TYPES OF PROCESSING DATA:
– Contact details (e.g. name, email).
– Content data (e.g. text input, photographs, videos).
– Usage data (e.g. visited websites, interest in content, access times).
– Meta / communication data (e.g. device information, IP addresses).
PURPOSE OF PROCESSING
– Providing the online offer, its functions and content.
– Answering contact requests and communicating with users.
– Safety measures.
– Range measurement / marketing.
“Personal data” is all information that relates to an identified or identifiable natural person (hereinafter “data subject”); A natural person is considered to be identifiable if he or she can be identified directly or indirectly, in particular by assigning an identifier such as a name, an identification number, location data, an online identifier (eg cookie) or one or more special features, expressing the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.
“Processing” is any process carried out with or without the help of automated processes or any such series of processes in connection with personal data. The term goes far and covers practically every handling of data.
The “person responsible” is the natural or legal person, public authority, agency or other body that alone or together with others decides on the purposes and means of processing personal data.
“Processor” is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the person responsible.
SIGNIFICANT LEGAL BASIS
In accordance with Art. 13 GDPR, we will inform you of the legal basis for our data processing. Unless the legal basis is mentioned in the data protection declaration, the following applies: The legal basis for obtaining consent is Art. 6 Para. 1 lit. a and Art. 7 GDPR, the legal basis for processing for the performance of our services and implementation of contractual measures as well as answering inquiries is Art. 6 Para. 1 lit. b GDPR, the legal basis for processing to fulfill our legal obligations is Art. 6 Para. 1 lit. c GDPR, and the legal basis for processing to protect our legitimate interests is Art. 6 Para. 1 lit. f GDPR. In the case, Art. 6 Para. 1 lit. serves to ensure that the vital interests of the data subject or another natural person require the processing of personal data. d GDPR serves as the legal basis.
We ask you to inform yourself regularly about the content of our data protection declaration. We will adapt the data protection declaration as soon as the changes in the data processing carried out by us make this necessary. We will inform you as soon as an act of cooperation on your part (e.g. consent) or other individual notification becomes necessary due to the changes.
This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http: //” to “https: //” and by the lock symbol in your browser line.
If SSL encryption is activated, the data that you transmit to us cannot be read by third parties.
COOPERATION WITH CONTRACTORS AND THIRD PARTIES
If we disclose data to other people and companies (processors or third parties) as part of our processing, transmit them to them or otherwise grant them access to the data, this will only be done on the basis of legal permission (e.g. if the data is transmitted to third parties, as to payment service providers, in accordance with Art. 6 Para. 1 b GDPR for the fulfillment of the contract), you have consented, a legal obligation provides for this or based on our legitimate interests (e.g. when using agents, web hosts, etc.).
If we commission third parties to process data on the basis of a so-called “order processing contract”, this is done on the basis of Art. 28 GDPR.
TRANSMISSION TO THIRD COUNTRIES
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done as part of the use of third-party services or disclosure or transmission of data to third parties, this will only take place if it happens to fulfill our (pre) contractual obligations, based on your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only if the special requirements of Art. 44 ff. GDPR are met. This means that processing is carried out, for example, on the basis of special guarantees, such as the officially recognized determination of a data protection level corresponding to the EU (e.g.
RIGHTS OF THE AFFECTED PERSONS
You have the right to request confirmation as to whether the data in question are being processed and for information about this data and for further information and a copy of the data in accordance with Art. 15 GDPR.
You have accordingly. Art. 16 GDPR the right to request the completion of the data concerning you or the correction of the incorrect data concerning you.
In accordance with Art. 17 GDPR, you have the right to request that the data in question be deleted immediately, or alternatively, in accordance with Art. 18 GDPR, to request that the processing of the data be restricted.
You have the right to request that the data concerning you, which you have provided to us, be received in accordance with Art. 20 GDPR and to request their transmission to other responsible parties.
You have also gem. Art. 77 GDPR the right to file a complaint with the responsible supervisory authority.
RIGHT OF WITHDRAWAL
You have the right to give consent in accordance with Revoke Art. 7 Para. 3 GDPR with effect for the future
RIGHT TO OBJECT
You can object to the future processing of your data in accordance with Art. 21 GDPR at any time. The objection can in particular be made against processing for direct marketing purposes.
