DATA PRIVACY POLICY
In the following data privacy policy, we provide you with transparent information on the legal principles and regulations, i.e. the legal basis of the General Data Protection Regulation (GDPR), which enable us to process personal data.
​
Definitions
Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
​
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
​
Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
​
Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the 4.5.2016 EN Official Journal of the European Union L 119/33 framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
​
Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
​
Collection, storage and use of personal data
​
When visiting the website: The internet browser used on your device (computer, laptop, tablet, smartphone, etc.) automatically sends information to the server of our website. This information is temporarily stored in a log file on a server side of the web hosting provider. The following data may be collected without your intervention and stored until automated deletion:
​
-
IP address of the requesting computer, device identifier and device type,
-
name of the retrieved file and amount of data transferred, as well as date and time of retrieval,
-
Message about successful call,
-
requesting domain (origin of your request, from which you came to our website(s)),
-
Description of the type of internet browser used and, if applicable, the operating system of your device and the name of your access provider.
Our legitimate interest in accordance with Art. 6 (1) (b) GDPR for the collection of data is based is for the purposes of ensuring a smooth connection setup and comfortable use of the website, evaluation of system security and stability as well as for further administrative purposes. In no case we use the collected data for the purpose of drawing conclusions about you.
​
When concluding a contractual relationship of any kind (this includes our contact form): When concluding any contractual relationship of any kind on our website, we ask you for the following personal data:
​
-
Data that personally identifies you, such as your natural name and e-mail address
-
other personal data which we are legally obliged or authorized to collect and process and which we need for your authentication, identification or verification of the data we collect.
The mentioned data will be processed to process the contractual relationship. The processing of data is based on Art. 6 (1) (b) GDPR. The retention period is limited to the purpose of the contract and, if available, statutory and contractual retention requirements.
Transmission of personal data
We only pass on your data to third parties if:
-
You have given your express consent to this (Art. 6 (1) (1) (a) GDPR),
-
this is necessary for the settlement of contractual relationships with you (Art. 6 (1) (b) GDPR),
-
there is a legal obligation to pass it on (Art. 6 (1) (c) GDPR),
-
disclosure is required for asserting, exercising or defending legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data (Art. 6 (1) (1) (f) GDPR).
A transfer of your data to third parties for purposes other than those listed below does not take place. The amount of data transmitted is limited to the minimum required.
Data is transferred to third countries in adherence to the legally regulated admissibility requirements. We will not transfer your data to a third country if it does not serve the purpose of performing our contract with you; if we have no consent from you; if the transfer is not necessary to assert, exercise or defend legal claims; and if there are no other exceptions. We will only transfer your data to a third country if there is an adequacy decision in accordance with Art. 45 GDPR or appropriate safeguards in accordance with Art. 46 GDPR.
Your rights
On request, we will inform you within reasonable time whether and which personal data about you is stored (Art. 15 GDPR), in particular the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed or will , the planned storage period, the right of rectification, deletion, limitation of processing or opposition, the existence of a right of appeal, the origin of their data, if they were not collected from us, as well as the existence of automated decision-making including profiling.
​
You also have the right to correct any incorrectly collected personal data or to complete incomplete data collected (Art. 16 GDPR). Furthermore, you have the right to demand that we restrict the processing of your data, provided that the legal conditions for doing so are met (Art. 18 GDPR).
​
You have the right to receive the personal data relating to you in a structured, common and machine-readable format or to request the transfer to another person responsible (Art. 20 GDPR).
​
​
You have the right to request the deletion of your personal data from us, provided that the legal prerequisites exist (Art. 17 GDPR). Regardless of this, your personal data will be automatically deleted by us if the purpose of the data collection has been omitted or the data processing has been unlawful.
You have the right to revoke your once given consent to us at any time (Art. 7 (3) GDPR). Subsequently, we are no longer allowed to continue the data processing based on this consent for the future.
​
You have the right to object to the processing of your personal data at any time, provided that a right of objection is provided for by law. In the case of an effective revocation, your personal data will also be automatically deleted by us (Art. 21 GDPR). If you would like to exercise your right of revocation or objection, it is sufficient to send an e-mail to the e-mail address listed at the end of this data privacy policy. In case of violations of the data protection regulations you have the possibility according to Art. 77 GDPR to file a complaint with a supervisory authority.
​
​