the technology service provider Cloudflare Inc., 101 Townsend St. San Francisco, CA 94107, USA ("Cloudflare"). A Content Delivery Network is an online service that is used to deliver large media files (such as graphics, page content or scripts) through a network of regionally distributed servers connected via the Internet. The use of Cloudflare's Content Delivery Network helps us to optimize the loading speed of our website.
The processing takes place in accordance with art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in a secure and efficient provision, as well as improvement of the stability and functionality of our website.
Cloudflare with its headquarters in the USA is certified for the us-European data protection agreement "Privacy Shield", which guarantees the compliance with the data protection level applicable in the EU.
To make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your end device. Some of the cookies we use are deleted again after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your end device and enable us or our partner companies (third-party cookies) to recognize your browser the next time you visit us (persistent cookies). If cookies are set, they collect and process certain user information to an individual extent, such as browser and location data and IP address values. Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie.
Insofar as personal data is also processed by individual cookies implemented by us, the processing is carried out in accordance with Art. 6 Para. 1 letter b DSGVO either for the execution of the contract or in accordance with Art. 6 Para. 1 letter f DSGVO to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit.
We may work together with advertising partners who help us to make our Internet offer more interesting for you. For this purpose, cookies from partner companies are also stored on your hard drive when you visit our website (third-party cookies). If we work with the aforementioned advertising partners, you will be informed individually and separately about the use of such cookies and the scope of the information collected in each case within the following paragraphs.
Please note that you can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages the cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for each browser under the following links:
Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
Please note that the functionality of our website may be limited if cookies are not accepted.
5) CONTACT US
Personal data is collected when contacting us (e.g. via contact form or e-mail). Which data is collected in the case of a contact form can be seen from the respective contact form. These data are stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in answering your request in accordance with Art. 6 para. 1 lit. f DSGVO. If your contact is aimed at the conclusion of a contract, an additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO. Your data will be deleted after final processing of your request. This is the case if it can be deduced from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.
6) TOOLS AND OTHERS
For security purposes, this website uses the "Wordfence" plugin, a service provided by Defiant Inc, 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter "Wordfence"). The plugin protects the website and the IT infrastructure connected to it from unauthorized third-party access, cyber attacks, viruses and malware. Wordfence collects the IP addresses of users and, where applicable, other data about your behavior on our website (in particular URLs and header information) in order to identify and ward off illegitimate page access and threats. The IP address collected is compared with a list of known attackers. If the captured IP address is identified as a security risk, Wordfence can automatically block it from accessing the site. The information collected in this way is transferred to a Defiant Inc. server in the USA and stored there.
The data processing described is carried out in accordance with Art. 6 Para. 1 lit. f DSGVO on the basis of our legitimate interests in protecting the website from harmful cyber attacks and in maintaining structural and data integrity and security.
Defiant Inc. is (as of May 2018) in the process of certification for the us-European data protection agreement "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU. Until the conclusion of this process, Defiant Inc. is relying on the standard data protection clauses pursuant to Art. 46 sentence 2 lit. c DSGVO as the legal basis for the transfer of data.
If visitors to the website have log-in rights, Wordfence also sets cookies (= small text files) on the visitor's terminal device. With the help of the cookies, certain location and device information can be read out, enabling an assessment to be made as to whether the login-authorized access originates from an authorized person. At the same time, access rights can be evaluated via the cookies and released via a site-internal firewall according to the authorization level. Finally, the cookies are used to register irregular access by site administrators from new devices or new locations and to notify other administrators of such access.
These cookies are only set if a user has login rights. Wordfence will not set cookies for site visitors who do not have login privileges.
If personal data is processed via cookies, the processing is carried out in accordance with article 6 paragraph 1 letter f. DSGVO on the basis of our legitimate interest in preventing illegitimate access to the site administration and in defending against unauthorized administrator access.
We have concluded a Data Processing Agreement with Defiant Inc., by which we oblige the company to protect the data of site visitors and not to pass them on to third parties.