Cookies and right to object to direct advertising
“Cookies” are small files that are stored on users’ computers. Different information can be stored within the cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after their visit within an online offer. Temporary cookies, or “session cookies” or “transient cookies”, are cookies that are deleted after a user leaves an online offer and closes his browser. Such a cookie can be used, for example, to store the contents of a shopping cart in an online shop or a login status. Cookies are referred to as “permanent” or “persistent” and remain saved even after the browser is closed. For example, the login status can be saved, if users visit them after several days. Such a cookie can also be used to store the interests of users who are used for range measurement or marketing purposes. A “third-party cookie” refers to cookies that are offered by providers other than the person responsible for operating the online offer (otherwise, if they are only their cookies, we speak of “first-party cookies”).
We can use temporary and permanent cookies and clarify this in the context of our data protection declaration.
If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.
DELETION OF DATA
The data processed by us is deleted in accordance with Art. 17 and 18 GDPR or its processing is restricted. Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention requirements. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be kept for commercial or tax reasons.
According to legal requirements in Germany, storage is carried out in particular for 10 years in accordance with §§ 147 Paragraph 1 AO, 257 Paragraph 1 No. 1 and 4, Paragraph 4 HGB (books, records, management reports, booking vouchers, trading books, more relevant for taxation Documents, etc.) and 6 years according to § 257 Paragraph 1 No. 2 and 3, Paragraph 4 HGB (commercial letters).
When contacting us (e.g. via contact form, e-mail or via social media), the information provided by the user for processing the contact request and processing it in accordance with Art. 6 para. 1 lit. b) GDPR processed.
We delete the requests if they are no longer necessary. We check the necessity every two years; The statutory archiving obligations also apply.
COMMENTS AND CONTRIBUTIONS
If users leave comments via the comment function, the data requested in the comment form and the user agent string (which identifies the browser) are also saved to support the detection of spam. The IP address is not saved.
Furthermore, we reserve the right, based on our legitimate interests. Art. 6 para. 1 lit. f. GDPR to process user information for spam detection.
The data given in the comments will be permanently saved by us until the user objects.
RETRIEVE PROFILE PICTURES AT GRAVATAR
We use the Gravatar service of Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110, USA, within our online offer.
Gravatar is a service where users can log in and store profile pictures and their email addresses. If users leave posts or comments with the respective email address on other online presences (especially in blogs), their profile pictures can be displayed next to the posts or comments. For this purpose, the email address provided by the users is sent to Gravatar in encrypted form in order to check whether a profile is saved for it. This is the only purpose of the transmission of the email address and it will not be used for other purposes, but will be deleted afterwards.
Gravatar is used on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f) GDPR, since with the help of Gravatar we offer post and comment authors the opportunity to personalize their posts with a profile picture.
By displaying the images, Gravatar finds out the IP address of the user, as this is necessary for communication between a browser and an online service. Further information on the collection and use of data by Gravatar can be found in Automattic’s data protection information: https://automattic.com/privacy/ .
If users do not want a user image linked to their Gravatar email address to appear in the comments, you should use an email address that is not stored by Gravatar to comment. We would also like to point out that it is also possible to use an anonymous e-mail address if the users do not want their own e-mail address to be sent to Gravatar.
SUBSCRIPTION NOTIFICATION NEW SUBMISSIONS / NEWSLETTER SERVICE
With the contribution notification (“New recipes by mail”) you will receive an automated message to your email address when a new contribution is published on this website.
If you want to receive the contribution notification, a valid email address is required. You will receive a confirmation email to check whether you are the owner of the email address entered. The email address is only used to send the contribution notification and is permanently saved by us until the user objects. You can revoke your consent to the storage of the data, the email address and their use for sending the contribution notification at any time and unsubscribe from the contribution notification. This can be done directly via a link in the contribution notification.
With the registration for the contribution notification, your IP address and the date of registration are saved as well as some standard server data such as the HTTP request headers. This storage serves only as proof in the event that a third party misuses an email address and registers for the notification of the contribution without the knowledge of the authorized person, as well as to avoid spam.
This website uses the services of MailChimp for sending newsletters. The provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
MailChimp is a service that can be used, among other things, to organize and analyze the sending of newsletters. If you enter data for the purpose of receiving the newsletter (e.g. email address), it will be stored on MailChimp’s servers in the USA.
MailChimp is certified according to the “EU-US Privacy Shield”. The “Privacy Shield” is an agreement between the European Union (EU) and the USA, which is intended to ensure compliance with European data protection standards in the USA.
With the help of MailChimp we can analyze our newsletter campaigns. If you open an email sent with MailChimp, a file contained in the email (so-called web beacon) connects to the servers of MailChimp in the USA. In this way it can be determined whether a newsletter message has been opened and which links have been clicked on. In addition, technical information is recorded (e.g. time of access, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. They are used only for statistical analysis of newsletter campaigns. The results of these analyzes can be used to better adapt future newsletters to the interests of the recipients.
If you do not want an analysis by MailChimp, you have to unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. You can also unsubscribe from the newsletter directly on the website.
Data processing is based on your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing that has already taken place remains unaffected by the revocation.
The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted after you unsubscribe from the newsletter both from our servers and from the servers of MailChimp. Data that we have stored for other purposes remain unaffected.
COLLECTION OF ACCESS DATA AND LOGFILES
We, or our hosting provider, based on our legitimate interests within the meaning of Art. 6 Para. 1 lit. f. GDPR data about every access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider .
For security reasons (e.g. to investigate misuse or fraud), log file information is stored for a maximum of 7 days and then deleted. Data whose further storage is necessary for evidence purposes are excluded from deletion until the respective incident has been finally clarified.
Google is certified under the Privacy Shield Agreement and thereby offers a guarantee to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ).
Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with other services related to the use of this online offer and the internet. Pseudonymous user profiles can be created from the processed data.
We only use Google Analytics with activated IP anonymization. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address will only be transmitted to a Google server in the USA and abbreviated there in exceptional cases.
The IP address transmitted by the user’s browser is not merged with other Google data. Users can prevent cookies from being saved by making the appropriate settings in their browser software; Users can also prevent Google from collecting the data generated by the cookie and related to their use of the online offer and from processing this data by Google by downloading and installing the browser plug-in available under the following link: http: // tools .google.com / dlpage / gaoptout? hl = de .
Further information on the use of data by Google, setting and objection options can be found in Google’s data protection declaration ( https://policies.google.com/technologies/ads ) and in the settings for the display of advertisements by Google (https: // adssettings.google.com/authenticated ).
The user’s personal data will be deleted or anonymized after 14 months.
PARTICIPATION IN AFFILIATE PARTNER PROGRAMS
Within our online offer, we set based on our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer) in accordance with. Art. 6 para. 1 lit. f GDPR, customary tracking measures insofar as these are necessary for the operation of the affiliate system. Below we clarify the users about the technical background.
The services offered by our contractual partners can also be advertised and linked on other websites (so-called affiliate links or after-buy systems, if, for example, links or third-party services are offered after a contract has been concluded). The operators of the respective websites receive a commission if users follow the affiliate links and then take advantage of the offers.
In summary, it is necessary for our online offer that we can track whether users who are interested in affiliate links and / or the offers available from us, then take advantage of the offers at the instigation of the affiliate links or our online platform. For this purpose, the affiliate links and our offers are supplemented by certain values that can be part of the link or otherwise, for example in a cookie. The values include in particular the initial website (referrer), time, an online identifier of the operator of the website on which the affiliate link was located, an online identifier of the respective offer, an online identifier of the user, as well as tracking specific values such as advertising material ID, partner ID and categorizations.
The online identifiers of the users we use are pseudonymous values. This means that the online identifiers themselves do not contain any personal data such as names or email addresses. They only help us to determine whether the same user who clicked on an affiliate link or was interested in an offer via our online offer took advantage of the offer, ie, for example, has concluded a contract with the provider. However, the online identifier is personal insofar as the partner company and we, the online identifier are available together with other user data. This is the only way the partner company can tell us whether the user has taken advantage of the offer and we can, for example, pay out the bonus.
Use of Google AdSense
1. Our website uses Google AdSense, an online advertising service from Google Inc. (“Google”) for the display of non-personalized ads. In the case of non-personalized ads, context information is used and not the previous behavior of a user. For such advertisements, cookies are not used for personalized advertisements, but cookies that are necessary for frequency capping, for summarized advertisement reports and for combating fraud and abuse.