7) RIGHTS OF THE PERSON CONCERNED
7.1The applicable data protection law grants you comprehensive data subject rights (rights of information and intervention) vis-à-vis the data controller with regard to the processing of your personal data, about which we inform you below:
- Right of access in accordance with Art. 15 DSGVO: In particular, you have a right of access to your personal data processed by us, the processing purposes, the categories of personal data processed, the recipients or categories of recipients to whom your data have been or will be disclosed, the planned storage period or the criteria for determining the storage period, the existence of a right of rectification, erasure, restriction of processing, opposition to processing, complaint to a supervisory authority, the origin of your data if it has not been collected from you by us, the existence of automated decision making including profiling and, if applicable, meaningful information on the logic involved and the scope and intended effects of such processing on you, as well as your right to be informed of the guarantees provided under Art. 46 DPA when your data is transferred to third countries;
- Right of rectification under Art. 16 DPA: You have the right to have incorrect data relating to you corrected without delay and/or to have your incomplete data stored by us completed;
- Right of deletion in accordance with Art. 17 DSGVO: You have the right to request the deletion of your personal data if the conditions of Art. 17 para. 1 DSGVO are met. However, this right does not apply in particular if the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- Right to limit processing pursuant to Art. 18 DPA: You have the right to request the limitation of the processing of your personal data for as long as the accuracy of your data which you dispute is verified, if you refuse to delete your data on the grounds of unlawful processing and instead request the limitation of the processing of your data, if you require your data for the assertion, exercise or defence of legal claims, after we no longer require such data after the purpose has been achieved, or if you have lodged an objection on grounds of your particular situation, as long as it has not yet been established that our legitimate reasons outweigh the objection;
- Right to information in accordance with Art. 19 DSGVO: If you have asserted the right to rectification, erasure or restriction of processing vis-à-vis the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification, erasure or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed of these recipients.
- Right to data transferability in accordance with Art. 20 DSGVO: You have the right to receive your personal data that you have provided us with in a structured, common and machine-readable format or to request that it be transferred to another person responsible, insofar as this is technically feasible;
- Right to revoke consents granted pursuant to Art. 7 para. 3 DSGVO: You have the right to revoke at any time with effect for the future any consent to the processing of data once granted. In the event of revocation, we will immediately delete the data concerned, unless further processing cannot be based on a legal basis for processing without consent. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until revocation;
- Right of appeal under Art. 77 DSGVO: If you believe that the processing of personal data relating to you is in breach of the DPA, you have the right - without prejudice to any other administrative or judicial remedy - to lodge a complaint with a supervisory authority, in particular in the Member State in which you are resident, your place of work or the place where the alleged breach occurs.
7.2RIGHT OF OBJECTION
IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR PREDOMINANT LEGITIMATE INTEREST IN THE CONTEXT OF A WEIGHING UP OF INTERESTS, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE FOR REASONS ARISING FROM YOUR SPECIAL SITUATION.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL TERMINATE THE PROCESSING OF THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO FURTHER PROCESSING IF WE CAN PROVE THAT THERE ARE COMPELLING REASONS FOR PROCESSING WORTHY OF PROTECTION WHICH OUTWEIGH YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS.
IF YOUR PERSONAL DATA ARE PROCESSED BY US FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING. YOU CAN EXERCISE THE RIGHT TO OBJECT AS DESCRIBED ABOVE.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.
8) DURATION OF STORAGE OF PERSONAL DATA
The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and - if relevant - additionally by the respective legal retention period (e.g. retention periods under commercial and tax law).
When personal data are processed on the basis of express consent pursuant to Art. 6 para. 1 letter a DSGVO, these data are stored until the person concerned revokes his or her consent.
If there are legal retention periods for data which are processed within the framework of legal or similar obligations based on Art. 6 Para. 1 letter b DSGVO, these data are routinely deleted after the retention periods have expired, provided that they are no longer required for the fulfilment or initiation of a contract and/or we have no justified interest in their further storage.
When personal data are processed on the basis of Art. 6 Para. 1 letter f DSGVO, these data are stored until the person concerned exercises his or her right to object in accordance with Art. 21 Para. 1 DSGVO, unless we can prove compelling reasons for processing worthy of protection which outweigh the interests, rights and freedoms of the person concerned, or the processing serves to assert, exercise or defend legal claims.
When personal data are processed for the purpose of direct advertising on the basis of Art. 6 Para. 1 letter f DSGVO, these data are stored until the data subject exercises his or her right of objection under Art. 21 Para. 2 DSGVO.
Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will be deleted if they are no longer necessary for the purposes for which they were collected or otherwise processed.