Google AdSense uses so-called “cookies”, text files that are stored on the user’s computer and that enable an analysis of the use of the website. Google AdSense also uses so-called web beacons (invisible graphics). These web beacons can be used to evaluate information such as visitor traffic on the pages of this website. The information generated by cookies and web beacons about the use of this website (including the user’s IP address) and the delivery of advertising formats are transmitted to a Google server in the USA and stored there. This information can be passed on by Google to contractual partners of Google. However, Google will not merge your IP address with other data that you have stored.
2. Users can prevent the installation of Google AdSense cookies in various ways:
a) by a corresponding setting of the browser software;
b) by deactivating the interest-based ads on Google ;
c) by deactivating the interest-based ads of the providers that are part of the self-regulation campaign “About Ads” ;
d) by permanent deactivation by a browser plug-in.
The settings under b) and c) are deleted if cookies are deleted in the browser settings.
3. Further information on data protection and cookies for advertising on Google AdSense can be found in Google’s data protection declaration , in particular under the following links:http://www.google.de/policies/privacy/partners/
AMAZON PARTNER PROGRAM
Further information on the use of data by Amazon and options for objection can be found in the company’s data protection declaration: http://www.amazon.de/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=3312401 .
INCLUDING THIRD PARTY SERVICES AND CONTENT
We use content or service offers from third-party providers within our online offer based on our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. Integrate services such as videos or fonts (hereinafter referred to as “content”).
This always presupposes that the third-party providers of this content perceive the IP address of the user, since without the IP address they could not send the content to their browser. The IP address is therefore required to display this content. We strive to only use content whose respective providers only use the IP address to deliver the content. Third-party providers can also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user’s device and, among other things, technical information about the browser and operating system,
Use of social media plugins
We integrate the videos from the “YouTube” platform from Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/ , opt-out: https://adssettings.google.com/authenticated .
We integrate the fonts (“Google Fonts”) from the provider Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/ , opt-out: https://adssettings.google.com/authenticated .
Functions and content of the Twitter service offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA can be integrated into our online offer. This may include, for example, content such as images, videos or text and buttons with which users can express their liking for the content, subscribe to the authors of the content or subscribe to our contributions. If the users are members of the Twitter platform, Twitter can assign the access to the above-mentioned content and functions to the user profiles there. Twitter is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active ). Data protection: https://twitter.com/privacy , opt-out: https://twitter.com/personalization .
Online presence in social media
We maintain online presences within social networks and platforms in order to communicate with the customers, interested parties and users active there and to be able to inform them there about our services.
We would like to point out that users’ data can be processed outside the European Union. This can result in risks for the user, because it could make it more difficult, for example, to enforce users’ rights. With regard to US providers who are certified under the Privacy Shield, we would like to point out that they undertake to comply with the EU data protection standards.
In addition, user data is usually processed for market research and advertising purposes. For example, usage profiles can be created from the usage behavior and the resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that are believed to correspond to the interests of the users. For these purposes, cookies are usually stored on the users’ computers, in which the usage behavior and interests of the users are stored. Furthermore, data can be stored in the usage profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
The processing of users’ personal data takes place on the basis of our legitimate interests in effective information for users and communication with users in accordance with. Art. 6 para. 1 lit. f. GDPR. If the users of the respective platform providers are asked for their consent to the data processing described above, the legal basis for the processing is Art. 6 Para. 1 lit. a., Art. 7 GDPR.
For a detailed description of the respective processing and the possibilities of objection (opt-out), we refer to the information linked below by the provider.
Also in the case of requests for information and the assertion of user rights, we would like to point out that these can be most effectively asserted by the providers. Only the providers have access to user data and can take appropriate measures and provide information directly. If you still need help, you can contact us.
– Facebook, pages, groups, (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland) based on an agreement on joint processing of personal data – data protection declaration: https://www.facebook.com / about / privacy / , opt-out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant ? id = a2zt0000000GnywAAC & status = Active .
– Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – Data protection declaration: https://twitter.com/privacy , opt-out: https://twitter.com/personalization , Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active .
Revocation, changes, corrections and updates
The user has the right to request information free of charge about the personal data stored about him. In addition, the user has the right to correct inaccurate data, block and delete his or her personal data, provided that there is no legal obligation to retain it.
In the event of violations of data protection law, the person concerned has the right to lodge a complaint with the responsible supervisory authority.